SecuritySpace - CVE-2014-0315

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2014-0315

Description: Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a Trojan horse cmd.exe file in the current working directory, as demonstrated by a directory that contains a .bat or .cmd file, aka "Windows File Handling Vulnerability."

Test IDs: 1.3.6.1.4.1.25623.1.0.804375

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2014-0315
http://seclists.org/fulldisclosure/2020/Jul/33
Microsoft Security Bulletin: MS14-019
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-019

CVE ID:	CVE-2014-0315
Description:	Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a Trojan horse cmd.exe file in the current working directory, as demonstrated by a directory that contains a .bat or .cmd file, aka "Windows File Handling Vulnerability."
Test IDs:	1.3.6.1.4.1.25623.1.0.804375
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0315 http://seclists.org/fulldisclosure/2020/Jul/33 Microsoft Security Bulletin: MS14-019 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-019