7.8 CVE-2014-4113
CISA Kev Catalog Used by Malware Patch Exploit
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, as exploited in the wild in October 2014, aka "Win32k.sys Elevation of Privilege Vulnerability."
https://nvd.nist.gov/vuln/detail/CVE-2014-4113
Categories
CWE-NVD-noinfo
References
134c704f-9b21-4f2e-91b3-4a467353bcc0 Exploit
af854a3a-2127-422b-91ae-364da2661108 Patch Exploit
| http://blog.trendmicro.com/trendlabs-security-intelligence/an-analysis-of-a-w... Exploit Not Applicable |
| http://blogs.technet.com/b/srd/archive/2014/10/14/accessing-risk-for-the-octo... Not Applicable Vendor Advisory |
| http://osvdb.org/show/osvdb/113167 Broken Link |
| http://packetstormsecurity.com/files/131964/Windows-8.0-8.1-x64-TrackPopupMen... Exploit Third Party Advisory VDB Entry |
| http://secunia.com/advisories/60970 Broken Link |
| http://www.exploit-db.com/exploits/35101 Exploit Third Party Advisory VDB Entry |
| http://www.securityfocus.com/bid/70364 Broken Link Third Party Advisory VDB Entry |
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14... Patch Vendor Advisory |
| https://github.com/sam-b/CVE-2014-4113 Third Party Advisory |
| https://www.exploit-db.com/exploits/37064/ Exploit Third Party Advisory VDB Entry |
| https://www.exploit-db.com/exploits/39666/ Third Party Advisory VDB Entry |
secure@microsoft.com Patch Exploit
| http://blog.trendmicro.com/trendlabs-security-intelligence/an-analysis-of-a-w... Exploit Not Applicable |
| http://blogs.technet.com/b/srd/archive/2014/10/14/accessing-risk-for-the-octo... Not Applicable Vendor Advisory |
| http://osvdb.org/show/osvdb/113167 Broken Link |
| http://packetstormsecurity.com/files/131964/Windows-8.0-8.1-x64-TrackPopupMen... Exploit Third Party Advisory VDB Entry |
| http://secunia.com/advisories/60970 Broken Link |
| http://www.exploit-db.com/exploits/35101 Exploit Third Party Advisory VDB Entry |
| http://www.securityfocus.com/bid/70364 Broken Link Third Party Advisory VDB Entry |
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14... Patch Vendor Advisory |
| https://github.com/sam-b/CVE-2014-4113 Third Party Advisory |
| https://www.exploit-db.com/exploits/37064/ Exploit Third Party Advisory VDB Entry |
| https://www.exploit-db.com/exploits/39666/ Third Party Advisory VDB Entry |
CPE
| cpe | start | end |
|---|---|---|
| Configuration 1 | ||
| cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:* | ||
REMEDIATION
Patch
| Url |
|---|
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14... |
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14... |
EXPLOITS
Exploit-db.com
| id | description | date | |
|---|---|---|---|
| 35101 | Microsoft Windows - TrackPopupMenu Win32k Null Pointer Dereference (MS14-058) (Metasploit) | 2014-10-28 | |
| 37064 | Microsoft Windows 8.0/8.1 (x64) - 'TrackPopupMenu' Local Privilege Escalation (MS14-058) | 2015-05-19 |
POC Github
| Url |
|---|
| No known exploits |
Other Nist (github, ...)
CAPEC
Common Attack Pattern Enumerations and Classifications
| id | description | severity |
|---|---|---|
| No entry | ||
Cybersecurity needs ?
Strengthen software security from the outset with our DevSecOps expertise
Integrate security right from the start of the software development cycle for more robust applications and greater customer confidence.
Our team of DevSecOps experts can help you secure your APIs, data pipelines, CI/CD chains, Docker containers and Kubernetes deployments.
