This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.
The version of the .NET Framework installed on the remote host is
affected by multiple vulnerabilities.
The remote Windows host is running a version of the Microsoft .NET
Framework that is affected by multiple vulnerabilities :
- An error exists related to handling stale or closed
HTTP client connections that can allow denial of service
- An error exists related to decisions regarding the
safety of executing certain methods that can allow
privilege escalation. (CVE-2014-0257)
- An error exists related to the component 'VSAVB7RT'
that can allow Address Space Layout Randomization (ASLR)
See also :
Microsoft has released a set of patches for .NET Framework 1.1 SP1, 2.0
SP2, 3.5, 3.5.1, 4.0, 4.5, and 4.5.1.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : true
Family: Windows : Microsoft Bulletins
Nessus Plugin ID: 72432 ()
Bugtraq ID: 654156541765418
CVE ID: CVE-2014-0253CVE-2014-0257CVE-2014-0295
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.