MS14-004: Vulnerability in Microsoft Dynamics AX Could Allow Denial of Service (2880826)

Medium Nessus Plugin ID 71944


A web application on the remote host has a denial of service vulnerability.


The version of Microsoft Dynamics AX installed on the remote host has a denial of service vulnerability in the Application Object Server instance. By exploiting this flaw, a remote, authenticated attacker could crash the affected service.


Microsoft has released a set of patches for Dynamics AX 4.0, Dynamics AX 2009, Dynamics AX 2012, and Dynamics AX 2012 R2.

See Also

Plugin Details

Severity: Medium

ID: 71944

File Name: smb_nt_ms14-004.nasl

Version: $Revision: 1.6 $

Type: local

Agent: windows

Published: 2014/01/14

Modified: 2017/07/28

Dependencies: 13855, 57033, 59453

Risk Information

Risk Factor: Medium


Base Score: 4

Temporal Score: 3.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:microsoft:dynamics_ax

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2014/01/14

Vulnerability Publication Date: 2014/01/14

Reference Information

CVE: CVE-2014-0261

BID: 64724

OSVDB: 101977

MSFT: MS14-004

MSKB: 2914055, 2914057, 2914058, 2920510

IAVB: 2014-B-0005