Vulnerability Details : CVE-2014-6352
Public exploit exists!
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted PowerPoint document.
Vulnerability category: Execute code
Products affected by CVE-2014-6352
- cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
CVE-2014-6352 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Microsoft Windows Code Injection Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
Microsoft Windows allow remote attackers to execute arbitrary code via a crafted OLE object.
Notes:
https://nvd.nist.gov/vuln/detail/CVE-2014-6352
Added on
2022-02-25
Action due date
2022-08-25
Exploit prediction scoring system (EPSS) score for CVE-2014-6352
95.18%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2014-6352
-
MS14-064 Microsoft Windows OLE Package Manager Code Execution
Disclosure Date: 2014-10-21First seen: 2020-04-26exploit/windows/fileformat/ms14_064_packager_run_as_adminThis module exploits a vulnerability found in Windows Object Linking and Embedding (OLE) allowing arbitrary code execution, publicly exploited in the wild as MS14-060 patch bypass. The Microsoft update tried to fix the vulnerability publicly known as "Sandworm". Platforms -
MS14-064 Microsoft Windows OLE Package Manager Code Execution Through Python
Disclosure Date: 2014-11-12First seen: 2020-04-26exploit/windows/fileformat/ms14_064_packager_pythonThis module exploits a vulnerability found in Windows Object Linking and Embedding (OLE) allowing arbitrary code execution, bypassing the patch MS14-060, for the vulnerability publicly known as "Sandworm", on systems with Python for Windows installed. Windows Vista S
CVSS scores for CVE-2014-6352
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
134c704f-9b21-4f2e-91b3-4a467353bcc0 | 2025-02-10 |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST | 2024-07-24 |
References for CVE-2014-6352
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/97714
Microsoft Windows OLE code execution CVE-2014-6352 Vulnerability ReportThird Party Advisory;VDB Entry
-
http://blogs.technet.com/b/srd/archive/2014/11/11/assessing-risk-for-the-november-2014-security-updates.aspx
Assessing Risk for the November 2014 Security Updates – Microsoft Security Response CenterBroken Link;Patch;Vendor Advisory
-
http://twitter.com/ohjeongwook/statuses/524795124270653440
Matt Oh on Twitter: "CVE-2014-6352 OLE Packager FixIt hot patch on CPackage::DoVerb function. So apparently they failed the original fix. http://t.co/FmZh1ptjxq"Third Party Advisory
-
http://www.securitytracker.com/id/1031097
Microsoft Windows OLE Processing Flaw Lets Remote Users Execute Arbitrary Code - SecurityTrackerBroken Link;Third Party Advisory;VDB Entry
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-064
Microsoft Security Bulletin MS14-064 - Critical | Microsoft DocsPatch;Vendor Advisory
-
https://technet.microsoft.com/library/security/3010060
Microsoft Security Advisory 3010060 | Microsoft DocsPatch;Vendor Advisory
-
http://secunia.com/advisories/61803
Sign inBroken Link
-
http://www.securityfocus.com/bid/70690
Microsoft Windows CVE-2014-6352 OLE Remote Code Execution VulnerabilityBroken Link;Third Party Advisory;VDB Entry
Jump to