Vulnerability Name:

CVE-2014-6332 (CCN-93141)

Assigned:2014-11-11
Published:2014-11-11
Updated:2019-05-15
Summary:OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted web site, as demonstrated by an array-redimensioning attempt that triggers improper handling of a size value in the SafeArrayDimen function, aka "Windows OLE Automation Array Remote Code Execution Vulnerability."
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
7.7 High (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
7.7 High (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2014-6332

Source: MISC
Type: Exploit, Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/134053/Avant-Browser-Lite-Ultimate-Remote-Code-Execution.html

Source: MISC
Type: Exploit, Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/134061/The-World-Browser-3.0-Final-Remote-Code-Execution.html

Source: MISC
Type: Exploit, Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/134062/HTML-Compiler-Remote-Code-Execution.html

Source: MISC
Type: Exploit, Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/134064/Microsoft-Compiled-HTML-Help-Remote-Code-Execution.html

Source: MISC
Type: Exploit, Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/134079/Winamp-Bento-Browser-Remote-Code-Execution.html

Source: MISC
Type: Exploit, Third Party Advisory
http://securityintelligence.com/ibm-x-force-researcher-finds-significant-vulnerability-in-microsoft-windows

Source: CCN
Type: Microsoft Security Bulletin MS14-064
Vulnerabilities in Windows OLE Could Allow Remote Code Execution (3011443)

Source: CCN
Type: Microsoft Security Bulletin MS16-030
Security Update for Windows OLE to Address Remote Code Execution (3143136)

Source: CCN
Type: Microsoft Windows OLE Automation Array Remote Code Execution
IBM Security Protection Advisory

Source: CCN
Type: US-CERT VU#158647
Microsoft Windows Object Linking and Embedding (OLE) OleAut32 library SafeArrayRedim function vulnerable to remote code execution via Internet Explorer

Source: CERT-VN
Type: Third Party Advisory, US Government Resource
VU#158647

Source: BID
Type: Third Party Advisory, VDB Entry
70952

Source: CCN
Type: BID-70952
Microsoft Windows CVE-2014-6332 OLE Remote Code Execution Vulnerability

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1031184

Source: CERT
Type: Third Party Advisory, US Government Resource
TA14-318B

Source: MS
Type: Patch, Vendor Advisory
MS14-064

Source: XF
Type: UNKNOWN
ms-ole-cve20146332-code-exec(93141)

Source: MISC
Type: Exploit, Third Party Advisory
https://forsec.nl/wp-content/uploads/2014/11/ms14_064_ie_olerce.rb_.txt

Source: CCN
Type: Packet Storm Security [11-13-2014]
Windows OLE Automation Array Remote Code Execution

Source: CCN
Type: Packet Storm Security [11-21-2014]
Microsoft Internet Explorer OLE Pre-IE11 Code Execution

Source: CCN
Type: Packet Storm Security [11-30-2014]
Microsoft Internet Explorer Windows OLE Automation Array Remote Code Execution

Source: CCN
Type: Packet Storm Security [06-01-2015]
IBM Security AppScan 9.0.2 Remote Code Execution

Source: CCN
Type: Packet Storm Security [06-26-2015]
Havij OLE Automation Array Remote Code Execution

Source: CCN
Type: Packet Storm Security [07-21-2015]
Internet Download Manager OLE Automation Array Remote Code Execution

Source: CCN
Type: Packet Storm Security [08-17-2015]
Microsoft Windows HTA Remote Code Execution

Source: CCN
Type: Packet Storm Security [08-22-2015]
Microsoft HTA (HTML Application) Remote Code Execution

Source: CCN
Type: Packet Storm Security [10-21-2015]
Avant Browser Lite / Ultimate Remote Code Execution

Source: CCN
Type: Packet Storm Security [10-22-2015]
HTML Compiler Remote Code Execution

Source: CCN
Type: Packet Storm Security [10-23-2015]
Microsoft Compiled HTML Help Remote Code Execution

Source: CCN
Type: Packet Storm Security [10-10-2015]
Winamp Bento Browser Remote Code Execution

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [11-13-2014]

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [11-20-2014]

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [03-27-2015]

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [06-01-2015]

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [06-27-2015]

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [07-21-2015]

Source: EXPLOIT-DB
Type: Exploit, Third Party Advisory, VDB Entry
37668

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [08-17-2015]

Source: EXPLOIT-DB
Type: Exploit, Third Party Advisory, VDB Entry
37800

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [10-20-2015]

Source: EXPLOIT-DB
Type: Exploit, Third Party Advisory, VDB Entry
38500

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [10-22-2015]

Source: EXPLOIT-DB
Type: Exploit, Third Party Advisory, VDB Entry
38512

Vulnerable Configuration:Configuration 1:
  • cpe:/o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_8:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_rt:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*
  • OR cpe:/o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:microsoft:windows:server_2003:sp2:itanium:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:server_2003:sp2:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:*:sp2:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:itanium:*
  • OR cpe:/o:microsoft:windows_7:-:sp1:-:*:-:-:x32:*
  • OR cpe:/o:microsoft:windows_7:*:sp1:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*
  • OR cpe:/o:microsoft:windows_8:-:-:-:*:-:-:x32:*
  • OR cpe:/o:microsoft:windows_8:*:*:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_rt:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_8.1:-:-:-:*:-:-:x32:*
  • OR cpe:/o:microsoft:windows_8.1:*:*:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:28046
    V
    		Windows OLE automation array remote code execution vulnerability - CVE-2014-6332 (MS14-064)
    2014-12-29
    BACK
    microsoft windows 7 - sp1
    microsoft windows 8 -
    microsoft windows 8.1 -
    microsoft windows rt -
    microsoft windows rt 8.1 -
    microsoft windows server 2003 - sp2
    microsoft windows server 2008 - sp2
    microsoft windows server 2008 r2 sp1
    microsoft windows server 2008 r2 sp1
    microsoft windows server 2012 -
    microsoft windows server 2012 r2
    microsoft windows vista - sp2
    microsoft windows server_2003 sp2
    microsoft windows server_2003 sp2
    microsoft windows vista * sp2
    microsoft windows vista * sp2
    microsoft windows server 2008 sp2
    microsoft windows server 2008 sp2
    microsoft windows server 2008
    microsoft windows 7 - sp1
    microsoft windows 7 * sp1
    microsoft windows server 2008 r2
    microsoft windows server 2008 r2
    microsoft windows 8 - -
    microsoft windows 8 *
    microsoft windows server 2012
    microsoft windows rt -
    microsoft windows 8.1 - -
    microsoft windows 8.1 *
    microsoft windows server 2012 r2
    microsoft windows rt 8.1 *