← back
CVE-2014-6352

CVE-2014-6352

CVSS 7.8 HIGHEPSS 77.6%● KEV
In short

A vulnerability in Windows allows attackers to run malicious code by sending a specially crafted file (like a PowerPoint document) that exploits how Windows handles OLE objects. This is dangerous because attackers can take full control of your computer just by tricking you into opening a file.

Technical detail

Remote code execution vulnerability in Windows OLE object handling affecting multiple versions (Vista through Windows 8.1 and Server 2012). Attack vector is user interaction via malicious OLE-embedded documents; the vulnerability allows arbitrary code execution with privileges of the user opening the crafted file. Exploitation was observed in the wild via specially crafted PowerPoint files in October 2014.

Summary generated and translated by AI from the official description.
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted PowerPoint document.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
n/a · n/a
public PoCs found6
exploitdbwww.exploit-db.com/exploits/35216unverifiedexploitdbwww.exploit-db.com/exploits/35236unverifiedexploitdbwww.exploit-db.com/exploits/35235unverifiedexploitdbwww.exploit-db.com/exploits/35019unverifiedexploitdbwww.exploit-db.com/exploits/35055unverifiedexploitdbwww.exploit-db.com/exploits/35020unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://blogs.technet.com/b/srd/archive/2014/11/11/assessing-risk-for-the-november-2014-security-updates.aspxhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-064http://secunia.com/advisories/61803https://exchange.xforce.ibmcloud.com/vulnerabilities/97714https://technet.microsoft.com/library/security/3010060https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-6352http://twitter.com/ohjeongwook/statuses/524795124270653440http://www.securityfocus.com/bid/70690http://www.securitytracker.com/id/1031097