Summary
This host is missing an moderate security update according to Microsoft Bulletin MS14-042
Impact
Successful exploitation will allow remote attackers to cause a Denial of Service.
Impact Level: Application
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, https://technet.microsoft.com/en-us/security/bulletin/ms14-042
Insight
The flaw is due to an unspecified error when handling Advanced Message Queuing Protocol (AMQP) messages and can be exploited to cause Microsoft Service Bus to stop responding to incoming messages by sending specially crafted AMQP messages.
Affected
Microsoft Service Bus 1.1 on
Microsoft Windows Server 2012/R2
Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
Detection
Get the vulnerable file version and check appropriate patch is applied or not.
References
Severity
Classification
-
CVE CVE-2014-2814 -
CVSS Base Score: 4.0
AV:N/AC:L/Au:S/C:N/I:N/A:P
Related Vulnerabilities
- Microsoft SharePoint SafeHTML Information Disclosure Vulnerabilities (2412048)
- Microsoft Windows Local Procedure Call Local Privilege Escalation Vulnerability (2898715)
- Microsoft Office Web Apps HTML Sanitisation Component XSS Vulnerability (2821818)
- Microsoft Window XML Core Services Information Disclosure Vulnerability (2966061)
- Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2778344)