Unrated severityNVD Advisory· Published Oct 15, 2014· Updated Jun 17, 2026
CVE-2014-4073
CVE-2014-4073
Description
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 processes unverified data during interaction with the ClickOnce installer, which allows remote attackers to gain privileges via vectors involving Internet Explorer, aka ".NET ClickOnce Elevation of Privilege Vulnerability."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:.net_framework:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:.net_framework:4.5:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:.net_framework:4.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*
- (no CPE)range: 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2
Patches
Vulnerability mechanics
References
5- blogs.technet.com/b/srd/archive/2014/10/14/more-details-about-cve-2014-4073-elevation-of-privilege-vulnerability.aspxnvdVendor Advisory
- secunia.com/advisories/60969nvd
- www.securityfocus.com/bid/70313nvd
- www.securitytracker.com/id/1031021nvd
- docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-057nvd
News mentions
0No linked articles in our index yet.