VYPR
Unrated severityNVD Advisory· Published Oct 15, 2014· Updated Jun 17, 2026

CVE-2014-4073

CVE-2014-4073

Description

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 processes unverified data during interaction with the ClickOnce installer, which allows remote attackers to gain privileges via vectors involving Internet Explorer, aka ".NET ClickOnce Elevation of Privilege Vulnerability."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:.net_framework:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:.net_framework:4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:.net_framework:4.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*
    • (no CPE)range: 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.