.NET ClickOnce Elevation of Privilege Vulnerability

.NET ClickOnce Elevation of Privilege Vulnerability

CVE-2014-4073 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 processes unverified data during interaction with the ClickOnce installer, which allows remote attackers to gain privileges via vectors involving Internet Explorer, aka ".NET ClickOnce Elevation of Privilege Vulnerability."

Learn more about our Web Application Penetration Testing UK.