{ "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2014-4149", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly perform TypeFilterLevel checks, which allows remote attackers to execute arbitrary code via crafted data to a .NET Remoting endpoint, aka \"TypeFilterLevel Vulnerability.\"" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1031188", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031188" }, { "name": "MS14-072", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-072" }, { "name": "http://blogs.technet.com/b/srd/archive/2014/11/11/ms14-072-net-remoting-elevation-of-privilege-vulnerability.aspx", "refsource": "CONFIRM", "url": "http://blogs.technet.com/b/srd/archive/2014/11/11/ms14-072-net-remoting-elevation-of-privilege-vulnerability.aspx" } ] } }