CVE-2014-4062
Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, and 3.5.1 does not properly implement the ASLR protection mechanism, which allows remote attackers to obtain sensitive address information via a crafted web site, aka ".NET ASLR Vulnerability."
View on NVDSeverity
N/A
EPSS
Probability of exploitation (next 30 days): 0.1499 (15.0%)
Percentile: 94.6%
EPSS: 2026-05-06
Affects
microsoft:.net_frameworkTechnical description
Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, and 3.5.1 does not properly implement the ASLR protection mechanism, which allows remote attackers to obtain sensitive address information via a crafted web site, aka ".NET ASLR Vulnerability."
Published: 8/12/2014, 9:55:07 PM
Last modified: 5/6/2026, 10:30:45 PM
References
- http://www.securityfocus.com/bid/69145
- http://www.securitytracker.com/id/1030721
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-046
- http://www.securityfocus.com/bid/69145
- http://www.securitytracker.com/id/1030721
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-046