Trusted Design

• 重大度: Unknown
• 公開日: 2014-02-26
• 更新日: 2025-10-22

概要

The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers to determine the existence of local pathnames, UNC share pathnames, intranet hostnames, and intranet IP addresses by examining error codes, as demonstrated by a res:// URL, and exploited in the wild in February 2014.

このCVEに関連するMITRE ATT&CKテクニック

• T1216.001 - PubPrn
• T1574.007 - Path Interception by PATH Environment Variable
• T1574.011 - Services Registry Permissions Weakness
• T1596.001 - DNS/Passive DNS
• T1114.001 - Local Email Collection
• T1192 - Spearphishing Link
• T1587.001 - Malware
• T1121 - Regsvcs/Regasm
• T1484.002 - Trust Modification
• T1070.002 - Clear Linux or Mac System Logs
• T1598.003 - Spearphishing Link
• T1566.001 - Spearphishing Attachment
• T1559.001 - Component Object Model
• T1583.005 - Botnet
• T1574.014 - AppDomainManager
• T1218.007 - Msiexec
• T1608.001 - Upload Malware
• T1558 - Steal or Forge Kerberos Tickets
• T1038 - DLL Search Order Hijacking
• T1518.002 - Backup Software Discovery
• T1525 - Implant Internal Image
• T1218.002 - Control Panel
• T1589 - Gather Victim Identity Information
• T1181 - Extra Window Memory Injection
• T1562.004 - Disable or Modify System Firewall
• T1145 - Private Keys
• T1112 - Modify Registry
• T1535 - Unused/Unsupported Cloud Regions
• T1155 - AppleScript
• T1021.003 - Distributed Component Object Model
• T1589.002 - Email Addresses
• T1177 - LSASS Driver
• T1546.008 - Accessibility Features
• T1090 - Proxy
• T1482 - Domain Trust Discovery
• T1175 - Component Object Model and Distributed COM
• T1083 - File and Directory Discovery
• T1036.004 - Masquerade Task or Service
• T1649 - Steal or Forge Authentication Certificates
• T1584 - Compromise Infrastructure
• T1051 - Shared Webroot
• T1218.012 - Verclsid
• T1218.005 - Mshta
• T1608.005 - Link Target
• T1027.012 - LNK Icon Smuggling
• T1071.002 - File Transfer Protocols
• T1170 - Mshta
• T1219.003 - Remote Access Hardware
• T1562.001 - Disable or Modify Tools
• T1001 - Data Obfuscation
• T1039 - Data from Network Shared Drive
• T1584.006 - Web Services
• T1078 - Valid Accounts
• T1073 - DLL Side-Loading
• T1531 - Account Access Removal
• T1505.004 - IIS Components
• T1486 - Data Encrypted for Impact
• T1218.010 - Regsvr32
• T1592.002 - Software
• T1128 - Netsh Helper DLL
• T1587.004 - Exploits
• T1137.004 - Outlook Home Page
• T1184 - SSH Hijacking
• T1012 - Query Registry
• T1078.002 - Domain Accounts
• T1218.009 - Regsvcs/Regasm
• T1499 - Endpoint Denial of Service
• T1493 - Transmitted Data Manipulation
• T1213.003 - Code Repositories
• T1565.002 - Transmitted Data Manipulation
• T1543.001 - Launch Agent
• T1221 - Template Injection
• T1159 - Launch Agent
• T1563.002 - RDP Hijacking
• T1018 - Remote System Discovery
• T1055.008 - Ptrace System Calls
• T1653 - Power Settings
• T1220 - XSL Script Processing
• T1173 - Dynamic Data Exchange
• T1003.003 - NTDS
• T1569.002 - Service Execution
• T1035 - Service Execution
• T1056.004 - Credential API Hooking
• T1090.001 - Internal Proxy
• T1216 - System Script Proxy Execution
• T1127 - Trusted Developer Utilities Proxy Execution
• T1077 - Windows Admin Shares

このCVEが関連しているPulses

このCVEが関連しているPulsesはありません。

CVEの関係性グラフ

---

← CVE一覧に戻る