CVE-2014-2779

Published: Jun 18, 2014Modified: May 6, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

mpengine.dll in Microsoft Malware Protection Engine before 1.1.10701.0 allows remote attackers to cause a denial of service (system hang) via a crafted file.

Affected (1)

Products: Microsoft: Malware Protection Engine

Microsoft

1 product

Malware Protection Engine

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Microsoft Malware Protection Engine	Up to 1.1.10600.0

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (8)

http://secunia.com/advisories/59337

Source: secure@microsoft.com

http://www.securityfocus.com/bid/68076

Source: secure@microsoft.com

VDB Entry

http://www.securitytracker.com/id/1030438

Source: secure@microsoft.com

VDB Entry

https://technet.microsoft.com/library/security/2974294

Source: secure@microsoft.com

MitigationPatchVendor Advisory

http://secunia.com/advisories/59337

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/68076

Source: af854a3a-2127-422b-91ae-364da2661108

VDB Entry

http://www.securitytracker.com/id/1030438

Source: af854a3a-2127-422b-91ae-364da2661108

VDB Entry

https://technet.microsoft.com/library/security/2974294

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationPatchVendor Advisory

Timeline

No history available yet.