Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft .Net / Silverlight code execution
Published:12.10.2011
Source:
SecurityVulns ID:11963
Type:library
Threat Level:
6/10
Description:It's possible to escape from sandbox.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2011-1253 (Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.0.60831, does not properly restrict inheritance, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, (3) a crafted .NET Framework application, or (4) a crafted Silverlight application, aka ".NET Framework Class Inheritance Vulnerability.")
Files:Microsoft Security Bulletin MS11-078 - Critical Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2604930)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod