Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Silverlight information leakage
updated since 09.10.2013
Published:05.11.2013
Source:
SecurityVulns ID:13337
Type:library
Threat Level:
5/10
Description:Memory content leakage.
Affected:MICROSOFT : Silverlight 5
CVE:CVE-2013-3896 (Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate pointers during access to Silverlight elements, which allows remote attackers to obtain sensitive information via a crafted Silverlight application, aka "Silverlight Vulnerability.")
 CVE-2013-0074 (Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML object rendering, which allows remote attackers to execute arbitrary code via a crafted Silverlight application, aka "Silverlight Double Dereference Vulnerability.")
Original documentdocumentbugtraq_(at)_packetstormsecurity.org, [PSA-2013-1022-1] Microsoft Silverlight Invalid Typecast / Memory Disclosure (05.11.2013)
Files:Microsoft Security Bulletin MS13-087 - Important Vulnerability in Silverlight Could Allow Information Disclosure (2890788)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod