Microsoft .NET Framework and Microsoft Silverlight Multiple Vulnerabilities
Last Update Date:
15 Feb 2012 11:45
Release Date:
15 Feb 2012
5056
Views
RISK: High Risk
TYPE: Operating Systems - Windows OS
- .NET Framework Unmanaged Objects Vulnerability
A remote code execution vulnerability exists in Microsoft .NET Framework and Silverlight that can allow a specially crafted Microsoft .NET Framework application to access memory in an unsafe manner. An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the logged-on user. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. - .NET Framework Heap Corruption Vulnerability
A remote code execution vulnerability exists in Microsoft .NET Framework due to it improperly calculating a buffer length while processing specially crafted input. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Impact
- Remote Code Execution
System / Technologies affected
- Windows XP
- Windows Vista
- Windows 7
- Windows Server 2003
- Windows Server 2008
- Windows Server 2008 R2
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Download location for patches:
http://technet.microsoft.com/en-us/security/bulletin/ms12-016
Vulnerability Identifier
Source
Related Link
Share with