Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2010-1898
HistoryAug 11, 2010 - 6:47 p.m.

CVE-2010-1898

2010-08-1118:47:00
CWE-94
[email protected]
web.nvd.nist.gov
58
cve-2010-1898
common language runtime
clr
microsoft .net framework
microsoft silverlight
virtual method delegate
vulnerability
remote code execution
xaml
xbap
asp.net
.net framework

7.4 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.483 Medium

EPSS

Percentile

97.5%

JSON

The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP1, 2.0 SP2, 3.5, 3.5 SP1, and 3.5.1, and Microsoft Silverlight 2 and 3 before 3.0.50611.0 on Windows and before 3.0.41130.0 on Mac OS X, does not properly handle interfaces and delegations to virtual methods, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka “Microsoft Silverlight and Microsoft .NET Framework CLR Virtual Method Delegate Vulnerability.”

Related

openvas 3
prion 1
canvas 1
nessus 1
securityvulns 2
openvas
openvas
foxweb CGI
2005-11-03 00:00:00
Microsoft .NET Common Language Runtime Remote Code Execution Vulnerability (2265906)
2010-08-11 00:00:00
Microsoft .NET Common Language Runtime Remote Code Execution Vulnerability (2265906)
2010-08-11 00:00:00
prion
prion
Design/Logic Flaw
2010-08-11 18:47:00
canvas
canvas
Immunity Canvas: MS10_060
2010-08-11 18:47:00
nessus
nessus
MS10-060: Vulnerabilities in the Microsoft .NET Common Language Runtime and in Microsoft Silverlight Could Allow Remote Code Execution (2265906)
2010-08-11 00:00:00
securityvulns
securityvulns
Microsoft .Net and Silverlight security vulnerabilities
2010-08-11 00:00:00
Microsoft Security Bulletin MS10-060 - Critical Vulnerabilities in the Microsoft .NET Common Language Runtime and in Microsoft Silverlight Could Allow Remote Code Execution (2265906)
2010-08-11 00:00:00

7.4 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.483 Medium

EPSS

Percentile

97.5%

JSON
Related for CVE-2010-1898
openvas3prion1canvas1nessus1securityvulns2