Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic methods, which allows remote attackers to bypass generic constraints, and possibly execute arbitrary code, via a crafted method call.
lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html
secunia.com/advisories/42373
secunia.com/advisories/42877
www.exploit-db.com/exploits/15974
www.mono-project.com/Vulnerabilities#Moonlight_Generic_Constraints_Bypass_Vulnerability
www.securityfocus.com/bid/45051
www.vupen.com/english/advisories/2011/0076
bugzilla.novell.com/show_bug.cgi?id=654136
bugzilla.novell.com/show_bug.cgi?id=655847
github.com/mono/mono/commit/4905ef1130feb26c3150b28b97e4a96752e0d399
github.com/mono/mono/commit/65292a69c837b8a5f7a392d34db63de592153358
github.com/mono/mono/commit/cf1ec146f7c6acdc6697032b3aaafc68ffacdcac