Kaspersky LabKLA10608KLA10608 Security bypass vulnerability in Microsoft Silverlight
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:C/A:N
0.003 Low
EPSS
Percentile
65.6%
Detect date:
03/11/2014
Severity:
Critical
Description:
An unspecified vulnerability was found in Microsoft Silverlight. By exploiting this vulnerability malicious users can bypass DEP and ASLR protection. This vulnerability can be exploited remotely via an unspecified vectors.
Affected products:
Microsoft Silverlight 5
Solution:
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories:
Impacts:
SB
Related products:
CVE-IDS:
CVE-2014-03197.1High
Microsoft official advisories:
KB list:
References
support.microsoft.com/kb/2932677
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0319
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-0319
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-Silverlight/
Related
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:C/A:N
0.003 Low
EPSS
Percentile
65.6%