Microsoft .NET Framework CVE-2016-0132 Security Bypass Vulnerability

Description Microsoft .NET Framework is prone to a security-bypass vulnerability because it fails to properly validate certain elements of a signed XML document. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further...

CVE-2016-0047

WinForms in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows remote attackers to obtain sensitive information from process memory via crafted icon data, aka "Windows Forms Information Disclosure Vulnerability."...

CVE-2016-0033

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 does not prevent recursive compilation of XSLT transforms, which allows remote attackers to cause a denial of service performance degradation via crafted XSLT data, aka ".NET Framework Stack Overflow Denial of Service...

Information disclosure

WinForms in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows remote attackers to obtain sensitive information from process memory via crafted icon data, aka "Windows Forms Information Disclosure Vulnerability."...

Stack overflow

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 does not prevent recursive compilation of XSLT transforms, which allows remote attackers to cause a denial of service performance degradation via crafted XSLT data, aka ".NET Framework Stack Overflow Denial of Service...

CVE-2016-0047

CVE-2016-0047 is a Windows Forms information-disclosure vulnerability in the Microsoft .NET Framework, enabling remote attackers to obtain sensitive data from process memory via specially crafted icon data. Affected are WinForms components in .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4....

CVE-2016-0047

WinForms in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows remote attackers to obtain sensitive information from process memory via crafted icon data, aka "Windows Forms Information Disclosure Vulnerability."...

CVE-2016-0033

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 does not prevent recursive compilation of XSLT transforms, which allows remote attackers to cause a denial of service performance degradation via crafted XSLT data, aka ".NET Framework Stack Overflow Denial of Service...

Microsoft .NET Framework Denial of Service Vulnerabilities (3137893)

This host is missing an important security update according to Microsoft Bulletin MS16-019. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft .NET Framework CVE-2016-0033 Stack Overflow Denial of Service Vulnerability

Description Microsoft .NET Framework is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to degrade the server performance, causing a denial-of-service condition. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this ha...

Microsoft .NET Framework ASLR Security Bypass (MS15-118: CVE-2015-6115)

A security feature bypass vulnerability exists in Microsoft .NET Framework. The vulnerability is due to a DLL file that was not compiled with Address Space Layout Randomization ASLR enabled. A remote attacker can exploit this vulnerability by enticing a target user to open a crafted document that...

Microsoft .NET Framework Remote Code Execution Vulnerabilities (3104503)

This host is missing a critical security update according to Microsoft Bulletin MS15-128. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Windows Graphics Component CVE-2015-6108 Memory Corruption Vulnerability

Description Microsoft Windows is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft .NET Framework 3.0 SP2...

Microsoft .NET Framework XSS / Privilege Escalation Vulnerability

Exploit for windows platform in category remote exploits Product: =========================== Microsoft .NET Framework Vulnerability Type: ============================ XSS / Elevation of Privilege CVE Reference: ============== CVE-2015-6099 Vulnerability Details: ====================== Microsoft...

CVE-2015-6099

Cross-site scripting XSS vulnerability in ASP.NET in Microsoft .NET Framework 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka ".NET Elevation of Privilege Vulnerability."...

CVE-2015-6096

The XML DTD parser in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue, aka ".NET Information Disclosu...

Security feature bypass

Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka ".NET ASLR Bypass."...

Information disclosure

The XML DTD parser in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue, aka ".NET Information Disclosu...

CVE-2015-6096

The XML DTD parser in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue, aka ".NET Information Disclosu...

Microsoft .NET Framework Privilege Elevation Vulnerabilities (3104507)

This host is missing an important security update according to Microsoft Bulletin MS15-118. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...