Security Update for Microsoft .NET Framework 4.5, 4.5.1 and 4.5.2 on Windows 8 (KB3098780)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

Microsoft .NET Information Disclosure (MS15-118: CVE-2015-6096)

An information disclosure vulnerability exists in Microsoft .NET Framework. The specific vulnerability involves DTD problem in the underlying calls to XmlParser. An attacker who successfully exploited this vulnerability could gain read access to local files on the target system...

Microsoft .NET Framework CVE-2015-6096 XML Handling Information Disclosure Vulnerability

Description The Microsoft .NET Framework is prone to a remote information-disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information that may aid in further attacks. Technologies Affected Microsoft .NET Framework 2.0 SP2 Microsoft .NET Framework 3.5 Microso...

KLA10695 Multiple vulnerabilities in Microsoft .NET Framework

Multiple serious vulnerabilities have been found in Microsoft .NET Framework. Malicious users can exploit these vulnerabilities to bypass security restrictions,. Below is a complete list of vulnerabilities 1. Erroneous XML parsing at Document Type Definition can be exploited remotely via a...

Microsoft .NET Framework CVE-2015-6115 ASLR Security Bypass Vulnerability

Description Microsoft .NET Framework is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Microsoft .NET Framework 2.0 SP2...

CVE-2015-2504

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 improperly counts objects before performing an array copy, which allows remote attackers to 1 execute arbitrary code via a crafted XAML browser application XBAP or 2 bypass Code Access Security restrictions via a crafted...

Denial of service

Microsoft .NET Framework 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to cause a denial of service to an ASP.NET web site via crafted requests, aka "MVC Denial of Service Vulnerability."...

Privilege escalation

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 improperly counts objects before performing an array copy, which allows remote attackers to 1 execute arbitrary code via a crafted XAML browser application XBAP or 2 bypass Code Access Security restrictions via a crafted...

CVE-2015-2504

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 improperly counts objects before performing an array copy, which allows remote attackers to 1 execute arbitrary code via a crafted XAML browser application XBAP or 2 bypass Code Access Security restrictions via a crafted...

Microsoft .NET Framework Privilege Elevation Vulnerabilities (3089662)

This host is missing an important security update according to Microsoft Bulletin MS15-101. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

KLA10659 Multiple vulnerabilities in Microsoft .NET Framework

Multiple serious vulnerabilities have been found in .NET Framework. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or gain privileges. Below is a complete list of vulnerabilities 1. Improper memory objects validation can be exploited...

Microsoft .NET Framework Model View Controller CVE-2015-2526 Remote Denial of Service Vulnerability

Description Microsoft .NET Framework is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to degrade the performance of a .NET-enabled website, causing a denial of service condition. Technologies Affected Avaya Meeting Exchange - Client Registration Server 6.0...

Microsoft .NET Framework CVE-2015-2504 Remote Privilege Escalation Vulnerability

Description Microsoft .NET Framework is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges in the context of the currently logged-in user; this can also result in the attacker gaining complete control of the affected system...

CVE-2015-2480

The RyuJIT compiler in Microsoft .NET Framework 4.6 produces incorrect code during an attempt at optimization, which allows remote attackers to execute arbitrary code via a crafted .NET application, aka "RyuJIT Optimization Elevation of Privilege Vulnerability," a different vulnerability than...

CVE-2015-2479

The RyuJIT compiler in Microsoft .NET Framework 4.6 produces incorrect code during an attempt at optimization, which allows remote attackers to execute arbitrary code via a crafted .NET application, aka "RyuJIT Optimization Elevation of Privilege Vulnerability," a different vulnerability than...

Privilege escalation

The RyuJIT compiler in Microsoft .NET Framework 4.6 produces incorrect code during an attempt at optimization, which allows remote attackers to execute arbitrary code via a crafted .NET application, aka "RyuJIT Optimization Elevation of Privilege Vulnerability," a different vulnerability than...

Privilege escalation

The RyuJIT compiler in Microsoft .NET Framework 4.6 produces incorrect code during an attempt at optimization, which allows remote attackers to execute arbitrary code via a crafted .NET application, aka "RyuJIT Optimization Elevation of Privilege Vulnerability," a different vulnerability than...

CVE-2015-2481

The RyuJIT compiler in Microsoft .NET Framework 4.6 produces incorrect code during an attempt at optimization, which allows remote attackers to execute arbitrary code via a crafted .NET application, aka "RyuJIT Optimization Elevation of Privilege Vulnerability," a different vulnerability than...

Microsoft .NET Framework Remote Code Execution Vulnerabilities (3078662)

This host is missing a critical security update according to Microsoft Bulletin MS15-080. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

KLA10644 Privelege escalation vulnerability in Microsoft .NET Framework

An improper optimization at RyuJIT were found in Microsoft .NET Framework. By exploiting these vulnerabilities malicious users can gain privileges. These vulnerabilities can be exploited remotely via a specially designed .NET application. Technical details This vulnerability caused by improper...