Microsoft .NET Framework Index Comparison Denial Of Service Vulnerability

Description Microsoft .NET Framework is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the application to become unresponsive or to crash, denying service to legitimate users. Due to the nature of this issue, arbitrary code-execution may be possible...

Microsoft .NET Framework Serialization CVE-2012-0161 Remote Code Execution Vulnerability

Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts will likely result in a denial-of-service condition. Technologies...

Microsoft Windows TrueType Font Engine CVE-2012-0159 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the TrueType Font engine. An attacker can exploit this issue through the Windows Kernel-Mode drivers to execute arbitrary code in kernel mode. The attacker can also exploit this issue through Microsoft...

Microsoft .NET Framework Input Serialization CVE-2012-0160 Remote Code Execution Vulnerability

Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting victim to run a malicious .NET application or visit a site that hosts the malicious content as an Extensible Application Markup Language XAML...

Microsoft .NET Framework Serialization CVE-2012-0162 Remote Code Execution Vulnerability

Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts will likely result in a denial-of-service condition. Technologies...

Microsoft .NET Framewor参数校验远程整数溢出漏洞(MS12-025)

Microsoft .NET Framework是一套由Microsoft分发的帮助开发者构建基于WEB应用的系统 Microsoft .NET Framework的EncoderParameter类存在一个整数溢出漏洞，由于不正确分配缓冲区，拷贝用户数据到堆缓冲区时可导致堆破坏 EncoderParameter中System.Drawing.dll中实现，用于向图像解码器GDI+传递值或值的数组 利用此漏洞，以部分可信权限运行的应用程序可绕过CLR沙盒限制，最终可以以完全可信权限执行任意代码。部分可信应用程序的例子包括ClickOnce, XAML Browser Applicatio...

Microsoft .NET Framework CRL参数解析漏洞 (MS12-025)

BUGTRAQ ID: 52921 CVE ID: CVE-2012-0163 ASP.NET是一套由Microsoft分发的帮助开发者构建基于WEB应用的系统。 Microsoft .NET Framework在处理传递到函数的某些参数时，.NET CRL Common Language Runtime中存在错误，可通过特制的网页利用，导致控制用户系统。 0 Microsoft .NET Framework 4.x Microsoft .NET Framework 3.x Microsoft .NET Framework 2.x Microsoft .NET Framework 1.x...

Microsoft .NET Framework Remote Code Execution Vulnerability (2671605)

This host is missing a critical security update according to Microsoft Bulletin MS12-025. OpenVAS Vulnerability Test $Id: secpodms12-025.nasl 5366 2017-02-20 13:55:38Z cfi $ Microsoft .NET Framework Remote Code Execution Vulnerability 2671605 Authors: Sooraj KS Copyright: Copyright c 2012 SecPod,...

Microsoft .NET Framework Remote Code Execution Vulnerability (2671605)

This host is missing a critical security update according to Microsoft Bulletin MS12-025. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Input validation

Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate function parameters, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP, 2 a crafted ASP.NET application, or 3 a crafted .NET Framework...

Microsoft .NET Framework Parameter Validation Remote Code Execution Vulnerability

Description The .NET Framework is prone to a remote code-execution vulnerability. Successful exploits may allow an attacker to execute arbitrary code with the privileges of the currently logged-in user. Failed attacks will cause denial-of-service conditions. In a web hosting environment,...

Microsoft .Net multiple security vulnerabilities

DoS, multiple vulnerabilities in forms authentication...

Microsoft .NET Framework CLI Loader Memory Corruption (CVE-2007-0041)

A memory corruption vulnerability has been reported in Microsoft .NET Framework...

Microsoft .NET Framework and Microsoft Silverlight Remote Code Execution Vulnerabilities (2651026)

This host is missing a critical security update according to Microsoft Bulletin MS12-016. OpenVAS Vulnerability Test $Id: secpodms12-016.nasl 8190 2017-12-20 09:44:30Z cfischer $ Microsoft .NET Framework and Microsoft Silverlight Remote Code Execution Vulnerabilities 2651026 Authors: Sooraj KS...

CVE-2012-0014

Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.1.10111, does not properly restrict access to memory associated with unmanaged objects, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP, 2 a crafted ASP.NET...

CVE-2012-0014

Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.1.10111, does not properly restrict access to memory associated with unmanaged objects, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP, 2 a crafted ASP.NET...

CVE-2012-0014

Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.1.10111, does not properly restrict access to memory associated with unmanaged objects, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP, 2 a crafted ASP.NET...

CVE-2012-0014

CVE-2012-0014 describes a remote code execution flaw in Microsoft .NET Framework components (2.0 SP2, 3.5.1, 4) and Silverlight 4 prior to 4.1.10111, caused by improper restriction of memory access for unmanaged objects. Exploitation vectors include XBAP, crafted ASP.NET, .NET Framework, and Silv...

Microsoft.NET and Silevrlight Unmanaged Objects Code Execution (MS12-016; CVE-2012-0014)

A remote code execution vulnerability has been reported in the Microsoft .NET Framework and Silverlight...

Microsoft .NET Heap Corruption Code Execution (MS12-016; CVE-2012-0015)

A remote code execution vulnerability has been reported in the Microsoft .NET Framework. The vulnerability is due to improper calculation of buffer length while processing specially crafted input. A remote attacker may exploit this issue by enticing a target user to open a specially crafted web...