Microsoft .NET Framework S.DS.P Namespace Method Buffer Overflow (CVE-2013-0003)

A buffer overflow exists in the System.DirectoryServices.Protocols S.DS.P namespace method in the .NET framework. The vulnerability is due to an error in the validation of the size of objects in memory prior to copying them into an array.An attacker can remotely exploit this vulnerability by...

Microsoft .NET Framework WinForms Information Disclosure (CVE-2013-0001)

A remote code execution vulnerability has been reported in the Microsoft .NET Framework. The vulnerability is due to the way WinForms handles pointers to unmanaged memory locations.A remote, unauthenticated attacker can exploit this vulnerability by either enticing a user to visit a maliciously...

.NET Framework EncoderParameter integer overflow vulnerability(MS12-025)

No description provided by source. run 'rundll32 dfshim CleanOnlineAppCache' to clear ClickOnce cache require 'msf/core' require 'base64' require 'digest/sha1' class Metasploit3 Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::HttpServer::HTML def initializeinfo =...

CVE-2013-0073

The Windows Forms aka WinForms component in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly restrict the privileges of a callback function during object creation, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 ...

Privilege escalation

The Windows Forms aka WinForms component in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly restrict the privileges of a callback function during object creation, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 ...

CVE-2013-0073

The Windows Forms aka WinForms component in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly restrict the privileges of a callback function during object creation, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 ...

CVE-2013-0073

CVE-2013-0073 affects the Windows Forms component of Microsoft .NET Framework (versions 2.0 SP2, 3.5, 3.5.1, 4, 4.5). The root cause is improper restriction of privileges for a callback function during object creation, which can allow remote attackers to execute arbitrary code via a crafted XBAP ...

Microsoft .NET Framework Privilege Elevation Vulnerability (2800277)

This host is missing an important security update according to Microsoft Bulletin MS13-015. OpenVAS Vulnerability Test $Id: secpodms13-015.nasl 5365 2017-02-20 13:46:09Z cfi $ Microsoft .NET Framework Privilege Elevation Vulnerability 2800277 Authors: Antu Sanadi Copyright: Copyright c 2013 SecPo...

.NET Framework EncoderParameter Integer Overflow

run 'rundll32 dfshim CleanOnlineAppCache' to clear ClickOnce cache require 'msf/core' require 'base64' require 'digest/sha1' class Metasploit3 '.NET Framework EncoderParameter integer overflow vulnerability', 'Description' = %q An integer overflow vulnerability has been discovered in the...

Microsoft .NET Framework Privilege Elevation Vulnerability (2800277)

This host is missing an important security update according to Microsoft Bulletin MS13-015. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Security Update for Microsoft .NET Framework 4.5 on Windows 8 x86 (KB2789649)

A security issue has been identified that could allow an unauthenticated remote attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...

Security Update for Microsoft .NET Framework 3.5 on Windows 8 x86 (KB2789650)

A security issue has been identified that could allow an unauthenticated remote attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...

Security Update for Microsoft .NET Framework 3.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB2789650)

A security issue has been identified that could allow an unauthenticated remote attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...

Security Update for Microsoft .NET Framework 4.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB2789649)

A security issue has been identified that could allow an unauthenticated remote attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...

MS13-015: Vulnerability in .NET Framework Could Allow Elevation of Privilege (2800277)

The remote Windows host is running a version of the Microsoft .NET Framework that is affected by a privilege escalation vulnerability due to a flaw in the way .NET elevates the permissions of a callback function when a particular Windows Forms object is created. C Tenable Network Security, Inc...

Microsoft .NET Framework CVE-2013-0073 Remote Privilege Escalation Vulnerability

Description The Microsoft .NET Framework is prone to a remote privilege-escalation vulnerability. Successful exploits may allow an attacker to execute arbitrary code with elevated privileges; this may result in the attacker gaining complete control of the affected system. Technologies Affected...

MS13-015: Vulnerability in the .NET Framework could allow elevation of privilege: February 12, 2013

Resolves a vulnerability in the Microsoft .NET Framework that could allow remote code execution on a client system if a user views a specially crafted webpage by using a web browser that can run XAML Browser Applications XBAPs.IntroductionMicrosoft has released security bulletin MS13-015. You can...

Microsoft Announces Five Critical February Patch Tuesday Updates Coming Next Week

Microsoft announced yesterday it will ship 12 bulletins addressing 57 vulnerabilities in the February 2013 Patch Tuesday release of security updates. Five of the updates, which Microsoft will release Tuesday, received “critical” ratings while the remaining seven are considered “important.” If...

Microsoft Releases Advance Notification for February Security Bulletin

Microsoft has issued a Security Bulletin Advance Notification indicating that its February release will contain eleven bulletins. These bulletins will have the severity rating of critical and important, and will be for Microsoft Windows, Internet Explorer, Server Software, and .NET Framework. The...

Microsoft Releases February 2013 Security Bulletin

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, Server Software, Office, and .NET Framework as part of the Microsoft Security Bulletin summary for February 2013. These vulnerabilities could allow remote code execution, allow elevation of privileg...