6554 matches found
CVE-2012-1855
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly handle function pointers, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP or 2 a crafted .NET Framework application, aka ".NET Framework Memory Access Vulnerability...
Seven Bulletins in Microsoft's June Patch
In the June 2012 edition of Patch Tuesday, Microsoft shipped seven security bulletins, of which, only three were deemed worthy of a critical rating. This month’s critical fixes are all remote code execution vulnerabilities in Windows, Internet Explorer, and the .NET framework. The first, MS12-036...
Microsoft .NET Framework Function Pointer Remote Code Execution (MS12-038; CVE-2012-1855)
A remote code execution vulnerability has been reported in the Microsoft .NET Framework. The vulnerability is due to the improper execution of a function pointer by .NET Framework. A remote attacker could trigger this vulnerability by enticing an unsuspecting victim to open a specially crafted we...
Microsoft .NET Framework Function Pointer Execution Remote Code Execution Vulnerability
Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial-of-service condition...
MS12-038: Vulnerability in the .NET Framework could allow remote code execution: June 12, 2012
Resolves a vulnerability in the .NET Framework that could allow remote code execution on a client system if a user views a specially crafted webpage by using a web browser that can run XAML Browser Applications XBAPs.IntroductionMicrosoft has released the security bulletin MS12-038. You can view...
MS12-040: Vulnerability in Dynamics AX Enterprise Portal could allow elevation of privilege: June 12, 2012
Resolves a vulnerability in the .NET Framework in Dynamics AX Enterprise Portal that could allow elevation of privilege.INTRODUCTIONMicrosoft has released security bulletin MS12-040 view the complete security bulletin, visit one of the following Microsoft websites: Home...
Microsoft IIS 6.0 / 7.5 Authentication Bypass
THIS IS A GENUINE ISOWAREZ RELEASE ------------------------------------------------------------------------------------------------------------------------------------------------------------ Title: Microsoft IIS 6.0 with PHP installed Authentication Bypass Affected software: Microsoft IIS 6.0 wi...
Microsoft IIS 6.0/7.5 Multiple Vulnerabilities(Authentication Bypass)
No description provided by source. THIS IS A GENUINE ISOWAREZ RELEASE ------------------------------------------------------------------------------------------------------------------------------------------------------------ Title: Microsoft IIS 6.0 with PHP installed Authentication Bypass...
Microsoft IIS 6.0 and 7.5 Multiple Vulnerabilities
Exploit for windows platform in category remote exploits THIS IS A GENUINE ISOWAREZ RELEASE ------------------------------------------------------------------------------------------------------------------------------------------------------------ Title: Microsoft IIS 6.0 with PHP installed...
Microsoft to Fix 28 Vulnerabilities in June Patch Tuesday
Microsoft has been busy of late, what with the scramble surrounding the Flame malware and the forged certificate that the attackers were able to use to spread the malware via a fake Windows Update service. Now, the company is planning to release seven bulletins next Tuesday covering 28...
Microsoft Releases June Security Bulletin
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, .NET Framework, Lync, and Dynamics AX as part of the Microsoft Security Bulletin Summary for June 2012. These vulnerabilities may allow an attacker to execute arbitrary code or operate with elevated...
Microsoft .NET Framework Serialization Data Validation Error (MS12-035; CVE-2012-0160)
A remote code execution vulnerability has been reported in the Microsoft .NET Framework...
Microsoft .NET Framework Serialization Code Execution (MS12-035; CVE-2012-0161)
A remote code execution vulnerability has been reported in the Microsoft .NET Framework...
CVE-2012-0161
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, 3.5.1, and 4 does not properly handle an unspecified exception during use of partially trusted assemblies to serialize input data, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application...
CVE-2012-0160
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, 3.5.1, and 4 does not properly serialize input data, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP or 2 a crafted .NET Framework application, aka ".NET Framework...
CVE-2012-0162
Microsoft .NET Framework 4 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP or 2 a crafted .NET Framework application, aka ".NET Framework Buffer Allocation Vulnerability."...
CVE-2012-0164
Microsoft .NET Framework 4 does not properly compare index values, which allows remote attackers to cause a denial of service application hang via crafted requests to a Windows Presentation Foundation WPF application, aka ".NET Framework Index Comparison Vulnerability."...
Design/Logic Flaw
Microsoft .NET Framework 4 does not properly compare index values, which allows remote attackers to cause a denial of service application hang via crafted requests to a Windows Presentation Foundation WPF application, aka ".NET Framework Index Comparison Vulnerability."...
Design/Logic Flaw
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, 3.5.1, and 4 does not properly serialize input data, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP or 2 a crafted .NET Framework application, aka ".NET Framework...
Design/Logic Flaw
Microsoft .NET Framework 4 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP or 2 a crafted .NET Framework application, aka ".NET Framework Buffer Allocation Vulnerability."...