Lucene search
K

54 matches found

Prion
Prion
added 2012/04/10 9:55 p.m.25 views

Input validation

Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate function parameters, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP, 2 a crafted ASP.NET application, or 3 a crafted .NET Framework...

9.3CVSS8AI score0.38251EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2012/02/14 10:55 p.m.26 views

Design/Logic Flaw

Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly calculate the length of an unspecified buffer, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP, 2 a crafted ASP.NET application, or 3 a crafted .NET Framework application, aka...

9.3CVSS8.1AI score0.23778EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2011/08/10 9:16 p.m.11 views

CVE-2011-1978

Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly validate the System.Net.Sockets trust level, which allows remote attackers to obtain sensitive information or trigger arbitrary outbound network traffic via 1 a crafted XAML browser application aka XBAP, 2 a crafted ASP.NET...

6.5AI score0.2021EPSS
Exploits0References2
NVD
NVD
added 2011/06/16 8:55 p.m.19 views

CVE-2011-0664

Microsoft .NET Framework 2.0 SP1 and SP2, 3.5 Gold and SP1, 3.5.1, and 4.0, and Silverlight 4 before 4.0.60531.0, does not properly validate arguments to unspecified networking API functions, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP...

9.3CVSS7.4AI score0.16006EPSS
Exploits1References2
seebug.org
seebug.org
added 2011/06/16 12:0 a.m.24 views

Microsoft Silverlight & .NET Framework非法数组偏移远程代码执行漏洞

Bugtraq ID: 48212 CVE ID:CVE-2011-0664 Microsoft .NET Framework是一个流行的软件开发工具包。Microsoft Silverlight是一个跨浏览器的、跨平台的插件,为Web带来下一代媒体体验和丰富的交互式应用程序体验。 向可信API传递值时存在输入验证错误,攻击者构建特制的XAML浏览器应用XBAP或Silverlight应用,诱使用户解析,可以不安全方式访问内存。成功利用漏洞可以以应用程序安全上下文执行任意代码 Microsoft Silverlight 4.0 Microsoft Silverlight 3.0...

9.3CVSS6.3AI score0.16006EPSS
Exploits1
OpenVAS
OpenVAS
added 2011/06/15 12:0 a.m.22 views

Microsoft .NET Framework and Silverlight Remote Code Execution Vulnerability (2514842)

This host is missing a critical security update according to Microsoft Bulletin MS11-039. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.3CVSS5AI score0.16006EPSS
Exploits1References2
CVE
CVE
added 2011/05/10 7:0 p.m.96 views

CVE-2011-1271

The CVE describes a JIT optimization flaw in Microsoft .NET Framework that mishandles null-string expressions, enabling context-dependent attackers to execute arbitrary code. Affected products/variants include .NET Framework 3.5 Gold/SP1 (and 3.5.1) and 4.0 when IsJITOptimizerDisabled is false. E...

7.7CVSS7AI score0.20096EPSS
Exploits2References3Affected Software1
Prion
Prion
added 2011/04/13 6:55 p.m.27 views

Memory corruption

The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 does not properly compile function calls, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP, 2 a crafted ASP.NET application, or 3 a crafted .NET Framework...

9.3CVSS8.1AI score0.23593EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2011/04/13 6:0 p.m.26 views

CVE-2010-3958

The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 does not properly compile function calls, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP, 2 a crafted ASP.NET application, or 3 a crafted .NET Framework...

7.4AI score0.23593EPSS
Exploits0References3
Check Point Advisories
Check Point Advisories
added 2009/12/10 12:0 a.m.28 views

Internet Explorer Object Reference Counting Memory Corruption (MS07-069; CVE-2007-3902)

Microsoft Internet Explorer IE is a web browser application that is capable of rendering both static and dynamic web content. The application is primarily used for tasks related to web browsing, such as displaying HTML encoded pages, downloading files, etc. A memory corruption vulnerability exist...

9.3CVSS7.7AI score0.35508EPSS
Exploits1
NVD
NVD
added 2009/10/14 10:30 a.m.30 views

CVE-2009-2504

Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Proje...

9.3CVSS7.8AI score0.20982EPSS
Exploits1References3
Prion
Prion
added 2009/10/14 10:30 a.m.21 views

Design/Logic Flaw

The Common Language Runtime CLR in Microsoft .NET Framework 2.0, 2.0 SP1, 2.0 SP2, 3.5, and 3.5 SP1, and Silverlight 2, does not properly handle interfaces, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP, 2 a crafted Silverlight application, ...

9.3CVSS8AI score0.23254EPSS
Exploits0References3Affected Software3
Prion
Prion
added 2009/10/14 10:30 a.m.24 views

Design/Logic Flaw

Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP, 2 a crafted ASP.NET application, or 3 a crafted .NET Framewor...

9.3CVSS7.9AI score0.25811EPSS
Exploits2References3Affected Software3
Cvelist
Cvelist
added 2009/10/14 10:0 a.m.29 views

CVE-2009-0091

Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP, 2 a crafted ASP.NET application, or 3 a crafted .NET Framewor...

7.2AI score0.25811EPSS
Exploits2References3
Rows per page
Query Builder