CVE-2019-9163

The connection initiation process in March Networks Command Client before 2.7.2 allows remote attackers to execute arbitrary code via crafted XAML objects...

PT-2013-2053 · Microsoft · Windows Forms +1

Name of the Vulnerable Software and Affected Versions: Microsoft .NET Framework versions 1.0 SP3 through 4.5 Description: A buffer overflow issue in the Windows Forms component allows remote attackers to execute arbitrary code via a crafted XAML browser application or a .NET Framework application...

Design/Logic Flaw

The code-optimization feature in the reflection implementation in Microsoft .NET Framework 4 and 4.5 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP or 2 a crafted .NET Framework application, a...

PT-2012-3599 · Microsoft · .Net Framework

Name of the Vulnerable Software and Affected Versions: Microsoft .NET Framework versions 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 Description: The issue allows remote attackers to execute arbitrary code via a crafted XAML browser application or a crafted .NET Framework application. This is due to the...

Double free

Double free vulnerability in Microsoft Silverlight 4 before 4.1.10329 on Windows allows remote attackers to execute arbitrary code via vectors involving crafted XAML glyphs, aka "Silverlight Double-Free Vulnerability."...

PT-2009-4904 · Microsoft · Xaml +3

Name of the Vulnerable Software and Affected Versions: Microsoft .NET Framework versions 2.0 through 3.5 SP1 Silverlight version 2 Description: The issue allows remote attackers to execute arbitrary code via a crafted application. A remote code execution vulnerability exists in the Microsoft .NET...