3 matches found
Microsoft .NET Framework 远程权限提升漏洞(CVE-2013-0002)
Bugtraq ID:57126 CVE ID: CVE-2013-0002 Microsoft .NET Framework是一套由Microsoft分发的帮助开发者构建基于WEB应用的系统。 Microsoft .NET WinForms方法没有正确校验内存中的对象数量,在拷贝这些对象到数组之前缺少正确的边界检查,可触发缓冲区溢出。攻击者可以构建特制的XMAL浏览器应用XBAP或不可信的.Net应用,诱使用户解析,可完全控制应用系统,执行任意代码。 0 Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.0...
CVE-2013-0002
Microsoft .NET Framework WinForms Buffer Overflow (CVE-2013-0002) is triggered by improper counting of objects during a memory copy in Windows Forms, allowing remote code execution via a crafted XBAP or a crafted .NET application. Affected versions span 1.0 SP3 through 4.5. The root cause is a ra...
MS13-004: Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2769324)
The remote Windows host is running a version of Microsoft .NET Framework that is affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the way the Windows Forms in .NET Framework handle pointers to unmanaged memory locations. CVE-2013-0001 - A buffer overflow...