40 matches found
EUVD-2013-3070
Malware in sbrugna...
EUVD-2013-3109
Malware in sbrugna...
CVE-2015-2504
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 improperly counts objects before performing an array copy, which allows remote attackers to 1 execute arbitrary code via a crafted XAML browser application XBAP or 2 bypass Code Access Security restrictions via a crafted...
Privilege escalation
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 improperly counts objects before performing an array copy, which allows remote attackers to 1 execute arbitrary code via a crafted XAML browser application XBAP or 2 bypass Code Access Security restrictions via a crafted...
CVE-2013-3171
The serialization functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly check the permissions of delegate objects, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework...
CVE-2013-3132
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check the permissions of objects that use reflection, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework application, aka...
Design/Logic Flaw
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check the permissions of objects that use reflection, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework application, aka "Anonymous Method...
CVE-2013-3171
The serialization functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly check the permissions of delegate objects, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework...
Microsoft .NET Framework WinForms Buffer Overflow (CVE-2013-0002)
A buffer overflow vulnerability exists in Microsoft .NET Framework Windows Form. The vulnerability is due to a race condition when handling the size of an array of objects prior to copying them into a global memory buffer.An attacker can remotely exploit this vulnerability by enticing a user to...
Privilege escalation
The Windows Forms aka WinForms component in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly restrict the privileges of a callback function during object creation, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 ...
Microsoft .NET Framework远程权限提升漏洞(MS13-004)
CVE ID: CVE-2013-0004 Microsoft .NET Framework是一套由Microsoft分发的帮助开发者构建基于WEB应用的系统。 Microsoft .NET Framework里存在的一个两次构建错误会导致不正确验证内存中某些对象的权限,攻击者可以构建特制的XMAL浏览器应用XBAP或不可信的.Net应用,诱使用户解析,可完全控制应用系统,执行任意代码。 0 Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.0 Microsoft .NET Framework 3.5 Microsoft...
CVE-2013-0002
Buffer overflow in the Windows Forms aka WinForms component in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework application that leverag...
Information disclosure
The Windows Forms aka WinForms component in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 4, and 4.5 does not properly initialize memory arrays, which allows remote attackers to obtain sensitive information via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework...
Buffer overflow
Buffer overflow in the Windows Forms aka WinForms component in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework application that leverag...
Buffer overflow
Buffer overflow in a System.DirectoryServices.Protocols S.DS.P namespace method in Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework application that...
CVE-2013-0001
CVE-2013-0001 concerns a vulnerability in the Windows Forms (WinForms) component of Microsoft .NET Framework (1.0 SP3–4.5). The root cause is improper initialization of memory arrays and use of a pointer to unmanaged memory, enabling information disclosure. Exploitation could occur via a crafted ...
CVE-2013-0004
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate the permissions of objects in memory, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework application, aka...
Design/Logic Flaw
The reflection implementation in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP or 2 a crafted .NET Framework application, aka...
CVE-2012-4777
The code-optimization feature in the reflection implementation in Microsoft .NET Framework 4 and 4.5 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP or 2 a crafted .NET Framework application, a...
Microsoft .NET Framework Remote Code Execution Vulnerability (2745030)
This host is missing a critical security update according to Microsoft Bulletin MS12-074. OpenVAS Vulnerability Test $Id: secpodms12-074.nasl 5346 2017-02-19 08:43:11Z cfi $ Microsoft .NET Framework Remote Code Execution Vulnerability 2745030 Authors: Antu Sanadi Copyright: Copyright c 2012 SecPo...