CVE-2021-37181

A vulnerability has been identified in Cerberus DMS V4.0 All versions, Cerberus DMS V4.1 All versions, Cerberus DMS V4.2 All versions, Cerberus DMS V5.0 All versions v5.0 QU1, Desigo CC Compact V4.0 All versions, Desigo CC Compact V4.1 All versions, Desigo CC Compact V4.2 All versions, Desigo CC...

Deserialization of untrusted data

A vulnerability has been identified in Cerberus DMS V4.0 All versions, Cerberus DMS V4.1 All versions, Cerberus DMS V4.2 All versions, Cerberus DMS V5.0 All versions v5.0 QU1, Desigo CC Compact V4.0 All versions, Desigo CC Compact V4.1 All versions, Desigo CC Compact V4.2 All versions, Desigo CC...

MS13-082: Description of the security update for the .NET Framework 3.0 Service Pack 2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: October 8, 2013

MS13-082: Description of the security update for the .NET Framework 3.0 Service Pack 2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: October 8, 2013 View products that this article applies to. Introduction This update resolves vulnerabilities in the Microsoft .NET...

MS13-082: Description of the security update for the .NET Framework 3.5 on Windows 8 and Windows Server 2012: October 8, 2013

MS13-082: Description of the security update for the .NET Framework 3.5 on Windows 8 and Windows Server 2012: October 8, 2013 View products that this article applies to. Introduction This update resolves vulnerabilities in the Microsoft .NET Framework that could allow remote code execution if a...

Microsoft .NET Framework S.DS.P Namespace Method Buffer Overflow - Ver2 (CVE-2013-0003)

A buffer overflow exists in the System.DirectoryServices.Protocols S.DS.P namespace method in the .NET framework. The vulnerability is due to an error in the validation of the size of objects in memory prior to copying them into an array.An attacker can remotely exploit this vulnerability by...

Design/Logic Flaw

The serialization functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly check the permissions of delegate objects, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework...

Design/Logic Flaw

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check the permissions of objects that use reflection, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework application, aka "Anonymous Method...

Microsoft .NET Framework WinForms Buffer Overflow (CVE-2013-0002)

A buffer overflow vulnerability exists in Microsoft .NET Framework Windows Form. The vulnerability is due to a race condition when handling the size of an array of objects prior to copying them into a global memory buffer.An attacker can remotely exploit this vulnerability by enticing a user to...

Microsoft .NET Framework 远程权限提升漏洞(CVE-2013-0003)

Bugtraq ID:57114 CVE ID: CVE-2013-0003 Microsoft .NET Framework是一套由Microsoft分发的帮助开发者构建基于WEB应用的系统 Microsoft .NET Framework System.DirectoryServices.Protocols S.DS.P命名空间方法没有正确校验内存中的对象大小，在拷贝这些对象到数组之前缺少正确的边界检查，可触发缓冲区溢出。攻击者可以构建特制的XMAL浏览器应用XBAP或不可信的.Net应用，诱使用户解析，可完全控制应用系统，执行任意代码 0 Microsoft .NET...

Buffer overflow

Buffer overflow in the Windows Forms aka WinForms component in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework application that leverag...

CVE-2013-0001

CVE-2013-0001 concerns a vulnerability in the Windows Forms (WinForms) component of Microsoft .NET Framework (1.0 SP3–4.5). The root cause is improper initialization of memory arrays and use of a pointer to unmanaged memory, enabling information disclosure. Exploitation could occur via a crafted ...

CVE-2013-0001

The Windows Forms aka WinForms component in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 4, and 4.5 does not properly initialize memory arrays, which allows remote attackers to obtain sensitive information via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework...

Microsoft .NET Framework Privilege Elevation Vulnerability (2769324)

This host is missing an important security update according to Microsoft Bulletin MS13-004. OpenVAS Vulnerability Test $Id: secpodms13-004.nasl 5365 2017-02-20 13:46:09Z cfi $ Microsoft .NET Framework Privilege Elevation Vulnerability 2769324 Authors: Antu Sanadi Copyright: Copyright c 2013 SecPo...

CVE-2012-1896

Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly consider trust levels during construction of output data, which allows remote attackers to obtain sensitive information via 1 a crafted XAML browser application aka XBAP or 2 a crafted .NET Framework application, aka "Code Access Securi...

CVE-2012-1895

The reflection implementation in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP or 2 a crafted .NET Framework application, aka...

CVE-2012-1855

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly handle function pointers, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP or 2 a crafted .NET Framework application, aka ".NET Framework Memory Access Vulnerability...

CVE-2012-0163

CVE-2012-0163 is a high-severity vulnerability in multiple .NET Framework versions (1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5) where function parameter validation is insufficient, enabling remote code execution. Exploitation paths include a crafted XBAP, a crafted ASP.NET application, or a cr...

Microsoft .NET Framework and Microsoft Silverlight RCE Vulnerabilities (2651026)

This host is missing a critical security update according to Microsoft Bulletin MS12-016. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2012-0014

CVE-2012-0014 describes a remote code execution flaw in Microsoft .NET Framework components (2.0 SP2, 3.5.1, 4) and Silverlight 4 prior to 4.1.10111, caused by improper restriction of memory access for unmanaged objects. Exploitation vectors include XBAP, crafted ASP.NET, .NET Framework, and Silv...

Design/Logic Flaw

Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly validate the System.Net.Sockets trust level, which allows remote attackers to obtain sensitive information or trigger arbitrary outbound network traffic via 1 a crafted XAML browser application aka XBAP, 2 a crafted ASP.NET...