Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:60469
HistoryNov 19, 2012 - 12:00 a.m.

Microsoft .NET Framework远程权限提升漏洞(MS12-074)

2012-11-1900:00:00
Root
www.seebug.org
13

0.544 Medium

EPSS

Percentile

97.3%

JSON

BUGTRAQ ID: 56464
CVE ID: CVE-2012-4777

.NET就是微软的用来实现XML,Web Services,SOA(面向服务的体系结构service-oriented architecture)和敏捷性的技术。.NET Framework是微软开发的软件框架,主要运行在Microsoft Windows上。

Microsoft .NET Framework 4、4.5的代码优化功能在反射实现中没有正确执行对象权限,通过特制的XAML浏览器应用或特制的.NET Framework应用,可允许远程攻击者执行任意代码。
0
Microsoft .NET Framework 4.0
临时解决方法:

  • 在IE中禁用XAML浏览器应用。

厂商补丁:

Microsoft

Microsoft已经为此发布了一个安全公告(MS12-074)以及相应补丁:

MS12-074:Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2745030)

链接:http://www.microsoft.com/technet/security/bulletin/MS12-074.asp

Related

cvelist 1
prion 1
cve 1
symantec 1
mskb 1
nessus 1
openvas 2
securityvulns 1
cvelist
cvelist
CVE-2012-4777
2012-11-14 00:00:00
prion
prion
Design/Logic Flaw
2012-11-14 00:55:00
cve
cve
CVE-2012-4777
2012-11-14 00:55:00
symantec
symantec
Microsoft .NET Framework CVE-2012-4777 Remote Privilege Escalation Vulnerability
2012-11-13 00:00:00
mskb
mskb
MS12-074: Vulnerabilities in .NET Framework could allow remote code execution: November 13, 2012
2012-11-13 00:00:00
nessus
nessus
MS12-074: Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2745030)
2012-11-14 00:00:00
openvas
openvas
Microsoft .NET Framework Remote Code Execution Vulnerability (2745030)
2012-11-14 00:00:00
Microsoft .NET Framework Remote Code Execution Vulnerability (2745030)
2012-11-14 00:00:00
securityvulns
securityvulns
Microsoft Windows security vulnerabilities
2012-11-18 00:00:00

0.544 Medium

EPSS

Percentile

97.3%

JSON
Related for SSV:60469
cvelist1prion1cve1symantec1mskb1nessus1openvas2securityvulns1