فا

‫ Microsoft .NET Framework Multiple Vulnerabilities

IRCAD2013102927
ID: IRCAD2013102927
Release Date: 2013-10-08
Criticality level: Highly critical
 
Software:
Microsoft .NET Framework 2.x
Microsoft .NET Framework 3.x
Microsoft .NET Framework 4.x
 
Description:
Multiple vulnerabilities have been reported in Microsoft .NET Framework, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a user's system.
1) An unspecified error when handling OpenType fonts (OTF) can be exploited to execute arbitrary code via a specially crafted XAML Browser Application (XBAP).
2) An error when expanding entity references can be exploited to exhaust available system resources via a specially crafted XML data containing malicious attributes.
3) An unspecified error when parsing JSON data can be exploited to cause a crash. No further information is currently available.
 
Solution
Apply updates.
 
Windows XP
Windows Server 2003
Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2
Windows 8
Windows Server 2012
 
 
References:
MS13-082 (KB2878890, KB2863239, KB2861189, KB2861697, KB2858302, KB2861188, KB2863253, KB2861190, KB2861193, KB2861208, KB2861191, KB2861698, KB2863240, KB2861194, KB2861704, KB2863243, KB2861702):
 
Secunia:
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 17 مهر 1392

امتیاز

امتیاز شما
تعداد امتیازها:0