‫ Microsoft .NET Framework WinForms Memory Access Vulnerability

IRCAD2012061980
ID: IRCAD2012061980
Release Date: 2012-06-12
Criticality level: Highly critical
 
Software:
Microsoft .NET Framework 2.x
Microsoft .NET Framework 3.x
Microsoft .NET Framework 4.x
 
Description:
A vulnerability has been reported in Microsoft .NET Framework, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error within the framework when handling pointers and can be exploited to corrupt memory via a specially crafted web page.
Successful exploitation allows execution of arbitrary code, but requires a browser that can run XAML Browser Applications (XBAPs).
 
Solution
Apply patches.
 
Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
 
 
References:
MS12-038 (KB2706726, KB2686828, KB2686827, KB2686833, KB2686830, KB2686831):
 
Secunia:
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 24 خرداد 1391

امتیاز

امتیاز شما
تعداد امتیازها:0