فا

‫ Microsoft .NET Framework / Silverlight Two Vulnerabilities

IRCAD2012021723
ID:IRCAD2012021723
Release Date: 2012-02-14
Criticality level: Highly critical
Software:
Microsoft .NET Framework 2.x
Microsoft .NET Framework 3.x
Microsoft .NET Framework 4.x
Microsoft Silverlight 4.x
Description:
Two vulnerabilities have been reported in Microsoft .NET Framework and Microsoft Silverlight, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error when handling un-managed objects can be exploited via e.g. a specially crafted XAML Browser Application (XBAP).
2) An error when calculating certain buffer lengths can be exploited to corrupt memory via e.g. a specially crafted XAML Browser Application (XBAP).
Successful exploitation of the vulnerabilities allows execution of arbitrary code, but requires a browser that can run a XAML Browser Application (XBAP) or Silverlight application.
Solution:
Apply patches.
Windows XP Service Pack 3:
Windows XP Professional x64 Edition Service Pack 2:
Windows Server 2003 Service Pack 2:
Windows Server 2003 x64 Edition Service Pack 2:
Windows Server 2003 with SP2 for Itanium-based Systems:
Windows Vista Service Pack 2:
Windows Vista x64 Edition Service Pack 2:
Windows Server 2008 for 32-bit Systems Service Pack 2:
Windows Server 2008 for x64-based Systems Service Pack 2:
Windows Server 2008 for Itanium-based Systems Service Pack 2:
Windows 7 for 32-bit Systems:
Windows 7 for 32-bit Systems Service Pack 1:
Windows 7 for x64-based Systems:
Windows 7 for x64-based Systems Service Pack 1:
Windows Server 2008 R2 for x64-based Systems:
Windows Server 2008 R2 for x64-based Systems Service Pack 1:
Windows Server 2008 R2 for Itanium-based Systems:
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1:
Microsoft Silverlight 4 when installed on Mac (KB2668562)
Microsoft Silverlight 4 when installed on all supported releases of Microsoft Windows clients (KB2668562)
Microsoft Silverlight 4 when installed on all supported releases of Microsoft Windows servers (KB2668562)
References:
MS12-016 (KB2633870, KB2633873, KB2633874, KB2633879, KB2633880, KB2668562):
Secunia:

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 26 بهمن 1390

امتیاز

امتیاز شما
تعداد امتیازها: 0