| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS15-101 | Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3089662) | Microsoft .NET | Important | 09-09-2015 |
Technical Information
Brief overview of the risk:
This security update resolves vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow elevation of privilege if a user runs a specially crafted .NET application.
Detailed Information on the risk:
An elevation of privilege vulnerability exists in the way that the .NET Framework validates the number of objects in memory before copying those objects into an array. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Microsoft .NET Framework 2.0 Service Pack 2Further information on this exploit is available at : MS15-101
Microsoft .NET Framework 4.5/4.5.1/4.5.2
Microsoft .NET Framework 4.6
Affected Software
Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 4.5/4.5.1/4.5.2
Microsoft .NET Framework 4.6