CVE Number | Vulnerability | Product | Severity | Date |
---|---|---|---|---|
MS15-049 | Vulnerability in Silverlight Could Allow Elevation of Privilege (3058985) | Microsoft Silverlight | Important | 13-05-2015 |
Technical Information
Brief overview of the risk:
This security update resolves a vulnerability in Microsoft Silverlight. The vulnerability could allow elevation of privilege if a specially crafted Silverlight application is run on an affected system.
Detailed Information on the risk:
An elevation of privilege vulnerability exists in Microsoft Silverlight that is caused when Silverlight improperly allows applications that are intended to run at a low integrity level (very limited permissions) to be executed at a medium integrity level (permissions of the current user) or higher. To exploit this vulnerability an attacker would first have to log on to the system or convince a logged on user to execute a specially crafted Silverlight application.
Further information on this exploit is available at : MS15-049