| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS11-039 | Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2514842) | Microsoft .NET | Critical | 15-06-2011 |
Technical Information
Brief overview of the risk:
This security update resolves a privately reported vulnerability in Microsoft .NET Framework and Microsoft Silverlight. The vulnerability could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs) or Silverlight applications.
Detailed Information on the risk:
A remote code execution vulnerability exists in the Microsoft .NET Framework that can allow a specially crafted Microsoft .NET application to access memory in an unsafe manner. An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the logged-on user.
Further information on this exploit is available at : MS11-039
Affected Software
Microsoft .NET Framework 3.5Microsoft .NET Framework 2.0 Service Pack 2 and Microsoft .NET Framework 3.5 Service Pack 1
Microsoft .NET Framework 4.0