<< Back
CVE Number Vulnerability Product Severity Date
MS15-049 Vulnerability in Silverlight Could Allow Elevation of Privilege (3058985) Microsoft Silverlight Important 13-05-2015

Technical Information

Brief overview of the risk:
This security update resolves a vulnerability in Microsoft Silverlight. The vulnerability could allow elevation of privilege if a specially crafted Silverlight application is run on an affected system.

Detailed Information on the risk:

An elevation of privilege vulnerability exists in Microsoft Silverlight that is caused when Silverlight improperly allows applications that are intended to run at a low integrity level (very limited permissions) to be executed at a medium integrity level (permissions of the current user) or higher. To exploit this vulnerability an attacker would first have to log on to the system or convince a logged on user to execute a specially crafted Silverlight application.

Further information on this exploit is available at : MS15-049

Microsoft Silverlight 5

Affected Software

Microsoft Silverlight 5