<< Back
CVE Number Vulnerability Product Severity Date
MS15-092 Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3086251) Microsoft .NET Important 12-08-2015

Technical Information

Brief overview of the risk:
This security update resolves vulnerabilities in Microsoft .NET Framework. The vulnerabilities could allow elevation of privilege if a user runs a specially crafted .NET application.
Detailed Information on the risk:
Elevation of privilege vulnerabilities exist in Microsoft .NET Framework when the RyuJIT compiler improperly optimizes certain parameters resulting in a code generation error. An attacker who successfully exploited this vulnerability could take complete control of an affected system.To exploit these vulnerabilities, an attacker would need to host a specially crafted .NET application and convince users to run the application. However, in all cases, an attacker would have no way to force users to run the application; an attacker would have to convince users to do so.Further information on this exploit is available at : MS15-092

Affected Software

Microsoft .NET Framework 4.6