Microsoft Silverlight and Microsoft .NET Framework CLR Virtual Method Delegate Vulnerability
Data de publicação: 21 julho 2015
Schweregrad: : Crítico
Identificador(es) CVE: : MS10-060,CVE-2010-1898
Data do informe: 21 julho 2015
Descrição
The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP1, 2.0 SP2, 3.5, 3.5 SP1, and 3.5.1, and Microsoft Silverlight 2 and 3 before 3.0.50611.0 on Windows and before 3.0.41130.0 on Mac OS X, does not properly handle interfaces and delegations to virtual methods, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft Silverlight and Microsoft .NET Framework CLR Virtual Method Delegate Vulnerability."
Exposição das informações
Apply associated Trend Micro DPI Rules.
Solução
Trend Micro Deep Security DPI Rule Number: 1004353
Trend Micro Deep Security DPI Rule Name: 1004353 - Microsoft Silverlight and Microsoft .NET Framework CLR Virtual Method Delegate Vulnerability
Software infectado e versão:
- microsoft .net_framework 2.0
- microsoft .net_framework 3.5
- microsoft .net_framework 3.5.1
- microsoft silverlight 2.0.31005.00
- microsoft silverlight 2.0.40115.00
- microsoft silverlight 3.0.40624.00
- microsoft silverlight 3.0.40723.0
- microsoft silverlight 3.0.40818.0
- microsoft silverlight 3.0.50106.0