(MS13-052) Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code Execution (2861561)
Gravité: : Critique
CVE Identifier: CVE-2013-3178,CVE-2013-3134,CVE-2013-3132,CVE-2013-3131,CVE-2013-3171,CVE-2013-3129,CVE-2013-3133
Date du conseil: 23 août 2013
Description
This security update resolves five reported vulnerabilities and two publicly disclosed vulnerabilities in Microsoft .NET Framework and Microsoft Silverlight. The most severe of these vulnerabilities could allow remote code execution if a trusted application uses a particular pattern of code. An attacker who successfully exploits this vulnerability may gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Solutions
Affected software and version:
- Microsoft .NET Framework 1.0 Service Pack 3
- Microsoft .NET Framework 1.1 Service Pack 1
- Microsoft .NET Framework 2.0 Service Pack 2
- Microsoft .NET Framework 3.0 Service Pack 2
- Microsoft .NET Framework 3.5 Service Pack 1
- Microsoft .NET Framework 4
- Microsoft .NET Framework 4.5
- Microsoft .NET Framework 3.5.1
- Microsoft .NET Framework 3.5