(MS13-082) Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2878890)
Publish Date: 09 de октября de 2013
Severity: : Critical
CVE Kennungen: : CVE-2013-3128,CVE-2013-3860,CVE-2013-3861
Advisory Date: 09 de октября de 2013
DESCRIPTION
This update resolves two vulnerabilities found in several versions of .NET Framework. The vulnerability exists the way it handles OpenType fonts, XML digital signatures, and document type definitions in JSON data encodings. When exploited, the vulnerabilities may allow remote code execution on the vulnerable computer.
SOLUTION
AFFECTED SOFTWARE AND VERSION:
- Microsoft .NET Framework 2.0 Service Pack 2
- Microsoft .NET Framework 3.0 Service Pack 2
- Microsoft .NET Framework 3.5 Service Pack 1
- Microsoft .NET Framework 4
- Microsoft .NET Framework 4.5
- Microsoft .NET Framework 3.5.1