(MS15-049) Vulnerability in Silverlight Could Allow Elevation of Privilege (3058985)
Severity: HIGH
CVE Identifier: CVE-2015-1715
Advisory Date: MAY 28, 2015
DESCRIPTION
This security update addresses a vulnerability in Microsoft Silverlight that could allow elevation of privilege if a specially crafted Silverlight application is run on an affected system. An attacker would first have to log on to the system or convince a logged on user to execute the specially crafted application to be able to exploit this vulnerability.
SOLUTION
AFFECTED SOFTWARE AND VERSION
- Microsoft Silverlight 5 when installed on Mac
- Microsoft Silverlight 5 Developer Runtime when installed on Mac
- Microsoft Silverlight 5 when installed on all supported releases of Microsoft Windows clients
- Microsoft Silverlight 5 Developer Runtime when installed on all supported releases of Microsoft Windows clients
- Microsoft Silverlight 5 when installed on all supported releases of Microsoft Windows servers
- Microsoft Silverlight 5 Developer Runtime when installed on all supported releases of Microsoft Windows servers