CVE-2011-1845

Multiple memory leaks in the DataGrid control implementation in Microsoft Silverlight 4 before 4.0.60310.0 allow remote attackers to cause a denial of service (memory consumption) via an application involving (1) subscriptions to an INotifyDataErrorInfo.ErrorsChanged event or (2) a TextBlock or TextBox element.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
VendorProductVersion
microsoftsilverlight
𝑥
≤ 4.0.60129.0
microsoftsilverlight
2.0.31005.00
microsoftsilverlight
2.0.40115.00
microsoftsilverlight
3.0.40624.00
microsoftsilverlight
3.0.40723.0
microsoftsilverlight
3.0.40818.0
microsoftsilverlight
3.0.50106.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://isc.sans.edu/diary.html?storyid=10747
http://support.microsoft.com/kb/2526954
http://isc.sans.edu/diary.html?storyid=10747
http://support.microsoft.com/kb/2526954