CVE-2013-0004
09.01.2013, 18:09
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate the permissions of objects in memory, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application, aka "Double Construction Vulnerability."Enginsight
| Vendor | Product | Version |
|---|---|---|
| microsoft | .net_framework | 1.0:sp3 |
| microsoft | .net_framework | 1.1:sp1 |
| microsoft | .net_framework | 2.0:sp2 |
| microsoft | .net_framework | 4.0 |
| microsoft | .net_framework | 3.5 |
| microsoft | .net_framework | 3.5.1 |
| microsoft | .net_framework | 4.5 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References