This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.
The .NET Framework install on the remote Windows host could allow
arbitrary code execution.
The version of the .NET Framework installed on the remote host
reportedly is affected by the following vulnerabilities :
- The .NET Framework and Silverlight do not properly use
unmanaged objects, which could allow a malicious .NET
Framework application to access memory in an unsafe
- The .NET Framework does not properly calculate a buffer
length when processing malicious input, which could
lead to heap corruption. (CVE-2012-0015)
An attacker may be able to leverage these vulnerabilities to execute
arbitrary code on the affected system if a user on it can be tricked
into viewing a specially crafted web page using a web browser that can
run XAML Browser Applications (XBAPs) or Silverlight applications.
See also :
Microsoft has released a set of patches for .NET Framework 2.0, 3.5.1,
and 4 as well as Silverlight 4.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.3
Public Exploit Available : true
Family: Windows : Microsoft Bulletins
Nessus Plugin ID: 57950 ()
Bugtraq ID: 5193851940
CVE ID: CVE-2012-0014CVE-2012-0015
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.