This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.
The .NET Framework install on the remote Windows host could allow
arbitrary code execution.
The version of the .NET Framework installed on the remote host
reportedly is affected by a code execution vulnerability because of
the way .NET Framework validates parameters when passing data to a
An attacker may be able to leverage these vulnerabilities to execute
arbitrary code on the affected system if a user can be tricked into
viewing a specially crafted web page using a web browser that can run
XAML Browser Applications (XBAPs). The vulnerability could also be
exploited by uploading a specially crafted ASP.NET page to a server
system running IIS and then executing that page.
See also :
Microsoft has released a set of patches for .NET Framework 1.0,
1.1, 2.0, 3.5.1, and 4.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.3
Public Exploit Available : true
Family: Windows : Microsoft Bulletins
Nessus Plugin ID: 58657 ()
Bugtraq ID: 5292153204
CVE ID: CVE-2012-0163
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.