MS12-074: Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2745030)

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.


Synopsis :

The version of the .NET Framework installed on the remote host is
affected by multiple vulnerabilities.

Description :

The remote Windows host is running a version of Microsoft .NET
Framework that is affected by multiple vulnerabilities :

- The way .NET Framework validates the permissions of
certain objects during reflection is flawed and could
be exploited by an attacker to gain complete control of
an affected system. (CVE-2012-1895)

- An information disclosure vulnerability exists in .NET
due to the improper sanitization of output when a
function is called from partially trusted code may allow
an attacker to obtain confidential information.
(CVE-2012-1896)

- A flaw exists in the way .NET handles DLL files that can
be exploited by an attacker to execute arbitrary code.
(CVE-2012-2519)

- A remote code execution vulnerability exists in the way
the .NET Framework retrieves the default web proxy
settings. (CVE-2012-4776)

- A flaw exists in the way .NET validates permissions for
objects involved with reflection could be exploited by
an attacker to gain complete control of an affected
system. (CVE-2012-4777)

See also :

http://technet.microsoft.com/en-us/security/bulletin/ms12-074

Solution :

Microsoft has released a set of patches for the .NET Framework on
Windows XP, 2003, Vista, 2008, 7, 2008 R2, 8, and 2012.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.3
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 62906 ()

Bugtraq ID: 56455
56456
56462
56463
56464

CVE ID: CVE-2012-1895
CVE-2012-1896
CVE-2012-2519
CVE-2012-4776
CVE-2012-4777