MS KB2526954: Microsoft Silverlight 4.0 < 4.0.60310 Multiple Vulnerabilities

This script is Copyright (C) 2011-2017 Tenable Network Security, Inc.


Synopsis :

The remote host contains a browser plug-in that is affected by
multiple memory leaks.

Description :

The remote Windows host is running a version of Microsoft Silverlight
that is affected by multiple vulnerabilities :

- A memory leak exists relating to a popup control and a
custom 'DependencyProperty' property. (CVE-2011-1844)

- Multiple memory leaks exist in the 'DataGrid' control
implementation. (CVE-2011-1845)

See also :

http://support.microsoft.com/kb/2526954

Solution :

Upgrade to Silverlight 4.0.60310.0 or later.

Risk factor :

High / CVSS Base Score : 7.1
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 5.3
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 53830 ()

Bugtraq ID: 47724

CVE ID: CVE-2011-1844
CVE-2011-1845

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now