MS12-034: Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight (2681578) (Mac OS X)
High Nessus Plugin ID 59045
SynopsisA multimedia application framework installed on the remote Mac OS X host is affected by a remote code execution vulnerability.
DescriptionThe version of Microsoft Silverlight installed on the remote host is reportedly affected by several vulnerabilities :
- Incorrect handling of TrueType font (TTF) files could lead to arbitrary code execution. (CVE-2011-3402 / CVE-2012-0159)
- A double-free condition leading to arbitrary code execution could be triggered when rendering specially crafted XAML glyphs. (CVE-2012-0176)
SolutionMicrosoft has released patches for Silverlight 4 and 5.