MS13-022: Vulnerability in Microsoft Silverlight Could Allow Remote Code Execution (2814124)
High Nessus Plugin ID 65211
SynopsisA browser enhancement on the remote Windows host could allow arbitrary code execution.
DescriptionThe version of Microsoft Silverlight installed on the remote host reportedly incorrectly checks a memory pointer when rendering an HTML object, which could allow a specially crafted application to access memory in an unsafe fashion.
If an attacker could trick a user on the affected system into visiting a website hosting a malicious Silverlight application, the attacker could leverage this vulnerability to execute arbitrary code on the affected system, subject to the user's privileges.
SolutionMicrosoft has released a set of patches for Silverlight 5.