MS14-014: Vulnerability in Silverlight Could Allow Security Feature Bypass (2932677) (Mac OS X)
Medium Nessus Plugin ID 72933
SynopsisA multimedia application framework installed on the remote Mac OS X host is affected by a security feature bypass vulnerability.
DescriptionThe version of Microsoft Silverlight installed on the remote host is reportedly affected by a security feature bypass vulnerability due to improper implementation of Data Execution Protection (DEP) and Address Space Layout Randomization (ASLR).
If an attacker could trick a user on the affected system into visiting a website hosting a malicious Silverlight application, the attacker could bypass the DEP and ASLR security features.
SolutionMicrosoft has released a patch for Silverlight 5.