MS14-072: Vulnerability in .NET Framework Could Allow Elevation of Privilege (3005210)
High Nessus Plugin ID 79132
SynopsisThe version of the .NET Framework installed on the remote host is affected by a privilege elevation vulnerability.
DescriptionThe remote Windows host has a version of the Microsoft .NET Framework that is affected by a vulnerability related to how it handles TypeFilterLevel checks for some malformed objects. This can be used by a remote attacker to gain privilege elevation via a specially crafted packet sent to a host that is using .NET Remoting.
SolutionMicrosoft has released a set of patches for .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4.0, 4.5, 4.5.1, and 4.5.2.