Windows : Microsoft Bulletins : Microsoft .NET Framework Remote Code Execution Vulnerability (2693777)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.902833

Categoría: Windows : Microsoft Bulletins

Título: Microsoft .NET Framework Remote Code Execution Vulnerability (2693777)

Resumen: This host is missing a critical security update according to; Microsoft Bulletin MS12-035.

Descripción: Summary:
This host is missing a critical security update according to
Microsoft Bulletin MS12-035.

Vulnerability Insight:
The flaws are due to

- An error within the .NET Framework does not properly serialize user input
and can be exploited to treat untrusted input as trusted.

- An error within the .NET Framework does not properly handle exceptions when
serializing objects and can be exploited via partially trusted assemblies.

Vulnerability Impact:
Successful exploitation could allow an attacker to execute arbitrary code
with the privileges of the currently logged-in user. Failed attacks will cause denial-of-service conditions.

Affected Software/OS:
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, 3.5.1, and 4.

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-0160
BugTraq ID: 53356
http://www.securityfocus.com/bid/53356
Cert/CC Advisory: TA12-129A
http://www.us-cert.gov/cas/techalerts/TA12-129A.html
Microsoft Security Bulletin: MS12-035
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-035
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15554
http://www.securitytracker.com/id?1027036
http://secunia.com/advisories/49117
Common Vulnerability Exposure (CVE) ID: CVE-2012-0161
BugTraq ID: 53357
http://www.securityfocus.com/bid/53357
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14951

Copyright Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.902833
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft .NET Framework Remote Code Execution Vulnerability (2693777)
Resumen:	This host is missing a critical security update according to; Microsoft Bulletin MS12-035.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS12-035. Vulnerability Insight: The flaws are due to - An error within the .NET Framework does not properly serialize user input and can be exploited to treat untrusted input as trusted. - An error within the .NET Framework does not properly handle exceptions when serializing objects and can be exploited via partially trusted assemblies. Vulnerability Impact: Successful exploitation could allow an attacker to execute arbitrary code with the privileges of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Affected Software/OS: Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, 3.5.1, and 4. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-0160 BugTraq ID: 53356 http://www.securityfocus.com/bid/53356 Cert/CC Advisory: TA12-129A http://www.us-cert.gov/cas/techalerts/TA12-129A.html Microsoft Security Bulletin: MS12-035 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-035 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15554 http://www.securitytracker.com/id?1027036 http://secunia.com/advisories/49117 Common Vulnerability Exposure (CVE) ID: CVE-2012-0161 BugTraq ID: 53357 http://www.securityfocus.com/bid/53357 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14951
Copyright	Copyright (C) 2012 Greenbone AG