CVE-2011-1844

Published May 3, 2011

Last updated 3 months ago

CVSS info 7.8

Overview

Description: Memory leak in Microsoft Silverlight 4 before 4.0.60310.0 allows remote attackers to cause a denial of service (memory consumption) via an application involving a popup control and a custom DependencyProperty property, related to lack of garbage collection.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:silverlight:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4DDD4AC-347A-4B3E-84C3-BDBFB5A87536",
            "versionEndIncluding": "4.0.60129.0"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:silverlight:2.0.31005.00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A20AA4A5-B6DA-42F5-ADA6-CE8F3D08DAEB"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:silverlight:2.0.40115.00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F90BA702-AEA8-4CFA-8FE7-85EC3C36C893"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:silverlight:3.0.40624.00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D5F951F-6DCB-4651-A99A-C7237025E00C"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:silverlight:3.0.40723.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FAAF6291-8E80-4DE5-820C-BA9778822194"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:silverlight:3.0.40818.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7AB865CD-A8EC-4341-9DF8-D4D92351EE1D"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:silverlight:3.0.50106.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA1230C5-DF32-438C-BE83-6239E7D0366A"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References