CVE-2012-0014
Published Feb 14, 2012
Last updated a year ago
Overview
- Description
- Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.1.10111, does not properly restrict access to memory associated with unmanaged objects, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, (3) a crafted .NET Framework application, or (4) a crafted Silverlight application, aka ".NET Framework Unmanaged Objects Vulnerability."
- Source
- secure@microsoft.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-94
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279"
},
{
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8EDC4407-7E92-4E60-82F0-0C87D1860D3A"
},
{
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "792B417F-96A0-4E9D-9E79-5D7F982E2225"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "CE381783-027E-4B6D-B801-59873E5EA483"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:*:x86:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A2C3594F-7C2C-4E2D-9BC5-F4F89B7BF4D5"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4FA15D65-7C32-4C7A-9915-746AB3F454EE"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:x86:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "976EFC05-9B37-4661-AD34-4FFDB5AB48E0"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "32C28EC2-8A34-4E30-A76A-86921D7332C1"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:itanium:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "CC916D5A-0644-4423-A52E-D4310906BE78"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "95DC297F-06DB-4FB3-BFB6-7312C059E047"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:silverlight:4.0.50524.00:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6433FA3A-EC9C-42C5-95B2-80CF5D99574A"
},
{
"criteria": "cpe:2.3:a:microsoft:silverlight:4.0.50826.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "064FDFCD-8DBA-4E10-9FFB-7415787653BA"
},
{
"criteria": "cpe:2.3:a:microsoft:silverlight:4.0.50917.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1D8B9EAD-2B3F-42D6-85DA-8473BE55EEA6"
},
{
"criteria": "cpe:2.3:a:microsoft:silverlight:4.0.51204.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8578CAED-BB11-46B9-B3D4-8BE343E887EF"
},
{
"criteria": "cpe:2.3:a:microsoft:silverlight:4.0.60129.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F69C9378-4B0D-4BC4-BEA0-466DAFBF6C88"
},
{
"criteria": "cpe:2.3:a:microsoft:silverlight:4.0.60310.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1B647E12-A0D3-4593-BAB4-4F6277C3CD99"
},
{
"criteria": "cpe:2.3:a:microsoft:silverlight:4.0.60531.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8E77ED71-B518-493E-9A55-B844B3A79803"
},
{
"criteria": "cpe:2.3:a:microsoft:silverlight:4.0.60831.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D02F225D-3990-4A17-879E-4CC54D98ACCF"
},
{
"criteria": "cpe:2.3:a:microsoft:silverlight:4.0.603310.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C2C4E2D3-922C-419D-B5D7-F1C8F0A9A501"
},
{
"criteria": "cpe:2.3:a:microsoft:silverlight:4.1.10111:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C98D5A9-1376-407F-89FA-B02A5B0A7B8A"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574"
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]