MS15-118  Security Update for .NET Framework to Address Elevation of Privilege

2015-11-10 This security update resolves vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow elevation of privilege if an attacker convinces a user to navigate to a compromised website or open a link in a specially crafted email that is designed to inject client-side code into the user’s browser.
Vulnerabilities addressed in this bulletin:

.NET Information Disclosure Vulnerability

An information disclosure vulnerability exists in the .NET Framework DTD parsing of certain specially crafted XML files. An attacker who successfully exploited this vulnerability could gain read access to local files on the target system.
CVE-2015-6096

.NET Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when ASP.NET improperly validates values in HTTP requests, exposing users to a potential cross-site scripting (XSS) attack. An attacker who successfully exploited the vulnerability could leverage a vulnerable website to inject client-side script into a user’s browser and ultimately modify or spoof content, conduct phishing activities, disclose information, or perform any action on the vulnerable website that the target user has permission to perform.
CVE-2015-6099

.NET ASLR Bypass

A security feature bypass exists in a .NET Framework component that does not properly implement the Address Space Layout Randomization (ASLR) security feature, which protects users from a broad class of vulnerabilities. The ASLR bypass could allow an attacker to bypass the security feature and then load additional malicious code in an attempt to exploit another vulnerability. The security feature bypass by itself does not allow arbitrary code execution. However, an attacker could use this ASLR bypass in conjunction with another vulnerability, such as a remote code execution vulnerability, to run arbitrary code.
CVE-2015-6115

Bulletin details at Microsoft.com