|
|
Copy Results
Download Results
Select Table
| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2013-0074 |
|
|
Exec Code |
2013-03-12 |
2013-05-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML object rendering, which allows remote attackers to execute arbitrary code via a crafted Silverlight application, aka "Silverlight Double Dereference Vulnerability." |
|
2 |
CVE-2012-0176 |
399 |
|
Exec Code |
2012-05-08 |
2013-01-29 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Double free vulnerability in Microsoft Silverlight 4 before 4.1.10329 on Windows allows remote attackers to execute arbitrary code via vectors involving crafted XAML glyphs, aka "Silverlight Double-Free Vulnerability." |
|
3 |
CVE-2012-0159 |
399 |
|
Exec Code |
2012-05-08 |
2013-03-06 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview; Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Silverlight 4 before 4.1.10329; and Silverlight 5 before 5.1.10411 allow remote attackers to execute arbitrary code via a crafted TrueType font (TTF) file, aka "TrueType Font Parsing Vulnerability." |
|
4 |
CVE-2012-0014 |
94 |
|
Exec Code |
2012-02-14 |
2012-08-13 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.1.10111, does not properly restrict access to memory associated with unmanaged objects, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, (3) a crafted .NET Framework application, or (4) a crafted Silverlight application, aka ".NET Framework Unmanaged Objects Vulnerability." |
|
5 |
CVE-2011-1845 |
399 |
|
DoS |
2011-05-03 |
2011-07-14 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Multiple memory leaks in the DataGrid control implementation in Microsoft Silverlight 4 before 4.0.60310.0 allow remote attackers to cause a denial of service (memory consumption) via an application involving (1) subscriptions to an INotifyDataErrorInfo.ErrorsChanged event or (2) a TextBlock or TextBox element. |
|
6 |
CVE-2011-1844 |
399 |
|
DoS |
2011-05-03 |
2011-07-14 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Memory leak in Microsoft Silverlight 4 before 4.0.60310.0 allows remote attackers to cause a denial of service (memory consumption) via an application involving a popup control and a custom DependencyProperty property, related to lack of garbage collection. |
|
7 |
CVE-2011-1253 |
264 |
|
Exec Code |
2011-10-11 |
2012-01-26 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.0.60831, does not properly restrict inheritance, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, (3) a crafted .NET Framework application, or (4) a crafted Silverlight application, aka ".NET Framework Class Inheritance Vulnerability." |
|
8 |
CVE-2011-0664 |
20 |
|
Exec Code |
2011-06-16 |
2011-08-12 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Microsoft .NET Framework 2.0 SP1 and SP2, 3.5 Gold and SP1, 3.5.1, and 4.0, and Silverlight 4 before 4.0.60531.0, does not properly validate arguments to unspecified networking API functions, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, (3) a crafted .NET Framework application, or (4) a crafted Silverlight application, aka ".NET Framework Array Offset Vulnerability." |
|
9 |
CVE-2010-1898 |
94 |
|
Exec Code |
2010-08-11 |
2011-08-12 |
9.3 |
Admin |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP1, 2.0 SP2, 3.5, 3.5 SP1, and 3.5.1, and Microsoft Silverlight 2 and 3 before 3.0.50611.0 on Windows and before 3.0.41130.0 on Mac OS X, does not properly handle interfaces and delegations to virtual methods, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft Silverlight and Microsoft .NET Framework CLR Virtual Method Delegate Vulnerability." |
|
10 |
CVE-2010-0019 |
94 |
|
DoS Exec Code Mem. Corr. |
2010-08-11 |
2010-09-17 |
9.3 |
Admin |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Microsoft Silverlight 3 before 3.0.50611.0 on Windows, and before 3.0.41130.0 on Mac OS X, does not properly handle pointers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and framework outage) via a crafted web site, aka "Microsoft Silverlight Memory Corruption Vulnerability." |
Total number of vulnerabilities : 10
Page :
1
(This Page)
|
|
