Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

microsoft .net framework 4.0 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2013-3860
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly parse a DTD during XML digital-signature validation, which allows remote malicious users to cause a denial of service (application crash or hang) via a crafted signed XML document, aka "Entit...
Microsoft .net Framework 3.5Microsoft .net Framework 3.5.1Microsoft .net Framework 4.5Microsoft .net Framework 4.0Microsoft .net Framework 2.0
NA
CVE-2013-3133
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check the permissions of objects that use reflection, which allows remote malicious users to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework applica...
Microsoft .net Framework 4.5Microsoft .net Framework 2.0Microsoft .net Framework 3.5Microsoft .net Framework 3.5.1Microsoft .net Framework 4.0
NA
CVE-2013-3134
The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 on 64-bit platforms does not properly allocate arrays of structures, which allows remote malicious users to execute arbitrary code via a crafted .NET Framework application that changes a...
Microsoft .net Framework 3.5.1Microsoft .net Framework 4.0Microsoft .net Framework 4.5Microsoft .net Framework 2.0Microsoft .net Framework 3.5
NA
CVE-2013-1336
The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check signatures, which allows remote malicious users to make undetected changes to signed XML documents via unspecified vectors that preserve signature validity, aka &...
Microsoft .net Framework 4.5Microsoft .net Framework 3.5.1Microsoft .net Framework 4.0Microsoft .net Framework 2.0Microsoft .net Framework 3.5
NA
CVE-2013-3171
The serialization functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly check the permissions of delegate objects, which allows remote malicious users to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2)...
Microsoft .net Framework 3.5Microsoft .net Framework 3.5.1Microsoft .net Framework 4.0Microsoft .net Framework 4.5Microsoft .net Framework 2.0
NA
CVE-2013-3861
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 allows remote malicious users to cause a denial of service (application crash or hang) via crafted character sequences in JSON data, aka "JSON Parsing Vulnerability."
Microsoft .net Framework 4.0Microsoft .net Framework 4.5Microsoft .net Framework 2.0Microsoft .net Framework 3.5Microsoft .net Framework 3.5.1
NA
CVE-2015-6099
Cross-site scripting (XSS) vulnerability in ASP.NET in Microsoft .NET Framework 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote malicious users to inject arbitrary web script or HTML via a crafted value, aka ".NET Elevation of Privilege Vulnerability."
Microsoft .net Framework 4.0Microsoft .net Framework 4.5Microsoft .net Framework 4.5.1Microsoft .net Framework 4.5.2Microsoft .net Framework 4.6
NA
CVE-2014-4121
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly parse internationalized resource identifiers, which allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted request to a .NET we...
Microsoft .net Framework 2.0Microsoft .net Framework 4.5.1Microsoft .net Framework 4.5.2Microsoft .net Framework 3.5Microsoft .net Framework 3.5.1Microsoft .net Framework 4.0Microsoft .net Framework 4.5
NA
CVE-2012-0161
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, 3.5.1, and 4 does not properly handle an unspecified exception during use of partially trusted assemblies to serialize input data, which allows remote malicious users to execute arbitrary code via (1) a crafted...
Microsoft .net Framework 3.5.1Microsoft .net Framework 4.0Microsoft .net Framework 3.0Microsoft .net Framework 3.5Microsoft .net Framework 1.1Microsoft .net Framework 2.0Microsoft .net Framework 1.0
NA
CVE-2014-1806
The .NET Remoting implementation in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly restrict memory access, which allows remote malicious users to execute arbitrary code via vectors involving malformed objects, aka "TypeFilterLevel ...
Microsoft .net Framework 2.0Microsoft .net Framework 3.5Microsoft .net Framework 1.1Microsoft .net Framework 4.5Microsoft .net Framework 4.5.1Microsoft .net Framework 3.5.1Microsoft .net Framework 4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook