Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2012-4777

Published: 14/11/2012 Updated: 07/12/2023
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

The code-optimization feature in the reflection implementation in Microsoft .NET Framework 4 and 4.5 does not properly enforce object permissions, which allows remote malicious users to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka "WPF Reflection Optimization Vulnerability."

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft .net_framework 4.0

microsoft .net_framework 4.5

Vendor Advisories

Debian CVElist Bug Report Logs: tiff: CVE-2012-4447
Debian Bug report logs - #688944 tiff: CVE-2012-4447 Package: tiff; Maintainer for tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Thu, 27 Sep 2012 07:30:18 UTC Severity: grave Tags: security Fixed in versions tiff/402-3, tiff/394-5+squeeze6 Done: Jay Be ...
Debian CVElist Bug Report Logs: Two tiff issues: CVE-2012-2113 / CVE-2012-2088
Debian Bug report logs - #678140 Two tiff issues: CVE-2012-2113 / CVE-2012-2088 Package: tiff; Maintainer for tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Moritz Muehlenhoff <muehlenhoff@univentionde> Date: Tue, 19 Jun 2012 14:09:03 UTC Severity: grave Tags: security Found in version 394-5+sque ...

References

CWE-264http://www.us-cert.gov/cas/techalerts/TA12-318A.htmlhttp://www.securityfocus.com/bid/56464http://osvdb.org/87267http://www.securitytracker.com/id?1027753http://secunia.com/advisories/51236https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15960https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-074https://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688944
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camerabypassCVE-2024-3592CVE-2024-37383CVE-2024-24919CVE-2024-27822CVE-2024-36788CVE-2024-36789man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook