Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate the permissions of objects in memory, which allows remote malicious users to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application, aka "Double Construction Vulnerability."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft .net_framework 1.0 |
||
microsoft .net_framework 1.1 |
||
microsoft .net_framework 2.0 |
||
microsoft .net_framework 4.0 |
||
microsoft .net_framework 3.5 |
||
microsoft .net_framework 3.5.1 |
||
microsoft .net_framework 4.5 |