Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 improperly counts objects before performing an array copy, which allows remote malicious users to (1) execute arbitrary code via a crafted XAML browser application (XBAP) or (2) bypass Code Access Security restrictions via a crafted .NET Framework application, aka ".NET Elevation of Privilege Vulnerability."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft .net framework 2.0 |
||
microsoft .net framework 3.5 |
||
microsoft .net framework 3.5.1 |
||
microsoft .net framework 4.5.1 |
||
microsoft .net framework 4.5.2 |
||
microsoft .net framework 4.6 |
||
microsoft .net framework 4.0 |
||
microsoft .net framework 4.5 |