KLA10644
Privelege escalation vulnerability in Microsoft .NET Framework
Updated: 01/24/2020
Detect date
?
08/11/2015
Severity
?
High
Description

An improper optimization at RyuJIT were found in Microsoft .NET Framework. By exploiting these vulnerabilities malicious users can gain privileges. These vulnerabilities can be exploited remotely via a specially designed .NET application.


Technical details

This vulnerability caused by improper parameters optimization resulting in a code generation error. To exploit these vulnerabilities malicious must lead affected user to start specially designed .NET application. you can read temporary workaround in Microsoft advisory listed.

Affected products

Microsoft .NET Framework version 4.6

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2015-2481
CVE-2015-2480
CVE-2015-2479

Impacts
?
PE 
[?]
Related products
Microsoft .NET Framework
CVE-IDS
?
CVE-2015-24819.3Critical
CVE-2015-24809.3Critical
CVE-2015-24799.3Critical
Microsoft official advisories
Microsoft Security Update Guide
KB list

3086251
3083185
3083184
3081436
3083186