Description
Improper strings handling was found in Microsoft Silverlight. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed web content.
Technical details
This vulnerability can be triggered while Silverlight decodes strings using a malicious decoder that can return negative offsets that cause Silverlight to replace unsafe object headers with contents provided by an attacker.
Original advisories
Exploitation
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
CVE list
- CVE-2016-0034 unknown
KB list
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com