English
Russian
Japanese
LatAm
Türkiye
Brasil
France
Český
Deutschland
KLA10737
Code execution vulnerability in Microsoft Silverlight
Updated: 06/18/2020
|
Detect date
?
|
01/12/2016 |
|
Severity
?
|
High |
|
Description
|
Improper strings handling was found in Microsoft Silverlight. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed web content. Technical details This vulnerability can be triggered while Silverlight decodes strings using a malicious decoder that can return negative offsets that cause Silverlight to replace unsafe object headers with contents provided by an attacker. |
|
Affected products
|
Microsoft Silverlight 5 |
|
Solution
|
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel) |
|
Original advisories
|
|
|
Impacts
?
|
ACE [?] |
|
Related products
|
Microsoft Silverlight |
|
Microsoft official advisories
|
Microsoft Security Update Guide |
|
Exploitation
|
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details. |
| Find out the statistics of the vulnerabilities spreading in your region |