KLA10644
Privelege escalation vulnerability in Microsoft .NET Framework
Обновлено: 17/06/2019
Дата обнаружения
11/08/2015
Уровень угрозы
High
Описание

An improper optimization at RyuJIT were found in Microsoft .NET Framework. By exploiting these vulnerabilities malicious users can gain privileges. These vulnerabilities can be exploited remotely via a specially designed .NET application.


Technical details

This vulnerability caused by improper parameters optimization resulting in a code generation error. To exploit these vulnerabilities malicious must lead affected user to start specially designed .NET application. you can read temporary workaround in Microsoft advisory listed.

Пораженные продукты

Microsoft .NET Framework version 4.6

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2015-2481
CVE-2015-2480
CVE-2015-2479
Оказываемое влияние
?
PE 
[?]
Связанные продукты
Microsoft .NET Framework
CVE-IDS
CVE-2015-24819.3Critical
CVE-2015-24809.3Critical
CVE-2015-24799.3Critical
Microsoft official advisories
Microsoft Security Update Guide
KB list

3086251
3083185
3083184
3081436
3083186