KLA10717
Multiple vulnerabilities in Microsoft Silverlight

Обновлено: 03/06/2020
Дата обнаружения
08/12/2015
Уровень угрозы
High
Описание

Multiple serious vulnerabilities have been found in Microsoft Silverlight. Malicious users can exploit these vulnerabilities to execute arbitrary code or bypass security restrictions.

Below is a complete list of vulnerabilities

  1. Improper requests handling can be exploited remotely via a specially designed Silverlight application to execute arbitrary code;
  2. Improper memory handling can be exploited remotely via a specially designed Silverlight application to bypass security restrictions.
Пораженные продукты

Microsoft Silverlight 5

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2015-6114
CVE-2015-6166
CVE-2015-6165
Оказываемое влияние
?
ACE 
[?]

SB 
[?]
Связанные продукты
Microsoft Silverlight
CVE-IDS
CVE-2015-61144.3Warning
CVE-2015-61669.3Critical
CVE-2015-61654.3Warning