4.3
CVE-2011-1978
- EPSS 14.26%
- Veröffentlicht 10.08.2011 21:55:02
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
LoginMicrosoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly validate the System.Net.Sockets trust level, which allows remote attackers to obtain sensitive information or trigger arbitrary outbound network traffic via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Socket Restriction Bypass Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ .Net Framework Version4.0
Microsoft ≫ Windows 2003 Server Updatesp2
Microsoft ≫ Windows 7 Version-
Microsoft ≫ Windows 7 Version- Updatesp1 Editionx86
Microsoft ≫ Windows Server 2003 Updatesp2
Microsoft ≫ Windows Server 2008 Updatesp2 Editionx32
Microsoft ≫ Windows Server 2008 Updatesp2 Editionx64
Microsoft ≫ Windows Server 2008 Version- Updatesp2 Editionitanium
Microsoft ≫ Windows Server 2008 Versionr2 Editionitanium
Microsoft ≫ Windows Server 2008 Versionr2 Editionx64
Microsoft ≫ Windows Vista Updatesp2
Microsoft ≫ Windows Xp Updatesp3
Microsoft ≫ Windows Xp Version- Updatesp2 Editionx64
Microsoft ≫ Windows 7 Version-
Microsoft ≫ Windows 7 Version- Updatesp1 Editionx86
Microsoft ≫ Windows Server 2003 Updatesp2
Microsoft ≫ Windows Server 2008 Updatesp2 Editionx32
Microsoft ≫ Windows Server 2008 Updatesp2 Editionx64
Microsoft ≫ Windows Server 2008 Version- Updatesp2 Editionitanium
Microsoft ≫ Windows Server 2008 Versionr2 Editionitanium
Microsoft ≫ Windows Server 2008 Versionr2 Editionx64
Microsoft ≫ Windows Vista Updatesp2
Microsoft ≫ Windows Xp Updatesp3
Microsoft ≫ Windows Xp Version- Updatesp2 Editionx64
Microsoft ≫ .Net Framework Version3.5.1
Microsoft ≫ Windows 7 Version-
Microsoft ≫ Windows Server 2008 Versionr2 Editionitanium
Microsoft ≫ Windows Server 2008 Versionr2 Editionx64
Microsoft ≫ Windows Server 2008 Versionr2 Editionitanium
Microsoft ≫ Windows Server 2008 Versionr2 Editionx64
Microsoft ≫ .Net Framework Version2.0 Updatesp2
Microsoft ≫ Windows 2003 Server Updatesp2
Microsoft ≫ Windows Server 2003 Updatesp2
Microsoft ≫ Windows Server 2008 Editionitanium
Microsoft ≫ Windows Server 2008 Updatesp2 Editionx32
Microsoft ≫ Windows Server 2008 Updatesp2 Editionx64
Microsoft ≫ Windows Server 2008 Version- Updatesp2 Editionitanium
Microsoft ≫ Windows Vista Updatesp2
Microsoft ≫ Windows Xp Updatesp3
Microsoft ≫ Windows Xp Version- Updatesp2 Editionx64
Microsoft ≫ Windows Server 2003 Updatesp2
Microsoft ≫ Windows Server 2008 Editionitanium
Microsoft ≫ Windows Server 2008 Updatesp2 Editionx32
Microsoft ≫ Windows Server 2008 Updatesp2 Editionx64
Microsoft ≫ Windows Server 2008 Version- Updatesp2 Editionitanium
Microsoft ≫ Windows Vista Updatesp2
Microsoft ≫ Windows Xp Updatesp3
Microsoft ≫ Windows Xp Version- Updatesp2 Editionx64
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 14.26% | 0.941 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.