9.3
CVE-2012-1895
- EPSS 10.78%
- Veröffentlicht 14.11.2012 00:55:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle secure@microsoft.com
- Teams Watchlist Login
- Unerledigt Login
The reflection implementation in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka "Reflection Bypass Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ .Net Framework Version1.0 Updatesp3
Microsoft ≫ Windows Xp Version2005 Updatesp3 Editionmedia_center
Microsoft ≫ Windows Xp Version2005 Updatesp3 Editiontablet_pc
Microsoft ≫ Windows Xp Version2005 Updatesp3 Editiontablet_pc
Microsoft ≫ .Net Framework Version1.1 Updatesp1
Microsoft ≫ Windows Server 2003 Updatesp2
Microsoft ≫ Windows Server 2008 Updatesp2 Editionitanium
Microsoft ≫ Windows Server 2008 Updatesp2 Editionx64
Microsoft ≫ Windows Server 2008 Updatesp2 Editionx86
Microsoft ≫ Windows Vista Updatesp2
Microsoft ≫ Windows Xp Updatesp3
Microsoft ≫ Windows Xp Version- Updatesp2 Editionx64
Microsoft ≫ Windows Server 2008 Updatesp2 Editionitanium
Microsoft ≫ Windows Server 2008 Updatesp2 Editionx64
Microsoft ≫ Windows Server 2008 Updatesp2 Editionx86
Microsoft ≫ Windows Vista Updatesp2
Microsoft ≫ Windows Xp Updatesp3
Microsoft ≫ Windows Xp Version- Updatesp2 Editionx64
Microsoft ≫ .Net Framework Version2.0 Updatesp2
Microsoft ≫ Windows Server 2003 Updatesp2
Microsoft ≫ Windows Server 2008 Updatesp2 Editionitanium
Microsoft ≫ Windows Server 2008 Updatesp2 Editionx64
Microsoft ≫ Windows Server 2008 Updatesp2 Editionx86
Microsoft ≫ Windows Vista Updatesp2
Microsoft ≫ Windows Xp Updatesp3
Microsoft ≫ Windows Xp Version- Updatesp2 Editionx64
Microsoft ≫ Windows Server 2008 Updatesp2 Editionitanium
Microsoft ≫ Windows Server 2008 Updatesp2 Editionx64
Microsoft ≫ Windows Server 2008 Updatesp2 Editionx86
Microsoft ≫ Windows Vista Updatesp2
Microsoft ≫ Windows Xp Updatesp3
Microsoft ≫ Windows Xp Version- Updatesp2 Editionx64
Microsoft ≫ .Net Framework Version3.5.1
Microsoft ≫ .Net Framework Version4.0
Microsoft ≫ Windows 7 Editionx64
Microsoft ≫ Windows 7 Editionx86
Microsoft ≫ Windows 7 Updatesp1 Editionx64
Microsoft ≫ Windows 7 Updatesp1 Editionx86
Microsoft ≫ Windows Server 2003 Updatesp2
Microsoft ≫ Windows Server 2008 Updater2 Editionitanium
Microsoft ≫ Windows Server 2008 Updater2 Editionx64
Microsoft ≫ Windows Server 2008 Updatesp2 Editionitanium
Microsoft ≫ Windows Server 2008 Updatesp2 Editionx64
Microsoft ≫ Windows Vista Updatesp2
Microsoft ≫ Windows Xp Updatesp3
Microsoft ≫ Windows Xp Version- Updatesp2 Editionx64
Microsoft ≫ Windows 7 Editionx86
Microsoft ≫ Windows 7 Updatesp1 Editionx64
Microsoft ≫ Windows 7 Updatesp1 Editionx86
Microsoft ≫ Windows Server 2003 Updatesp2
Microsoft ≫ Windows Server 2008 Updater2 Editionitanium
Microsoft ≫ Windows Server 2008 Updater2 Editionx64
Microsoft ≫ Windows Server 2008 Updatesp2 Editionitanium
Microsoft ≫ Windows Server 2008 Updatesp2 Editionx64
Microsoft ≫ Windows Vista Updatesp2
Microsoft ≫ Windows Xp Updatesp3
Microsoft ≫ Windows Xp Version- Updatesp2 Editionx64
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 10.78% | 0.931 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|