| ID |
CVE-2016-0034
|
| Summary |
Microsoft Silverlight 5 before 5.1.41212.0 mishandles negative offsets during decoding, which allows remote attackers to execute arbitrary code or cause a denial of service (object-header corruption) via a crafted web site, aka "Silverlight Runtime Remote Code Execution Vulnerability." |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:microsoft:silverlight:5.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:silverlight:5.0:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:silverlight:5.0.60401.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:silverlight:5.0.60401.0:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:silverlight:5.0.60818.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:silverlight:5.0.60818.0:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:silverlight:5.0.60818.0:rc:*:*:*:*:*:*
cpe:2.3:a:microsoft:silverlight:5.0.60818.0:rc:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:silverlight:5.0.61118.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:silverlight:5.0.61118.0:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:silverlight:5.1.10411.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:silverlight:5.1.10411.0:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:silverlight:5.1.20125.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:silverlight:5.1.20125.0:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:silverlight:5.1.20513.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:silverlight:5.1.20513.0:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:silverlight:5.1.20913.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:silverlight:5.1.20913.0:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:silverlight:5.1.30214.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:silverlight:5.1.30214.0:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 9.3 (as of 01-07-2024 - 17:56) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-noinfo |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
MEDIUM |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| COMPLETE |
COMPLETE |
COMPLETE |
|
| cvss-vector
via4
|
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
| msbulletin
via4
|
| bulletin_id | MS16-006 | | bulletin_url | | | date | 2016-01-12T00:00:00 | | impact | Remote Code Execution | | knowledgebase_id | 3126036 | | knowledgebase_url | | | severity | Critical | | title | Security Update for Silverlight to Address Remote Code Execution |
|
| refmap
via4
|
|
| Last major update |
01-07-2024 - 17:56 |
| Published |
13-01-2016 - 05:59 |
| Last modified |
01-07-2024 - 17:56 |
