Выполнение произвольного кода в Microsoft .NET Framework и Silverlight

Дата публикации:	11.08.2010
Всего просмотров:	3045
Опасность:	Высокая
Наличие исправления:	Да
Количество уязвимостей:	1
CVSSv2 рейтинг:	10 (AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:O/RC:C)
CVE ID:	Нет данных
Вектор эксплуатации:	Удаленная
Воздействие:	Компрометация системы
CWE ID:	Нет данных
Наличие эксплоита:	Нет данных
Уязвимые продукты:	Microsoft .NET Framework 2.x Microsoft .NET Framework 3.x Microsoft Silverlight 2 Microsoft Silverlight 3.x
	Уязвимые версии: Microsoft .NET Framework 2.0, 3.5, 3.5.1 Microsoft Silverlight версии 2 и 3 Описание: Уязвимость позволяет удаленному пользователю выполнить произвольный код на целевой системе. Уязвимость существует в .NET Framework при обработке делегирований виртуальных методов с помощью CLR (Common Language Runtime). Удаленный пользователь может с помощью специально сформированного .NET или Silverlight приложения выполнить произвольный код на целевой системе. URL производителя: www.microsoft.com Решение: Установите исправление с сайта производителя.
	a:2:{s:4:"TEXT";s:11005:" Microsoft .NET Framework -- Windows XP Service Pack 3 -- Microsoft .NET Framework 3.5: http://www.microsoft.com/downloads/details.aspx?familyid=648cfca5-19eb-4658-a6ad-fe546c4c44b9 Microsoft .NET Framework 2.0 Service Pack 2 и Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=1e53f250-2d4b-4f61-86ee-9f9f3a9c0b48 -- Windows XP Professional x64 Edition Service Pack 2 -- Microsoft .NET Framework 3.5: http://www.microsoft.com/downloads/details.aspx?familyid=648cfca5-19eb-4658-a6ad-fe546c4c44b9 Microsoft .NET Framework 2.0 Service Pack 2 и Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=1e53f250-2d4b-4f61-86ee-9f9f3a9c0b48 -- Windows Server 2003 Service Pack 2 -- Microsoft .NET Framework 3.5: http://www.microsoft.com/downloads/details.aspx?familyid=648cfca5-19eb-4658-a6ad-fe546c4c44b9 Microsoft .NET Framework 2.0 Service Pack 2 и Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=1e53f250-2d4b-4f61-86ee-9f9f3a9c0b48 -- Windows Server 2003 x64 Edition Service Pack 2 -- Microsoft .NET Framework 3.5: http://www.microsoft.com/downloads/details.aspx?familyid=648cfca5-19eb-4658-a6ad-fe546c4c44b9 Microsoft .NET Framework 2.0 Service Pack 2 и Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=1e53f250-2d4b-4f61-86ee-9f9f3a9c0b48 -- Windows Server 2003 with SP2 for Itanium-based Systems -- Microsoft .NET Framework 3.5: http://www.microsoft.com/downloads/details.aspx?familyid=648cfca5-19eb-4658-a6ad-fe546c4c44b9 Microsoft .NET Framework 2.0 Service Pack 2 и Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=1e53f250-2d4b-4f61-86ee-9f9f3a9c0b48 -- Windows Vista Service Pack 1 -- Microsoft .NET Framework 2.0 Service Pack 1 и Microsoft .NET Framework 3.5: http://www.microsoft.com/downloads/details.aspx?familyid=616c39f7-137a-40b9-b691-bc33c0aef7e1 Microsoft .NET Framework 2.0 Service Pack 2 и Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=155bbb5c-247e-4bed-a287-527d978b7967 -- Windows Vista Service Pack 2 -- Microsoft .NET Framework 2.0 Service Pack 2 и Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=7712e8ad-dea4-4a43-8a7b-dc154510c104 -- Windows Vista x64 Edition Service Pack 1 -- Microsoft .NET Framework 2.0 Service Pack 1 и Microsoft .NET Framework 3.5: http://www.microsoft.com/downloads/details.aspx?familyid=616c39f7-137a-40b9-b691-bc33c0aef7e1 Microsoft .NET Framework 2.0 Service Pack 2 и Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=155bbb5c-247e-4bed-a287-527d978b7967 -- Windows Vista x64 Edition Service Pack 2 -- Microsoft .NET Framework 2.0 Service Pack 2 и Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=7712e8ad-dea4-4a43-8a7b-dc154510c104 -- Windows Server 2008 for 32-bit Systems -- Microsoft .NET Framework 2.0 Service Pack 1 и Microsoft .NET Framework 3.5: http://www.microsoft.com/downloads/details.aspx?familyid=616c39f7-137a-40b9-b691-bc33c0aef7e1 Microsoft .NET Framework 2.0 Service Pack 2 и Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=155bbb5c-247e-4bed-a287-527d978b7967 -- Windows Server 2008 for 32-bit Systems Service Pack 2 -- Microsoft .NET Framework 2.0 Service Pack 2 и Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=7712e8ad-dea4-4a43-8a7b-dc154510c104 -- Windows Server 2008 for x64-based Systems -- Microsoft .NET Framework 2.0 Service Pack 1 и Microsoft .NET Framework 3.5: http://www.microsoft.com/downloads/details.aspx?familyid=616c39f7-137a-40b9-b691-bc33c0aef7e1 Microsoft .NET Framework 2.0 Service Pack 2 и Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=155bbb5c-247e-4bed-a287-527d978b7967 -- Windows Server 2008 for x64-based Systems Service Pack 2 -- Microsoft .NET Framework 2.0 Service Pack 2 и Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=7712e8ad-dea4-4a43-8a7b-dc154510c104 -- Windows Server 2008 for Itanium-based Systems -- Microsoft .NET Framework 2.0 Service Pack 1 и Microsoft .NET Framework 3.5: http://www.microsoft.com/downloads/details.aspx?familyid=616c39f7-137a-40b9-b691-bc33c0aef7e1 Microsoft .NET Framework 2.0 Service Pack 2 и Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=155bbb5c-247e-4bed-a287-527d978b7967 -- Windows Server 2008 for Itanium-based Systems Service Pack 2 -- Microsoft .NET Framework 2.0 Service Pack 2 и Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=7712e8ad-dea4-4a43-8a7b-dc154510c104 -- Windows 7 for 32-bit Systems -- Microsoft .NET Framework 3.5.1: http://www.microsoft.com/downloads/details.aspx?familyid=77d0c428-237c-4dab-9645-6400dd9e65f8 -- Windows 7 for x64-based Systems -- Microsoft .NET Framework 3.5.1: http://www.microsoft.com/downloads/details.aspx?familyid=77d0c428-237c-4dab-9645-6400dd9e65f8 -- Windows Server 2008 R2 for x64-based Systems -- Microsoft .NET Framework 3.5.1: http://www.microsoft.com/downloads/details.aspx?familyid=77d0c428-237c-4dab-9645-6400dd9e65f8 -- Windows Server 2008 R2 for Itanium-based Systems -- Microsoft .NET Framework 3.5.1: http://www.microsoft.com/downloads/details.aspx?familyid=77d0c428-237c-4dab-9645-6400dd9e65f8 Microsoft Silverlight 2 Microsoft Silverlight 2 для Mac: http://www.microsoft.com/getsilverlight/get-started/install/default.aspx Microsoft Silverlight 2 для клиентских систем Windows: http://www.microsoft.com/getsilverlight/get-started/install/default.aspx Microsoft Silverlight 2 для серверов Windows: http://www.microsoft.com/getsilverlight/get-started/install/default.aspx Microsoft Silverlight 3 Microsoft Silverlight 3 для Mac: http://www.microsoft.com/downloads/details.aspx?familyid=7e3f6c16-1339-49bc-a60c-ddc6c3a54850 Microsoft Silverlight 3 для клиентских систем Windows: http://www.microsoft.com/downloads/details.aspx?familyid=7e3f6c16-1339-49bc-a60c-ddc6c3a54850 Microsoft Silverlight 3для серверов Windows: http://www.microsoft.com/downloads/details.aspx?familyid=7e3f6c16-1339-49bc-a60c-ddc6c3a54850 ";s:4:"TYPE";s:4:"html";}
Ссылки:	MS10-060: Vulnerabilities in the Microsoft .NET Common Language Runtime and in Microsoft Silverlight Could Allow Remote Code Execution (2265906)

Выполнение произвольного кода в Microsoft .NET Framework и Silverlight

Подпишитесь на email рассылку