This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:microsoft:silverlight
Detail
VendorMicrosoftFirst view 2010-08-11
ProductSilverlightLast view 2014-03-12
VersionTypeApplication
Edition 
Language 
Update 

Activity : Overall

COMMON PLATFORM ENUMERATION : Repartition per Version

CPE NameAffected CVE
cpe:/a:microsoft:silverlight:5.1.20913.01
cpe:/a:microsoft:silverlight:5.1.20513.02
cpe:/a:microsoft:silverlight:5.1.20125.05
cpe:/a:microsoft:silverlight:5.1.10411.05
cpe:/a:microsoft:silverlight:5.0.61118.07
Hide | Show 21 More...
CPE NameAffected CVE
cpe:/a:microsoft:silverlight:5.0.60818.05
cpe:/a:microsoft:silverlight:5.0.60818.0:rc7
cpe:/a:microsoft:silverlight:5.0.60401.07
cpe:/a:microsoft:silverlight:4.1.10111.02
cpe:/a:microsoft:silverlight:4.1.101112
cpe:/a:microsoft:silverlight:4.0.60831.03
cpe:/a:microsoft:silverlight:4.0.60531.04
cpe:/a:microsoft:silverlight:4.0.603310.02
cpe:/a:microsoft:silverlight:4.0.60310.04
cpe:/a:microsoft:silverlight:4.0.60129.05
cpe:/a:microsoft:silverlight:4.0.51204.03
cpe:/a:microsoft:silverlight:4.0.50917.03
cpe:/a:microsoft:silverlight:4.0.50826.03
cpe:/a:microsoft:silverlight:4.0.50524.003
cpe:/a:microsoft:silverlight:4.0.50401.02
cpe:/a:microsoft:silverlight:3.0.50106.04
cpe:/a:microsoft:silverlight:3.0.40818.04
cpe:/a:microsoft:silverlight:3.0.40723.04
cpe:/a:microsoft:silverlight:3.0.40624.004
cpe:/a:microsoft:silverlight:2.0.40115.003
cpe:/a:microsoft:silverlight:2.0.31005.003

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
7.1 2014-03-12 CVE-2014-0319 Network Medium None Requ...
4.3 2013-10-09 CVE-2013-3896 Network Medium None Requ...
9.3 2013-07-09 CVE-2013-3178 Network Medium None Requ...
9.3 2013-07-09 CVE-2013-3131 Network Medium None Requ...
9.3 2013-07-09 CVE-2013-3129 Network Medium None Requ...
Hide | Show 10 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
9.3 2013-03-12 CVE-2013-0074 Network Medium None Requ...
9.3 2012-05-08 CVE-2012-0176 Network Medium None Requ...
9.3 2012-05-08 CVE-2012-0159 Network Medium None Requ...
9.3 2012-02-14 CVE-2012-0014 Network Medium None Requ...
9.3 2011-10-11 CVE-2011-1253 Network Medium None Requ...
9.3 2011-06-16 CVE-2011-0664 Network Medium None Requ...
7.8 2011-05-03 CVE-2011-1845 Network Low None Requ...
7.8 2011-05-03 CVE-2011-1844 Network Low None Requ...
9.3 2010-08-11 CVE-2010-1898 Network Medium None Requ...
9.3 2010-08-11 CVE-2010-0019 Network Medium None Requ...

CWE : Common Weakness Enumeration

%idName
42% (6)CWE-94Failure to Control Generation of Code ('Code Injection')
28% (4)CWE-399Resource Management Errors
14% (2)CWE-264Permissions, Privileges, and Access Controls
14% (2)CWE-20Improper Input Validation

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:12033Microsoft Silverlight and Microsoft .NET Framework CLR Virtual Method Delegat...
oval:org.mitre.oval:def:12105.NET Framework Array Offset Vulnerability
oval:org.mitre.oval:def:12007DEPRECATED: .NET Framework Array Offset Vulnerability
oval:org.mitre.oval:def:13069.NET Framework Class Inheritance Vulnerability
oval:org.mitre.oval:def:13972.NET Framework Unmanaged Objects Vulnerability
Hide | Show 15 More...
idName
oval:org.mitre.oval:def:15667TrueType Font Parsing Vulnerability (CVE-2012-0159)
oval:org.mitre.oval:def:15388TrueType Font Parsing Vulnerability (CVE-2012-0159)
oval:org.mitre.oval:def:15574Silverlight Double-Free Vulnerability
oval:org.mitre.oval:def:16565Double dereference vulnerability in Microsoft Silverlight - MS13-022 (Mac OS X)
oval:org.mitre.oval:def:16516Double dereference vulnerability in Microsoft Silverlight - MS13-022
oval:org.mitre.oval:def:17341TrueType Font Parsing Vulnerability - CVE-2013-3129 (MS13-052, MS13-053, MS13...
oval:org.mitre.oval:def:17323TrueType font parsing vulnerability in Microsoft Silverlight - CVE-2013-3129,...
oval:org.mitre.oval:def:17261Array access violation vulnerability in Microsoft .NET Framework and Silverli...
oval:org.mitre.oval:def:17032Array access violation vulnerability in Microsoft Silverlight CVE-2013-3131, ...
oval:org.mitre.oval:def:17389Null pointer vulnerability in Microsoft Silverlight - MS13-052
oval:org.mitre.oval:def:16892Null pointer vulnerability in Microsoft Silverlight - CVE-2013-3178, MS13-052...
oval:org.mitre.oval:def:19055Vulnerability in Silverlight Could Allow Information Disclosure (CVE-2013-389...
oval:org.mitre.oval:def:19003Vulnerability in Silverlight Could Allow Information Disclosure (CVE-2013-389...
oval:org.mitre.oval:def:22446Vulnerability in Silverlight could allow security feature bypass (CVE-2014-03...
oval:org.mitre.oval:def:22084Vulnerability in Silverlight could allow security feature bypass (CVE-2014-03...

Open Source Vulnerability Database (OSVDB)

idDescription
76214Microsoft .NET Framework / Silverlight Class Inheritance Restriction Web Page...
75271Microsoft SilverLight DataGrid Memory Leak Multiple Element Remote DoS
75269Microsoft Silverlight DependencyProperty Property Handling Remote DoS
72931Microsoft .NET Framework / Silverlight Array Offset Remote Code Execution
66993Microsoft .NET Framework / Silverlight CLR Virtual Delegate Handling Remote C...
Hide | Show 1 More...
idDescription
66992Microsoft Silverlight Pointer Handling Unspecified Memory Corruption

ExploitDB Exploits

idDescription
29858MS12-022 Microsoft Internet Explorer COALineDashStyleArray Unsafe Memory Access

Metasploit Exploits

idDescription
2013-03-12MS12-022 Microsoft Silverlight ScriptObject Unsafe Memory Access

OpenVAS Exploits

idDescription
2012-06-13Name : Microsoft Lync Remote Code Execution Vulnerabilities (2707956)
File : nvt/secpod_ms12-039.nasl
2012-05-14Name : Microsoft Silverlight Code Execution Vulnerabilities - 2681578 (Mac OS X)
File : nvt/secpod_ms12-034_macosx.nasl
2012-05-09Name : MS Security Update For Microsoft Office, .NET Framework, and Silverlight (268...
File : nvt/secpod_ms12-034.nasl
2012-02-15Name : Microsoft .NET Framework and Microsoft Silverlight Remote Code Execution Vuln...
File : nvt/secpod_ms12-016.nasl
2011-10-12Name : Microsoft .NET Framework and Silverlight Remote Code Execution Vulnerability ...
File : nvt/secpod_ms11-078.nasl
Hide | Show 4 More...
idDescription
2011-06-15Name : Microsoft .NET Framework and Silverlight Remote Code Execution Vulnerability ...
File : nvt/secpod_ms11-039.nasl
2011-05-16Name : Microsoft Silverlight Multiple Memory Leak Vulnerabilities
File : nvt/gb_ms_silverlight_multiple_memory_leak_vuln.nasl
2010-08-11Name : Microsoft .NET Common Language Runtime Remote Code Execution Vulnerability (2...
File : nvt/secpod_ms10-060.nasl
2005-11-03Name : foxweb CGI
File : nvt/foxweb_dll.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2014-A-0039Microsoft Silverlight Security Bypass Vulnerability
Severity : Category II - VMSKEY : V0046177
2013-B-0117Microsoft Silverlight Information Disclosure Vulnerability
Severity : Category II - VMSKEY : V0040764
2013-A-0135Microsoft GDI+ Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0039199
2013-B-0071Multiple Vulnerabilities in Microsoft .NET Framework and Silverlight
Severity : Category II - VMSKEY : V0039211
2013-A-0064Microsoft Silverlight Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0037405

Snort® IPS/IDS

DateDescription
2014-01-30Angler exploit kit XOR'ed payload download attempt
RuleID : 29066 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10Angler exploit kit payload download attempt
RuleID : 28616 - Type : EXPLOIT-KIT - Revision : 3
2014-01-10Angler exploit kit exploit download attempt
RuleID : 28615 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10Angler exploit kit landing page
RuleID : 28614 - Type : EXPLOIT-KIT - Revision : 1
2014-01-10Angler exploit kit landing page - specific-structure
RuleID : 28613 - Type : EXPLOIT-KIT - Revision : 1
Hide | Show 17 More...
DateDescription
2014-01-10Angler exploit kit Silverlight exploit download
RuleID : 28612 - Type : EXPLOIT-KIT - Revision : 1
2014-01-10Microsoft Silverlight ScriptObject untrusted pointer dereference attempt
RuleID : 28584 - Type : BROWSER-PLUGINS - Revision : 1
2014-01-10Microsoft Silverlight ScriptObject untrusted pointer dereference attempt
RuleID : 28583 - Type : BROWSER-PLUGINS - Revision : 1
2014-01-10Microsoft Silverlight ScriptObject untrusted pointer dereference attempt
RuleID : 28582 - Type : BROWSER-PLUGINS - Revision : 1
2014-01-10Microsoft Silverlight ScriptObject untrusted pointer dereference attempt
RuleID : 28581 - Type : BROWSER-PLUGINS - Revision : 1
2014-01-10Microsoft Silverlight ScriptObject untrusted pointer dereference attempt
RuleID : 28580 - Type : BROWSER-PLUGINS - Revision : 1
2014-01-10Microsoft Silverlight ScriptObject untrusted pointer dereference attempt
RuleID : 28579 - Type : BROWSER-PLUGINS - Revision : 1
2014-01-10Microsoft Windows True Type Font maxComponentPoints overflow attempt
RuleID : 27576 - Type : FILE-OTHER - Revision : 3
2014-01-10Microsoft Windows .NET CLR mutlidimensional array handling remote code execut...
RuleID : 27139 - Type : OS-WINDOWS - Revision : 2
2014-01-10Microsoft Windows .NET CLR mutlidimensional array handling remote code execut...
RuleID : 27136 - Type : OS-WINDOWS - Revision : 3
2014-01-10Microsoft Silverlight inheritance restriction bypass
RuleID : 25035 - Type : BROWSER-PLUGINS - Revision : 2
2014-01-10Microsoft Windows True Type Font maxComponentPoints overflow attempt
RuleID : 22087 - Type : FILE-OTHER - Revision : 7
2014-01-10Microsoft Silverlight privilege escalation attempt
RuleID : 21299 - Type : BROWSER-PLUGINS - Revision : 6
2014-01-10Microsoft Silverlight inheritance restriction bypass
RuleID : 20255 - Type : BROWSER-PLUGINS - Revision : 7
2014-01-10Microsoft Windows .NET ArraySegment escape exploit attempt
RuleID : 19185 - Type : OS-WINDOWS - Revision : 5
2014-01-10Microsoft .NET CreateDelegate method arbitrary code execution attempt
RuleID : 17118 - Type : EXPLOIT - Revision : 3
2014-01-10Microsoft SilverLight ImageSource remote code execution attempt
RuleID : 17114 - Type : OS-WINDOWS - Revision : 10

Nessus® Vulnerability Scanner

idDescription
2014-03-11Name : A browser enhancement on the remote Mac OS X host is affected by a security f...
File : macosx_ms14-014.nasl - Type : ACT_GATHER_INFO
2014-03-11Name : A browser enhancement on the remote Windows host is affected by a security fe...
File : smb_nt_ms14-014.nasl - Type : ACT_GATHER_INFO
2013-10-09Name : A browser enhancement on the remote Mac OS X host is affected by an informati...
File : macosx_ms13-087.nasl - Type : ACT_GATHER_INFO
2013-10-09Name : A browser enhancement on the remote Windows host is affected by an informatio...
File : smb_nt_ms13-087.nasl - Type : ACT_GATHER_INFO
2013-07-10Name : The .NET Framework install on the remote Windows host could allow arbitrary c...
File : smb_nt_ms13-052.nasl - Type : ACT_GATHER_INFO
Hide | Show 16 More...
idDescription
2013-07-10Name : The Windows kernel on the remote host is affected by multiple vulnerabilities.
File : smb_nt_ms13-053.nasl - Type : ACT_GATHER_INFO
2013-07-10Name : The remote Windows host has a remote code execution vulnerability.
File : smb_nt_ms13-054.nasl - Type : ACT_GATHER_INFO
2013-07-10Name : A browser enhancement on the remote Mac OS X host could allow arbitrary code ...
File : macosx_ms13-052.nasl - Type : ACT_GATHER_INFO
2013-03-12Name : A browser enhancement on the remote Windows host could allow arbitrary code e...
File : smb_nt_ms13-022.nasl - Type : ACT_GATHER_INFO
2013-03-12Name : A browser enhancement on the remote Mac OS X host could allow arbitrary code ...
File : macosx_ms13-022.nasl - Type : ACT_GATHER_INFO
2012-06-13Name : Arbitrary code can be executed on the remote host through Microsoft Lync.
File : smb_nt_ms12-039.nasl - Type : ACT_GATHER_INFO
2012-05-09Name : The remote Windows host is affected by multiple vulnerabilities.
File : smb_nt_ms12-034.nasl - Type : ACT_GATHER_INFO
2012-05-09Name : A browser enhancement on the remote Mac OS X host could allow arbitrary code ...
File : macosx_ms12-034.nasl - Type : ACT_GATHER_INFO
2012-02-22Name : A browser enhancement on the remote Mac OS X host could allow arbitrary code ...
File : macosx_ms11-039.nasl - Type : ACT_GATHER_INFO
2012-02-22Name : A browser enhancement on the remote Mac OS X host could allow arbitrary code ...
File : macosx_ms11-078.nasl - Type : ACT_GATHER_INFO
2012-02-22Name : A browser enhancement on the remote Mac OS X host could allow arbitrary code ...
File : macosx_ms12-016.nasl - Type : ACT_GATHER_INFO
2012-02-14Name : The .NET Framework install on the remote Windows host could allow arbitrary c...
File : smb_nt_ms12-016.nasl - Type : ACT_GATHER_INFO
2011-10-11Name : The version of the .NET Framework installed on the remote host allows arbitra...
File : smb_nt_ms11-078.nasl - Type : ACT_GATHER_INFO
2011-06-15Name : The Microsoft .NET Framework and/or Microsoft Silverlight install on the remo...
File : smb_nt_ms11-039.nasl - Type : ACT_GATHER_INFO
2011-05-06Name : The remote host contains a browser plug-in that is affected by multiple memor...
File : smb_kb2526954.nasl - Type : ACT_GATHER_INFO
2010-08-11Name : The Microsoft .NET Common Language Runtime and/or Microsoft Silverlight have ...
File : smb_nt_ms10-060.nasl - Type : ACT_GATHER_INFO