Executive Summary

Summary
TitleVulnerabilities in .NET Framework Could Allow Elevation of Privilege (3057134)
Informations
NameMS15-048First vendor Publication2015-05-12
VendorMicrosoftLast vendor Modification2015-06-17
Severity (Vendor) ImportantRevision1.1

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score9.3Attack RangeNetwork
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Severity Rating: Important
Revision Note: V1.1 (June 17, 2015): Corrected bulletin replacement for the 3035488 update for .NET Framework 2.0 on all affected editions of Windows Server 2003 Service Pack 2.
Summary: This security update resolves vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow elevation of privilege if an attacker sends specially crafted data to a WinForms application running in partial trust.

Original Source

Url : https://technet.microsoft.com/en-us/library/security/MS15-048

CWE : Common Weakness Enumeration

%idName
50 %CWE-310Cryptographic Issues
50 %CWE-264Permissions, Privileges, and Access Controls

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:28950
 
Oval ID: oval:org.mitre.oval:def:28950
Title: Windows forms elevation of privilege vulnerability - CVE-2015-1673 (MS15-048)
Description: The Windows Forms (aka WinForms) libraries in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 allow user-assisted remote attackers to execute arbitrary code via a crafted partial-trust application, aka "Windows Forms Elevation of Privilege Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2015-1673
Version: 4
Platform(s): Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Vista
Product(s): Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4.0
Microsoft .NET Framework 4.5
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28739
 
Oval ID: oval:org.mitre.oval:def:28739
Title: .NET XML decryption denial of service vulnerability - CVE-2015-1672 (MS15-048)
Description: Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 allows remote attackers to cause a denial of service (recursion and performance degradation) via crafted encrypted data in an XML document, aka ".NET XML Decryption Denial of Service Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2015-1672
Version: 4
Platform(s): Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Vista
Product(s): Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4.0
Microsoft .NET Framework 4.5
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.2
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application8

Information Assurance Vulnerability Management (IAVM)

DateDescription
2015-05-14IAVM : 2015-A-0105 - Multiple Vulnerabilities in Microsoft .NET Framework (MS15-048)
Severity : Category II - VMSKEY : V0060647

Snort® IPS/IDS

DateDescription
2015-06-17Microsoft Windows .NET XML recursive call denial of service attempt
RuleID : 34435 - Revision : 3 - Type : OS-WINDOWS
2015-06-17Microsoft Windows .NET XML recursive call denial of service attempt
RuleID : 34434 - Revision : 3 - Type : OS-WINDOWS
2015-06-17Microsoft Windows Calendar object heap corruption attempt
RuleID : 34402 - Revision : 2 - Type : OS-WINDOWS
2015-06-17Microsoft Windows Calendar object heap corruption attempt
RuleID : 34401 - Revision : 2 - Type : OS-WINDOWS

Nessus® Vulnerability Scanner

DateDescription
2015-05-12Name : The version of the .NET Framework installed on the remote host is affected by...
File : smb_nt_ms15-048.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
DateInformations
2016-04-27 04:57:02
  • Multiple Updates
2015-10-18 17:26:33
  • Multiple Updates
2015-06-18 05:28:57
  • Multiple Updates
2015-06-18 05:16:07
  • Multiple Updates
2015-06-17 21:26:37
  • Multiple Updates
2015-05-15 21:30:49
  • Multiple Updates
2015-05-15 17:29:25
  • Multiple Updates
2015-05-13 17:29:40
  • Multiple Updates
2015-05-13 13:28:08
  • Multiple Updates
2015-05-12 21:30:30
  • Multiple Updates
2015-05-12 21:16:35
  • First insertion