Executive Summary

Summary
TitleVulnerability in Silverlight Could Allow Elevation of Privilege (3058985)
Informations
NameMS15-049First vendor Publication2015-05-12
VendorMicrosoftLast vendor Modification2015-06-23
Severity (Vendor) ImportantRevision1.1

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score9.3Attack RangeNetwork
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Severity Rating: Important
Revision Note: V1.1 (June 23, 2015): Bulletin published.
Summary: Bulletin revised to announce a detection change in the 3056819 update for Microsoft Silverlight 5. This is a detection change only. Customers who have already successfully updated their systems do not need to take any action.

Original Source

Url : https://technet.microsoft.com/en-us/library/security/MS15-049

CWE : Common Weakness Enumeration

%idName
100 %CWE-264Permissions, Privileges, and Access Controls

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:28985
 
Oval ID: oval:org.mitre.oval:def:28985
Title: Microsoft Silverlight out of browser application vulnerability - CVE-2015-1715 (MS15-049)
Description: Microsoft Silverlight 5 before 5.1.40416.00 allows remote attackers to bypass intended integrity-level restrictions via a crafted Silverlight application, aka "Microsoft Silverlight Out of Browser Application Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2015-1715
Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Microsoft Silverlight 5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28655
 
Oval ID: oval:org.mitre.oval:def:28655
Title: Microsoft Silverlight out of browser application vulnerability - CVE-2015-1715 (MS15-049) (Mac OS X)
Description: Microsoft Silverlight 5 before 5.1.40416.00 allows remote attackers to bypass intended integrity-level restrictions via a crafted Silverlight application, aka "Microsoft Silverlight Out of Browser Application Vulnerability."
Family: macos Class: vulnerability
Reference(s): CVE-2015-1715
Version: 3
Platform(s): Apple Mac OS X
Apple Mac OS X Server
Product(s): Microsoft Silverlight 5 for Mac
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application30

Nessus® Vulnerability Scanner

DateDescription
2015-05-12Name : A multimedia application framework installed on the remote Mac OS X host is a...
File : macosx_ms15-049.nasl - Type : ACT_GATHER_INFO
2015-05-12Name : A multimedia application framework installed on the remote Windows host is af...
File : smb_nt_ms15-049.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
DateInformations
2015-06-24 00:29:09
  • Multiple Updates
2015-06-24 00:16:03
  • Multiple Updates
2015-05-15 21:30:49
  • Multiple Updates
2015-05-13 17:29:41
  • Multiple Updates
2015-05-13 13:28:08
  • Multiple Updates
2015-05-12 21:30:30
  • Multiple Updates
2015-05-12 21:16:24
  • First insertion