Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2014-02-11 |
| Product | .Net Framework | Last view | 2015-11-11 |
| Version | 4.5.1 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:microsoft:.net_framework | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 4.3 | 2015-11-11 | CVE-2015-6099 | Cross-site scripting (XSS) vulnerability in ASP.NET in Microsoft .NET Framework 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka ".NET Elevation of Privilege Vulnerability." |
| 4.3 | 2015-11-11 | CVE-2015-6096 | The XML DTD parser in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka ".NET Information Disclosure Vulnerability." |
| 5 | 2015-09-08 | CVE-2015-2526 | Microsoft .NET Framework 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to cause a denial of service to an ASP.NET web site via crafted requests, aka "MVC Denial of Service Vulnerability." |
| 9.3 | 2015-09-08 | CVE-2015-2504 | Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 improperly counts objects before performing an array copy, which allows remote attackers to (1) execute arbitrary code via a crafted XAML browser application (XBAP) or (2) bypass Code Access Security restrictions via a crafted .NET Framework application, aka ".NET Elevation of Privilege Vulnerability." |
| 9.3 | 2015-08-14 | CVE-2015-2464 | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, Silverlight before 5.1.40728, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allow remote attackers to execute arbitrary code via a crafted TrueType font, aka "TrueType Font Parsing Vulnerability," a different vulnerability than CVE-2015-2463. |
| 9.3 | 2015-08-14 | CVE-2015-2463 | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, Silverlight before 5.1.40728, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allow remote attackers to execute arbitrary code via a crafted TrueType font, aka "TrueType Font Parsing Vulnerability," a different vulnerability than CVE-2015-2464. |
| 9.3 | 2015-08-14 | CVE-2015-2462 | ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "OpenType Font Parsing Vulnerability." |
| 9.3 | 2015-08-14 | CVE-2015-2460 | ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "OpenType Font Parsing Vulnerability." |
| 9.3 | 2015-08-14 | CVE-2015-2456 | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, Silverlight before 5.1.40728, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allow remote attackers to execute arbitrary code via a crafted TrueType font, aka "TrueType Font Parsing Vulnerability," a different vulnerability than CVE-2015-2455. |
| 9.3 | 2015-08-14 | CVE-2015-2455 | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, Silverlight before 5.1.40728, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allow remote attackers to execute arbitrary code via a crafted TrueType font, aka "TrueType Font Parsing Vulnerability," a different vulnerability than CVE-2015-2456. |
| 9.3 | 2015-08-14 | CVE-2015-2435 | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, and Silverlight before 5.1.40728 allow remote attackers to execute arbitrary code via a crafted TrueType font, aka "TrueType Font Parsing Vulnerability." |
| 9.3 | 2015-05-13 | CVE-2015-1673 | The Windows Forms (aka WinForms) libraries in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 allow user-assisted remote attackers to execute arbitrary code via a crafted partial-trust application, aka "Windows Forms Elevation of Privilege Vulnerability." |
| 5 | 2015-05-13 | CVE-2015-1672 | Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 allows remote attackers to cause a denial of service (recursion and performance degradation) via crafted encrypted data in an XML document, aka ".NET XML Decryption Denial of Service Vulnerability." |
| 9.3 | 2015-05-13 | CVE-2015-1671 | The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2; Live Meeting 2007 Console; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; Lync Basic 2013 SP1; Silverlight 5 before 5.1.40416.00; and Silverlight 5 Developer Runtime before 5.1.40416.00, allows remote attackers to execute arbitrary code via a crafted TrueType font, aka "TrueType Font Parsing Vulnerability." |
| 4.3 | 2015-05-13 | CVE-2015-1670 | The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2, allows remote attackers to obtain sensitive information from process memory via a crafted OpenType font on a web site, aka "OpenType Font Parsing Vulnerability." |
| 2.6 | 2015-04-14 | CVE-2015-1648 | ASP.NET in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2, when the customErrors configuration is disabled, allows remote attackers to obtain sensitive configuration-file information via a crafted request, aka "ASP.NET Information Disclosure Vulnerability." |
| 9.3 | 2014-11-11 | CVE-2014-4149 | Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly perform TypeFilterLevel checks, which allows remote attackers to execute arbitrary code via crafted data to a .NET Remoting endpoint, aka "TypeFilterLevel Vulnerability." |
| 10 | 2014-10-15 | CVE-2014-4121 | Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly parse internationalized resource identifiers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted request to a .NET web application, aka ".NET Framework Remote Code Execution Vulnerability." |
| 10 | 2014-10-15 | CVE-2014-4073 | Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 processes unverified data during interaction with the ClickOnce installer, which allows remote attackers to gain privileges via vectors involving Internet Explorer, aka ".NET ClickOnce Elevation of Privilege Vulnerability." |
| 5 | 2014-09-09 | CVE-2014-4072 | Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly use a hash table for request data, which allows remote attackers to cause a denial of service (resource consumption and ASP.NET performance degradation) via crafted requests, aka ".NET Framework Denial of Service Vulnerability." |
| 10 | 2014-05-14 | CVE-2014-1806 | The .NET Remoting implementation in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly restrict memory access, which allows remote attackers to execute arbitrary code via vectors involving malformed objects, aka "TypeFilterLevel Vulnerability." |
| 9.3 | 2014-02-11 | CVE-2014-0257 | Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine whether it is safe to execute a method, which allows remote attackers to execute arbitrary code via (1) a crafted web site or (2) a crafted .NET Framework application that exposes a COM server endpoint, aka "Type Traversal Vulnerability." |
| 5 | 2014-02-11 | CVE-2014-0253 | Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine TCP connection states, which allows remote attackers to cause a denial of service (ASP.NET daemon hang) via crafted HTTP requests that trigger persistent resource consumption for a (1) stale or (2) closed connection, as exploited in the wild in February 2014, aka "POST Request DoS Vulnerability." |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 43% (10) | CWE-20 | Improper Input Validation |
| 8% (2) | CWE-399 | Resource Management Errors |
| 8% (2) | CWE-264 | Permissions, Privileges, and Access Controls |
| 8% (2) | CWE-200 | Information Exposure |
| 8% (2) | CWE-19 | Data Handling |
| 4% (1) | CWE-310 | Cryptographic Issues |
| 4% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 4% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 4% (1) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 4% (1) | CWE-17 | Code |
ExploitDB Exploits
| id | Description |
|---|---|
| 35280 | .NET Remoting Services Remote Command Execution |
| 33892 | MS14-009 .NET Deployment Service IE Sandbox Escape |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-A-0213 | Multiple Vulnerabilities in Microsoft .NET Framework (MS15-101) Severity: Category II - VMSKEY: V0061387 |
| 2015-A-0196 | Multiple Vulnerabilities in Microsoft Graphics Component (MS15-080) Severity: Category II - VMSKEY: V0061311 |
| 2015-A-0105 | Multiple Vulnerabilities in Microsoft .NET Framework (MS15-048) Severity: Category II - VMSKEY: V0060647 |
| 2015-A-0089 | Microsoft .NET Framework Information Disclosure Vulnerability (MS15-041) Severity: Category I - VMSKEY: V0059893 |
| 2014-A-0173 | Microsoft .NET Framework Remote Privilege Escalation Vulnerability Severity: Category I - VMSKEY: V0057383 |
| 2014-A-0147 | Multiple Vulnerabilities in Microsoft .NET Framework Severity: Category I - VMSKEY: V0055427 |
| 2014-A-0073 | Microsoft .NET Framework Privilege Escalation Vulnerability Severity: Category I - VMSKEY: V0050455 |
| 2014-B-0013 | Multiple Vulnerabilities in Microsoft .NET Framework Severity: Category I - VMSKEY: V0044036 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2016-03-14 | Microsoft Windows ClickOnce information disclosure attempt RuleID : 36713 - Type : OS-WINDOWS - Revision : 3 |
| 2016-03-14 | Microsoft Windows ClickOnce information disclosure attempt RuleID : 36712 - Type : OS-WINDOWS - Revision : 2 |
| 2015-10-14 | Microsoft Windows System.DirectoryServices.Protocols.Utility class memory ove... RuleID : 36015 - Type : OS-WINDOWS - Revision : 2 |
| 2015-10-14 | Microsoft Windows System.DirectoryServices.Protocols.Utility class memory ove... RuleID : 36014 - Type : OS-WINDOWS - Revision : 2 |
| 2015-10-06 | Microsoft System.Uri heap corruption attempt RuleID : 35857 - Type : FILE-OTHER - Revision : 4 |
| 2015-09-10 | Microsoft Windows malformed TTF table hmtx remote code execution attempt RuleID : 35530 - Type : FILE-OTHER - Revision : 2 |
| 2015-09-10 | Microsoft Windows malformed TTF table hmtx remote code execution attempt RuleID : 35529 - Type : FILE-OTHER - Revision : 2 |
| 2015-09-10 | Microsoft Windows TrueType font parsing integer underflow attempt RuleID : 35526 - Type : OS-WINDOWS - Revision : 4 |
| 2015-09-10 | Microsoft Windows TrueType font parsing integer underflow attempt RuleID : 35525 - Type : OS-WINDOWS - Revision : 4 |
| 2015-09-10 | Microsoft Windows TTF invalid system memory access attempt RuleID : 35524 - Type : OS-WINDOWS - Revision : 4 |
| 2015-09-10 | Microsoft Windows TTF invalid system memory access attempt RuleID : 35523 - Type : OS-WINDOWS - Revision : 4 |
| 2015-09-10 | Microsoft Windows kernel-mode driver TTF file glyf table out of bounds attempt RuleID : 35520 - Type : FILE-OTHER - Revision : 3 |
| 2015-09-10 | Microsoft Windows kernel-mode driver TTF file glyf table out of bounds attempt RuleID : 35519 - Type : FILE-OTHER - Revision : 3 |
| 2015-09-10 | Microsoft Windows ATFM.DLL malformed OTF use-after-free attempt RuleID : 35516 - Type : OS-WINDOWS - Revision : 2 |
| 2015-09-10 | Microsoft Windows ATFM.DLL malformed OTF use-after-free attempt RuleID : 35515 - Type : OS-WINDOWS - Revision : 2 |
| 2015-09-10 | Microsoft Windows GDI DrvQueryFontData function uninitialized glyph data remo... RuleID : 35492 - Type : FILE-OTHER - Revision : 3 |
| 2015-09-10 | Microsoft Windows GDI DrvQueryFontData function uninitialized glyph data remo... RuleID : 35491 - Type : FILE-OTHER - Revision : 3 |
| 2015-09-10 | Microsoft Windows atmfd.dll font driver malformed OTF file remote code execut... RuleID : 35486 - Type : FILE-OTHER - Revision : 2 |
| 2015-09-10 | Microsoft Windows atmfd.dll font driver malformed OTF file remote code execut... RuleID : 35485 - Type : FILE-OTHER - Revision : 2 |
| 2015-06-17 | Microsoft Windows Win32k TrueType Font parsing out of bounds attempt RuleID : 34441 - Type : OS-WINDOWS - Revision : 2 |
| 2015-06-17 | Microsoft Windows Win32k TrueType Font parsing out of bounds attempt RuleID : 34440 - Type : OS-WINDOWS - Revision : 2 |
| 2015-06-17 | Microsoft Windows .NET XML recursive call denial of service attempt RuleID : 34435 - Type : OS-WINDOWS - Revision : 3 |
| 2015-06-17 | Microsoft Windows .NET XML recursive call denial of service attempt RuleID : 34434 - Type : OS-WINDOWS - Revision : 3 |
| 2015-06-17 | Microsoft Windows Calendar object heap corruption attempt RuleID : 34402 - Type : OS-WINDOWS - Revision : 2 |
| 2015-06-17 | Microsoft Windows Calendar object heap corruption attempt RuleID : 34401 - Type : OS-WINDOWS - Revision : 2 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2015-11-10 | Name: The version of the .NET Framework installed on the remote host is affected by... File: smb_nt_ms15-118.nasl - Type: ACT_GATHER_INFO |
| 2015-09-08 | Name: The version of the .NET Framework installed on the remote host is affected by... File: smb_nt_ms15-101.nasl - Type: ACT_GATHER_INFO |
| 2015-08-12 | Name: A multimedia application framework installed on the remote Mac OS X host is a... File: macosx_ms15-080.nasl - Type: ACT_GATHER_INFO |
| 2015-08-12 | Name: The remote host is affected by multiple vulnerabilities. File: smb_nt_ms15-080.nasl - Type: ACT_GATHER_INFO |
| 2015-05-13 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms15-044.nasl - Type: ACT_GATHER_INFO |
| 2015-05-12 | Name: A multimedia application framework installed on the remote Mac OS X host is a... File: macosx_ms15-049.nasl - Type: ACT_GATHER_INFO |
| 2015-05-12 | Name: The version of the .NET Framework installed on the remote host is affected by... File: smb_nt_ms15-048.nasl - Type: ACT_GATHER_INFO |
| 2015-04-14 | Name: The version of the Microsoft .NET Framework installed on the remote host is a... File: smb_nt_ms15-041.nasl - Type: ACT_GATHER_INFO |
| 2014-11-12 | Name: The version of the .NET Framework installed on the remote host is affected by... File: smb_nt_ms14-072.nasl - Type: ACT_GATHER_INFO |
| 2014-10-15 | Name: The version of the .NET Framework installed on the remote host is affected by... File: smb_nt_ms14-057.nasl - Type: ACT_GATHER_INFO |
| 2014-09-10 | Name: The version of the .NET Framework installed on the remote host is affected by... File: smb_nt_ms14-053.nasl - Type: ACT_GATHER_INFO |
| 2014-05-14 | Name: The version of the .NET Framework installed on the remote host is affected by... File: smb_nt_ms14-026.nasl - Type: ACT_GATHER_INFO |
| 2014-02-12 | Name: The version of the .NET Framework installed on the remote host is affected by... File: smb_nt_ms14-009.nasl - Type: ACT_GATHER_INFO |
