This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2013-10-09
Product Silverlight Last view 2015-05-13
Version 5.1.20513.0 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:microsoft:silverlight

Activity : Overall

Related : CVE

  Date Alert Description
9.3 2015-05-13 CVE-2015-1715

Microsoft Silverlight 5 before 5.1.40416.00 allows remote attackers to bypass intended integrity-level restrictions via a crafted Silverlight application, aka "Microsoft Silverlight Out of Browser Application Vulnerability."

9.3 2015-05-13 CVE-2015-1671

The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2; Live Meeting 2007 Console; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; Lync Basic 2013 SP1; Silverlight 5 before 5.1.40416.00; and Silverlight 5 Developer Runtime before 5.1.40416.00, allows remote attackers to execute arbitrary code via a crafted TrueType font, aka "TrueType Font Parsing Vulnerability."

7.1 2014-03-12 CVE-2014-0319

Microsoft Silverlight 5 before 5.1.30214.0 and Silverlight 5 Developer Runtime before 5.1.30214.0 allow attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors, aka "Silverlight DEP/ASLR Bypass Vulnerability."

4.3 2013-10-09 CVE-2013-3896

Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate pointers during access to Silverlight elements, which allows remote attackers to obtain sensitive information via a crafted Silverlight application, aka "Silverlight Vulnerability."

CWE : Common Weakness Enumeration

%idName
50% (2) CWE-264 Permissions, Privileges, and Access Controls
25% (1) CWE-20 Improper Input Validation
25% (1) CWE-19 Data Handling

Information Assurance Vulnerability Management (IAVM)

id Description
2014-A-0039 Microsoft Silverlight Security Bypass Vulnerability
Severity: Category II - VMSKEY: V0046177
2013-B-0117 Microsoft Silverlight Information Disclosure Vulnerability
Severity: Category II - VMSKEY: V0040764

Snort® IPS/IDS

Date Description
2015-06-17 Microsoft Windows Win32k TrueType Font parsing out of bounds attempt
RuleID : 34441 - Type : OS-WINDOWS - Revision : 2
2015-06-17 Microsoft Windows Win32k TrueType Font parsing out of bounds attempt
RuleID : 34440 - Type : OS-WINDOWS - Revision : 2
2014-01-30 Angler exploit kit XORed payload download attempt
RuleID : 29066 - Type : EXPLOIT-KIT - Revision : 5
2014-01-10 Angler exploit kit payload download attempt
RuleID : 28616 - Type : EXPLOIT-KIT - Revision : 4
2014-01-10 Angler exploit kit exploit download attempt
RuleID : 28615 - Type : EXPLOIT-KIT - Revision : 6
2014-01-10 Angler exploit kit landing page
RuleID : 28614 - Type : EXPLOIT-KIT - Revision : 3
2014-01-10 Angler exploit kit landing page - specific-structure
RuleID : 28613 - Type : EXPLOIT-KIT - Revision : 3
2014-01-10 Multiple exploit kit Silverlight exploit download
RuleID : 28612 - Type : EXPLOIT-KIT - Revision : 3

Nessus® Vulnerability Scanner

id Description
2015-05-13 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms15-044.nasl - Type: ACT_GATHER_INFO
2015-05-12 Name: A multimedia application framework installed on the remote Mac OS X host is a...
File: macosx_ms15-049.nasl - Type: ACT_GATHER_INFO
2015-05-12 Name: A multimedia application framework installed on the remote Windows host is af...
File: smb_nt_ms15-049.nasl - Type: ACT_GATHER_INFO
2014-03-11 Name: A multimedia application framework installed on the remote Mac OS X host is a...
File: macosx_ms14-014.nasl - Type: ACT_GATHER_INFO
2014-03-11 Name: A browser enhancement on the remote Windows host is affected by a security fe...
File: smb_nt_ms14-014.nasl - Type: ACT_GATHER_INFO
2013-10-09 Name: A multimedia application framework installed on the remote Mac OS X host is a...
File: macosx_ms13-087.nasl - Type: ACT_GATHER_INFO
2013-10-09 Name: A browser enhancement on the remote Windows host is affected by an informatio...
File: smb_nt_ms13-087.nasl - Type: ACT_GATHER_INFO