CVE-2012-0163

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

SecuriTeam™
Beyond Security®

SecuriTeam™ Home
Ask the Team
Mailing Lists
Advertising Info
Blogs

	SecuriTeam™ in Your Inbox

	E-mail this CVE-2012-0163 to a friend

New vulnerability?
New tool?
Tell us

Credit:
The information has been provided by Vitaliy Toropov.

Website Security Scan	Code Vulnerability Test	Network Assessment Tool
Detect hidden vulnerabilities	Exhaustive automated testing	Real-time, continuous security
Get guidance from professionals	of internal or 3rd party code.	scanning for your entire network

Check for CVE-2012-0163

Vulnerability Assessment and Management.
Automated Pen Testing for 50 to 50,000 nodes
beyondsecurity.com/vulnerability-scanner

Vulnerable Systems:
* Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5

A remote code execution vulnerability exists in the way that Microsoft .NET Framework validates parameters when passing data to a function. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Vendor Status:
Microsoft had issued an update for this vulnerability

Patch Availability:
http://technet.microsoft.com/en-us/security/bulletin/ms12-025

CVE Information:
CVE-2012-0163

Disclosure Timeline:
Published: Tuesday, April 10, 2012

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus