Microsoft Silverlight Code Execution Vulnerabilities - 2681578 (Mac OS X) Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS12-034.

Impact

Successful exploitation could allow attackers to execute arbitrary code by tricking a user into opening a specially crafted file. Impact Level: System/Application

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/MS12-034

Insight

The flaws are due to an error exists when parsing TrueType fonts.

Affected

Microsoft Silverlight versions 4 and 5

References

http://secunia.com/advisories/49121
http://support.microsoft.com/kb/2681578
http://support.microsoft.com/kb/2690729
http://technet.microsoft.com/en-us/security/bulletin/ms12-034
http://www.securitytracker.com/id/1027048

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-3402, CVE-2012-0159

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Java for Mac OS X 10.6 Update 5
Microsoft Office Remote Code Execution Vulnerabilities-2885080 (Mac OS X)
Java for Mac OS X 10.5 Update 6
Mac OS X 10.5.8 Update / Mac OS X Security Update 2009-003
Apple SA 2003-12-19

Take action and discover your vulnerabilities