Microsoft Silverlight Information Disclosure Vulnerability (2890788) Network Vulnerability

Summary

This host is missing an important security update according to Microsoft Bulletin MS13-087.

Impact

Successful exploitation will allow remote attackers to obtain potentially sensitive information. Impact Level: Application

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, https://technet.microsoft.com/en-us/security/bulletin/ms13-087

Insight

Flaw is caused when Silverlight improperly handles certain objects in memory.

Affected

Microsoft Silverlight version 5 on Windows

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://osvdb.org/98223
http://secunia.com/advisories/55149
http://support.microsoft.com/kb/2890788
http://technet.microsoft.com/en-us/security/bulletin/ms13-087

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-3896

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Microsoft Client/Server Run-time Subsystem Privilege Elevation Vulnerability (978037)
Microsoft Office Web Apps HTML Sanitisation Component XSS Vulnerability (2821818)
Microsoft SharePoint Foundation HTML Sanitisation Component XSS Vulnerability (2821818)
Microsoft ASP.NET Information Disclosure Vulnerability (2418042)
Microsoft Windows Active Directory SPN Denial of Service (2478953)

Take action and discover your vulnerabilities