Microsoft Silverlight Remote Code Execution Vulnerabilities (2861561) Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS13-052.

Impact

Successful exploitation could allow an attacker to execute arbitrary code, bypass security mechanism and take complete control of an affected system. Impact Level: System/Application

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/ms13-052

Insight

Multiple flaws due to, - Improper handling of TrueType font and multidimensional arrays of small structures - Improper Handling of null pointer

Affected

Microsoft Silverlight version 5

References

http://secunia.com/advisories/54025
http://support.microsoft.com/kb/2861561
http://technet.microsoft.com/en-us/security/bulletin/ms13-052
http://www.osvdb.com/94960

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-3129, CVE-2013-3131, CVE-2013-3178

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Microsoft .NET Framework Remote Code Execution Vulnerability (2693777)
Microsoft .NET Common Language Runtime Remote Code Execution Vulnerability (2265906)
Microsoft .NET Framework Remote Code Execution Vulnerability (2484015)
Cumulative Security Update for Internet Explorer (958215)
Microsoft IIS FTP Server 'Malformed FTP List Request' DOS Vulnerability

Take action and discover your vulnerabilities