CVE-2012-0161

.NET Framework Serialization Vulnerability

Publish date

8 May 2012

Identifier

CVE-2012-0161

Manufacturer

Microsoft

Product

.Net

Patched

https://technet.microsoft.com/library/security/ms12-035#.NET Framework Serialization Vulnerability - CVE-2012-0161

Authors

James Forshaw

Description

Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, 3.5.1, and 4 does not properly serialize input data, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka ".NET Framework Serialization Vulnerability."

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0161

 

CREST
CREST STAR
CHECK IT Health Check Service
CBEST
Cyber Essentials
CESG Certified Service
First - Improving Security Together
BSI ISO 9001 FS 581360
BSI ISO 27001 IS 553326
PCI - Approved Scanning Vendor
NCSC CCSC - Assured Service Provider