NVD

Id
42301  
Name
CVE-2012-0161  
Description
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, 3.5.1, and 4 does not properly handle an unspecified exception during use of partially trusted assemblies to serialize input data, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka ".NET Framework Serialization Vulnerability."  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2012-05-08  
Modified Date
2013-01-29  
Seq
2012-0161  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
213454 42301 CVE-2012-0161 oval:org.mitre.oval:def:14951  View
213455 42301 CVE-2012-0161 MS12-035  View
213456 42301 CVE-2012-0161 53357  View
213457 42301 CVE-2012-0161 1027036  View
213458 42301 CVE-2012-0161 TA12-129A  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
26662 JVNDB-2012-002369 Microsoft .NET Framework における任意のコードを実行される脆弱性 Microsoft .NET Framework は、部分的に信頼されたアセンブリを使用して入力データをシリアル化している間、不特定の例外を適切に処理しないため、任意のコードを実行される脆弱性が存在します。 CVE-2012-0161 53399 CVE-2012-0161 42301 9.3 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002369.html 2012-05-08 2012-05-10 View