Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2010-1898
HistoryAug 11, 2010 - 6:47 p.m.

CVE-2010-1898

2010-08-1118:47:50
CWE-94
[email protected]
web.nvd.nist.gov
62
cve-2010-1898
common language runtime
clr
microsoft .net framework
microsoft silverlight
virtual method delegate
vulnerability
remote code execution
xaml
xbap
asp.net
.net framework

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.617 Medium

EPSS

Percentile

97.8%

JSON

The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP1, 2.0 SP2, 3.5, 3.5 SP1, and 3.5.1, and Microsoft Silverlight 2 and 3 before 3.0.50611.0 on Windows and before 3.0.41130.0 on Mac OS X, does not properly handle interfaces and delegations to virtual methods, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka “Microsoft Silverlight and Microsoft .NET Framework CLR Virtual Method Delegate Vulnerability.”

Affected configurations

NVD
Node
microsoft.net_frameworkMatch2.0sp1
OR
microsoft.net_frameworkMatch2.0sp2
OR
microsoft.net_frameworkMatch3.5
OR
microsoft.net_frameworkMatch3.5sp1
OR
microsoft.net_frameworkMatch3.5.1
Node
microsoftsilverlightRange3.0.40818.0
OR
microsoftsilverlightMatch2.0.31005.00
OR
microsoftsilverlightMatch2.0.40115.00
OR
microsoftsilverlightMatch3.0.40624.00
OR
microsoftsilverlightMatch3.0.40723.0
AND
applemac_os_x
Node
microsoftsilverlightRange3.0.50106.0
OR
microsoftsilverlightMatch2.0.31005.00
OR
microsoftsilverlightMatch2.0.40115.00
OR
microsoftsilverlightMatch3.0.40624.00
OR
microsoftsilverlightMatch3.0.40723.0
OR
microsoftsilverlightMatch3.0.40818.0
AND
microsoftwindows

Related

nvd 1
openvas 3
canvas 1
prion 1
cvelist 1
securityvulns 2
nessus 1
nvd
nvd
CVE-2010-1898
2010-08-11 18:47:50
openvas
openvas
foxweb CGI
2005-11-03 00:00:00
Microsoft .NET Common Language Runtime Remote Code Execution Vulnerability (2265906)
2010-08-11 00:00:00
Microsoft .NET Common Language Runtime Remote Code Execution Vulnerability (2265906)
2010-08-11 00:00:00
canvas
canvas
Immunity Canvas: MS10_060
2010-08-11 18:47:00
prion
prion
Design/Logic Flaw
2010-08-11 18:47:00
cvelist
cvelist
CVE-2010-1898
2010-08-11 18:00:00
securityvulns
securityvulns
Microsoft .Net and Silverlight security vulnerabilities
2010-08-11 00:00:00
Microsoft Security Bulletin MS10-060 - Critical Vulnerabilities in the Microsoft .NET Common Language Runtime and in Microsoft Silverlight Could Allow Remote Code Execution (2265906)
2010-08-11 00:00:00
nessus
nessus
MS10-060: Vulnerabilities in the Microsoft .NET Common Language Runtime and in Microsoft Silverlight Could Allow Remote Code Execution (2265906)
2010-08-11 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.617 Medium

EPSS

Percentile

97.8%

JSON
Related for CVE-2010-1898
nvd1openvas3canvas1prion1cvelist1securityvulns2nessus1