Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2011-0664
HistoryJun 16, 2011 - 8:55 p.m.

CVE-2011-0664

2011-06-1620:55:01
CWE-20
[email protected]
web.nvd.nist.gov
54
cve-2011-0664
microsoft
.net framework
silverlight
remote code execution
vulnerability
nvd
networking api

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.261 Low

EPSS

Percentile

96.8%

JSON

Microsoft .NET Framework 2.0 SP1 and SP2, 3.5 Gold and SP1, 3.5.1, and 4.0, and Silverlight 4 before 4.0.60531.0, does not properly validate arguments to unspecified networking API functions, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, (3) a crafted .NET Framework application, or (4) a crafted Silverlight application, aka β€œ.NET Framework Array Offset Vulnerability.”

Affected configurations

NVD
Node
microsoft.net_frameworkMatch4.0
AND
microsoftwindows_2003_serversp2
OR
microsoftwindows_7Match-
OR
microsoftwindows_7Match-sp1x86
OR
microsoftwindows_server_2003sp2
OR
microsoftwindows_server_2008itanium
OR
microsoftwindows_server_2008x32
OR
microsoftwindows_server_2008x64
OR
microsoftwindows_server_2008sp2x32
OR
microsoftwindows_server_2008sp2x64
OR
microsoftwindows_server_2008Match-sp2itanium
OR
microsoftwindows_server_2008Matchr2itanium
OR
microsoftwindows_server_2008Matchr2x64
OR
microsoftwindows_vistasp1
OR
microsoftwindows_vistasp2
OR
microsoftwindows_xpsp3
OR
microsoftwindows_xpMatch-sp2x64
Node
microsoft.net_frameworkMatch3.5.1
AND
microsoftwindows_7Match-
OR
microsoftwindows_server_2008Matchr2itanium
OR
microsoftwindows_server_2008Matchr2x64
Node
microsoft.net_frameworkMatch2.0sp2
AND
microsoftwindows_server_2003sp2
OR
microsoftwindows_server_2008itanium
OR
microsoftwindows_server_2008x32
OR
microsoftwindows_server_2008x64
OR
microsoftwindows_server_2008sp2x32
OR
microsoftwindows_server_2008sp2x64
OR
microsoftwindows_server_2008Match-sp2itanium
OR
microsoftwindows_vistasp1
OR
microsoftwindows_vistasp2
OR
microsoftwindows_xpsp3
OR
microsoftwindows_xpMatch-sp2x64
Node
microsoft.net_frameworkMatch3.5sp1
AND
microsoftwindows_2003_serversp2
OR
microsoftwindows_server_2003sp2
OR
microsoftwindows_server_2008itanium
OR
microsoftwindows_server_2008x32
OR
microsoftwindows_server_2008x64
OR
microsoftwindows_server_2008sp2x32
OR
microsoftwindows_server_2008sp2x64
OR
microsoftwindows_server_2008Match-sp2itanium
OR
microsoftwindows_vistasp1
OR
microsoftwindows_vistasp2
OR
microsoftwindows_xpsp3
OR
microsoftwindows_xpMatch-sp2x64
Node
microsoft.net_frameworkMatch2.0sp1
AND
microsoftwindows_server_2008itanium
OR
microsoftwindows_server_2008x32
OR
microsoftwindows_server_2008x64
OR
microsoftwindows_vistasp1
Node
microsoft.net_frameworkMatch3.5
AND
microsoftwindows_2003_serversp2
OR
microsoftwindows_server_2003sp2
OR
microsoftwindows_server_2008itanium
OR
microsoftwindows_server_2008x32
OR
microsoftwindows_server_2008x64
OR
microsoftwindows_vistasp1
OR
microsoftwindows_vistasp2
OR
microsoftwindows_xpsp3
OR
microsoftwindows_xpMatch-sp2x64
Node
microsoftsilverlightMatch4.0.60310.0

Related

prion 1
nvd 1
cvelist 1
openvas 2
checkpoint_advisories 1
nessus 2
mskb 1
seebug 1
securityvulns 1
prion
prion
Design/Logic Flaw
2011-06-16 20:55:00
nvd
nvd
CVE-2011-0664
2011-06-16 20:55:01
cvelist
cvelist
CVE-2011-0664
2011-06-16 20:21:00
openvas
openvas
Microsoft .NET Framework and Silverlight Remote Code Execution Vulnerability (2514842)
2011-06-15 00:00:00
Microsoft .NET Framework and Silverlight Remote Code Execution Vulnerability (2514842)
2011-06-15 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft .NET Framework Arbitrary Code Execution (MS11-039; CVE-2011-0664)
2011-06-06 00:00:00
nessus
nessus
MS11-039: Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2514842)
2011-06-15 00:00:00
MS11-078: Vulnerability in Microsoft Silverlight Could Allow Remote Code Execution (2514842) (Mac OS X)
2012-02-22 00:00:00
mskb
mskb
MS11-039: Vulnerability in the .NET Framework and in Microsoft Silverlight could allow remote code execution: June 14, 2011
2011-06-14 00:00:00
seebug
seebug
Microsoft Silverlight & .NET Frameworkιžζ³•ζ•°η»„εη§»θΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄ž
2011-06-16 00:00:00
securityvulns
securityvulns
Microsoft .Net Framework multiple security vulnerabilities
2011-06-15 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.261 Low

EPSS

Percentile

96.8%

JSON
Related for CVE-2011-0664
prion1nvd1cvelist1openvas2checkpoint_advisories1nessus2mskb1seebug1securityvulns1