Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2012-1896
HistoryNov 14, 2012 - 12:55 a.m.

CVE-2012-1896

2012-11-1400:55:01
CWE-200
[email protected]
web.nvd.nist.gov
60
microsoft
.net framework
trust level
security
vulnerability
nvd
cve-2012-1896

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.023 Low

EPSS

Percentile

89.8%

JSON

Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly consider trust levels during construction of output data, which allows remote attackers to obtain sensitive information via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka “Code Access Security Info Disclosure Vulnerability.”

Affected configurations

NVD
Node
microsoft.net_frameworkMatch2.0sp2
AND
microsoftwindows_server_2003sp2
OR
microsoftwindows_server_2008sp2itanium
OR
microsoftwindows_server_2008sp2x64
OR
microsoftwindows_server_2008sp2x86
OR
microsoftwindows_vistasp2
OR
microsoftwindows_xpsp3
OR
microsoftwindows_xpMatch-sp2x64
Node
microsoft.net_frameworkMatch3.5.1
AND
microsoftwindows_7x64
OR
microsoftwindows_7x86
OR
microsoftwindows_7sp1x64
OR
microsoftwindows_7sp1x86
OR
microsoftwindows_server_2008r2itanium
OR
microsoftwindows_server_2008r2x64

Related

prion 1
symantec 1
cvelist 1
nvd 1
openvas 2
mskb 1
nessus 1
securityvulns 1
prion
prion
Information disclosure
2012-11-14 00:55:00
symantec
symantec
Microsoft .NET Framework CVE-2012-1896 Information Disclosure Vulnerability
2012-11-13 00:00:00
cvelist
cvelist
CVE-2012-1896
2012-11-14 00:00:00
nvd
nvd
CVE-2012-1896
2012-11-14 00:55:01
openvas
openvas
Microsoft .NET Framework Remote Code Execution Vulnerability (2745030)
2012-11-14 00:00:00
Microsoft .NET Framework Remote Code Execution Vulnerability (2745030)
2012-11-14 00:00:00
mskb
mskb
MS12-074: Vulnerabilities in .NET Framework could allow remote code execution: November 13, 2012
2012-11-13 00:00:00
nessus
nessus
MS12-074: Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2745030)
2012-11-14 00:00:00
securityvulns
securityvulns
Microsoft Windows security vulnerabilities
2012-11-18 00:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.023 Low

EPSS

Percentile

89.8%

JSON
Related for CVE-2012-1896
prion1symantec1cvelist1nvd1openvas2mskb1nessus1securityvulns1