Lucene search

Kaspersky LabKLA10659

HistorySep 08, 2015 - 12:00 a.m.

KLA10659 Multiple vulnerabilities in Microsoft .NET Framework

2015-09-0800:00:00

Kaspersky Lab

threats.kaspersky.com

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.323 Low

EPSS

Percentile

97.0%

JSON

Multiple serious vulnerabilities have been found in .NET Framework. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or gain privileges.

Below is a complete list of vulnerabilities

Improper memory objects validation can be exploited remotely via a specially designed application or Website to gain privileges or bypass security restrictions;
Improper requests handling at ASP.NET server can be exploited remotely via a specially designed requests to cause denial of service.

Technical details

For vulnerability (1) there are 2 exploitation scenarios. In web attack scenario attacker use web content with specially designed XAML browser application. For success exploitation of this scenario user must be logged in and use browser which is capable for instantinating XBAPs. In .NET app scenario attacker can use malicious .NET application to bypass Code Access Security restrictions. Second scenario requires that affected system allow to run untrusted .NET applications.

Attacker exploiting vulnerability (2) could send small number of specially designed requests to degrade performance of ASP.NET server enough to cause denial of service.

Original advisories

CVE-2015-2504

CVE-2015-2526

Related products

Microsoft-.NET-Framework

CVE list

CVE-2015-2504 critical

CVE-2015-2526 critical

KB list

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.