4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
5.6 Medium
AI Score
Confidence
High
0.53 Medium
EPSS
Percentile
97.6%
Multiple serious vulnerabilities have been found in Microsoft .NET Framework. Malicious users can exploit these vulnerabilities to bypass security restrictions,.
Below is a complete list of vulnerabilities
Technical details
By exploiting (1) attacker can gain read access to local files.
CVE-2015-6099 warning
CVE-2015-6096 warning
CVE-2015-6115 warning
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Code injection. Exploitation of vulnerabilities with this impact can lead to changes in target code.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
support.microsoft.com/kb/3097995
support.microsoft.com/kb/3097997
support.microsoft.com/kb/3097999
support.microsoft.com/kb/3098000
support.microsoft.com/kb/3098779
support.microsoft.com/kb/3098780
support.microsoft.com/kb/3098784
support.microsoft.com/kb/3098785
support.microsoft.com/kb/3104507
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6096
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6099
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6115
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-.NET-Framework/