Buffer overflow in the Windows Forms (aka WinForms) component in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application that leverages improper counting of objects during a memory copy operation, aka βWinForms Buffer Overflow Vulnerability.β
CPE | Name | Operator | Version |
---|---|---|---|
.net_framework | eq | 1.0 sp3 | |
.net_framework | eq | 1.1 sp1 | |
.net_framework | eq | 2.0 sp2 | |
.net_framework | eq | 4.0 | |
.net_framework | eq | 3.5 | |
.net_framework | eq | 3.5.1 | |
.net_framework | eq | 4.5 |
www.us-cert.gov/cas/techalerts/TA13-008A.html
docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-004
lists.apache.org/thread.html/680e6938b6412e26d5446054fd31de2011d33af11786b989127d1cc3%40%3Ccommits.santuario.apache.org%3E
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16343