The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Microsoft NET Framework

computer vulnerability note CVE-2015-1672 CVE-2015-1673

Microsoft .NET: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft .NET.
Impacted products: .NET Framework, Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows RT, Windows Vista.
Severity: 3/4.
Consequences: user access/rights, denial of service on server, denial of service on service.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 12/05/2015.
Identifiers: 3057134, CERTFR-2015-AVI-213, CVE-2015-1672, CVE-2015-1673, MS15-048, VIGILANCE-VUL-16889.

Description of the vulnerability

Several vulnerabilities were announced in Microsoft .NET.

An attacker can use the XML decryption feature to overload the server, in order to trigger a denial of service. [severity:2/4; CVE-2015-1672]

An attacker can generate a memory corruption in Windows Forms, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-1673]
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2015-1648

Microsoft .NET: information disclosure via customErrors

Synthesis of the vulnerability

An attacker can generate an error in a Microsoft .NET/ASP.NET application, in order to obtain sensitive information.
Impacted products: IIS, .NET Framework, Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows RT, Windows Vista.
Severity: 2/4.
Consequences: data reading.
Provenance: internet client.
Creation date: 14/04/2015.
Identifiers: 3048010, CERTFR-2015-AVI-159, CVE-2015-1648, MS15-041, VIGILANCE-VUL-16604.

Description of the vulnerability

The Microsoft .NET uses the ASP.NET customErrors directive to define the type of error messages to be displayed.

However, when the customErrors mode is disabled, an attacker can trigger an error in order to read details about the application.

An attacker can therefore generate an error in a Microsoft .NET/ASP.NET application, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2014-4149

Microsoft .NET: privilege escalation via .NET Remoting

Synthesis of the vulnerability

An authenticated attacker can use .NET Remoting of Microsoft .NET, in order to escalate his privileges.
Impacted products: .NET Framework.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user account.
Creation date: 12/11/2014.
Identifiers: 3005210, CERTFR-2014-AVI-471, CVE-2014-4149, MS14-072, VIGILANCE-VUL-15618.

Description of the vulnerability

The .NET Remoting is used by application to communicate and share data.

However, it does not correctly check objects with TypeFilterLevel.

An authenticated attacker can therefore use .NET Remoting of Microsoft .NET, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2014-4075

ASP.NET MVC: Cross Site Scripting

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting of ASP.NET MVC, in order to execute JavaScript code in the context of the web site.
Impacted products: .NET Framework.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 14/10/2014.
Identifiers: 2990942, CERTFR-2014-AVI-421, CVE-2014-4075, MS14-059, VIGILANCE-VUL-15475.

Description of the vulnerability

The ASP.NET MVC (Model View Controller) module can be used by a web service.

However, it does not filter received data before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting of ASP.NET MVC, in order to execute JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2014-4073 CVE-2014-4121 CVE-2014-4122

Microsoft .NET: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft .NET.
Impacted products: .NET Framework.
Severity: 4/4.
Consequences: user access/rights, data reading.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 3.
Creation date: 14/10/2014.
Identifiers: 3000414, CERTFR-2014-AVI-423, CVE-2014-4073, CVE-2014-4121, CVE-2014-4122, MS14-057, VIGILANCE-VUL-15473.

Description of the vulnerability

Several vulnerabilities were announced in Microsoft .NET.

An attacker can force Internet Explorer to use .NET with ClickOnce, in order to escalate his privileges. [severity:2/4; CVE-2014-4073]

An attacker can generate a memory corruption in iriParsing, in order to trigger a denial of service, and possibly to execute code on a server hosting a .NET application. [severity:4/4; CVE-2014-4121]

An attacker can bypass the ASLR protection, in order to easily exploit a memory corruption. [severity:2/4; CVE-2014-4122]
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2014-0253 CVE-2014-0257 CVE-2014-0295

Microsoft .NET: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft .NET.
Impacted products: .NET Framework, Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows RT, Windows Vista, Windows XP.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, data reading, denial of service on service.
Provenance: document.
Number of vulnerabilities in this bulletin: 3.
Creation date: 11/02/2014.
Revisions dates: 12/02/2014, 25/09/2014.
Identifiers: 2916607, BID-65415, BID-65417, BID-65418, CERTFR-2014-AVI-064, CVE-2014-0253, CVE-2014-0257, CVE-2014-0295, MS14-009, VIGILANCE-VUL-14222.

Description of the vulnerability

Several vulnerabilities were announced in Microsoft .NET.

An attacker can use a POST query to generate an error in the processing of stale or closed HTTP client connections, in order to trigger a denial of service. This vulnerability has the same origin than VIGILANCE-VUL-8809. [severity:2/4; BID-65415, CVE-2014-0253]

An attacker can execute a special method, in order to escape the sandbox, to escalate his privileges. [severity:3/4; BID-65417, CVE-2014-0257]

An attacker can use vsab7rt.dll, in order to obtain sensitive information about the memory layout, to bypass ASLR. [severity:1/4; BID-65418, CVE-2014-0295]
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2014-4072

Microsoft .NET: denial of service via hash collision

Synthesis of the vulnerability

An attacker can send special queries to a service using Microsoft .NET, in order to trigger a denial of service.
Impacted products: IIS, .NET Framework, Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows RT, Windows Vista.
Severity: 3/4.
Consequences: denial of service on server, denial of service on service, denial of service on client.
Provenance: internet client.
Creation date: 09/09/2014.
Revision date: 18/09/2014.
Identifiers: 2990931, CERTFR-2014-AVI-376, CVE-2014-4072, MS14-053, VIGILANCE-VUL-15312.

Description of the vulnerability

The Microsoft .NET product can for example be used by a web service via ASP.NET.

The bulletin VIGILANCE-VUL-11254 describes a vulnerability which can be used to create a denial of service on several applications, using hash collisions. This vulnerability also impacts Microsoft .NET.

An attacker can therefore send special queries to a service using Microsoft .NET, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2014-1806

Microsoft .NET: memory corruption via TypeFilterLevel

Synthesis of the vulnerability

An unauthenticated attacker can generate a memory corruption via Microsoft .NET Remoting, in order to trigger a denial of service, and possibly to execute code.
Impacted products: .NET Framework.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, denial of service on service.
Provenance: intranet client.
Creation date: 13/05/2014.
Identifiers: 2958732, CERTFR-2014-AVI-224, CVE-2014-1806, MS14-026, VIGILANCE-VUL-14744.

Description of the vulnerability

The Microsoft .NET Remoting technology allows two applications to communicate and to share objects.

However, if an object is malformed, the TypeFilterLevel check is incorrect, and the memory is corrupted.

An unauthenticated attacker can therefore generate a memory corruption via Microsoft .NET Remoting, in order to trigger a denial of service, and possibly to execute code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce 13937

ASP.NET: code execution via View State

Synthesis of the vulnerability

When the MAC is disabled, an attacker can send a malicious View State to an ASP.NET server, in order to execute code.
Impacted products: IIS, .NET Framework.
Severity: 3/4.
Consequences: user access/rights.
Provenance: internet client.
Creation date: 11/12/2013.
Identifiers: 2905247, VIGILANCE-VUL-13937.

Description of the vulnerability

The View State feature allows the web browser and the server to exchange information during a session.

The server uses the MAC (Machine Authentication Code) feature to ensure the client has not modified the View State. Indeed, the View State can contain data, which are directly executed on the server.

However, ASP.NET allows administrators to disable MAC.

When the MAC is disabled, an attacker can therefore send a malicious View State to an ASP.NET server, in order to execute code.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2013-5042

ASP.NET SignalR: Cross Site Scripting

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting of ASP.NET SignalR, in order to execute JavaScript code in the context of the web site.
Impacted products: IIS, .NET Framework, Visual Studio.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 11/12/2013.
Identifiers: 2905244, BID-64093, CERTA-2013-AVI-669, CVE-2013-5042, MS13-103, VIGILANCE-VUL-13933.

Description of the vulnerability

The ASP.NET SignalR library is used to establish a communication between a web browser and a web server, using JavaScript.

However, it does not filter received data before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting of ASP.NET SignalR, in order to execute JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Microsoft NET Framework: