Microsoft .NET TypeFilterLevel Privilege Escalation Vulnerabilities
The information has been provided by James Forshaw of Context Information Security .
* Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2
* Microsoft .NET Framework after 4.5.2
Microsoft .NET Framework could allow a remote attacker to gain elevated privileges on the system, caused by improper enforcement of access controls on objects in memory. By sending specially crafted data to a system that uses .NET Remoting, an attacker could exploit this vulnerability to execute arbitrary code and take complete control of the system.
Original release date: 11/11/2014
Last revised: 12/31/2014