Microsoft .NET Framework Remote Privilege Escalation Vulnerability

Summary

Microsoft .NET Framework is prone to a remote privilege-escalation vulnerability.

Credit:

The information has been provided by James Forshaw..
The original article can be found at: http://technet.microsoft.com/en-us/security/bulletin/ms12-074


Details

Vulnerable Systems:
 * Microsoft .NET Framework 4.0

An attacker can exploit this issue to gain elevated privileges within the application and obtain unauthorized access to the sensitive information.The code-optimization feature in the reflection implementation in Microsoft .NET Framework 4 and 4.5 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code through a crafted XAML browser application (aka XBAP) or a crafted .NET Framework application, aka ‘WPF Reflection Optimization Vulnerability.’

CVE Information:
CVE-2012-4777

Disclosure Timeline:
Published: November 13 2012

Categories: Windows