Microsoft .NET Framework Remote Privilege Escalation Vulnerability


Microsoft .NET Framework is prone to a remote privilege-escalation vulnerability.


The information has been provided by James Forshaw..
The original article can be found at:


Vulnerable Systems:
 * Microsoft .NET Framework 4.0

An attacker can exploit this issue to gain elevated privileges within the application and obtain unauthorized access to the sensitive information.The code-optimization feature in the reflection implementation in Microsoft .NET Framework 4 and 4.5 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code through a crafted XAML browser application (aka XBAP) or a crafted .NET Framework application, aka ‘WPF Reflection Optimization Vulnerability.’

CVE Information:

Disclosure Timeline:
Published: November 13 2012

Categories: Windows