Microsoft .NET Framework Remote Privilege Escalation Vulnerability
The information has been provided by James Forshaw..
The original article can be found at: http://technet.microsoft.com/en-us/security/bulletin/ms12-074
* Microsoft .NET Framework 4.0
An attacker can exploit this issue to gain elevated privileges within the application and obtain unauthorized access to the sensitive information.The code-optimization feature in the reflection implementation in Microsoft .NET Framework 4 and 4.5 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code through a crafted XAML browser application (aka XBAP) or a crafted .NET Framework application, aka ‘WPF Reflection Optimization Vulnerability.’
Published: November 13 2012