CVE-2012-1896 in .NET Frameworkinfo

Summary

Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly consider trust levels during construction of output data, which allows remote attackers to obtain sensitive information via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka "Code Access Security Info Disclosure Vulnerability."

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

03/22/2012

Disclosure

11/13/2012

Moderation

VulDB entry created

Entries

VDB-6927 (1)

CPE

ready

CWE

CWE-200 (Confirmed)

CVSS

5.3

EPSS

0.48687

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-1896
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-1896
CVE Details	https://www.cvedetails.com/cve/CVE-2012-1896/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!