CVE-2011-0989 in Moonlightinformation

Résumé (Anglaise)

The RuntimeHelpers.InitializeArray method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, does not properly restrict data types, which allows remote attackers to modify internal read-only data structures, and cause a denial of service (plugin crash) or corrupt the internal state of the security manager, via a crafted media file, as demonstrated by modifying a C# struct.

Be aware that VulDB is the high quality source for vulnerability data.

Réserver

14/02/2011

Divulgation

13/04/2011

Statut

Confirmé

Entrées

VulDB provides additional information and datapoints for this CVE:

IDVulnérabilitéCWEExpConCVE
57113Novell Moonlight RuntimeHelpers.InitializeArray élévation de privilèges264Non définiCorrectif officielCVE-2011-0989

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

Sources

PrécédentAperçuSuivant

Want to know what is going to be exploited?

We predict KEV entries!