Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1845

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2011-1845
Last Modified 14 Jul 2011 12:00:00
Published 03 May 2011 03:55:13
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-1845

Summary

Multiple memory leaks in the DataGrid control implementation in Microsoft Silverlight 4 before 4.0.60310.0 allow remote attackers to cause a denial of service (memory consumption) via an application involving (1) subscriptions to an INotifyDataErrorInfo.ErrorsChanged event or (2) a TextBlock or TextBox element.

Vulnerable Systems

Application

  • Microsoft Silverlight 2.0.31005.00

  • Microsoft Silverlight 2.0.40115.00

  • Microsoft Silverlight 3.0.40624.00

  • Microsoft Silverlight 3.0.40723.0

  • Microsoft Silverlight 3.0.40818.0

  • Microsoft Silverlight 3.0.50106.0

  • Microsoft Silverlight 4.0.60129.0


References

MSKB - 2526954

MISC - http://isc.sans.edu/diary.html?storyid=10747


Last Updated: 27 May 2016 10:56:49