Home

CVE-2012-0163

Description

Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate function parameters, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka .NET Framework Parameter Validation Vulnerability.

Risk Information

Base Score
8.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
55.802

Associated Vulnerability

VulnerabilityOS Platform
Security Update for Microsoft .NET Framework 1.1 Service Pack 1 on Windows XP, Windows Server 2003 (64-bit), Windows Vista, and Windows Server 2008 (KB2656370)Windows
Security Update for Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2003 and Windows XP(KB2656369) x86 based systemsWindows
Security Update for Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2003 and Windows XP(KB2656369) x64 bases systemsWindows
Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008(KB2656368) x86 based systemsWindows
Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008(KB2656368) x64 bases systemsWindows
Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 (KB2656372)Windows
Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2(KB2656372) x64 bases systemsWindows
Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1(KB2656373) x86 based systemsWindows
Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1(KB2656373) x64 bases systemsWindows
Security Update for Microsoft .NET Framework 1.1 Service Pack 1 on Windows Server 2003 Service Pack 2 (32-bit)(KB2656376) x86 based systemsWindows
Security Update for Microsoft .NET Framework 2.0 Service Pack 2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2(KB2656374) x86 based systemsWindows
Security Update for Microsoft .NET Framework 2.0 Service Pack 2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2(KB2656374) x64 bases systemsWindows
Multiple Vulnerabilities are affected in IBM Cognos Analytics 11.0Windows
Multiple Vulnerabilities are affected in IBM Cognos Analytics 11.1Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-11703Security Update for Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2003 and Windows XP
PATCH-11704Security Update for Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2003 and Windows XP
PATCH-11705Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008
PATCH-11706Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008
PATCH-11707Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 (KB2656372)
PATCH-11708Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2
PATCH-11709Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1
PATCH-11710Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1
PATCH-11712Security Update for Microsoft .NET Framework 2.0 Service Pack 2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2
PATCH-11713Security Update for Microsoft .NET Framework 2.0 Service Pack 2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234