exploitDog

GHSA-v48r-73x3-g7m3

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly consider trust levels during construction of output data, which allows remote attackers to obtain sensitive information via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka "Code Access Security Info Disclosure Vulnerability."

Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly consider trust levels during construction of output data, which allows remote attackers to obtain sensitive information via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka "Code Access Security Info Disclosure Vulnerability."

Ссылки

EPSS

Процентиль: 98%

0.48687

Средний

CVE ID

Дефекты

CWE-200

Связанные уязвимости

CVE-2012-1896

nvd

около 13 лет назад

Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly consider trust levels during construction of output data, which allows remote attackers to obtain sensitive information via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka "Code Access Security Info Disclosure Vulnerability."

EPSS

Процентиль: 98%

0.48687

Средний

CVE ID

Дефекты

CWE-200