CVSS: 9.3EPSS: 46%CPEs: 11EXPL: 0CVE-2013-3131
https://notcve.org/view.php?id=CVE-2013-3131
10 Jul 2013 — Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5, and Silverlight 5 before 5.1.20513.0, does not properly prevent changes to data in multidimensional arrays of structures, which allows remote attackers to execute arbitrary code via (1) a crafted .NET Framework application or (2) a crafted Silverlight application, aka "Array Access Violation Vulnerability." Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, y 4.5, y Silverlight 5 no previenen adecuadamente los los cambios en los datos de las matrices m... • http://www.us-cert.gov/ncas/alerts/TA13-190A • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 62%CPEs: 6EXPL: 0CVE-2013-3178
https://notcve.org/view.php?id=CVE-2013-3178
10 Jul 2013 — Microsoft Silverlight 5 before 5.1.20513.0 does not properly initialize arrays, which allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via a crafted Silverlight application, aka "Null Pointer Vulnerability." Microsoft Silverlight v5 anterior a 5.1.20513.0 no inicializar correctamente arrays, lo que permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (referencia a un puntero NULL) a través de una aplicación Si... • http://www.securitytracker.com/id/1028755 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 93%CPEs: 1EXPL: 4CVE-2013-0074 – Microsoft Silverlight Double Dereference Vulnerability
https://notcve.org/view.php?id=CVE-2013-0074
13 Mar 2013 — Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML object rendering, which allows remote attackers to execute arbitrary code via a crafted Silverlight application, aka "Silverlight Double Dereference Vulnerability." Microsoft Silverlight v5 y 5 Developer Runtime anterior a 5.1.20125.0 no valida adecuadamente los punteros durante el renderizado de un objeto HTML, lo que permite a atacantes remotos ejecutar código de su elección a través de una... • https://packetstorm.news/files/id/123731 •
CVSS: 10.0EPSS: 66%CPEs: 28EXPL: 0CVE-2012-0159 – Microsoft Windows TrueType Font Parsing Remote Code Execution Vulnerability (Remote Kernel)
https://notcve.org/view.php?id=CVE-2012-0159
09 May 2012 — Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview; Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Silverlight 4 before 4.1.10329; and Silverlight 5 before 5.1.10411 allow remote attackers to execute arbitrary code via a crafted TrueType font (TTF) file, aka "TrueType Font Parsing Vulnerability." Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP2, Wind... • http://secunia.com/advisories/49121 • CWE-399: Resource Management Errors •