Alon Fliess

**Name of the Vulnerable Software and Affected Versions** Microsoft .NET Framework versions 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 Silverlight 5 before 5.1.20513.0 **Description** A remote code execution issue exists in the way the .NET Framework handles multidimensional arrays of small structures. This allows remote attackers to execute arbitrary code via a crafted .NET Framework application or a crafted Silverlight application. **Recommendations** For Microsoft .NET Framework versions 2.0 SP2, 3.5, 3.5.1, 4, and 4.5, update to a version that includes the fix for this issue. For Silverlight 5, update to version 5.1.20513.0 or later. As a temporary workaround, consider restricting the execution of crafted .NET Framework and Silverlight applications to minimize the risk of exploitation.