CVE-2010-1898

Name of the Vulnerable Software and Affected Versions Microsoft .NET Framework versions 2.0 SP1 through 3.5.1 Microsoft Silverlight versions 2 through 3 before 3.0.50611.0 on Windows and before 3.0.41130.0 on Mac OS X

Description A remote code execution issue exists due to improper handling of interfaces and delegations to virtual methods. This allows remote attackers to execute arbitrary code via a crafted application, such as a XAML browser application, an ASP.NET application, or a .NET Framework application.

Recommendations For Microsoft .NET Framework versions 2.0 SP1 through 3.5.1, update to a version that includes the fix for this issue. For Microsoft Silverlight versions 2 through 3, update to version 3.0.50611.0 or later on Windows, or version 3.0.41130.0 or later on Mac OS X. As a temporary workaround, consider restricting access to crafted .NET applications or Silverlight applications until a patch is available.