CVE-2010-3958

Name of the Vulnerable Software and Affected Versions Microsoft .NET Framework versions 2.0 SP2 through 4.0

Description A remote code execution issue exists in the way Microsoft .NET Framework handles certain function calls, potentially allowing attackers to execute arbitrary code via crafted applications, such as XAML browser applications, ASP.NET applications, or .NET Framework applications. This could enable an attacker to take complete control of an affected system, install programs, view, change, or delete data, or create new accounts with full user rights. The impact may be less severe for users with limited user rights compared to those operating with administrative rights.

Recommendations For Microsoft .NET Framework versions 2.0 SP2 through 4.0, update to a version that includes the fix for this issue to prevent remote code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.