CVE-2012-1895

Name of the Vulnerable Software and Affected Versions Microsoft .NET Framework versions 1.0 SP3 through 4

Description The issue arises from improper enforcement of object permissions in the reflection implementation, allowing remote attackers to execute arbitrary code. This can be achieved through a crafted XAML browser application or a crafted .NET Framework application. An elevation of privilege vulnerability exists in the way that .NET Framework validates the permissions of certain objects performing reflection. If exploited, an attacker could take complete control of an affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft .NET Framework versions 1.0 SP3 through 4, at the moment, there is no information about a newer version that contains a fix for this vulnerability.