CVE-2012-1896

Name of the Vulnerable Software and Affected Versions Microsoft .NET Framework versions 2.0 SP2 through 3.5.1

Description The issue is related to the improper consideration of trust levels during the construction of output data, allowing remote attackers to obtain sensitive information. This can be achieved through a crafted XAML browser application or a crafted .NET Framework application. The vulnerability is also described as an information disclosure issue due to the improper sanitization of output when a function is called from partially trusted code, which could allow an attacker to obtain confidential information contained on the target system.

Recommendations For Microsoft .NET Framework versions 2.0 SP2 through 3.5.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.