CVE-2012-2519

Name of the Vulnerable Software and Affected Versions Microsoft .NET Framework versions 1.0 SP3 through 4

Description The issue allows local users to gain privileges via a Trojan horse DLL in the current working directory. A remote code execution vulnerability exists in the way that the Microsoft .NET Framework handles the loading of DLL files. An attacker who successfully exploited this vulnerability could take complete control of an affected system, then install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft .NET Framework versions 1.0 SP3 through 4, update to a version that is not affected by this issue to prevent exploitation. As a temporary workaround, consider restricting the loading of DLL files from untrusted locations to minimize the risk of exploitation. Avoid executing .NET applications from directories that may contain malicious DLLs until the issue is resolved.