CVE-2012-4777

Name of the Vulnerable Software and Affected Versions Microsoft .NET Framework versions 4 and 4.5

Description The issue arises from improper object permission enforcement in the reflection implementation's code-optimization feature, allowing remote attackers to execute arbitrary code. This can be achieved through a crafted XAML browser application or a crafted .NET Framework application. An elevation of privilege vulnerability exists in the way the .Net Framework validates permissions for objects involved with reflection, potentially allowing an attacker to take complete control of an affected system, install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft .NET Framework versions 4 and 4.5, at the moment, there is no information about a newer version that contains a fix for this vulnerability.