CVE-2013-0074

Name of the Vulnerable Software and Affected Versions Microsoft Silverlight versions 5 through 5.1.20125.0

Description The issue is related to insufficient validation of pointers during HTML object rendering, allowing remote attackers to execute arbitrary code via a crafted Silverlight application. This can also lead to unauthorized access to read, modify, or delete data by running a specially crafted malicious application.

Recommendations For Microsoft Silverlight versions 5 through 5.1.20125.0, update to version 5.1.20125.0 or later to resolve the issue. As a temporary workaround, consider restricting access to HTML object rendering in Silverlight applications until a patch is applied.