PT-2013-4165 · Microsoft · .Net Framework

Published

2013-07-09

Updated

2018-10-12

CVE-2013-3134

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Microsoft .NET Framework versions 2.0 SP2 through 4.5

Description A remote code execution issue exists due to improper allocation of arrays of structures by the Common Language Runtime (CLR) in Microsoft .NET Framework. This allows remote attackers to execute arbitrary code via a crafted .NET Framework application that changes array data.

Recommendations For Microsoft .NET Framework versions 2.0 SP2 through 4.5, update to a version that properly allocates arrays of structures to prevent remote code execution.

Fix

RCE

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2013-3134

Affected Products

.Net Framework

PT-2013-4165 · Microsoft · .Net Framework

CVE-2013-3134

Weakness Enumeration

Related Identifiers

Affected Products

References · 7