CVE Reference: CVE-2012-1896

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2012-1896

Description:
Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly consider trust levels during construction of output data, which allows remote attackers to obtain sensitive information via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka "Code Access Security Info Disclosure Vulnerability."

CVE Status:
Candidate

References:

ST
  1027753

SAID
  Secunia Advisory: SA51236

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:15785

MS
  http://technet.microsoft.com/security/bulletin/MS12-074

CERT
  http://www.us-cert.gov/cas/techalerts/TA12-318A.html

BID
  56456


Return to the previous page.