Microsoft Silverlight Information Leakage Vulnerability (CVE-2015-6165) (MS15-129)
Microsoft Silverlight Information Leakage Vulnerability (CVE-2015-6165) (MS15-129)
Release date:
Updated on:
Affected Systems:
Microsoft Silverlight <5.1.41105.00
Description:
Bugtraq id: 78504
CVE (CAN) ID: CVE-2015-6165
Microsoft Silverlight is a cross-browser and cross-platform. NET implementation that is used to build a media experience and interactive applications for the Web.
Microsoft Silverlight 5 versions earlier than 5.1.41105.00 have the information leakage vulnerability. Remote attackers can exploit this vulnerability to bypass the ASLR protection mechanism by constructing a website.
<* Source: Microsoft
Marcin 'icewall' Noga
Link: http://technet.microsoft.com/security/bulletin/MS15-129
*>
Suggestion:
Vendor patch:
Microsoft
---------
Microsoft has released a Security Bulletin (MS15-129) and patches for this:
MS15-129: Security Update for Silverlight to Address Remote Code Execution (3106614)
Link: http://technet.microsoft.com/security/bulletin/MS15-129
This article permanently updates the link address: