Double Free Vulnerability in Microsoft Silverlight by Microsoft
CVE-2012-0176

Currently unrated

Key Information:

Vendor: Microsoft
Status: Silverlight
Vendor: CVE Published:; 9 May 2012

What is CVE-2012-0176?

A double free vulnerability exists in Microsoft Silverlight 4 prior to version 4.1.10329 on Windows, permitting remote attackers to execute arbitrary code. This vulnerability is exploited via specially crafted XAML glyphs, which may lead to unpredictable application behavior or unauthorized access to sensitive information.

References

http://secunia.com/advisories/49122

third-party-advisoryx_refsource_SECUNIA

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

62% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 9, 2012
Vulnerability Reserved
Dec 13, 2011