Remote Code Execution Vulnerability in Microsoft Silverlight 5
CVE-2015-6166

Currently unrated

Key Information:

Vendor: Microsoft
Status: Silverlight
Vendor: CVE Published:; 9 December 2015

What is CVE-2015-6166?

Microsoft Silverlight 5 versions prior to 5.1.41105.00 are susceptible to a vulnerability that enables remote attackers to execute arbitrary code or trigger a denial of service condition through improperly handled open and close requests. This flaw allows for out-of-bounds read or write access, posing significant security risks. Updating to the latest version is crucial to mitigate these threats.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.securitytracker.com/id/1034321

vdb-entryx_refsource_SECTRACK

EPSS Score

18% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 9, 2015
Vulnerability Reserved
Aug 14, 2015