"MS.DotNet.Silverlight.Framework.MemberwiseClone.Code.Execution"
- 特征库ID:
31082
- 漏洞级别:
critical
- CVE ID:
CVE-2012-0014
- 建议的动作:
drop
- 受影响的系统:
Windows
- 协议:
tcp
攻击漏洞描述
这表明攻击企图利用 Microsoft .NET Framework 和 Silverlight Framework 中的远程代码执行漏洞。该漏洞是由于对公共类的无限制访问。结果,远程攻击者可以利用它在应用程序的上下文中执行任意代码
影响范围
Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
可能带来的后果
系统被入侵:远程攻击者可以控制易受攻击的系统。
解决办法
应用供应商提供的最新升级或补丁。 http://technet.microsoft.com/en-us/security/bulletin/MS12-016
