CVE-2012-0176

CWE-3993 documents3 sources

Severity

9.3CRITICAL

EPSS

62.1%

top 1.65%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Silverlight

Timeline

PublishedMay 9

Latest updateMay 4

Description

Double free vulnerability in Microsoft Silverlight 4 before 4.1.10329 on Windows allows remote attackers to execute arbitrary code via vectors involving crafted XAML glyphs, aka "Silverlight Double-Free Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDmicrosoft/silverlight12 versions+11

🔴Vulnerability Details

GHSA

GHSA-rqq5-gcp2-265q: Double free vulnerability in Microsoft Silverlight 4 before 4↗2022-05-04

▶

CVEList

CVE-2012-0176: Double free vulnerability in Microsoft Silverlight 4 before 4↗2012-05-09

▶