CVE-2015-1673Microsoft NET Framework vulnerability

CWE-2643 documents3 sources
Severity
9.3CRITICALNVD
EPSS
39.2%
top 2.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft NET Framework
Timeline
PublishedMay 13
Latest updateMay 14

Description

The Windows Forms (aka WinForms) libraries in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 allow user-assisted remote attackers to execute arbitrary code via a crafted partial-trust application, aka "Windows Forms Elevation of Privilege Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDmicrosoft/net_framework8 versions+7

🔴Vulnerability Details

2
GHSA
GHSA-v2rj-mwhv-c855: The Windows Forms (aka WinForms) libraries in Microsoft2022-05-14
CVEList
CVE-2015-1673: The Windows Forms (aka WinForms) libraries in Microsoft2015-05-13
CVE-2015-1673 — Microsoft NET Framework vulnerability | cvebase