CVE-2016-0034
published 2016-01-13CVE-2016-0034: Microsoft Silverlight 5 before 5.1.41212.0 mishandles negative offsets during decoding, which allows remote attackers to execute arbitrary code or cause a…
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-06-15
Exploited in the wild
Microsoft Silverlight 5 before 5.1.41212.0 mishandles negative offsets during decoding, which allows remote attackers to execute arbitrary code or cause a denial of service (object-header corruption) via a crafted web site, aka "Silverlight Runtime Remote Code Execution Vulnerability."
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | silverlight | >= 5.0 < 5.1.41212.0 | 5.1.41212.0 |
| msrc | microsoft_silverlight_5_developer_runtime_when_installed_on_apple_mac_os | — | — |
| msrc | microsoft_silverlight_5_developer_runtime_when_installed_on_microsoft_windows | — | — |
| msrc | microsoft_silverlight_5_when_installed_on_apple_mac_os | — | — |
| msrc | microsoft_silverlight_5_when_installed_on_microsoft_windows | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
vulncheck10.0CRITICAL
cisa8.8HIGH