CVE-2016-3367
published 2016-09-14CVE-2016-3367: StringBuilder in Microsoft Silverlight 5 before 5.1.50709.0 does not properly allocate memory for string-insert and string-append operations, which allows…
high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
StringBuilder in Microsoft Silverlight 5 before 5.1.50709.0 does not properly allocate memory for string-insert and string-append operations, which allows remote attackers to execute arbitrary code via a crafted web site, aka "Microsoft Silverlight Memory Corruption Vulnerability."
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | silverlight | — | — |
| msrc | microsoft_silverlight_5_developer_runtime_when_installed_on_apple_mac_os | — | — |
| msrc | microsoft_silverlight_5_developer_runtime_when_installed_on_microsoft_windows | — | — |
| msrc | microsoft_silverlight_5_when_installed_on_apple_mac_os | — | — |
| msrc | microsoft_silverlight_5_when_installed_on_microsoft_windows | — | — |