CVE-2013-0002: Buffer Overflow

First published: Wed Jan 09 2013(Updated: )

Buffer overflow in the Windows Forms (aka WinForms) component in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application that leverages improper counting of objects during a memory copy operation, aka "WinForms Buffer Overflow Vulnerability."

Credit: secure@microsoft.com secure@microsoft.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/author
• agent/type
• agent/severity
• agent/references
• agent/description
• collector/mitre-cve
• source/MITRE
• agent/last-modified-date
• agent/event
• agent/first-publish-date
• agent/source
• agent/weakness
• agent/tags
• agent/softwarecombine
• collector/nvd-api
• agent/software-canonical-lookup-request
• collector/nvd-index
• vendor/microsoft
• canonical/microsoft .net framework
• version/microsoft .net framework/1.0-sp3
• canonical/microsoft windows xp
• version/microsoft windows xp/sp3
• version/microsoft .net framework/1.1-sp1
• canonical/microsoft windows server 2003
• version/microsoft windows server 2003/sp2
• canonical/microsoft windows server 2008 itanium
• version/microsoft windows server 2008 itanium/sp2
• canonical/microsoft windows vista
• version/microsoft windows vista/sp2
• version/microsoft windows xp/sp2
• version/microsoft .net framework/2.0-sp2
• version/microsoft .net framework/4.0
• canonical/microsoft windows 7
• version/microsoft windows 7/sp1
• version/microsoft windows server 2008 itanium/r2
• version/microsoft .net framework/3.5
• canonical/microsoft windows 8.0
• canonical/microsoft windows server 2012 x64
• version/microsoft .net framework/3.5.1
• version/microsoft .net framework/4.5
• canonical/microsoft windows rt