cpe:/a:microsoft:.net_framework:2.0:sp1 cpe:/a:microsoft:.net_framework:2.0:sp2 cpe:/a:microsoft:.net_framework:3.5 cpe:/a:microsoft:.net_framework:3.5:sp1 cpe:/a:microsoft:.net_framework:3.5.1 cpe:/a:microsoft:.net_framework:4.0 cpe:/a:microsoft:silverlight:4.0.60310.0 CVE-2011-0664 2011-06-16T16:55:01.323-04:00 2017-09-18T21:32:09.723-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2011-06-17T08:29:00.000-04:00 MS MS11-039 Microsoft .NET Framework 2.0 SP1 and SP2, 3.5 Gold and SP1, 3.5.1, and 4.0, and Silverlight 4 before 4.0.60531.0, does not properly validate arguments to unspecified networking API functions, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, (3) a crafted .NET Framework application, or (4) a crafted Silverlight application, aka ".NET Framework Array Offset Vulnerability."