Code access security info disclosure vulnerability in Microsoft .Net FrameworkID: oval:org.secpod.oval:def:7925 | Date: (C)2012-11-16 (M)2023-12-14 |
Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft .NET Framework 2.0 SP2 or 3.5.1 and is prone to Code access security info disclosure vulnerability. A flaw is present in the applications, which does not properly sanitize the output of a function when called from partially trusted code. Successful exploitation allows attackers to use partially trusted code to obtain confidential information contained on the target system that would only normally be accessible through fully trusted code.
Platform: |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Vista |
Microsoft Windows XP |
Product: |
Microsoft .NET Framework 2.0 |
Microsoft .NET Framework 3.5.1 |