Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2013.0939
Vulnerabilities in .NET Framework and Silverlight Could
Allow Remote Code Execution (2861561)
10 July 2013
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: .NET Framework
Silverlight
Publisher: Microsoft
Operating System: Windows XP
Windows Server 2003
Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2
Windows 8
Windows Server 2012
Windows RT
Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction
Increased Privileges -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2013-3178 CVE-2013-3171 CVE-2013-3134
CVE-2013-3133 CVE-2013-3132 CVE-2013-3131
CVE-2013-3129
Original Bulletin:
http://technet.microsoft.com/en-us/security/bulletin/ms13-052
- --------------------------BEGIN INCLUDED TEXT--------------------
Microsoft Security Bulletin MS13-052 - Critical
Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code
Execution (2861561)
Published Date: July 9, 2013
Version: 1.0
General Information
Executive Summary
This security update resolves five privately reported vulnerabilities and two
publicly disclosed vulnerabilities in Microsoft .NET Framework and Microsoft
Silverlight. The most severe of these vulnerabilities could allow remote code
execution if a trusted application uses a particular pattern of code. An
attacker who successfully exploited this vulnerability could gain the same
user rights as the logged-on user. Users whose accounts are configured to have
fewer user rights on the system could be less impacted than users who operate
with administrative user rights.
This security update is rated Important for Microsoft .NET Framework 1.0
Service Pack 3, Microsoft .NET Framework 1.1 Service Pack 1, and .NET
Framework 3.5 Service Pack 1, and rated Critical for Microsoft .NET Framework
2.0 Service Pack 2, Microsoft .NET Framework 3.0 Service Pack 2, Microsoft
.NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework
4, and Microsoft .NET Framework 4.5 on affected editions of Microsoft Windows.
The update is also rated Important for affected editions of Microsoft
Silverlight 5.
The security update addresses the vulnerabilities by correcting how Windows
handles specially crafted TrueType Font (TTF) files, and by correcting how the
.NET Framework handles multidimensional arrays of small structures, validates
the permissions of objects performing reflection, allocates object arrays, and
handles partial trust vulnerabilities., and initializes memory arrays.
Affected Software
Windows XP
Windows Server 2003
Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2
Windows 8
Windows Server 2012
Windows RT
Vulnerability Information
TrueType Font Parsing Vulnerability - CVE-2013-3129
A remote code execution vulnerability exists in the way that affected
components handle specially crafted TrueType font files. The vulnerability
could allow remote code execution if a user opens a specially crafted TrueType
font file. An attacker who successfully exploited this vulnerability could
take complete control of an affected system. An attacker could then install
programs; view, change, or delete data; or create new accounts with full
administrative rights.
Array Access Violation Vulnerability - CVE-2013-3131
A remote code execution vulnerability exists in the way the .NET Framework
handles multidimensional arrays of small structures.
Delegate Reflection Bypass Vulnerability - CVE-2013-3132
An elevation of privilege vulnerability exists in the way that .NET Framework
validates the permissions of certain objects performing reflection. An
attacker who successfully exploited this vulnerability could take complete
control of an affected system.
Anonymous Method Injection Vulnerability - CVE-2013-3133
An elevation of privilege vulnerability exists in the way that the .NET
Framework validates permissions for objects involved with reflection.
Array Allocation Vulnerability - CVE-2013-3134
A remote code execution vulnerability exists in the way that Microsoft .NET
Framework allocates arrays of small structures.
Delegate Serialization Vulnerability - CVE-2013-3171
An elevation of privilege vulnerability exists in the way that the .NET
Framework validates permissions for delegate objects during serialization.
Null Pointer Vulnerability - CVE-2013-3178
A remote code execution vulnerability exists in the way the Silverlight
handles a null pointer.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBUdykBhLndAQH1ShLAQLJEBAAl2HvYvpdIHm0Cu7aHxDzhvPmCjJsegDp
6voyeTC3o7vK8G9cLBhV6UcxEb0CsBF6L3VDaS56YKuQZk97HOuWSX3mBtnaWDip
6V0pteVXvgAuHld/Ke/EHPq+VWxKM2a2UsCKqj60gIyNusHRgrij+NYty2FWFXvS
EtdBvZSKxuRygk2vq/d2Q1GcAIDDCP1ni7wVY5WTPiNqxk4+0aRPoFjQf6Obsg/g
3AdnPj/DuQeGWfiXM9F+xoRTlytnTccQChhMta85CEas7y4VO+8wifVR7HRjfJ71
y3O+6hDkNpYiumyMytLMrkvrb9CT5oG74rMGGBFu0fyN6CrCjg1o14dmXwQvuWG/
qrV8EEGcNw/VAbndZSu0SnNI+MN7Jfv2IaikIwEOWBpH9ajECwkY16NCecfhK6sh
qkT8ymMNL49K8GVgql4fr85Q6HLlDPwTqGpEtawnzxgjVMAzZusCKP10LtcDaFQU
TSKsTgZ0UNhx+LAAlJ6cSGewi/vQrR1UqyVrI9YtdgKy+wTp05RIlPPe8oziCBqG
71TkJRD6Eul60c2qr1kMMPANncRnb4exTW/284uXlpeq9iRwlncGyO63T3KBHd+P
bLlFD+QIkMLcpDKy4G/M+BTJX2s77uI354gGGookrN/qiKQ5j1QBm5FHXHLctcul
xqucWPFkgE0=
=xzU3
-----END PGP SIGNATURE-----