← back
CVE-2012-0163

CVE-2012-0163

EPSS 38.3%
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate function parameters, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka ".NET Framework Parameter Validation Vulnerability."
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/18777unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-025https://exchange.xforce.ibmcloud.com/vulnerabilities/74377https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15495http://www.securitytracker.com/id?1026907http://www.us-cert.gov/cas/techalerts/TA12-101A.html