Vulnerability Details CVE-2011-1845
Multiple memory leaks in the DataGrid control implementation in Microsoft Silverlight 4 before 4.0.60310.0 allow remote attackers to cause a denial of service (memory consumption) via an application involving (1) subscriptions to an INotifyDataErrorInfo.ErrorsChanged event or (2) a TextBlock or TextBox element.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.197
EPSS Ranking 95.1%
CVSS Severity
CVSS v2 Score 7.8
References
Products affected by CVE-2011-1845
-
cpe:2.3:a:microsoft:silverlight:2.0.31005.00
-
cpe:2.3:a:microsoft:silverlight:2.0.40115.00
-
cpe:2.3:a:microsoft:silverlight:3.0.40624.00
-
cpe:2.3:a:microsoft:silverlight:3.0.40723.0
-
cpe:2.3:a:microsoft:silverlight:3.0.40818.0
-
cpe:2.3:a:microsoft:silverlight:3.0.50106.0
-
cpe:2.3:a:microsoft:silverlight:4.0.50401.0
-
cpe:2.3:a:microsoft:silverlight:4.0.50524.00
-
cpe:2.3:a:microsoft:silverlight:4.0.50826.0
-
cpe:2.3:a:microsoft:silverlight:4.0.50917.0
-
cpe:2.3:a:microsoft:silverlight:4.0.51204.0
-
cpe:2.3:a:microsoft:silverlight:4.0.60129.0