CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-0074

Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML object rendering, which allows remote attackers to execute arbitrary code via a crafted Silverlight application, aka "Silverlight Double Dereference Vulnerability."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.931

EPSS Ranking 99.8%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 9.3

Proposed Action

Microsoft Silverlight does not properly validate pointers during HTML object rendering, which allows remote attackers to execute code via a crafted Silverlight application.

Ransomware Campaign

Known

References

Products affected by CVE-2013-0074

Microsoft » Silverlight » Version: 5.0

cpe:2.3:a:microsoft:silverlight:5.0
Microsoft » Silverlight » Version: 5.0.60401.0

cpe:2.3:a:microsoft:silverlight:5.0.60401.0
Microsoft » Silverlight » Version: 5.0.60818.0

cpe:2.3:a:microsoft:silverlight:5.0.60818.0
Microsoft » Silverlight » Version: 5.0.61118.0

cpe:2.3:a:microsoft:silverlight:5.0.61118.0
Microsoft » Silverlight » Version: 5.1.10411.0

cpe:2.3:a:microsoft:silverlight:5.1.10411.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-0074

Products

Pricing

Contact Us