Intrusion Prevention

MS.NET.SDSP.Buffer.Overflow

Description

This indicates an attack attempt to exploit a Buffer Overflow vulnerability in Microsoft .NET Framework.
The vulnerability is due to an error in validation of size of objects in memory prior to copying them into an array. A remote attacker may be exploit this vulnerability by enticing a user to open a web page containing a specially crafted XBAP (XAML browser application).

Affected Products

Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4
Microsoft .NET Framework 4.5

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply vendor provided update in the following link:
http://technet.microsoft.com/security/bulletin/MS13-004

CVE References

CVE-2013-0003