CVE-2013-0074

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Mar 13, 2013

Updated: Dec 19, 2024

Summary

CVE-2013-0074 is a vulnerability affecting Microsoft Silverlight 5 and its Developer Runtime versions prior to 5.1.20125.0. This issue arises due to Silverlight's failure to validate pointers during HTML object rendering. An attacker can exploit this flaw by developing a specially crafted Silverlight application, which can result in the execution of arbitrary code upon being rendered in a vulnerable system. This vulnerability, also known as the "Silverlight Double Dereference Vulnerability," poses a significant risk as it allows remote attackers to gain unauthorized access and potentially take control of the affected system.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Microsoft Silverlight

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Submarine Cables Face Increasing Threats Amid Geopolitical Tensions and Limited Repair Capacity

US Violent Extremists Likely Shifting Focus to Targeted Physical Threats in 2025

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Know What Matters

For Customers

For Partners