Microsoft .NET Framework Parameter Validation Remote Integer Overflow Vulnerability

Bugtraq ID:	53204
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Apr 23 2012 12:00AM
Updated:	Feb 14 2013 08:41AM
Credit:	Yorick Koster of Akita Software Security
Vulnerable:	Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.0 Microsoft .NET Framework 2.0 SP2 Microsoft .NET Framework 2.0 SP1 Microsoft .NET Framework 2.0 Microsoft .NET Framework 1.1 SP1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.0 SP3 Microsoft .NET Framework 1.0 SP2 Microsoft .NET Framework 1.0 SP1 Microsoft .NET Framework 1.0
Not Vulnerable:

Microsoft .NET Framework Parameter Validation Remote Integer Overflow Vulnerability

The .NET Framework is prone to a remote integer-overflow vulnerability.

Successful exploits may allow an attacker to execute arbitrary code with the privileges of the currently logged-in user. Failed attacks will cause denial-of-service conditions.

Microsoft .NET Framework Parameter Validation Remote Integer Overflow Vulnerability

Reports indicate that proof-of-concept code is available. Please see the references for more information.

The following metasploit exploit code is available:

• /data/vulnerabilities/exploits/53204.rb

Microsoft .NET Framework Parameter Validation Remote Integer Overflow Vulnerability

Solution:
Reportedly the vendor has fixed the issue with MS12-025, however Symantec has not confirmed it. Please contact the vendor for details.

Microsoft .NET Framework Parameter Validation Remote Integer Overflow Vulnerability

References:

• .NET Framework EncoderParameter integer overflow vulnerability (Akita Software Security)
  
• .NET Framework Homepage (Microsoft)
  
• Microsoft Homepage (Microsoft)