Web proxy auto-discovery vulnerability in Microsoft .Net FrameworkID: oval:org.secpod.oval:def:7927 | Date: (C)2012-11-16 (M)2023-12-14 |
Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft .NET Framework 2.0 SP2, 3.5.1, 4 or 4.5 and is prone to Web proxy auto-discovery vulnerability. A flaw is present in the applications, which is caused by a lack of validation when the .NET Framework acquires the default web proxy settings and executes JavaScript contain within the proxy auto-configuration file. Successful exploitation allows attackers to run remote code.
Platform: |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Vista |
Microsoft Windows XP |
Microsoft Windows 8 |
Microsoft Windows Server 2012 |
Product: |
Microsoft .NET Framework 2.0 |
Microsoft .NET Framework 3.5.1 |
Microsoft .NET Framework 4.0 |
Microsoft .NET Framework 4.5 |