Description
Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly validate the System.Net.Sockets trust level, which allows remote attackers to obtain sensitive information or trigger arbitrary outbound network traffic via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Socket Restriction Bypass Vulnerability."
Reserved 2011-05-09 | Published 2011-08-10 | Updated 2024-10-17 | Assigner microsoftReferences
oval.cisecurity.org/...inition/oval:org.mitre.oval:def:12901 (oval:org.mitre.oval:def:12901)
docs.microsoft.com/...pdates/securitybulletins/2011/ms11-069 (MS11-069)
