|Check Point Reference:||CPAI-2012-200|
|Date Published:||8 May 2012|
|Protection Provided by:||
|Who is Vulnerable?||Microsoft .NET Framework 4|
|Vulnerability Description||A remote code execution vulnerability has been reported in Microsoft .NET Framework.|
|Update/Patch Avaliable||Apply patches from here|
|Vulnerability Details||The vulnerability is caused due to an improper buffer allocation by Microsoft .NET Framework. A remote attacker can exploit this issue by enticing a target user to open a web-page that contains a specially crafted XAML browser application (XBAP). Successful exploitation of this vulnerability could allow an attacker to take complete control of an affected system.|
This protection will detect and block attempts to open a specially crafted web-page.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
- In the IPS tab, click Protections and find the Microsoft .NET Framework XBAP Buffer Allocation Code Execution (MS12-034) protection using the Search tool and Edit the protection's settings.
- Install policy on all modules.
SmartView Tracker will log the following entries:
Attack Name: Web Client Enforcement Violation
Attack Information: Microsoft .NET Framework XBAP Buffer Allocation Code Execution (MS12-034)