Security vulnerability allows violation of the type system and possibly execution of arbitrary code
Bug #691780 reported by
Chris Howie
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
moon (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
http://
http://
A bug in generics allows violation of the type system. When paired with delegate types, this may allow a crafted Moonlight application to execute arbitrary code. 2.3.0.1 is the most recent version and is currently the only 2.x version free of this bug.
CVE References
visibility: | private → public |
Changed in moon (Ubuntu): | |
status: | New → Confirmed |
To post a comment you must log in.
My bad, 2.99.0.10 is also free of the bug.