(MS15-049) Vulnerability in Silverlight Could Allow Elevation of Privilege (3058985)

  Severity: HIGH
  CVE Identifier: CVE-2015-1715
  Advisory Date: MAY 28, 2015

  DESCRIPTION

This security update addresses a vulnerability in Microsoft Silverlight that could allow elevation of privilege if a specially crafted Silverlight application is run on an affected system. An attacker would first have to log on to the system or convince a logged on user to execute the specially crafted application to be able to exploit this vulnerability.

  SOLUTION

  AFFECTED SOFTWARE AND VERSION

  • Microsoft Silverlight 5 when installed on Mac
  • Microsoft Silverlight 5 Developer Runtime when installed on Mac
  • Microsoft Silverlight 5 when installed on all supported releases of Microsoft Windows clients
  • Microsoft Silverlight 5 Developer Runtime when installed on all supported releases of Microsoft Windows clients
  • Microsoft Silverlight 5 when installed on all supported releases of Microsoft Windows servers
  • Microsoft Silverlight 5 Developer Runtime when installed on all supported releases of Microsoft Windows servers

Featured Stories