CVE-2012-4776

NONECVSS 0.0

0.0

The Web Proxy Auto-Discovery (WPAD) functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not validate configuration data that is returned during acquisition of proxy settings, which allows remote attackers to execute arbitrary JavaScript code by providing crafted data during execution of (1) an XAML browser application (aka XBAP) or (2) a .NET Framework application, aka "Web Proxy Auto-Discovery Vulnerability."

🔗 References (14)

secure@microsofthttp://osvdb.org/87266
secure@microsofthttp://secunia.com/advisories/51236
secure@microsofthttp://www.securityfocus.com/bid/56463
secure@microsofthttp://www.securitytracker.com/id?1027753
secure@microsofthttp://www.us-cert.gov/cas/techalerts/TA12-318A.html
secure@microsofthttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-074
secure@microsofthttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15810
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/87266
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/51236
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/56463
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1027753
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA12-318A.html
af854a3a-2127-422b-91ae-364da2661108https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-074
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15810

Is Your Infrastructure Affected by CVE-2012-4776?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2012-4776

📅 Published

🔄 Last Modified

🔗 References (14)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2012-4776?