CVE-2010-4254

Published: 06 December 2010

Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic methods, which allows remote attackers to bypass generic constraints, and possibly execute arbitrary code, via a crafted method call.

Priority

Negligible

Notes

AuthorNote
mdeslaur
upstream note: The bug (and fix) is in mono source code but can
only be exploited (by untrusted applications) when used by
Moonlight.
Setting severity to negligile.

References

Bugs