CVE-2011-1844

Description

Memory leak in Microsoft Silverlight 4 before 4.0.60310.0 allows remote attackers to cause a denial of service (memory consumption) via an application involving a popup control and a custom DependencyProperty property, related to lack of garbage collection.

Affected products

• Microsoft / silverlight4.0.60129.0
• Microsoft / silverlight2.0.31005.00 – 2.0.31005.00
• Microsoft / silverlight2.0.40115.00 – 2.0.40115.00
• Microsoft / silverlight3.0.40624.00 – 3.0.40624.00
• Microsoft / silverlight3.0.40723.0 – 3.0.40723.0
• Microsoft / silverlight3.0.40818.0 – 3.0.40818.0
• Microsoft / silverlight3.0.50106.0 – 3.0.50106.0

References

• MISChttp://isc.sans.edu/diary.html?storyid=10747
• MISChttp://support.microsoft.com/kb/2526954