CVE-2011-1845

Multiple memory leaks in the DataGrid control implementation in Microsoft Silverlight 4 before 4.0.60310.0 allow remote attackers to cause a denial of service (memory consumption) via an application involving (1) subscriptions to an INotifyDataErrorInfo.ErrorsChanged event or (2) a TextBlock or TextBox element.

Published: May 3, 2011
Updated: Apr 13, 2023
CVE: CVE-2011-1845
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

CWEs:

CWE-399

Affected Software
References

Software	From	Fixed in
microsoft / silverlight	3.0.40624.00	3.0.40624.00.x
microsoft / silverlight	2.0.40115.00	2.0.40115.00.x
microsoft / silverlight	3.0.50106.0	3.0.50106.0.x
microsoft / silverlight	3.0.40818.0	3.0.40818.0.x
microsoft / silverlight	-	4.0.60129.0.x
microsoft / silverlight	3.0.40723.0	3.0.40723.0.x
microsoft / silverlight	2.0.31005.00	2.0.31005.00.x

http://isc.sans.edu/diary.html?storyid=10747
http://support.microsoft.com/kb/2526954

Vulnerability Database

289,599

CVE-2011-1845