An integer overflow vulnerability has been discovered in the EncoderParameter class of the .NET Framework. Exploiting this vulnerability results in an overflown integer that is used to allocate a buffer on the heap. After the incorrect allocation, user-supplied buffers are copied into the new buffer, resulting in a corruption of the heap. By exploiting this vulnerability, it is possible for an application running with Partial Trust permissions to break from the CLR sandbox and run arbitrary code with Full Trust permissions.
06f18bdcf7bab4db2000ea8c23e48d5c1532aafa073d2ac911c6d0ee597b446d