Microsoft Silverlight does not properly validate pointers during access to Silverlight elements, which allows remote attackers to obtain sensitive information via a crafted Silverlight application.
The impacted product is end-of-life and should be disconnected if still in use.
CWE-20