New Search

Microsoft .NET Framework Pointer Verification Vulnerability

oval:org.mitre.oval:def:5716

Microsoft .NET Framework 1.0 SP3 1.1 SP1 and 2.0 SP1 does not properly validate .NET verifiable code which allows remote attackers to obtain unintended access to stack memory and execute arbitrary code via (1) a crafted XAML browser application (XBAP) (2) a crafted ASP.NET application or (3) a crafted .NET Framework application aka "Microsoft .NET Framework Pointer Verification Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2008
  • Microsoft Windows Server 2003
  • Microsoft Windows XP
  • Microsoft Windows 2000
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows 7
  • Microsoft Windows Vista
Class:
vulnerability
Reference(s):
  • CVE-2009-0090
Product(s):
  • Microsoft .NET Framework