Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Microsoft .NET Common Language Runtime Code Execution Vulnerability (974378)

Information

Severity

Severity

Critical

Family

Family

Windows : Microsoft Bulletins

CVSSv2 Base

CVSSv2 Base

9.3

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

14 years ago

Modified

Modified

4 years ago

Summary

This host is missing a critical security update according to Microsoft Bulletin MS09-061.

Insight

Insight

- An unspecified error can be exploited to obtain a managed pointer to stack memory which can be used to overwrite data at that stack location. - An error in the type equality check can be exploited to cast an object of one type into another type. - An error when handling interfaces can be exploited by malicious .NET or Silverlight applications to corrupt memory.

Affected Software

Affected Software

Microsoft .NET Framework 3.5/SP 1 Microsoft .NET Framework 1.1 SP 1 Microsoft .NET Framework 2.0 SP 1/SP 2

Solution

Solution

The vendor has released updates. Please see the references for more information.

Common Vulnerabilities and Exposures (CVE)