Vulnerability database

Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not properly validate .NET verifiable code, which allows remote attackers to obtain unintended access to stack memory, and execute arbitrary code, via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft .NET Framework Pointer Verification Vulnerability." for Windows Vista Service Pack 1 and Windows Server 2008(KB974469) x64 bases systems

Back to list

Vulnerability Name	Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not properly validate .NET verifiable code, which allows remote attackers to obtain unintended access to stack memory, and execute arbitrary code, via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft .NET Framework Pointer Verification Vulnerability." for Windows Vista Service Pack 1 and Windows Server 2008(KB974469) x64 bases systems
Severity	Critical
Exploits	Not available
CVE ID	CVE-2009-0090,CVE-2009-0091,CVE-2009-2497
CVSS 2.0	9 (I:C/AV:N/Au:N/AC:M/A:C/C:C)
Solution	Windows6.0-KB2518865-x64.msu
Published Date	13/10/2009
Updated Date	11/08/2010

Disclaimer: This webpage is intended to provide you information about vulnerability announcement for certain specific software products. The information is provided "As Is" without warranty of any kind. The links provided point to pages on the vendors websites. You can get more information by clicking the links to visit the relevant pages on the vendors website.