CVE-2014-0295

2014-02-12T04:50:00
ID CVE-2014-0295
Type cve
Reporter cve@mitre.org
Modified 2018-10-12T22:05:00

Description

VsaVb7rt.dll in Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not implement the ASLR protection mechanism, which makes it easier for remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in February 2014, aka "VSAVB7RT ASLR Vulnerability."