Buffer overflow

2006-03-3001:06:00

PRIOn knowledge base

www.prio-n.com

8.2 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.3%

JSON

Buffer overflow in calloc.c in the Microsoft Windows XP SP2 ntdll.dll system library, when used by the ILDASM disassembler in the Microsoft .NET 1.0 and 1.1 SDK, might allow user-assisted attackers to execute arbitrary code via a crafted .dll file with a large static method.

CPENameOperatorVersion
.net_frameworkeq1.1 sp1-sdk
.net_frameworkeq1.0
.net_frameworkeq1.1
.net_frameworkeq1.0 sp1-sdk
.net_frameworkeq1.0 sp2-sdk

Name	Operator	Version
.net_framework	eq	1.1 sp1-sdk
.net_framework	eq	1.0
.net_framework	eq	1.1
.net_framework	eq	1.0 sp1-sdk
.net_framework	eq	1.0 sp2-sdk

References

lists.grok.org.uk/pipermail/full-disclosure/2006-March/044482.html

owasp.net/forums/234/showpost.aspx

owasp.net/forums/257/showpost.aspx

secunia.com/advisories/19406

www.securityfocus.com/bid/17243

www.vupen.com/english/advisories/2006/1113

exchange.xforce.ibmcloud.com/vulnerabilities/25439