Information disclosure

The ASP.NET Chart controls in Microsoft .NET Framework 4, and Chart Control for Microsoft .NET Framework 3.5 SP1, do not properly verify functions in URIs, which allows remote attackers to read arbitrary files via special characters in a URI in an HTTP request, aka "Chart Control Information...

CVE-2011-1977

The ASP.NET Chart controls in Microsoft .NET Framework 4, and Chart Control for Microsoft .NET Framework 3.5 SP1, do not properly verify functions in URIs, which allows remote attackers to read arbitrary files via special characters in a URI in an HTTP request, aka "Chart Control Information...

Microsoft .NET Framework 'System.Net.Sockets' Namespace Security Bypass Vulnerability

Description The Microsoft .NET Framework is prone to a security-bypass vulnerability. Attackers can exploit this issue to perform denial-of-service attacks, scan network resources, and obtain potentially sensitive information that was not intended to be disclosed. Technologies Affected Avaya Aura...

Microsoft .NET Framework Chart Control Information Disclosure Vulnerability

Description The Microsoft .NET Framework is prone to a remote information-disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information that may aid in further attacks. Attackers can exploit this issue by submitting a specially crafted request to a vulnerable...

MS11-069: Vulnerability in .NET Framework Could Allow Information Disclosure (2567951)

The remote Windows host is running a version of the Microsoft .NET Framework that improperly validates the trust level within the System.Net.Sockets namespace. A remote attacker could exploit this issue by tricking a user into viewing a specially crafted XML file, resulting in information...

Microsoft .NET Framework JIT编译器优化NULL字符串远程代码执行漏洞(MS11-044)

BUGTRAQ ID: 47834 CVE ID: CVE-2011-1271 .NET Framework是用于Windows的新托管代码编程模型。 Microsoft .NET Framework在实现上存在JIT编译器优化NULL字符串远程代码执行漏洞，远程攻击者可利用此漏洞执行任意代码。 此漏洞源于.NET JIT编译器错误地验证了对象中的某些值，通过诱使用户访问带有XBAP的特制网站加以利用。 Microsoft .NET Framework 4.x Microsoft .NET Framework 3.x Microsoft .NET Framework 2.x 厂商补丁：...

CVE-2011-0664

Microsoft .NET Framework 2.0 SP1 and SP2, 3.5 Gold and SP1, 3.5.1, and 4.0, and Silverlight 4 before 4.0.60531.0, does not properly validate arguments to unspecified networking API functions, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP...

Design/Logic Flaw

Microsoft .NET Framework 2.0 SP1 and SP2, 3.5 Gold and SP1, 3.5.1, and 4.0, and Silverlight 4 before 4.0.60531.0, does not properly validate arguments to unspecified networking API functions, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP...

Microsoft .NET Framework Remote Code Execution Vulnerability (2538814)

This host is missing a critical security update according to Microsoft Bulletin MS11-044. OpenVAS Vulnerability Test $Id: secpodms11-044.nasl 5362 2017-02-20 12:46:39Z cfi $ Microsoft .NET Framework Remote Code Execution Vulnerability 2538814 Authors: Sooraj KS Copyright: Copyright c 2011 SecPod,...

MS11-039: Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2514842)

The remote Windows host is running a version of the Microsoft .NET Framework and/or Microsoft Silverlight affected by a code execution vulnerability. A specially crafted .NET application could access memory unsafely, resulting in arbitrary code execution. C Tenable Network Security, Inc...

Microsoft .NET Framework and Silverlight Remote Code Execution Vulnerability (2514842)

This host is missing a critical security update according to Microsoft Bulletin MS11-039. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft .NET Framework Remote Code Execution Vulnerability (2538814)

This host is missing a critical security update according to Microsoft Bulletin MS11-044. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft .NET Framework Arbitrary Code Execution (MS11-039; CVE-2011-0664)

The Microsoft .NET Framework is a software framework that includes a large library of coded solutions to common programming problems and a virtual machine that manages the execution of programs written specifically for the framework. A remote code execution vulnerability has been reported in...

Microsoft .NET Framework Security Bypass Vulnerability

The host is installed with Microsoft .NET Framework and is prone to security bypass vulnerability This NVT has been replaced by NVT secpodms11-044.nasl OID:1.3.6.1.4.1.25623.1.0.902522. OpenVAS Vulnerability Test $Id: secpodmsdotnetsecuritybypassvuln.nasl 5362 2017-02-20 12:46:39Z cfi $ Microsoft...

EUVD-2011-1279

The JIT compiler in Microsoft .NET Framework 3.5 Gold and SP1, 3.5.1, and 4.0, when IsJITOptimizerDisabled is false, does not properly handle expressions related to null strings, which allows context-dependent attackers to bypass intended access restrictions, and consequently execute arbitrary...

CVE-2011-1271

The JIT compiler in Microsoft .NET Framework 3.5 Gold and SP1, 3.5.1, and 4.0, when IsJITOptimizerDisabled is false, does not properly handle expressions related to null strings, which allows context-dependent attackers to bypass intended access restrictions, and consequently execute arbitrary...

CVE-2011-1271

The JIT compiler in Microsoft .NET Framework 3.5 Gold and SP1, 3.5.1, and 4.0, when IsJITOptimizerDisabled is false, does not properly handle expressions related to null strings, which allows context-dependent attackers to bypass intended access restrictions, and consequently execute arbitrary...

Memory corruption

The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 does not properly compile function calls, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP, 2 a crafted ASP.NET application, or 3 a crafted .NET Framework...

CVE-2010-3958

The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 does not properly compile function calls, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP, 2 a crafted ASP.NET application, or 3 a crafted .NET Framework...

Microsoft .NET Framework Remote Code Execution Vulnerability (2484015)

This host is missing a critical security update according to Microsoft Bulletin MS11-028. OpenVAS Vulnerability Test $Id: secpodms11-028.nasl 5362 2017-02-20 12:46:39Z cfi $ Microsoft .NET Framework Remote Code Execution Vulnerability 2484015 Authors: Sooraj KS Copyright: Copyright c 2011 SecPod,...