Microsoft .NET Common Language Runtime Remote Code Execution Vulnerability (2265906)

This host is missing a critical security update according to Microsoft Bulletin MS10-060. OpenVAS Vulnerability Test $Id: secpodms10-060.nasl 5361 2017-02-20 11:57:13Z cfi $ Microsoft .NET Common Language Runtime Remote Code Execution Vulnerability 2265906 Authors: Antu Sanadi Updated By: Madhuri...

MS10-060: Vulnerabilities in the Microsoft .NET Common Language Runtime and in Microsoft Silverlight Could Allow Remote Code Execution (2265906)

The remote Windows host is running a version of the Microsoft .NET Framework and/or Microsoft Silverlight affected by multiple vulnerabilities : - Silverlight improperly handles pointers in an unspecified manner. A remote attacker could exploit this by tricking a user into viewing a web page with...

Microsoft .NET Common Language Runtime Remote Code Execution Vulnerability (2265906)

This host is missing a critical security update according to Microsoft Bulletin MS10-060. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft .NET 'ASP.NET' Cross-Site Scripting vulnerability

The host is running Microsoft .NET and is prone to Cross-Site Scripting Vulnerability. OpenVAS Vulnerability Test $Id: gbmsdotnetxssvuln.nasl 6519 2017-07-04 14:08:14Z cfischer $ Microsoft .NET 'ASP.NET' Cross-Site Scripting Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2010 Greenbone...

Microsoft .NET Framework XML HMAC Truncation Vulnerability (981343)

This host is missing a critical security update according to Microsoft Bulletin MS10-041. OpenVAS Vulnerability Test $Id: secpodms10-041.nasl 5361 2017-02-20 11:57:13Z cfi $ Microsoft .NET Framework XML HMAC Truncation Vulnerability 981343 Authors: Antu Sanadi Updated By: Madhuri D on 2010-11-15 ...

Microsoft .NET '__VIEWSTATE' Cross-Site Scripting vulnerability

The host is running Microsoft .NET and is prone to Cross-Site Scripting Vulnerability. OpenVAS Vulnerability Test $Id: gbmsdotnetviewstatexssvuln.nasl 6519 2017-07-04 14:08:14Z cfischer $ Microsoft .NET 'VIEWSTATE' Cross-Site Scripting Vulnerability Authors: Antu Sanadi Copyright: Copyright c 201...

MS10-041: Vulnerability in Microsoft .NET Framework Could Allow Tampering (981343)

A data tampering vulnerability exists in the Microsoft .NET Framework that could allow an attacker to tamper with signed XML content without being detected. In custom applications, the security impact depends on the specific usage scenario. Scenarios in which signed XML messages are transmitted...

Microsoft .NET Framework XML HMAC Truncation Vulnerability (981343)

This host is missing a critical security update according to Microsoft Bulletin MS10-041. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft .NET 'ASP.NET' Cross-Site Scripting vulnerability

Microsoft .NET is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2010-2088

CVE-2010-2088 : The connected sources confirm a cross-site scripting (XSS) vulnerability in Microsoft .NET Framework 3.5’s ASP.NET where an unencrypted __VIEWSTATE is not properly handled. This allows remote attackers to inject script via the ViewState parameter. Affected product/component: Micro...

CVE-2010-2085

CVE-2010-2085 affects Microsoft .NET / ASP.NET prior to 1.1, where the default EnableViewStateMac is FALSE, allowing remote attackers to perform cross-site scripting via the __VIEWSTATE parameter. This is corroborated by multiple connected sources (Red Hat advisory, OpenVAS entry, and OpenVAS/SSV...

xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass

The design of the W3C XML Signature Syntax and Processing XMLDsig recommendation, as implemented in products including 1 the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; 2 the WebLogic Server component in BEA Product Suite 10.3, 10.0...

Microsoft .NET Framework Pointer Verification Error (MS09-061; CVE-2009-0090)

The Microsoft .NET Framework is a software framework that includes a large library of coded solutions to common programming problems and a virtual machine that manages the execution of programs written specifically for the framework. A remote code execution vulnerability exists in the Microsoft...

Microsoft .NET Framework Type Verification Error (MS09-061; CVE-2009-0090; CVE-2009-0091)

The Microsoft .NET Framework is a software framework that includes a large library of coded solutions to common programming problems and a virtual machine that manages the execution of programs written specifically for the framework. A remote code execution vulnerability exists in the Microsoft...

Microsoft .NET Framework Arbitrary Memory Modification (MS09-061; CVE-2009-2497)

The Microsoft .NET Framework is a software framework that includes a large library of coded solutions to common programming problems and a virtual machine that manages the execution of programs written specifically for the framework. A remote code execution vulnerability exists in the Microsoft...

MS09-061: Vulnerabilities in the Microsoft .NET Framework 3.5.1 Common Language Runtime Could Allow Remote Code Execution (974378)

Binary data 5224.prm...

MS09-061: Vulnerabilities in the Microsoft .NET Framework 2.0 SP1 Common Language Runtime Could Allow Remote Code Execution (974378)

Binary data 5222.prm...

Mozilla Temporarily Blocklists MS Firefox Add-On

Mozilla temporarily added the dangerous Microsoft .NET Framework Assistant add-on to its blacklist over the weekend, a move that effectively disabled the dangerous extension and plug-in for all Firefox users. However, after some clarifications from Redmond, the add-on was unblocked. The move came...

Microsoft .NET Common Language Runtime Code Execution Vulnerability (974378)

This host is missing a critical security update according to Microsoft Bulletin MS09-061. OpenVAS Vulnerability Test $Id: secpodms09-061.nasl 5363 2017-02-20 13:07:22Z cfi $ Microsoft .NET Common Language Runtime Remote Code Execution Vulnerability 974378 Authors: Nikita MR Updated By: Madhuri D ...

Design/Logic Flaw

Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP, 2 a crafted ASP.NET application, or 3 a crafted .NET Framewor...