MS09-061: Vulnerabilities in the Microsoft .NET Framework 3.5.1 Common Language Runtime Could Allow Remote Code Execution (974378)

Binary data 5224.prm...

MS09-061: Vulnerabilities in the Microsoft .NET Framework 2.0 SP1 Common Language Runtime Could Allow Remote Code Execution (974378)

Binary data 5222.prm...

MS09-061: Vulnerabilities in the Microsoft .NET Framework 1.1 Common Language Runtime Could Allow Remote Code Execution (974378)

Binary data 5220.prm...

MS09-061: Vulnerabilities in the Microsoft .NET Framework 2.0 Common Language Runtime Could Allow Remote Code Execution (974378)

Binary data 5221.prm...

MS09-061: Vulnerabilities in the Microsoft .NET Framework 2.0 SP2 Common Language Runtime Could Allow Remote Code Execution (974378)

Binary data 5223.prm...

Microsoft GDI+库图形文件处理多个缓冲区溢出和内存破坏漏洞(MS09-062)

BUGTRAQ ID: 36619,36645,36646,36648,36649,36650,36651,36647 CVE ID: CVE-2009-2500,CVE-2009-2501,CVE-2009-2502,CVE-2009-2503,CVE-2009-2504,CVE-2009-3126,CVE-2009-2528,CVE-2009-2518 Microsoft产品中所使用的GDI+库（GdiPlus.dll）通过基于类的API提供对各种图形方式的访问。...

Microsoft .NET Plug-In Exposes Firefox Users to Malware Attacks

Remember that Microsoft .NET Framework Assistant add-on that Microsoft sneaked into Firefox without explicit permission from end users? Well, the code in that add-on has a serious code execution vulnerability that exposes Firefox users to the “browse and you’re owned” attacks that are typically...

Microsoft .NET Common Language Runtime Code Execution Vulnerability (974378)

This host is missing a critical security update according to Microsoft Bulletin MS09-061. OpenVAS Vulnerability Test $Id: secpodms09-061.nasl 5363 2017-02-20 13:07:22Z cfi $ Microsoft .NET Common Language Runtime Remote Code Execution Vulnerability 974378 Authors: Nikita MR Updated By: Madhuri D ...

Microsoft .NET Common Language Runtime Code Execution Vulnerability (974378)

This host is missing a critical security update according to Microsoft Bulletin MS09-061. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2009-2497

The Common Language Runtime CLR in Microsoft .NET Framework 2.0, 2.0 SP1, 2.0 SP2, 3.5, and 3.5 SP1, and Silverlight 2, does not properly handle interfaces, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP, 2 a crafted Silverlight application, ...

CVE-2009-2504

Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Proje...

Design/Logic Flaw

Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP, 2 a crafted ASP.NET application, or 3 a crafted .NET Framewor...

Design/Logic Flaw

The Common Language Runtime CLR in Microsoft .NET Framework 2.0, 2.0 SP1, 2.0 SP2, 3.5, and 3.5 SP1, and Silverlight 2, does not properly handle interfaces, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP, 2 a crafted Silverlight application, ...

Null pointer dereference

Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not properly validate .NET verifiable code, which allows remote attackers to obtain unintended access to stack memory, and execute arbitrary code, via 1 a crafted XAML browser application XBAP, 2 a crafted ASP.NET application, or 3 a...

CVE-2009-0090

Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not properly validate .NET verifiable code, which allows remote attackers to obtain unintended access to stack memory, and execute arbitrary code, via 1 a crafted XAML browser application XBAP, 2 a crafted ASP.NET application, or 3 a...

CVE-2009-2504

Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Proje...

CVE-2009-0090

CVE-2009-0090 corresponds to a high-severity remote code execution vulnerability in Microsoft .NET Framework. The issue arises because .NET Framework versions 1.0 SP3, 1.1 SP1 and 2.0 SP1 do not properly validate verifiable code, enabling a remote attacker to execute arbitrary code and read stack...

CVE-2009-0091

CVE-2009-0091 is a Microsoft .NET Framework Type Verification Vulnerability. The issue involves .NET Framework 2.0, 2.0 SP1, and 3.5 where a type-equality check in verifiable code could be bypassed, allowing remote code execution via crafted XBAP, ASP.NET, or .NET Framework applications. Public d...

CVE-2009-2504

CVE-2009-2504 corresponds to MS09-062: multiple remote code execution vulnerabilities in Windows GDI+ exposed via GDI+ APIs used by .NET Framework and Office components. The issue stems from integer overflows/buffer handling in GDI+, enabling remote code execution when rendering crafted images in...

CVE-2009-0091

Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP, 2 a crafted ASP.NET application, or 3 a crafted .NET Framewor...