2 matches found
Microsoft .NET Framework ASLR安全限制绕过漏洞(CVE-2014-0295)(MS14-009)
BUGTRAQ ID: 65418 CVECAN ID: CVE-2014-0295 .NET就是微软的用来实现XML,Web Services,SOA(面向服务的体系结构service-oriented architecture)和敏捷性的技术。.NET Framework是微软开发的软件框架,主要运行在Microsoft Windows上。 Microsoft.NET Framework没有正确实现地址空间布局随机化,存在安全限制绕过漏洞。此漏洞可使攻击者绕过ASLR安全功能,然后即可加载恶意代码,利用其它漏洞。 0 Microsoft .NET Framework 4.x...
CVE-2014-0295
CVE-2014-0295 affects Microsoft .NET Framework 2.0 SP2 and 3.5.1 due to VsaVb7rt.dll not implementing ASLR, enabling remote code execution via a crafted website. Public sources note exploitation in the wild (Feb 2014). Kaspersky and OpenVAS entries corroborate that ASLR bypass is the core issue i...