Microsoft .NET Framework类型校验远程代码执行漏洞(MS09-059)

2009-10-14T00:00:00
ID SSV:12469
Type seebug
Reporter Root
Modified 2009-10-14T00:00:00

Description

Bugraq ID: 36617 CVE ID:CVE-2009-0091

Microsoft .NET Framework是一个流行的软件开发工具包。 Microsoft .NET Framework存在一个远程代码执行漏洞,允许恶意Microsoft .NET应用程序绕过类型等式检查,恶意Microsoft .NET应用程序通过指派某个对象类型为其他类型,导致任意未管理代码执行。 目前没有详细漏洞细节提供。

Microsoft .NET Framework 1.x Microsoft .NET Framework 2.x Microsoft .NET Framework 3.x 用户可参考如下供应商提供的安全补丁: GOST 34.19-2001 Standard Implementation 2.0 SP1 Microsoft .NET Framework 2.0 Service Pack 1 CLR Security Update for Windows 2000, Windows Server 2003, and Win http://www.microsoft.com/downloads/details.aspx?familyid=d4a328b5-5470 -46b0-86c7-cfe0e6a3ea01 Microsoft .NET Framework 2.0 Service Pack 1 CLR Security Update for Windows Vista http://www.microsoft.com/downloads/details.aspx?familyid=3cf329c6-6d3d -41eb-bb72-8ba241df0882 Microsoft .NET Framework 2.0 Service Pack 1 CLR Security Update for Windows Vista Service Pack 1 and Windows S http://www.microsoft.com/downloads/details.aspx?familyid=30e5410d-0942 -4964-9037-52330488efda GOST 34.19-2001 Standard Implementation 2.0 Microsoft .NET Framework 2.0 CLR Security Update for Windows Vista http://www.microsoft.com/downloads/details.aspx?familyid=6f99521e-86b3 -4083-9132-e5ac06d40b63 GOST 34.19-2001 Standard Implementation 3.5 Microsoft .NET Framework 2.0 Service Pack 1 CLR Security Update for Windows 2000, Windows Server 2003, and Win http://www.microsoft.com/downloads/details.aspx?familyid=d4a328b5-5470 -46b0-86c7-cfe0e6a3ea01 Microsoft .NET Framework 2.0 Service Pack 1 CLR Security Update for Windows Vista http://www.microsoft.com/downloads/details.aspx?familyid=3cf329c6-6d3d -41eb-bb72-8ba241df0882