CVE-2009-0091
기본정보
  • 공개일 : 2009-10-14
  • 변경일 : 2009-11-17
  • 위험도 : 낮음
  • 공격 범위 : 사용자가 공격자에게 접근해야 공격 가능, 인터넷
  • 피해 유형 : 무결성 훼손, 기밀 유출, 계정 탈취 (관리자 계정), 가용성 침해
CVSS 평가 위험도: 9.3 (영향도: 10.0 익스플로잇: 8.6 )
설명

Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft .NET Framework Type Verification Vulnerability."
참조
취약 소프트웨어
  • Microsoft windows_xp - sp2:x64
  • Microsoft windows_xp - sp2
  • Microsoft windows_xp sp3
  • Microsoft windows_xp sp2
  • Microsoft windows_vista sp2:x64
  • Microsoft windows_vista sp2
  • Microsoft windows_vista sp1:x64
  • Microsoft windows_vista sp1
  • Microsoft windows_vista :x64
  • Microsoft windows_server_2008 - sp2:x32
  • Microsoft windows_server_2008 - sp2
  • Microsoft windows_server_2008 sp2:x64
  • Microsoft windows_server_2008 sp2:itanium
  • Microsoft windows_server_2008 sp2
  • Microsoft windows_server_2008 r2:itanium
  • Microsoft windows_server_2008 r2:x64
  • Microsoft windows_server_2008 r2
  • Microsoft windows_server_2008 :x64
  • Microsoft windows_server_2008 :itanium
  • Microsoft windows_server_2008 :x32
  • Microsoft windows_server_2003 sp2:itanium
  • Microsoft windows_server_2003 sp2:x64
  • Microsoft windows_server_2003 sp2
  • Microsoft windows_7 - -:x64
  • Microsoft windows_7 - -:x32
  • Microsoft windows_7 - -
  • Microsoft windows_2000 sp4
  • Microsoft .net_framework 3.5 sp1
  • Microsoft .net_framework 2.0 sp2
  • Microsoft .net_framework 2.0 sp1
  • Microsoft .net_framework 1.1 sp1
  • Microsoft .net_framework 1.0 sp3