Security Advisory

CVE-2009-0090

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2009-10-14 10:00:00

Last updated 2024-08-07 04:24:17

Assigner microsoft

State PUBLISHED

Description

Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not properly validate .NET verifiable code, which allows remote attackers to obtain unintended access to stack memory, and execute arbitrary code, via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft .NET Framework Pointer Verification Vulnerability."

← Browse all CVEs View on cve.org ↗