Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not properly validate .NET verifiable code, which allows remote attackers to obtain unintended access to stack memory, and execute arbitrary code, via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft .NET Framework Pointer Verification Vulnerability."

The remote host is running a version of the .NET Framework 3.5.1 which is potentially affected by multiple vulnerabilities :

  - A remote code execution vulnerability exists in the Microsoft .NET Framework that could allow a malicious Microsoft .NET Framework application to obtain a managed pointer to stack memory that is no longer used.  (CVE-2009-0090)

  - A remote code execution vulnerability exists in the Microsoft .NET Framework that could allow a malicious Microsoft .NET application to bypass a type equality check. (CVE-2009-0091)

  - A remote code execution vulnerability exists in the Microsoft .NET Framework that can allow a malicious Microsoft .NET application to modify memory of the attacker's choice. (CVE-2009-2497)

The remote host is running a version of the .NET Framework 2.0 SP2 which is potentially affected by multiple vulnerabilities :

  - A remote code execution vulnerability exists in the Microsoft .NET Framework that could allow a malicious Microsoft .NET Framework application to obtain a managed pointer to stack memory that is no longer used.  (CVE-2009-0090)

  - A remote code execution vulnerability exists in the Microsoft .NET Framework that could allow a malicious Microsoft .NET application to bypass a type equality check. (CVE-2009-0091)

  - A remote code execution vulnerability exists in the Microsoft .NET Framework that can allow a malicious Microsoft .NET application to modify memory of the attacker's choice. (CVE-2009-2497)

The remote host is running a version of the .NET Framework 2.0 SP1 which is potentially affected by multiple vulnerabilities :

  - A remote code execution vulnerability exists in the Microsoft .NET Framework that could allow a malicious Microsoft .NET Framework application to obtain a managed pointer to stack memory that is no longer used.  (CVE-2009-0090)

  - A remote code execution vulnerability exists in the Microsoft .NET Framework that could allow a malicious Microsoft .NET application to bypass a type equality check. (CVE-2009-0091)

  - A remote code execution vulnerability exists in the Microsoft .NET Framework that can allow a malicious Microsoft .NET application to modify memory of the attacker's choice. (CVE-2009-2497)

The remote host is running a version of the .NET Framework 2.0 which is potentially affected by multiple vulnerabilities :

  - A remote code execution vulnerability exists in the Microsoft .NET Framework that could allow a malicious Microsoft .NET Framework application to obtain a managed pointer to stack memory that is no longer used.  (CVE-2009-0090)

  - A remote code execution vulnerability exists in the Microsoft .NET Framework that could allow a malicious Microsoft .NET application to bypass a type equality check. (CVE-2009-0091)

  - A remote code execution vulnerability exists in the Microsoft .NET Framework that can allow a malicious Microsoft .NET application to modify memory of the attacker's choice. (CVE-2009-2497)

The remote host is running a version of the .NET Framework 1.1 which is potentially affected by multiple vulnerabilities :

  - A remote code execution vulnerability exists in the Microsoft .NET Framework that could allow a malicious Microsoft .NET Framework application to obtain a managed pointer to stack memory that is no longer used.  (CVE-2009-0090)

  - A remote code execution vulnerability exists in the Microsoft .NET Framework that could allow a malicious Microsoft .NET application to bypass a type equality check. (CVE-2009-0091)

  - A remote code execution vulnerability exists in the Microsoft .NET Framework that can allow a malicious Microsoft .NET application to modify memory of the attacker's choice. (CVE-2009-2497)

The remote Windows host is running a version of the Microsoft .NET Framework that is affected by multiple vulnerabilities :

  - A remote code execution vulnerability exists in the     Microsoft .NET Framework that could allow a malicious     Microsoft .NET application to obtain a managed pointer     to stack memory that is no longer used. The malicious     Microsoft .NET application could then use this pointer     to modify legitimate values placed at that stack     location     later, leading to arbitrary, unmanaged code execution.
    Microsoft .NET applications that are not malicious are     not at risk for being compromised because of this     vulnerability.(CVE-2009-0090)

  - A remote code execution vulnerability exists in the     Microsoft     .NET Framework that could allow a malicious Microsoft     .NET     application to bypass a type equality check. The     malicious     Microsoft .NET could exploit this vulnerability by     casting     an object of one type into another type, leading to     arbitrary,     unmanaged code execution.  Microsoft .NET applications     that     are not malicious are not at risk for being compromised     because     of this vulnerability.(CVE-2009-0091)

  - A remote code execution vulnerability exists in the     Microsoft     .NET Framework that can allow a malicious Microsoft .NET     application or a malicious Silverlight application to     modify     memory of the attacker's choice, leading to arbitrary,     unmanaged     code execution. Microsoft .NET applications and     Silverlight     applications that are not malicious are not at risk for     being     compromised because of this     vulnerability.(CVE-2009-2497)

ID	Name	Product	Family	Severity
5224	MS09-061: Vulnerabilities in the Microsoft .NET Framework 3.5.1 Common Language Runtime Could Allow Remote Code Execution (974378)	Nessus Network Monitor	Web Servers	medium
5223	MS09-061: Vulnerabilities in the Microsoft .NET Framework 2.0 SP2 Common Language Runtime Could Allow Remote Code Execution (974378)	Nessus Network Monitor	Web Servers	medium
5222	MS09-061: Vulnerabilities in the Microsoft .NET Framework 2.0 SP1 Common Language Runtime Could Allow Remote Code Execution (974378)	Nessus Network Monitor	Web Servers	medium
5221	MS09-061: Vulnerabilities in the Microsoft .NET Framework 2.0 Common Language Runtime Could Allow Remote Code Execution (974378)	Nessus Network Monitor	Web Servers	medium
5220	MS09-061: Vulnerabilities in the Microsoft .NET Framework 1.1 Common Language Runtime Could Allow Remote Code Execution (974378)	Nessus Network Monitor	Web Servers	medium
42117	MS09-061: Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution (974378)	Nessus	Windows : Microsoft Bulletins	high

Detections

Analytics

CVE-2009-0090

high

Tenable Plugins

medium

medium

medium

medium

medium

high