Описание
The PE Loader service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote attackers to execute arbitrary code via unspecified vectors involving an "unchecked buffer" and unvalidated message lengths, probably a buffer overflow.
Ссылки
- Vendor Advisory
- US Government Resource
- Vendor Advisory
- Vendor Advisory
- US Government Resource
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:o:microsoft:windows_2000:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*
Одно из
cpe:2.3:a:microsoft:.net_framework:1.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:.net_framework:1.1:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:.net_framework:2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.61823
Средний
9.3 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
The PE Loader service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote attackers to execute arbitrary code via unspecified vectors involving an "unchecked buffer" and unvalidated message lengths, probably a buffer overflow.
EPSS
Процентиль: 98%
0.61823
Средний
9.3 Critical
CVSS2
Дефекты
CWE-119