Summary
The remote host is affected by the vulnerabilitys described in CVE-2007-0043
Checking if System.web.dll version is less than 2.0.50727.832
Impact
The Just In Time (JIT) Compiler service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows user-assisted remote attackers to execute arbitrary code via unspecified vectors involving an unchecked buffer, probably a buffer overflow, aka .NET JIT Compiler Vulnerability. Checking if System.web.dll version is less than 2.0.50727.832
Solution
All Users should upgrade to the latest version.
http://www.microsoft.com/technet/security/Bulletin/ms07-040.mspx
Affected
Microsoft .NET Framework 1.1 SP 1
Microsoft .NET Framework 1.0 SP 3
Microsoft .NET Framework 2.0 SP 1/SP 2
References
Severity
Classification
-
CVE CVE-2007-0043 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Microsoft .NET Framework Privilege Elevation Vulnerability (2769324)
- Cumulative Security Update for Internet Explorer (972260)
- Cumulative Security Update for Internet Explorer (937143)
- Microsoft Internet Explorer mshtml.dll Remote Memory Corruption Vulnerability (942615)
- Microsoft Internet Explorer Multiple Code Execution Vulnerabilities (974455)