Summary
The remote host is affected by the vulnerabilitys described in CVE-2007-0043
Checking if System.web.dll version is less than 2.0.50727.832
Impact
The Just In Time (JIT) Compiler service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows user-assisted remote attackers to execute arbitrary code via unspecified vectors involving an unchecked buffer, probably a buffer overflow, aka .NET JIT Compiler Vulnerability. Checking if System.web.dll version is less than 2.0.50727.832
Solution
All Users should upgrade to the latest version.
http://www.microsoft.com/technet/security/Bulletin/ms07-040.mspx
Affected
Microsoft .NET Framework 1.1 SP 1
Microsoft .NET Framework 1.0 SP 3
Microsoft .NET Framework 2.0 SP 1/SP 2
References
Severity
Classification
-
CVE CVE-2007-0043 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Microsoft Ancillary Function Driver Elevation of Privilege Vulnerability (956803)
- Microsoft .NET Framework Multiple Vulnerabilities (2916607)
- Cumulative Security Update for Internet Explorer (950759)
- Microsoft Forefront Protection For Exchange RCE Vulnerability (2927022)
- Microsoft .NET Framework Remote Code Execution Vulnerabilities (2878890)