.NET JIT Compiler Vulnerability Network Vulnerability

Summary

The remote host is affected by the vulnerabilitys described in CVE-2007-0043 Checking if System.web.dll version is less than 2.0.50727.832

Impact

The Just In Time (JIT) Compiler service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows user-assisted remote attackers to execute arbitrary code via unspecified vectors involving an unchecked buffer, probably a buffer overflow, aka .NET JIT Compiler Vulnerability. Checking if System.web.dll version is less than 2.0.50727.832

Solution

All Users should upgrade to the latest version. http://www.microsoft.com/technet/security/Bulletin/ms07-040.mspx

Affected

Microsoft .NET Framework 1.1 SP 1 Microsoft .NET Framework 1.0 SP 3 Microsoft .NET Framework 2.0 SP 1/SP 2

References

http://secunia.com/advisories/26003
http://securitytracker.com/alerts/2007/Jul/1018356.html
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0043
http://www.microsoft.com/technet/security/Bulletin/ms07-040.mspx

Updated on 2015-03-25

Severity

Classification

CVE CVE-2007-0043

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Microsoft .NET Framework Privilege Elevation Vulnerability (2769324)
Cumulative Security Update for Internet Explorer (972260)
Cumulative Security Update for Internet Explorer (937143)
Microsoft Internet Explorer mshtml.dll Remote Memory Corruption Vulnerability (942615)
Microsoft Internet Explorer Multiple Code Execution Vulnerabilities (974455)

Take action and discover your vulnerabilities