Threat Encyclopedia

MS.NET.Framework.Pointer.Verification.Code.Execution

description-logoDescription

This indicates an attack attempt against a remote code-execution vulnerability in the Microsoft .NET Framework.
The vulnerability is caused by the an error when the vulnerable software handles malformed .NET verifiable code. An attacker may exploit this to execute arbitrary code via a crafted XAML browser application (XBAP), a crafted ASP.NET application, or a crafted .NET Framework application.

affected-products-logoAffected Products

Microsoft .NET Framework 1.0 SP3
Microsoft .NET Framework 1.1 SP1
Microsoft .NET Framework 2.0 SP1

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the patch, available from the vendor's website:
http://www.microsoft.com/technet/security/Bulletin/ms09-061.mspx

CVE References

CVE-2009-0090