Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.902518
Kategorie:Windows
Titel:Microsoft .NET Framework Security Bypass Vulnerability
Zusammenfassung:The host is installed with Microsoft .NET Framework and is prone to; security bypass vulnerability.;; This NVT has been replaced by OID:1.3.6.1.4.1.25623.1.0.902522.
Beschreibung:Summary:
The host is installed with Microsoft .NET Framework and is prone to
security bypass vulnerability.

This NVT has been replaced by OID:1.3.6.1.4.1.25623.1.0.902522.

Vulnerability Insight:
The flaw is due to an error in the JIT compiler, when
'IsJITOptimizerDisabled' is set to false, fails to handle expressions
related to null strings, which allows context-dependent attackers to bypass
intended access restrictions in opportunistic circumstances by leveraging a crafted application.

Vulnerability Impact:
Successful exploitation could allow context-dependent attackers to bypass
intended access restrictions.

Affected Software/OS:
Microsoft .NET Framework versions before 4 beta 2.

Solution:
Upgrade to Microsoft .NET Framework version 4 beta 2 or later.

CVSS Score:
5.1

CVSS Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2011-1271
http://stackoverflow.com/questions/2135509/bug-only-occurring-when-compile-optimization-enabled/
Microsoft Security Bulletin: MS11-044
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-044
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12686
CopyrightCopyright (C) 2011 SecPod

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.