Thread-topic: [SA26003] Microsoft .NET Framework Multiple Vulnerabilities
>
> TITLE:
> Microsoft .NET Framework Multiple Vulnerabilities
>
> SECUNIA ADVISORY ID:
> SA26003
>
> VERIFY ADVISORY:
>
>
> CRITICAL:
> Moderately critical
>
> IMPACT:
> Exposure of system information, Exposure of sensitive information,
> System access
>
> WHERE:
> From remote
>
> SOFTWARE:
> Microsoft .NET Framework 1.x
>
> Microsoft .NET Framework 2.x
>
>
> DESCRIPTION:
> Some vulnerabilities have been reported in Microsoft .NET Framework,
> which can be exploited by malicious people to disclose potentially
> sensitive information or compromise a user's system.
>
> 1) A boundary error in the PE Loader can be exploited to execute
> arbitrary code with permissions of the logged-on user when the user
> is tricked into visiting a malicious web page and performs certain
> actions.
>
> This vulnerability does not affect the .NET Framework when installed
> on Windows Vista.
>
> 2) An error exists in ASP.NET when processing URLs containing
> NULL-bytes, which can be exploited to disclose potentially sensitive
> information by gaining unauthorised access to certain parts of a web
> site via specially crafted requests.
>
> 3) A boundary error in the Just In Time Compiler (JIT) can be
> exploited to execute arbitrary code with permissions of the logged-on
> user when the user is tricked into visiting a malicious web page and
> performs certain actions.
>
> This vulnerability only affects .NET Framework 2.0 and does not
> affect the .NET Framework when installed on Windows Vista.
>
> SOLUTION:
> Apply patches.
>
> -- Microsoft .NET Framework 1.0 --
>
> Windows 2000 SP4:
>
> FE4-069B-4CE8-976E-9A01345A8603
>
> Windows XP SP2:
>
> FE4-069B-4CE8-976E-9A01345A8603
>
> Windows XP Professional x64 Edition (optionally with SP2):
>
> FE4-069B-4CE8-976E-9A01345A8603
>
> Windows XP Tablet PC Edition 2005 and Windows XP Media Center Edition
> 2005:
>
> C5B-11EC-4ED7-91AB-6961034147BC
>
> Windows Server 2003 SP1/SP2:
>
> FE4-069B-4CE8-976E-9A01345A8603
>
> Windows Server 2003 with SP1/SP2 for Itanium-based systems :
>
> FE4-069B-4CE8-976E-9A01345A8603
>
> Windows Server 2003 x64 Edition (optionally with SP2):
>
> FE4-069B-4CE8-976E-9A01345A8603
>
> Windows Vista:
>
> FE4-069B-4CE8-976E-9A01345A8603
>
> -- Microsoft .NET Framework 1.1 --
>
> Windows 2000 SP4:
>
> 2CD-C715-4F05-A01F-0455D2D9EBFB
>
> Windows XP SP2:
>
> 2CD-C715-4F05-A01F-0455D2D9EBFB
>
> Windows XP Professional x64 Edition (optionally with SP2):
>
> 2CD-C715-4F05-A01F-0455D2D9EBFB
>
> Windows Server 2003 SP1/SP2:
>
> 656-1E0A-4B83-90DA-821E68067A71
>
> Windows Server 2003 with SP1/SP2 for Itanium-based systems:
>
> 2CD-C715-4F05-A01F-0455D2D9EBFB
>
> Windows Server 2003 x64 Edition (optionally with SP2):
>
> 2CD-C715-4F05-A01F-0455D2D9EBFB
>
> Windows Vista:
>
> 68D-7B82-4583-8537-30351718A4E9
>
> Windows Vista x64 Edition:
>
> 68D-7B82-4583-8537-30351718A4E9
>
> -- Microsoft .NET Framework 2.0 --
>
> Windows 2000 SP4:
>
> B78-8E1B-4C38-ADFD-E8BC95AE548D
>
> Windows XP SP2:
>
> B78-8E1B-4C38-ADFD-E8BC95AE548D
>
> Windows XP Professional x64 Edition (optionally with SP2):
>
> B78-8E1B-4C38-ADFD-E8BC95AE548D
>
> Windows Server 2003 SP1/SP2 :
>
> B78-8E1B-4C38-ADFD-E8BC95AE548D
>
> Windows Server 2003 with SP1/SP2 for Itanium-based systems:
>
> B78-8E1B-4C38-ADFD-E8BC95AE548D
>
> Windows Server 2003 x64 Edition (optionally with SP2):
>
> B78-8E1B-4C38-ADFD-E8BC95AE548D
>
> Windows Vista:
>
> 3CF-C3C3-45C4-82E3-E11398BC2CD2
>
> Windows Vista x64 Edition:
>
> 3CF-C3C3-45C4-82E3-E11398BC2CD2
>
> PROVIDED AND/OR DISCOVERED BY:
> 1) The vendor credits Dinis Cruz, OWASP.
> 2) The vendor credits Paul Craig, Security Assessment.
> 3) The vendor credits Jeroen Frijters, Sumatra.
>
> ORIGINAL ADVISORY:
> MS07-040 (KB931212):
>
>
