• 공개일 : 2009-10-14
• 변경일 : 2010-08-21

• 위험도: 9.3
• 액세스 벡터 : NETWORK
• 액세스 복잡성 : 보통
• 인증 : 없음
• 기밀성 영향 : 전체
• 무결성 영향 : 전체
• 가용성 영향 : 전체
• 출처 : http://nvd.nist.gov
• 공개일 : 2009-10-14

Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft .NET Framework Type Verification Vulnerability."

• CERT, TA09-286A
• MS, MS09-061

• microsoft windows_xp
• microsoft windows_server_2008 x64
• microsoft windows_server_2008 x64
• microsoft windows_vista x64
• microsoft windows_vista x64
• microsoft .net_framework 3.5
• microsoft .net_framework 3.5
• microsoft windows_xp - x64
• microsoft windows_vista
• microsoft .net_framework 2.0
• microsoft windows_server_2008 itanium
• microsoft windows_server_2003 itanium
• microsoft .net_framework 1.1
• microsoft .net_framework 1.0
• microsoft windows_server_2003
• microsoft windows_server_2008 x32
• microsoft .net_framework 2.0
• microsoft windows_vista x64
• microsoft windows_vista
• microsoft windows_server_2008 -
• microsoft windows_server_2008 - x32
• microsoft windows_xp
• microsoft windows_server_2008 itanium
• microsoft windows_server_2008 x64
• microsoft windows_2000
• microsoft windows_server_2003 x64
• microsoft windows_7 - x32
• microsoft windows_server_2008 itanium
• microsoft windows_vista
• microsoft windows_7 - x64
• microsoft .net_framework 2.0