CVSS: 9.3EPSS: 56%CPEs: 40EXPL: 0CVE-2009-0091
https://notcve.org/view.php?id=CVE-2009-0091
14 Oct 2009 — Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft .NET Framework Type Verification Vulnerability." Microsoft .NET Framework v2.0, v2.0 SP1, y v3.5 no cumple adecuadamente con la limitación de igualdad de tipos en un código .NET... • http://www.us-cert.gov/cas/techalerts/TA09-286A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 52%CPEs: 7EXPL: 0CVE-2009-1536
https://notcve.org/view.php?id=CVE-2009-1536
12 Aug 2009 — ASP.NET in Microsoft .NET Framework 2.0 SP1 and SP2 and 3.5 Gold and SP1, when ASP 2.0 is used in integrated mode on IIS 7.0, does not properly manage request scheduling, which allows remote attackers to cause a denial of service (daemon outage) via a series of crafted HTTP requests, aka "Remote Unauthenticated Denial of Service in ASP.NET Vulnerability." ASP.NET en Microsoft .NET Framework v2.0 SP1 y SP2 y v3.5 Gold y SP1, cuando ASP 2.0 es usado en modo integrado sobre IIS v7.0, no administra adecuadament... • http://blogs.technet.com/srd/archive/2009/08/11/ms09-035-asp-net-denial-of-service-vulnerability.aspx • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 27%CPEs: 1EXPL: 1CVE-2008-5100
https://notcve.org/view.php?id=CVE-2008-5100
17 Nov 2008 — The strong name (SN) implementation in Microsoft .NET Framework 2.0.50727 relies on the digital signature Public Key Token embedded in the pathname of a DLL file instead of the digital signature of this file itself, which makes it easier for attackers to bypass Global Assembly Cache (GAC) and Code Access Security (CAS) protection mechanisms, aka MSRC ticket MSRC8566gs. La implementación de strong name (nombre fuerte) (SN) en Microsoft .NET Framework 2.0.50727 confía en la firma digital Public Key Token embe... • http://securityreason.com/securityalert/4605 • CWE-310: Cryptographic Issues •