Microsoft .NET Framework Version 1.0, Service Pack 1

CPE Details

Microsoft .NET Framework Version 1.0, Service Pack 1
microsoft
.net_framework
1.0
2007-09-12
20h53 +00:00
2008-04-15
20h38 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:microsoft:.net_framework:1.0:sp1:*:*:*:*:*:*

Informations

Vendor

microsoft

Product

.net_framework

Version

1.0

Update

sp1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2010-2085 2010-05-27 18h32 +00:00 The default configuration of ASP.NET in Microsoft .NET before 1.1 has a value of FALSE for the EnableViewStateMac property, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the __VIEWSTATE parameter.
4.3
CVE-2007-0041 2007-07-10 20h00 +00:00 The PE Loader service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote attackers to execute arbitrary code via unspecified vectors involving an "unchecked buffer" and unvalidated message lengths, probably a buffer overflow.
9.3
CVE-2007-0042 2007-07-10 20h00 +00:00 Interpretation conflict in ASP.NET in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote attackers to access configuration files and obtain sensitive information, and possibly bypass security mechanisms that try to constrain the final substring of a string, via %00 characters, related to use of %00 as a string terminator within POSIX functions but a data character within .NET strings, aka "Null Byte Termination Vulnerability."
7.8
CVE-2007-0043 2007-07-10 20h00 +00:00 The Just In Time (JIT) Compiler service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows user-assisted remote attackers to execute arbitrary code via unspecified vectors involving an "unchecked buffer," probably a buffer overflow, aka ".NET JIT Compiler Vulnerability".
9.3
CVE-2006-1510 2006-03-29 23h00 +00:00 Buffer overflow in calloc.c in the Microsoft Windows XP SP2 ntdll.dll system library, when used by the ILDASM disassembler in the Microsoft .NET 1.0 and 1.1 SDK, might allow user-assisted attackers to execute arbitrary code via a crafted .dll file with a large static method.
4
CVE-2005-0509 2005-02-22 04h00 +00:00 Multiple cross-site scripting (XSS) vulnerabilities in the Mono 1.0.5 implementation of ASP.NET (.Net) allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including ">" and "<".
4.3
CVE-2002-0369 2003-04-02 03h00 +00:00 Buffer overflow in ASP.NET Worker Process allows remote attackers to cause a denial of service (restart) and possibly execute arbitrary code via a routine that processes cookies while in StateServer mode.
10
CVE-2002-0409 2002-06-11 02h00 +00:00 orderdetails.aspx, as made available to Microsoft .NET developers as example code and demonstrated on www.ibuyspystore.com, allows remote attackers to view the orders of other users by modifying the OrderID parameter.
5