CVE-2007-0041

Description

The PE Loader service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote attackers to execute arbitrary code via unspecified vectors involving an "unchecked buffer" and unvalidated message lengths, probably a buffer overflow.

Related CPE's

Could not find any relations

References

SSRT071446

TA07-191A

US Government Resource

24778

1018356

26003

Vendor Advisory

ADV-2007-2482

Vendor Advisory

35954

ms-dotnet-pe-loader-bo(34637)

oval:org.mitre.oval:def:2093

MS07-040

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version

2.0

VectorString

AV:N/AC:M/Au:N/C:C/I:C/A:C

AccessVector

NETWORK

AccessComplexity

MEDIUM

Authentication

NONE

ConfidentialityImpact

COMPLETE

IntegrityImpact

COMPLETE

AvailabilityImpact

COMPLETE

BaseScore

9.300000190734863

Created by Yello
About Severity.io