Search Results (Refine Search)
- CPE Product Version: cpe:/a:microsoft:.net_framework:1.0
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2006-1510 |
Buffer overflow in calloc.c in the Microsoft Windows XP SP2 ntdll.dll system library, when used by the ILDASM disassembler in the Microsoft .NET 1.0 and 1.1 SDK, might allow user-assisted attackers to execute arbitrary code via a crafted .dll file with a large static method. Published: March 29, 2006; 8:06:00 PM -0500 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2006-1511 |
Buffer overflow in the ILASM assembler in the Microsoft .NET 1.0 and 1.1 Framework might allow user-assisted attackers to execute arbitrary code via a .il file that calls a function with a long name. Published: March 29, 2006; 8:06:00 PM -0500 |
V3.x:(not available) V2.0: 5.1 MEDIUM |
CVE-2005-0509 |
Multiple cross-site scripting (XSS) vulnerabilities in the Mono 1.0.5 implementation of ASP.NET (.Net) allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including ">" and "<". Published: March 14, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2004-0200 |
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation. Published: September 28, 2004; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2002-0369 |
Buffer overflow in ASP.NET Worker Process allows remote attackers to cause a denial of service (restart) and possibly execute arbitrary code via a routine that processes cookies while in StateServer mode. Published: July 26, 2002; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2002-0409 |
orderdetails.aspx, as made available to Microsoft .NET developers as example code and demonstrated on www.ibuyspystore.com, allows remote attackers to view the orders of other users by modifying the OrderID parameter. Published: July 26, 2002; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |