This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2002-07-26
Product .Net Framework Last view 2022-11-09
Version 3.5 Type
Update sp1  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:* 91
cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:* 75
cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:* 74
cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:* 51
cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:* 49
cpe:2.3:a:microsoft:.net_framework:4.0:-:*:*:*:*:*:* 47
cpe:2.3:a:microsoft:.net_framework:4.5:*:*:*:*:*:*:* 42
cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:* 36
cpe:2.3:a:microsoft:.net_framework:4.6.1:*:*:*:*:*:*:* 34
cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:* 30
cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:* 29
cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:* 26
cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:* 26
cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:* 25
cpe:2.3:a:microsoft:.net_framework:4.5.1:*:*:*:*:*:*:* 23
cpe:2.3:a:microsoft:.net_framework:1.0:sp3:*:*:*:*:*:* 17
cpe:2.3:a:microsoft:.net_framework:3.5:sp1:*:*:*:*:*:* 17
cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:* 15
cpe:2.3:a:microsoft:.net_framework:2.0:-:*:*:*:*:*:* 11
cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:* 10
cpe:2.3:a:microsoft:.net_framework:4.0:*:*:*:*:*:*:* 9
cpe:2.3:a:microsoft:.net_framework:2.0:sp1:*:*:*:*:*:* 8
cpe:2.3:a:microsoft:.net_framework:1.0:-:*:*:*:*:*:* 8
cpe:2.3:a:microsoft:.net_framework:1.1:-:*:*:*:*:*:* 6
cpe:2.3:a:microsoft:.net_framework:1.0:sp2:sdk:*:*:*:*:* 4
cpe:2.3:a:microsoft:.net_framework:1.0:sp1:sdk:*:*:*:*:* 3
cpe:2.3:a:microsoft:.net_framework:1.0:sp2:*:*:*:*:*:* 2
cpe:2.3:a:microsoft:.net_framework:1.1:sp1:sdk:*:*:*:*:* 2
cpe:2.3:a:microsoft:.net_framework:1.0:*:sdk:*:*:*:*:* 2
cpe:2.3:a:microsoft:.net_framework:1.0:sp1:*:*:*:*:*:* 2
cpe:2.3:a:microsoft:.net_framework:1.1:sp2:*:*:*:*:*:* 1
cpe:2.3:a:microsoft:.net_framework:1.1:sp3:*:*:*:*:*:* 1
cpe:2.3:a:microsoft:.net_framework:1.1:*:sdk:*:*:*:*:* 1
cpe:2.3:a:microsoft:.net_framework:2.0.50727:*:*:*:*:*:*:* 1
cpe:2.3:a:microsoft:.net_framework:1.0:beta2:*:*:*:*:*:* 1
cpe:2.3:a:microsoft:.net_framework:1.0:gold:*:*:*:*:*:* 1
cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:* 1
cpe:2.3:a:microsoft:.net_framework:6.7.2:*:*:*:*:*:*:* 1

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
5.8 2022-11-09 CVE-2022-41064

.NET Framework Information Disclosure Vulnerability.

5.5 2022-05-10 CVE-2022-30130

.NET Framework Denial of Service Vulnerability.

7.5 2022-04-15 CVE-2022-26832

.NET Framework Denial of Service Vulnerability.

7.5 2022-01-11 CVE-2022-21911

.NET Framework Denial of Service Vulnerability.

7.5 2021-02-25 CVE-2021-24111

.NET Framework Denial of Service Vulnerability

5.5 2020-10-16 CVE-2020-16937

An information disclosure vulnerability exists when the .NET Framework improperly handles objects in memory, aka '.NET Framework Information Disclosure Vulnerability'.

5.5 2020-08-17 CVE-2020-1476

An elevation of privilege vulnerability exists when ASP.NET or .NET web applications running on IIS improperly allow access to cached files, aka 'ASP.NET and .NET Elevation of Privilege Vulnerability'.

7.8 2020-08-17 CVE-2020-1046

A remote code execution vulnerability exists when Microsoft .NET Framework processes input, aka '.NET Framework Remote Code Execution Vulnerability'.

7.8 2020-05-21 CVE-2020-1066

An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level.To exploit the vulnerability, an attacker would first have to access the local machine, and then run a malicious program.The update addresses the vulnerability by correcting how .NET Framework activates COM objects., aka '.NET Framework Elevation of Privilege Vulnerability'.

9.8 2020-01-14 CVE-2020-0646

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'.

8.8 2020-01-14 CVE-2020-0606

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0605.

8.8 2020-01-14 CVE-2020-0605

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0606.

5.5 2019-09-11 CVE-2019-1142

An elevation of privilege vulnerability exists when the .NET Framework common language runtime (CLR) allows file creation in arbitrary locations, aka '.NET Framework Elevation of Privilege Vulnerability'.

8.8 2019-07-15 CVE-2019-1113

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'.

7.5 2019-07-15 CVE-2019-1083

A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests, aka '.NET Denial of Service Vulnerability'.

7.5 2019-07-15 CVE-2019-1006

An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.

5.5 2019-05-16 CVE-2019-0864

A denial of service vulnerability exists when .NET Framework improperly handles objects in heap memory, aka '.NET Framework Denial of Service Vulnerability'.

6.5 2019-05-14 CVE-2019-11397

GetFile.aspx in Rapid4 RapidFlows Enterprise Application Builder 4.5M.23 (when used with .NET Framework 4.5) allows Local File Inclusion via the FileDesc parameter.

8.8 2019-03-05 CVE-2019-0613

A remote code execution vulnerability exists in .NET Framework and Visual Studio software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework and Visual Studio Remote Code Execution Vulnerability'.

7.5 2019-01-08 CVE-2019-0545

An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross-origin Resource Sharing (CORS) configurations, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7/4.7.1/4.7.2, .NET Core 2.1, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, .NET Core 2.2, Microsoft .NET Framework 4.7.2.

9.8 2018-12-11 CVE-2018-8540

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2, Microsoft .NET Framework 4.6.2.

7.5 2018-12-11 CVE-2018-8517

A denial of service vulnerability exists when .NET Framework improperly handles special web requests, aka ".NET Framework Denial Of Service Vulnerability." This affects Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.

9.8 2018-09-12 CVE-2018-8421

A remote code execution vulnerability exists when Microsoft .NET Framework processes untrusted input, aka ".NET Framework Remote Code Execution Vulnerability." This affects Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2, Microsoft .NET Framework 2.0.

7.5 2018-08-15 CVE-2018-8360

An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.0, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2, Microsoft .NET Framework 2.0, Microsoft .NET Framework 4.6/4.6.1/4.6.2.

5.5 2018-07-10 CVE-2018-8356

A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, ASP.NET Core 1.1, Microsoft .NET Framework 4.5.2, ASP.NET Core 2.0, ASP.NET Core 1.0, .NET Core 1.1, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, .NET Core 1.0, .NET Core 2.0, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.

CWE : Common Weakness Enumeration

%idName
28% (30) CWE-20 Improper Input Validation
16% (17) CWE-94 Failure to Control Generation of Code ('Code Injection')
14% (15) CWE-264 Permissions, Privileges, and Access Controls
13% (14) CWE-200 Information Exposure
8% (9) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
3% (4) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
2% (3) CWE-310 Cryptographic Issues
2% (3) CWE-295 Certificate Issues
2% (3) CWE-19 Data Handling
1% (2) CWE-399 Resource Management Errors
1% (2) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
0% (1) CWE-287 Improper Authentication
0% (1) CWE-209 Information Exposure Through an Error Message
0% (1) CWE-91 XML Injection (aka Blind XPath Injection)
0% (1) CWE-17 Code

CAPEC : Common Attack Pattern Enumeration & Classification

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Name
CAPEC-3 Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-7 Blind SQL Injection
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-13 Subverting Environment Variable Values
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-18 Embedding Scripts in Nonscript Elements
CAPEC-22 Exploiting Trust in Client (aka Make the Client Invisible)
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-28 Fuzzing
CAPEC-31 Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-32 Embedding Scripts in HTTP Query Strings
CAPEC-42 MIME Conversion
CAPEC-43 Exploiting Multiple Input Interpretation Layers
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-52 Embedding NULL Bytes
CAPEC-53 Postfix, Null Terminate, and Backslash
CAPEC-63 Simple Script Injection
CAPEC-64 Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-66 SQL Injection
CAPEC-67 String Format Overflow in syslog()
CAPEC-71 Using Unicode Encoding to Bypass Validation Logic

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:4307 GDI+ JPEG Parsing Engine Buffer Overflow (VS.NET 2002)
oval:org.mitre.oval:def:4216 GDI+ JPEG Parsing Engine Buffer Overflow (IE6)
oval:org.mitre.oval:def:4003 GDI+ JPEG Parsing Engine Buffer Overflow (Windows XP)
oval:org.mitre.oval:def:3881 GDI+ JPEG Parsing Engine Buffer Overflow (Office XP,SP2)
oval:org.mitre.oval:def:3810 GDI+ JPEG Parsing Engine Buffer Overflow (Project 2003)
oval:org.mitre.oval:def:3320 GDI+ JPEG Parsing Engine Buffer Overflow Microsoft Office Visio Pro 2003
oval:org.mitre.oval:def:3082 GDI+ JPEG Parsing Engine Buffer Overflow (Visio Pro 2002)
oval:org.mitre.oval:def:3038 GDI+ JPEG Parsing Engine Buffer Overflow (Project 2002,SP1)
oval:org.mitre.oval:def:2706 GDI+ JPEG Parsing Engine Buffer Overflow (Office 2003)
oval:org.mitre.oval:def:1721 GDI+ JPEG Parsing Engine Buffer Overflow (VS.NET 2003)
oval:org.mitre.oval:def:1105 GDI+ JPEG Parsing Engine Buffer Overflow (Server 2003)
oval:org.mitre.oval:def:1538 Win2K/XP,SP1 DDS Library Shape Control Buffer Overflow
oval:org.mitre.oval:def:1535 Win2k,SP4 DDS Library Shape Control Buffer Overflow
oval:org.mitre.oval:def:1468 WinXP,SP2 DDS Library Shape Control Buffer Overflow
oval:org.mitre.oval:def:1464 Server 2003,SP1 DDS Library Shape Control Buffer Overflow
oval:org.mitre.oval:def:1454 Server 2003 DDS Library Shape Control Buffer Overflow
oval:org.mitre.oval:def:1155 WinXP,SP1 (64-bit) DDS Library Shape Control Buffer Overflow
oval:org.mitre.oval:def:419 .NET 2.0 Application Folder Information Disclosure Vulnerability
oval:org.mitre.oval:def:377 Microsoft .NET Framework 2.0 Cross-Site Scripting Vulnerability
oval:org.mitre.oval:def:2093 .NET PE Loader Vulnerability
oval:org.mitre.oval:def:2070 ASP.NET Null Byte Termination Vulnerability
oval:org.mitre.oval:def:1873 .NET JIT Compiler Vulnerability
oval:org.mitre.oval:def:6393 Remote Unauthenticated Denial of Service in ASP.NET Vulnerability
oval:org.mitre.oval:def:5716 Microsoft .NET Framework Pointer Verification Vulnerability
oval:org.mitre.oval:def:6451 Microsoft .NET Framework Type Verification Vulnerability

SAINT Exploits

Description Link
Microsoft .NET Framework Memory Access Vulnerability More info here

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
76214 Microsoft .NET Framework / Silverlight Class Inheritance Restriction Web Page...
74404 Microsoft .NET Framework System.Net.Sockets Code Access Security Bypass Infor...
74403 Microsoft .NET Framework Chart Control Special URI Character GET Request Pars...
72932 Microsoft .NET Framework JIT Object Validation Arbitrary Code Execution
72931 Microsoft .NET Framework / Silverlight Array Offset Remote Code Execution
71782 Microsoft .NET Framework x86 JIT Compiler XAML Browser Application (XBAP) Pro...
68556 Microsoft .NET Framework x64 JIT Compiler Unprivileged Application Remote Cod...
68127 Microsoft ASP.NET ViewState Cryptographic Padding Remote Information Disclosure
66993 Microsoft .NET Framework / Silverlight CLR Virtual Delegate Handling Remote C...
65013 Microsoft .NET ASP.NET EnableViewStateMac Property Default Configuration XSS
58851 Microsoft .NET Framework / Silverlight Crafted Application Memory Manipulatio...
58850 Microsoft .NET Framework Object Casting Manipulation Arbitrary Code Execution
58849 Microsoft .NET Framework Crafted Application Managed Pointer Access Arbitrary...
56905 Microsoft .NET Framework Request Scheduling Crafted HTTP Request Remote DoS
50302 Microsoft .NET Framework Strong Name Implementation DLL File Public Key Token...
49385 Microsoft ASP.NET Request Validation <~/ Crafted STYLE Element XSS
49384 Microsoft ASP.NET Request Validation </ Query String XSS
35956 Microsoft .NET Framework Just In Time (JIT) Compiler Service Unspecified Arbi...
35955 Microsoft .NET Framework NULL Byte URL Arbitrary File Access
35954 Microsoft .NET Framework PE Loader Service Unspecified Arbitrary Code Execution
35269 Microsoft ASP .NET Framework Comment Enclosure Handling Request Weakness
29431 Microsoft .NET Framework AutoPostBack Property Unspecified XSS
27153 Microsoft .NET Framework Crafted Request Access Restriction Bypass
24208 Microsoft .NET Framework ILDASM Overflow
24207 Microsoft .NET Framework ILASM .il File Processing Overflow

ExploitDB Exploits

id Description
35280 .NET Remoting Services Remote Command Execution
33892 MS14-009 .NET Deployment Service IE Sandbox Escape

OpenVAS Exploits

id Description
2012-11-14 Name : Microsoft .NET Framework Remote Code Execution Vulnerability (2745030)
File : nvt/secpod_ms12-074.nasl
2012-08-10 Name : Gentoo Security Advisory GLSA 201206-13 (mono mono-debugger)
File : nvt/glsa_201206_13.nasl
2012-06-13 Name : Microsoft .NET Framework Remote Code Execution Vulnerability (2706726)
File : nvt/secpod_ms12-038.nasl
2012-05-09 Name : Microsoft .NET Framework Remote Code Execution Vulnerability (2693777)
File : nvt/secpod_ms12-035.nasl
2012-05-09 Name : MS Security Update For Microsoft Office, .NET Framework, and Silverlight (268...
File : nvt/secpod_ms12-034.nasl
2012-04-11 Name : Microsoft .NET Framework Remote Code Execution Vulnerability (2671605)
File : nvt/secpod_ms12-025.nasl
2012-02-15 Name : Microsoft .NET Framework and Microsoft Silverlight Remote Code Execution Vuln...
File : nvt/secpod_ms12-016.nasl
2011-10-12 Name : Microsoft .NET Framework and Silverlight Remote Code Execution Vulnerability ...
File : nvt/secpod_ms11-078.nasl
2011-08-11 Name : Microsoft .NET Framework Chart Control Information Disclosure Vulnerability (...
File : nvt/secpod_ms11-066.nasl
2011-08-11 Name : Microsoft .NET Framework Information Disclosure Vulnerability (2567951)
File : nvt/secpod_ms11-069.nasl
2011-06-15 Name : Microsoft .NET Framework and Silverlight Remote Code Execution Vulnerability ...
File : nvt/secpod_ms11-039.nasl
2011-06-15 Name : Microsoft .NET Framework Remote Code Execution Vulnerability (2538814)
File : nvt/secpod_ms11-044.nasl
2011-05-26 Name : Microsoft .NET Framework Security Bypass Vulnerability
File : nvt/secpod_ms_dotnet_security_bypass_vuln.nasl
2011-04-13 Name : Microsoft .NET Framework Remote Code Execution Vulnerability (2484015)
File : nvt/secpod_ms11-028.nasl
2010-12-13 Name : Microsoft Windows ASP.NET Denial of Service Vulnerability(970957)
File : nvt/gb_ms09-036.nasl
2010-09-29 Name : Microsoft ASP.NET Information Disclosure Vulnerability (2418042)
File : nvt/secpod_ms10-070_remote.nasl
2010-08-11 Name : Microsoft .NET Common Language Runtime Remote Code Execution Vulnerability (2...
File : nvt/secpod_ms10-060.nasl
2010-06-09 Name : Microsoft .NET 'ASP.NET' Cross-Site Scripting vulnerability
File : nvt/gb_ms_dotnet_xss_vuln.nasl
2009-10-15 Name : Microsoft .NET Common Language Runtime Code Execution Vulnerability (974378)
File : nvt/secpod_ms09-061.nasl
2009-03-15 Name : Microsoft Security Bulletin MS07-040
File : nvt/remote-MS07-040.nasl
2009-03-15 Name : Microsoft Security Bulletin MS06-056
File : nvt/remote-MS06-056.nasl
2009-03-15 Name : Microsoft Security Bulletin MS06-033
File : nvt/remote-MS06-033.nasl
2008-05-15 Name : .NET JIT Compiler Vulnerability
File : nvt/win_CVE-2007-0043.nasl
2005-11-03 Name : foxweb CGI
File : nvt/foxweb_dll.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0213 Multiple Vulnerabilities in Microsoft .NET Framework (MS15-101)
Severity: Category II - VMSKEY: V0061387
2015-A-0196 Multiple Vulnerabilities in Microsoft Graphics Component (MS15-080)
Severity: Category II - VMSKEY: V0061311
2015-A-0195 Multiple Vulnerabilities in Microsoft .NET Framework (MS15-092)
Severity: Category II - VMSKEY: V0061309
2015-A-0105 Multiple Vulnerabilities in Microsoft .NET Framework (MS15-048)
Severity: Category II - VMSKEY: V0060647
2015-A-0089 Microsoft .NET Framework Information Disclosure Vulnerability (MS15-041)
Severity: Category I - VMSKEY: V0059893
2014-A-0173 Microsoft .NET Framework Remote Privilege Escalation Vulnerability
Severity: Category I - VMSKEY: V0057383
2014-A-0147 Multiple Vulnerabilities in Microsoft .NET Framework
Severity: Category I - VMSKEY: V0055427
2014-A-0128 Microsoft .NET Framework Security Feature Bypass Vulnerability
Severity: Category II - VMSKEY: V0053805
2014-A-0073 Microsoft .NET Framework Privilege Escalation Vulnerability
Severity: Category I - VMSKEY: V0050455
2014-B-0013 Multiple Vulnerabilities in Microsoft .NET Framework
Severity: Category I - VMSKEY: V0044036
2013-A-0187 Multiple Vulnerabilities in Microsoft .NET Framework
Severity: Category I - VMSKEY: V0040753
2013-B-0071 Multiple Vulnerabilities in Microsoft .NET Framework and Silverlight
Severity: Category II - VMSKEY: V0039211
2013-A-0135 Microsoft GDI+ Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0039199
2013-A-0040 Microsoft .NET Framework Privilege Escalation Vulnerability
Severity: Category I - VMSKEY: V0036822
2013-B-0001 Microsoft Open Data Protocol Denial of Service Vulnerability
Severity: Category I - VMSKEY: V0036447
2013-A-0006 Multiple Vulnerabilities in Microsoft .NET Framework
Severity: Category I - VMSKEY: V0036453
2012-A-0184 Multiple Remote Code Execution Vulnerabilities in Microsoft .NET Framework
Severity: Category I - VMSKEY: V0034955
2012-A-0080 Multiple Remote Code Execution Vulnerabilities in Microsoft .NET Framework
Severity: Category I - VMSKEY: V0032305
2011-B-0100 Microsoft ASP.NET Chart Control Information Disclosure Vulnerability
Severity: Category II - VMSKEY: V0029781
2011-A-0082 Microsoft .NET Framework Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0028594
2009-B-0036 Microsoft ASP.NET Denial of Service Vulnerability
Severity: Category I - VMSKEY: V0019878
2007-A-0037 Multiple Vulnerabilities in Microsoft .NET Framework (MS07-040)
Severity: Category II - VMSKEY: V0014473

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 ASP.NET 2.0 cross-site scripting attempt
RuleID : 8700 - Type : SERVER-IIS - Revision : 8
2021-01-26 Microsoft ASP.NET bad request denial of service attempt
RuleID : 56804 - Type : SERVER-IIS - Revision : 1
2020-09-02 Microsoft .NET API XPS file parsing remote code execution attempt
RuleID : 54619 - Type : FILE-OTHER - Revision : 1
2020-09-02 Microsoft .NET API XPS file parsing remote code execution attempt
RuleID : 54618 - Type : FILE-OTHER - Revision : 1
2017-10-17 RTF WSDL file download attempt
RuleID : 44372 - Type : FILE-OFFICE - Revision : 2
2017-10-17 RTF WSDL file download attempt
RuleID : 44371 - Type : FILE-OFFICE - Revision : 2
2017-10-12 WSDL soap endpoint location code injection attempt
RuleID : 44354 - Type : FILE-OTHER - Revision : 2
2017-10-12 WSDL soap endpoint location code injection attempt
RuleID : 44353 - Type : FILE-OTHER - Revision : 2
2017-08-31 Microsoft ASP.NET bad request denial of service attempt
RuleID : 43808 - Type : SERVER-IIS - Revision : 1
2017-08-31 Microsoft ASP.NET bad request denial of service attempt
RuleID : 43807 - Type : SERVER-IIS - Revision : 1
2017-08-31 Microsoft .NET framework mscormmc.dll ASLR bypass attempt
RuleID : 43792 - Type : OS-WINDOWS - Revision : 1
2017-08-31 Microsoft .NET framework mscormmc.dll ASLR bypass attempt
RuleID : 43791 - Type : OS-WINDOWS - Revision : 1
2017-07-20 Microsoft .NET framework CLI loader denial of service attempt
RuleID : 43226 - Type : OS-WINDOWS - Revision : 3
2017-07-20 Microsoft .NET framework CLI loader denial of service attempt
RuleID : 43225 - Type : OS-WINDOWS - Revision : 3
2014-01-10 Microsoft Internet Explorer WMI ASDI Extension ActiveX object access
RuleID : 4236 - Type : BROWSER-PLUGINS - Revision : 16
2014-01-10 Microsoft Internet Explorer Helper Object for Java ActiveX object access
RuleID : 4235 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 Microsoft Internet Explorer MSVTDGridCtrl7 ActiveX object access
RuleID : 4234 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 Microsoft Internet Explorer Visual Database Tools Query Designer v7.0 ActiveX...
RuleID : 4233 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 Microsoft Internet Explorer SysTray Invoker ActiveX object access
RuleID : 4232 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 Microsoft Internet Explorer SysTray ActiveX object access
RuleID : 4231 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 Microsoft Internet Explorer Search Assistant UI ActiveX object access
RuleID : 4230 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 Microsoft Internet Explorer MSAPP Export Support for Office Access ActiveX ob...
RuleID : 4229 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 Microsoft Windows Start Menu ActiveX object access
RuleID : 4228 - Type : BROWSER-PLUGINS - Revision : 14
2014-01-10 Microsoft Internet Explorer Network Connections ActiveX object access
RuleID : 4227 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 Microsoft Internet Explorer DocHost User Interface Handler ActiveX object access
RuleID : 4226 - Type : BROWSER-PLUGINS - Revision : 15

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2017-11-27 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-3248.nasl - Type: ACT_GATHER_INFO
2017-11-03 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_sep_4038781.nasl - Type: ACT_GATHER_INFO
2017-11-03 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_jul_4025338.nasl - Type: ACT_GATHER_INFO
2017-09-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_sep_4038777.nasl - Type: ACT_GATHER_INFO
2017-09-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_sep_4038782.nasl - Type: ACT_GATHER_INFO
2017-09-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_sep_4038783.nasl - Type: ACT_GATHER_INFO
2017-09-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_sep_4038788.nasl - Type: ACT_GATHER_INFO
2017-09-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_sep_4038792.nasl - Type: ACT_GATHER_INFO
2017-09-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_sep_4038799.nasl - Type: ACT_GATHER_INFO
2017-09-12 Name: The remote Windows host has a software framework installed that is affected b...
File: smb_nt_ms17_sep_4041083.nasl - Type: ACT_GATHER_INFO
2017-09-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_sep_win2008.nasl - Type: ACT_GATHER_INFO
2017-07-11 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_jul_4025344.nasl - Type: ACT_GATHER_INFO
2017-07-11 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_jul_4025342.nasl - Type: ACT_GATHER_INFO
2017-07-11 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_jul_4025339.nasl - Type: ACT_GATHER_INFO
2017-05-09 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_may_4019474.nasl - Type: ACT_GATHER_INFO
2017-05-09 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_may_4019473.nasl - Type: ACT_GATHER_INFO
2017-05-09 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_may_4019472.nasl - Type: ACT_GATHER_INFO
2017-05-09 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_may_4019215.nasl - Type: ACT_GATHER_INFO
2017-05-09 Name: The remote Windows host has a software framework installed that is affected b...
File: smb_nt_ms17_may_4019112.nasl - Type: ACT_GATHER_INFO
2017-05-09 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_may_4016871.nasl - Type: ACT_GATHER_INFO
2017-04-14 Name: The remote Windows host has a software framework installed that is affected b...
File: smb_nt_ms17_apr_4014981.nasl - Type: ACT_GATHER_INFO
2017-04-11 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_apr_4015221.nasl - Type: ACT_GATHER_INFO
2017-04-11 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_apr_4015219.nasl - Type: ACT_GATHER_INFO
2017-04-11 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_apr_4015583.nasl - Type: ACT_GATHER_INFO
2016-12-13 Name: The remote Windows host is affected by an information disclosure vulnerability.
File: smb_nt_ms16-155.nasl - Type: ACT_GATHER_INFO