CVE-2007-0041 Information

Description

The PE Loader service in Microsoft .NET Framework 1.0 1.1 and 2.0 for Windows 2000 XP Server 2003 and Vista allows remote attackers to execute arbitrary code via unspecified vectors involving an \unchecked buffer\ and unvalidated message lengths probably a buffer overflow.

Reference

http://archive.cert.uni-stuttgart.de/bugtraq/2007/07/msg00254.html http://osvdb.org/35954 http://secunia.com/advisories/26003 http://www.securityfocus.com/bid/24778 http://www.securitytracker.com/id?1018356 http://www.us-cert.gov/cas/techalerts/TA07-191A.html http://www.vupen.com/english/advisories/2007/2482 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-040 https://exchange.xforce.ibmcloud.com/vulnerabilities/34637 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A2093