CVE-2009-0090 Information

Description

Microsoft .NET Framework 1.0 SP3 1.1 SP1 and 2.0 SP1 does not properly validate .NET verifiable code which allows remote attackers to obtain unintended access to stack memory and execute arbitrary code via (1) a crafted XAML browser application (XBAP) (2) a crafted ASP.NET application or (3) a crafted .NET Framework application aka \Microsoft .NET Framework Pointer Verification Vulnerability.\

Reference

http://www.us-cert.gov/cas/techalerts/TA09-286A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-061 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A5716