CVE-2009-2497
CRITICAL
9.3
CVSS Severity Score
Vulnerability Description
The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0, 2.0 SP1, 2.0 SP2, 3.5, and 3.5 SP1, and Silverlight 2, does not properly handle interfaces, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted Silverlight application, (3) a crafted ASP.NET application, or (4) a crafted .NET Framework application, aka "Microsoft Silverlight and Microsoft .NET Framework CLR Vulnerability."
Affected Platforms (CPE)
💻
Microsoft
Windows 2000
All versions📦
Microsoft
.net Framework
= 2.0📦
Microsoft
.net Framework
= 2.0💻
Microsoft
Windows Server 2003
All versions💻
Microsoft
Windows Server 2008
All versions💻
Microsoft
Windows Server 2008
All versions💻
Microsoft
Windows Server 2008
All versions💻
Microsoft
Windows Server 2008
All versions💻
Microsoft
Windows Server 2008
All versions💻
Microsoft
Windows Server 2008
All versions💻
Microsoft
Windows Server 2008
All versions📦
Microsoft
.net Framework
= 1.1📦
Microsoft
.net Framework
= 3.5📦
Microsoft
.net Framework
= 3.5💻
Microsoft
Windows Vista
All versions💻
Microsoft
Windows Vista
All versions💻
Microsoft
Windows Vista
All versions💻
Microsoft
Windows Vista
All versions📦
Microsoft
.net Framework
= 2.0💻
Microsoft
Windows 7
All versions💻
Microsoft
Windows Server 2008
All versions💻
Microsoft
Windows Server 2008
All versions📦
Microsoft
.net Framework
= 1.0💻
Microsoft
Windows Xp
All versions💻
Microsoft
Windows Xp
All versions💻
Microsoft