Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft .net framework 1.1 vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2012-0160
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, 3.5.1, and 4 does not properly serialize input data, which allows remote malicious users to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework applicati...
Microsoft .net Framework 1.0
Microsoft .net Framework 1.1
Microsoft .net Framework 2.0
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
9.3
CVSSv2
CVE-2012-0161
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, 3.5.1, and 4 does not properly handle an unspecified exception during use of partially trusted assemblies to serialize input data, which allows remote malicious users to execute arbitrary code via (1) a crafted...
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 1.1
Microsoft .net Framework 2.0
Microsoft .net Framework 1.0
9.3
CVSSv2
CVE-2012-0163
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate function parameters, which allows remote malicious users to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3...
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 1.0
Microsoft .net Framework 1.1
Microsoft .net Framework 2.0
1 EDB exploit
8.5
CVSSv2
CVE-2011-3416
The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access to arbitrary user accounts via a crafted username, aka "ASP.Net Forms Authentication Bypass Vuln...
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Xp Sp3
Microsoft Windows 7 -
Microsoft Windows Server 2008 -
Microsoft Windows Xp
Microsoft Windows Server 2003
Microsoft Windows Vista -
Microsoft Windows Vista
7.8
CVSSv2
CVE-2011-3414
The CaseInsensitiveHashProvider.getHashCode function in the HashTable implementation in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 computes hash values for form parameters without restricting the ability to trigger hash collisions ...
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Xp Sp3
Microsoft Windows 7 -
Microsoft Windows Server 2008 -
Microsoft Windows Xp
Microsoft Windows Server 2003
Microsoft Windows Vista -
Microsoft Windows Vista
1 Github repository
9.3
CVSSv2
CVE-2011-3417
The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0, when sliding expiry is enabled, does not properly handle cached content, which allows remote malicious users to obtain access to arbitrary user account...
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Xp Sp3
Microsoft Windows 7 -
Microsoft Windows Server 2008 -
Microsoft Windows Xp
Microsoft Windows Server 2003
Microsoft Windows Vista -
Microsoft Windows Vista
9.3
CVSSv2
CVE-2011-1253
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4, and Silverlight 4 prior to 4.0.60831, does not properly restrict inheritance, which allows remote malicious users to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.N...
Microsoft .net Framework 1.0
Microsoft .net Framework 1.1
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
Microsoft Silverlight 4.0.60531.0
6.4
CVSSv2
CVE-2010-3332
Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet Information Services (IIS), provides detailed error codes during decryption attempts, which allows remote malicious users to decrypt and modify encrypted Vie...
Microsoft .net Framework 1.1
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
3 EDB exploits
1 Github repository
4.3
CVSSv2
CVE-2010-2085
The default configuration of ASP.NET in Microsoft .NET prior to 1.1 has a value of FALSE for the EnableViewStateMac property, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via the __VIEWSTATE parameter.
Microsoft .net Framework 1.0
Microsoft .net Framework
9.3
CVSSv2
CVE-2009-2504
Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and ...
Microsoft Windows 2003 Server
Microsoft Windows Xp
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft .net Framework 1.1
Microsoft .net Framework 2.0
Microsoft Internet Explorer 6
Microsoft Report Viewer 2008
Microsoft Sql Server Reporting Services 2000
Microsoft Sql Server 2005
Microsoft Report Viewer 2005
Microsoft Expression Web
Microsoft Project 2002
Microsoft Office Powerpoint Viewer 2007
Microsoft Office Excel Viewer
Microsoft Office Word Viewer
Microsoft Office Compatibility Pack 2007
Microsoft Office 2007
Microsoft Excel Viewer 2003
Microsoft Expression Web 2
Microsoft Visio 2002
Microsoft Office Powerpoint Viewer
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »