An error occurred:

Check: 2011-A-0082

windows 7 iavm: 2011-A-0082 (in version v1 r32)

Title

Microsoft .NET Framework Remote Code Execution Vulnerability (Cat II impact)

Discussion

Microsoft has released a security bulletin addressing a vulnerability in Microsoft .NET Framework. The Microsoft .NET Framework is a component of the Microsoft Windows operating system that enables building and running software applications and Web services. To exploit this vulnerability, an attacker would entice a user to view a malicious Web page using a Web browser that can run XAML Browser Applications (XBAPs). If successfully exploited, this vulnerability would allow an attacker to execute arbitrary code and compromise the affected system. At this time, there is a proof-of-concept exploit associated with this vulnerability; USCYBERCOM is not aware of any DoD related incidents. .NET Framework JIT Optimization Vulnerability - CVE-2011-1271 A remote code execution vulnerability exists in the way that Microsoft .NET Framework validates certain values within an object. This vulnerability is caused when the JIT compiler within the .NET Framework incorrectly validates certain values within an object. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

Check Content

See IAVM notice and Microsoft Bulletin MS11-044 (2538814) for additional information. Vulnerable Applications/Systems: Windows XP SP3 Microsoft .NET Framework 2.0 SP2 Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.0 Windows XP Professional x64 Edition SP2 Microsoft .NET Framework 2.0 SP2 Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.0 Windows Server 2003 SP2 Microsoft .NET Framework 2.0 SP2 Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.0 Windows Server 2003 x64 Edition SP2 Microsoft .NET Framework 2.0 SP2 Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.0 Windows Server 2003 with SP2 for Itanium-based Systems Microsoft .NET Framework 2.0 SP2 Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.0 Windows Vista SP1 Microsoft .NET Framework 2.0 SP1 Microsoft .NET Framework 2.0 SP2 Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.0 Windows Vista Service Pack 2 Microsoft .NET Framework 2.0 SP2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.0 Windows Vista x64 Edition SP1 Microsoft .NET Framework 2.0 SP1 Microsoft .NET Framework 2.0 SP2 Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.0 Windows Vista x64 Edition SP2 Microsoft .NET Framework 2.0 SP2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.0 Windows Server 2008 for 32-bit Systems Microsoft .NET Framework 2.0 SP1** Microsoft .NET Framework 2.0 SP2** Microsoft .NET Framework 3.5** Microsoft .NET Framework 3.5 SP1** Microsoft .NET Framework 4.0** Windows Server 2008 for 32-bit Systems SP2 Microsoft .NET Framework 2.0 SP2** Microsoft .NET Framework 3.5 SP1** Microsoft .NET Framework 4.0** Windows Server 2008 for x64-based Systems Microsoft .NET Framework 2.0 SP1** Microsoft .NET Framework 2.0 SP2** Microsoft .NET Framework 3.5** Microsoft .NET Framework 3.5 SP1** Microsoft .NET Framework 4.0** Windows Server 2008 for x64-based Systems SP2 Microsoft .NET Framework 2.0 SP2** Microsoft .NET Framework 3.5 SP1** Microsoft .NET Framework 4.0** Windows Server 2008 for Itanium-based Systems Microsoft .NET Framework 2.0 SP1 Microsoft .NET Framework 2.0 SP2 Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.0 Windows Server 2008 for Itanium-based Systems SP2 Microsoft .NET Framework 2.0 SP2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.0 Windows 7 for 32-bit Systems Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.0 Windows 7 for 32-bit Systems SP1 Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.0 Windows 7 for x64-based Systems SP1 Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.0 Windows Server 2008 R2 for x64-based Systems Microsoft .NET Framework 3.5.1* Microsoft .NET Framework 4.0* Windows Server 2008 R2 for x64-based Systems SP1 Microsoft .NET Framework 3.5.1* Microsoft .NET Framework 4.0* Windows Server 2008 R2 for Itanium-based Systems Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.0 Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.0 *Server Core installation affected. **Server Core installation not affected. Verify that the patch has been installed by checking that the following sample file is at the version indicated or later. See the vendor bulletin for additional information and any Vulnerable Systems\Applications not listed below. .NET Framework 4 clr.dll Windows XP SP3 - 4.0.30319.235 Windows XP Professional x64 Edition SP2 - 4.0.30319.235 Windows Server 2003 SP2 (x86, x64 and Itanium) - 4.0.30319.235 Windows Vista SP1 and SP2 (x86 and x64) - 4.0.30319.235 Windows Server 2008 and Windows Server 2008 SP2 (x86, x64 and Itanium) - 4.0.30319.235 Windows 7 and Windows 7 SP1 (x86 and x64) - 4.0.30319.235 Windows Server 2008 R2 and Windows Server 2008 R2 SP1 (x64* and Itanium) - 4.0.30319.235 .NET Framework 3.5.1 Mscorlib.dll Windows 7 and Windows 7 SP1 (x86 and x64) - 2.0.50727.4961 or 2.0.50727.5446 Windows Server 2008 R2 (x64* and Itanium) - 2.0.50727.4961 or 2.0.50727.5446 .NET Framework 3.5 SP1 Windows Vista SP1 and SP2 (x86 and x64) - 2.0.50727.3623 or 2.0.50727.4214 Windows Server 2008 and Windows Server 2008 SP2 (x86, x64 and Itanium) - 2.0.50727.3623 or 2.0.50727.4214 NET Framework 3.5 Mscorlib.dll Windows XP SP3 - 2.0.50727.1891 Windows XP Professional x64 Edition SP2 - 2.0.50727.1891 Windows Server 2003 SP2 (x86, x64 and Itanium) - 2.0.50727.1891 Windows Vista SP1 and SP2 (x86 and x64) - 2.0.50727.1891 Windows Server 2008 and Windows Server 2008 SP2 (x86, x64 and Itanium) - 2.0.50727.1891 .NET Framework 3.5 SP1 and .NET Framework 2.0 SP2 Mscorlib.dll Windows XP SP3 - 2.0.50727.3623 Windows Server 2003 SP2 (x86, x64 and Itanium) - 2.0.50727.3623

Fix Text

Additional Identifiers

Rule ID:

Vulnerability ID: V-28594

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
No CCIs are assigned to this check

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
No controls are assigned to this check