HTTP: Microsoft .NET Framework Remote Code Execution
This signature detects attempts to exploit a known vulnerability against Microsoft .NET Framework. A successful attack can result in the attacker could take complete control of an affected system.
Extended Description
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not properly validate .NET verifiable code, which allows remote attackers to obtain unintended access to stack memory, and execute arbitrary code, via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft .NET Framework Pointer Verification Vulnerability."
References
CVE: CVE-2009-0090
Short Name
HTTP:STC:DOT-NET-RCE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
.NET CVE-2009-0090 Code Execution Framework Microsoft Remote
Release Date
04/11/2014
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3659
False Positive
Unknown
CVSS Score
9.3