SecuritySpace - CVE-2009-2497

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2009-2497

Description: The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0, 2.0 SP1, 2.0 SP2, 3.5, and 3.5 SP1, and Silverlight 2, does not properly handle interfaces, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted Silverlight application, (3) a crafted ASP.NET application, or (4) a crafted .NET Framework application, aka "Microsoft Silverlight and Microsoft .NET Framework CLR Vulnerability."

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2009-2497
Cert/CC Advisory: TA09-286A
http://www.us-cert.gov/cas/techalerts/TA09-286A.html
Microsoft Security Bulletin: MS09-061
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-061
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6510

CVE ID:	CVE-2009-2497
Description:	The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0, 2.0 SP1, 2.0 SP2, 3.5, and 3.5 SP1, and Silverlight 2, does not properly handle interfaces, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted Silverlight application, (3) a crafted ASP.NET application, or (4) a crafted .NET Framework application, aka "Microsoft Silverlight and Microsoft .NET Framework CLR Vulnerability."
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2497 Cert/CC Advisory: TA09-286A http://www.us-cert.gov/cas/techalerts/TA09-286A.html Microsoft Security Bulletin: MS09-061 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-061 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6510