Description
The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0, 2.0 SP1, 2.0 SP2, 3.5, and 3.5 SP1, and Silverlight 2, does not properly handle interfaces, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted Silverlight application, (3) a crafted ASP.NET application, or (4) a crafted .NET Framework application, aka "Microsoft Silverlight and Microsoft .NET Framework CLR Vulnerability."
Published: 2009-10-14
Score: 9.3 Critical
EPSS: 37.2% Moderate
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

No history.

Subscriptions

Microsoft .net Framework Windows 2000 Windows 7 Windows Server 2003 Windows Server 2008 Windows Vista Windows Xp
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2024-08-07T05:52:14.789Z

Reserved: 2009-07-17T00:00:00.000Z

Link: CVE-2009-2497

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2009-10-14T10:30:01.093

Modified: 2025-04-09T00:30:58.490

Link: CVE-2009-2497

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses