cbcvebase.
CVE-2009-0091
published 2009-10-14

CVE-2009-0091: Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote…

critical9.3CVSS 3.1
AVNACMAuNCCICAC
Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft .NET Framework Type Verification Vulnerability."

Affected

4 ranges
VendorProductVersion rangeFixed in
microsoftnet_framework
microsoftnet_framework
microsoftnet_framework
microsoftnet_framework