Intrusion PreventionMS.NET.Framework.Pointer.Verification.Code.Execution
Description
This indicates an attack attempt against a remote code-execution vulnerability in the Microsoft .NET Framework.
The vulnerability is caused by the an error when the vulnerable software handles malformed .NET verifiable code. An attacker may exploit this to execute arbitrary code via a crafted XAML browser application (XBAP), a crafted ASP.NET application, or a crafted .NET Framework application.
Affected Products
Microsoft .NET Framework 1.0 SP3
Microsoft .NET Framework 1.1 SP1
Microsoft .NET Framework 2.0 SP1
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the patch, available from the vendor's website:
http://www.microsoft.com/technet/security/Bulletin/ms09-061.mspx
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2020-12-22 | 16.984 | Name:MS. NET. Pointer. Verification. Code. Execution:MS. NET. Framework. Pointer. Verification. Code. Execution |
| 2019-11-22 | 15.729 | Name:MS. DotNet. Pointer. Verification. Code. Execution:MS. NET. Pointer. Verification. Code. Execution |
| ID | 17821 |
| Created | Nov 29, 2010 |
| Updated | Dec 21, 2020 |
| Risk |
|
| CVE ID | CVE-2009-0090 |
| Exploit Prediction Score | 79.01% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | Other |