Vulnerability Details CVE-2006-1510
Buffer overflow in calloc.c in the Microsoft Windows XP SP2 ntdll.dll system library, when used by the ILDASM disassembler in the Microsoft .NET 1.0 and 1.1 SDK, might allow user-assisted attackers to execute arbitrary code via a crafted .dll file with a large static method.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.159
EPSS Ranking 94.3%
CVSS Severity
CVSS v2 Score 4.0
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044482.html
- http://owasp.net/forums/234/showpost.aspx
- http://owasp.net/forums/257/showpost.aspx
- http://secunia.com/advisories/19406
- http://www.securityfocus.com/bid/17243
- http://www.vupen.com/english/advisories/2006/1113
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25439
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044482.html
- http://owasp.net/forums/234/showpost.aspx
- http://owasp.net/forums/257/showpost.aspx
- http://secunia.com/advisories/19406
- http://www.securityfocus.com/bid/17243
- http://www.vupen.com/english/advisories/2006/1113
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25439
Products affected by CVE-2006-1510
-
cpe:2.3:a:microsoft:.net_framework:1.0
-
cpe:2.3:a:microsoft:.net_framework:1.1