NVD Vulnerability Detail

Search Exploit, PoC

Exploit DB

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2007-0043

Summary	The Just In Time (JIT) Compiler service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows user-assisted remote attackers to execute arbitrary code via unspecified vectors involving an "unchecked buffer," probably a buffer overflow, aka ".NET JIT Compiler Vulnerability".
Summary	El servicio Just In Time (JIT) Compiler en Microsoft .NET Framework versiones 1.0, 1.1 y 2.0 para Windows 2000, XP, Server 2003 y Vista permite a los atacantes remotos asistidos por el usuario ejecutar código arbitrario por medio de vectores no específicos que involucran un "unchecked buffer," probablemente un desbordamiento de búfer, también se conoce como ".NET JIT Compiler Vulnerability ".
Publication Date	July 11, 2007, 7:30 a.m.
Registration Date	Jan. 29, 2021, 2:04 p.m.
Last Update	April 23, 2026, 9:35 a.m.

CVSS2.0 : HIGH
Score	9.3
Vector	AV:N/AC:M/Au:N/C:C/I:C/A:C
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	中
攻撃前の認証要否(Au)	不要
機密性への影響(C)	高
完全性への影響(I)	高
可用性への影響(A)	高
Get all privileges.	はい
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	はい

Affected software configurations

Configuration1		or higher	or less	more than	less than

Configuration2		or higher	or less	more than	less than
cpe:2.3:a:microsoft:.net_framework:1.0:::::::*
cpe:2.3:a:microsoft:.net_framework:1.1:::::::*
cpe:2.3:a:microsoft:.net_framework:2.0:::::::*

Related information, measures and tools

No	URL	refsource	タグ
1	http://archive.cert.uni-stuttgart.de/bugtraq/2007/07/msg00254.html	secure@microsoft.com
2	http://osvdb.org/35956	secure@microsoft.com
3	http://secunia.com/advisories/26003	secure@microsoft.com
4	http://www.securityfocus.com/bid/24811	secure@microsoft.com
5	http://www.securitytracker.com/id?1018356	secure@microsoft.com
6	http://www.us-cert.gov/cas/techalerts/TA07-191A.html	secure@microsoft.com
7	http://www.vupen.com/english/advisories/2007/2482	secure@microsoft.com
8	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-040	secure@microsoft.com
9	https://exchange.xforce.ibmcloud.com/vulnerabilities/34639	secure@microsoft.com
10	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1873	secure@microsoft.com
11	http://archive.cert.uni-stuttgart.de/bugtraq/2007/07/msg00254.html	af854a3a-2127-422b-91ae-364da2661108
12	http://osvdb.org/35956	af854a3a-2127-422b-91ae-364da2661108
13	http://secunia.com/advisories/26003	af854a3a-2127-422b-91ae-364da2661108
14	http://www.securityfocus.com/bid/24811	af854a3a-2127-422b-91ae-364da2661108
15	http://www.securitytracker.com/id?1018356	af854a3a-2127-422b-91ae-364da2661108
16	http://www.us-cert.gov/cas/techalerts/TA07-191A.html	af854a3a-2127-422b-91ae-364da2661108
17	http://www.vupen.com/english/advisories/2007/2482	af854a3a-2127-422b-91ae-364da2661108
18	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-040	af854a3a-2127-422b-91ae-364da2661108
19	https://exchange.xforce.ibmcloud.com/vulnerabilities/34639	af854a3a-2127-422b-91ae-364da2661108
20	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1873	af854a3a-2127-422b-91ae-364da2661108

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-119	バッファエラー	https://cwe.mitre.org/data/definitions/118.html