Software Detail

Software Informaton Top

Framework

Software Detail

.NET Framework

Number Of NVD

174

CRITICAL

HIGH

124

MEDIUM

LOW

URL	https://dotnet.microsoft.com/
Explanation	NET Framework is a managed execution environment for Windows that provides a variety of services to running apps. NET Framework is a managed execution environment for Windows that provides a variety of services to running apps. It consists of the Common Language Runtime (CLR), an execution engine that handles running apps, and the .NET Framework class libraries, which are validated, reusable code libraries that developers can call from their own apps. The .NET Framework provides the following services to running apps Translated and excerpted from [https://docs.microsoft.com/ja-jp/dotnet/framework/get-started/]
Tag	C# VB.NET

Add Information URL

No	Type	Name	URL
1			https://dotnet.microsoft.com/download/dotnet-framework
2			https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/how-to-determine-which-versions-are-installed
3			https://dotnet.microsoft.com/en-us/platform/support/policy/dotnet-core

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Initial release	Normal Support	Critical	High	Medium	Low
131	.NET Framework 6.7	6.7.2	Nov. 8, 2021	Nov. 12, 2024	0	0	0	0
132	.NET Framework 4.8	4.8.1	April 18, 2019		3	34	7	1
133	.NET Framework 4.7	4.7.2	April 5, 2017		5	50	9	1
134	.NET Framework 4.6	4.6.2	July 20, 2015		6	64	14	1
135	.NET Framework 4.5	4.5.2	Aug. 15, 2012	Jan. 12, 2016	4	61	18	1
136	.NET Framework 4.0		April 12, 2010	Jan. 12, 2016	0	44	13	1
137	.NET Framework 3.5 SP1		Aug. 11, 2008	Oct. 10, 2028	6	98	25	3
138	.NET Framework 3.5		Nov. 19, 2007	July 12, 2011	6	98	25	3
139	.NET Framework 3.0		Nov. 6, 2006	July 12, 2011	5	51	9	1
140	.NET Framework 2.0		Oct. 27, 2005	July 12, 2011	4	89	25	3
141	.NET Framework 1.1		April 9, 2003	Oct. 8, 2013	0	27	10	1
142	.NET Framework 1.0		Jan. 15, 2002	July 14, 2009	0	18	8	0

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
131	- 5.0	MEDIUM	Microsoft .NET Framework 4 does not properly compare index values, which allows remote attackers to cause a denial of service (application hang) via crafted requests to a Windows Presentation Foundat…	NVD-CWE-Other	CVE-2012-0164	cpe:2.3:a:microsoft:.net_framework:4.0:*	2024-11-21 10:34 2012-05-9	Show	GitHub Exploit DB Packet Storm

132	- 9.3	HIGH	Microsoft .NET Framework 4 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Fram…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2012-0162	cpe:2.3:a:microsoft:.net_framework:4.0:*	2024-11-21 10:34 2012-05-9	Show	GitHub Exploit DB Packet Storm

133	- 9.3	HIGH	Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, 3.5.1, and 4 does not properly handle an unspecified exception during use of partially trusted assemblies to serialize input data…	CWE-20 Improper Input Validation	CVE-2012-0161	cpe:2.3:a:microsoft:.net_framework:4.0:* cpe:2.3:a:microsoft:.net_framework:3.5:sp1 cpe:2.3:a:microsoft:.net_fram…	2024-11-21 10:34 2012-05-9	Show	GitHub Exploit DB Packet Storm

134	- 9.3	HIGH	Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, 3.5.1, and 4 does not properly serialize input data, which allows remote attackers to execute arbitrary code via (1) a crafted XA…	CWE-20 Improper Input Validation	CVE-2012-0160	cpe:2.3:a:microsoft:.net_framework:4.0:* cpe:2.3:a:microsoft:.net_framework:3.5:sp1 cpe:2.3:a:microsoft:.net_fram…	2024-11-21 10:34 2012-05-9	Show	GitHub Exploit DB Packet Storm

135	- 9.3	HIGH	Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate function parameters, which allows remote attackers to execute arbitrary code via (1) a crafted XA…	CWE-20 Improper Input Validation	CVE-2012-0163	cpe:2.3:a:microsoft:.net_framework:4.5:* cpe:2.3:a:microsoft:.net_framework:4.0:* cpe:2.3:a:microsoft:.net_framew…	2024-11-21 10:34 2012-04-11	Show	GitHub Exploit DB Packet Storm

136	- 9.3	HIGH	Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly calculate the length of an unspecified buffer, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser appl…	CWE-94 Code Injection	CVE-2012-0015	cpe:2.3:a:microsoft:.net_framework:3.5.1:* cpe:2.3:a:microsoft:.net_framework:2.0:sp2	2024-11-21 10:34 2012-02-15	Show	GitHub Exploit DB Packet Storm

137	- 9.3	HIGH	Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.1.10111, does not properly restrict access to memory associated with unmanaged objects, which allows remote attackers to exe…	CWE-94 Code Injection	CVE-2012-0014	cpe:2.3:a:microsoft:.net_framework:4.0:* cpe:2.3:a:microsoft:.net_framework:3.5.1:* cpe:2.3:a:microsoft:.net_fram…	2024-11-21 10:34 2012-02-15	Show	GitHub Exploit DB Packet Storm

138	- 9.3	HIGH	Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.0.60831, does not properly restrict inheritance, which allows remote attackers to execute arbitrary code v…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2011-1253	cpe:2.3:a:microsoft:.net_framework:4.0:* cpe:2.3:a:microsoft:.net_framework:3.5.1:* cpe:2.3:a:microsoft:.net_fram…	2024-11-21 10:25 2011-10-12	Show	GitHub Exploit DB Packet Storm

139	- 4.3	MEDIUM	Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly validate the System.Net.Sockets trust level, which allows remote attackers to obtain sensitive information or trigger arbitrary outbou…	CWE-200 Information Exposure	CVE-2011-1978	cpe:2.3:a:microsoft:.net_framework:4.0:* cpe:2.3:a:microsoft:.net_framework:3.5.1:* cpe:2.3:a:microsoft:.net_fram…	2024-11-21 10:27 2011-08-11	Show	GitHub Exploit DB Packet Storm

140	- 4.3	MEDIUM	The ASP.NET Chart controls in Microsoft .NET Framework 4, and Chart Control for Microsoft .NET Framework 3.5 SP1, do not properly verify functions in URIs, which allows remote attackers to read arbit…	CWE-200 Information Exposure	CVE-2011-1977	cpe:2.3:a:microsoft:.net_framework:4.0:*	2024-11-21 10:27 2011-08-11	Show	GitHub Exploit DB Packet Storm