PT-2008-6247 · Microsoft · .Net Framework

Erez Metula

Published

2008-11-17

Updated

2018-10-11

CVE-2008-5100

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Microsoft .NET Framework version 2.0.50727

Description The issue concerns the strong name implementation in Microsoft .NET Framework, which relies on the digital signature Public Key Token in the pathname of a DLL file. This makes it easier for attackers to bypass protection mechanisms such as Global Assembly Cache (GAC) and Code Access Security (CAS).

Recommendations For Microsoft .NET Framework version 2.0.50727, at the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-310

Related Identifiers

CVE-2008-5100

Affected Products

.Net Framework

PT-2008-6247 · Microsoft · .Net Framework

CVE-2008-5100

Weakness Enumeration

Related Identifiers

Affected Products

References · 6