Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, and 3.5.1 does not properly implement the ASLR protection mechanism, which allows remote attackers to obtain sensitive address information via a crafted web site, aka “.NET ASLR Vulnerability.”
CPE | Name | Operator | Version |
---|---|---|---|
.net_framework | eq | 1.1 sp1 | |
.net_framework | eq | 2.0 sp2 | |
.net_framework | eq | 3.5 | |
.net_framework | eq | 3.0 sp2 | |
.net_framework | eq | 3.5.1 |