Support Content Notification - Support Portal

Vulnerability in Microsoft's .NET Framework Redistributables

Product/Component

Notification Id

9563

Last Updated

24 May 2019

Initial Publication Date

24 May 2019

There is a potential vulnerability in the Microsoft .NET Framework Redistributable Packages as delivered with CA Gen 7.0, 7.5, 7.6 and r8. Please follow the links below to Microsoft's web site and follow the steps provided to the correct the problem.

Potential Vulnerability Information

MS11-044
Vulnerability in .NET Framework Could Allow Remote Code Execution (2538814) CVE-2011-1271

MS11-039
Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2514842) CVE-2011-0664

MS11-028
Vulnerability in .NET Framework Could Allow Remote Code Execution (2484015) CVE-2010-3958

MS10-070
Vulnerability in ASP.NET Could Allow Information Disclosure (2418042) CVE-2010-3332

MS10-060
Vulnerabilities in the Microsoft .NET Common Language Runtime and in Microsoft Silverlight Could Allow Remote Code Execution (2265906). CVE-2010-0019, CVE-2010-1898

MS10-041
Vulnerability in Microsoft .NET Framework Could Allow Tampering (981343)

MS09-062
Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488) CVE-2009-2500, CVE-2009-2501, CVE-2009-2502, CVE-2009-2503, CVE-2009-2504, CVE-2009-3126, CVE-2009-2528, CVE-2009-2518

MS09-061
Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution (974378)

MS09-036
Vulnerability in ASP.NET in Microsoft Windows Could Allow Denial of Service (970957)

MS08-052
Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593) CVE-2007-5348, CVE-2008-3012, CVE-2008-3013, CVE-2008-3014, CVE-2008-3015

MS07-040
Vulnerabilities in .NET Framework Could Allow Remote Code Execution (931212)

MS06-056
Vulnerability in ASP.NET 2.0 Could Allow Information Disclosure (922770)

MS06-033
Vulnerability in ASP.NET Could Allow Information Disclosure (917283)

CVE-2009-2497
The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0, 2.0 SP1, 2.0 SP2, 3.5, and 3.5 SP1, and Silverlight 2, does not properly handle interfaces, which allows remote attackers to execute arbitrary code via

A crafted XAML browser application (XBAP),
A crafted Sliverlight application,
A crafted ASP.NET application, or
A crafted .NET Framework application, aka "Microsoft Sliverlight and Microsoft .NET Framework CLR" Vulnerability.