The host is installed with Microsoft .NET Framework and is prone to security bypass vulnerability This NVT has been replaced by NVT secpod_ms11-044.nasl (OID:126.96.36.199.4.1.256188.8.131.522522).
Successful exploitation could allow context-dependent attackers to bypass intended access restrictions. Impact Level: System/Application
Upgrade to Microsoft .NET Framework version 4 beta 2 or later. For updates refer to http://www.microsoft.com/net/download.aspx
The flaw is due to an error in the JIT compiler, when 'IsJITOptimizerDisabled' is set to false, fails to handle expressions related to null strings, which allows context-dependent attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a crafted application.
Microsoft .NET Framework versions before 4 beta 2.
- Microsoft RDP Server Private Key Information Disclosure Vulnerability
- Fraudulent Digital Certificates Spoofing Vulnerability (2524375)
- Microsoft SharePoint '_layouts/help.aspx' Cross Site Scripting Vulnerability
- Microsoft Windows Unauthorized Digital Certificates Spoofing Vulnerability (2718704)
- Mozilla/Firefox default installation file permission flaw