Microsoft Windows CE .NET Compact Framework Components Multiple Vulnerabilities
TITLE: Microsoft Windows CE .NET Compact Framework Components Multiple Vulnerabilities
CLASS: Unknown
CVE:
REMOTE: Yes
LOCAL: No
PUBLISHED: Jun 12 2007 12:00AM
UPDATE: Jun 14 2007 12:39AM
CREDIT: Ollie Whitehouse of Symantec reported this issue to the vendor.
VULNERABLE:
Microsoft Windows CE 5.0NOT VULNERABLE:
Vai alla pagina originale su Security Focus
Discussion
Components of the .NET Compact Framework for Microsoft Windows CE are prone to multiple vulnerabilities.
Exploiting these issues may allow remote attackers to cause denial-of-service conditions, corrupt memory, or execute arbitrary machine code in the context of the affected application. This facilitates the remote compromise of affected computers. Other attacks are also possible.
Exploit
Currently we are not aware of any exploits for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:vuldb@securityfocus.com.
Solution
Solution:
Microsoft has released an advisory along with fixes to address this issue. Please see the references for more information.
References
References:
- KB837392 - How to locate core operating system fixes for Microsoft Windows CE Pl (Microsoft)
- Microsoft Windows CE Homepage (Microsoft)
- The Elephant Under the Carpet (and when I say "carpet" I mean PDA) (Ollie Whitehouse)