=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2007/VULN286
_____________________________________________________________________

DATE                      : 11/07/2007

HARDWARE PLATFORM(S)      : /
                                               	
OPERATING SYSTEM(S)       : Windows avec Microsoft .NET
Framework 1.0 à 				    2.0

======================================================================


MS07-040 - Vulnerabilities in .NET Framework Could Allow Remote Code
Execution

Affected Software:
   - Microsoft .NET Framework 1.0
   - Microsoft .NET Framework 1.1
   - Microsoft .NET Framework 2.0

Non-Affected Software:
   - Microsoft .NET Framework 3.0

Full MS07-040 Advisory:
   http://www.microsoft.com/technet/security/Bulletin/ms07-040.mspx

Vulnerability Details

.NET PE Loader Vulnerability - CVE-2007-0041

A remote code execution vulnerability exists in .NET Framework that
could allow an attacker who successfully exploited this vulnerability to
make changes to the system with the permissions of the logged-on user.
If a user is logged in with administrative user rights, an attacker
could take complete control of the affected system. An attacker could
then install programs; view, change, or delete data; or create new
accounts with full user rights.
Users whose accounts are configured to have fewer user rights on the
system could be less impacted than users who operate with administrative
user rights.


ASP.NET Null Byte Termination Vulnerability - CVE-2007-0042

An information disclosure vulnerability exists in .NET Framework that
could allow an attacker who successfully exploited this vulnerability to
bypass the security features of an ASP.NET Web site to download the
contents of any Web page.


.NET JIT Compiler Vulnerability - CVE-2007-0043

A remote code execution vulnerability exists in .NET Framework Just In
Time Compiler that could allow an attacker who successfully exploited
this vulnerability to make changes to the system with the permissions of
the logged-on user. If a user is logged on with administrative user
rights, an attacker could take complete control of the affected system.
An attacker could then install programs; view, change, or delete data;
or create new accounts with full user rights. Users whose accounts are
configured to have fewer user rights on the system could be less
impacted than users who operate with administrative user rights.

======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================