CVE-2007-0042

Microsoft .net Framework - Information Disclosure

Title source: rule

Description

Interpretation conflict in ASP.NET in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote attackers to access configuration files and obtain sensitive information, and possibly bypass security mechanisms that try to constrain the final substring of a string, via %00 characters, related to use of %00 as a string terminator within POSIX functions but a data character within .NET strings, aka "Null Byte Termination Vulnerability."

Exploits (1)

exploitdb WRITEUP VERIFIED

by Paul Craig · textremotewindows

https://www.exploit-db.com/exploits/30281

View Code ZIP pw:eip

References (8)

[Various Sources] http://archive.cert.uni-stuttgart.de/bugtraq/2007/07/msg00254.html

[Vendor Advisory] http://secunia.com/advisories/26003

[Various Sources] http://security-assessment.com/files/advisories/2007-07-11_Multiple_.NET_Null_Byte_Injection_Vulnerabilities.pdf

[US Government Resource] http://www.us-cert.gov/cas/techalerts/TA07-191A.html

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-040

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2070

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1018356

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/2482

Scores

EPSS 0.8193

EPSS Percentile 99.2%

Details

CWE

CWE-200

Status published

Products (3)

microsoft/.net_framework 1.0

microsoft/.net_framework 1.1

microsoft/.net_framework 2.0

Published Jul 10, 2007

Tracked Since Feb 18, 2026