cpe:/a:microsoft:.net_framework:1.0 cpe:/a:microsoft:.net_framework:1.1 cpe:/a:microsoft:.net_framework:2.0 CVE-2007-0041 2007-07-10T18:30:00.000-04:00 2017-10-10T21:31:33.220-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2007-07-13T23:06:00.000-04:00 ALLOWS_ADMIN_ACCESS SECTRACK 1018356 BID 24778 SECUNIA 26003 OSVDB 35954 VUPEN ADV-2007-2482 IAVM IAVM:2007-A-0037 MS MS07-040 HP SSRT071446 CERT TA07-191A XF ms-dotnet-pe-loader-bo(34637) The PE Loader service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote attackers to execute arbitrary code via unspecified vectors involving an "unchecked buffer" and unvalidated message lengths, probably a buffer overflow.