Untrusted search path vulnerability in Entity Framework in ADO.NET in Microsoft .Net FrameworkID: oval:org.secpod.oval:def:7926 | Date: (C)2012-11-16 (M)2023-12-14 |
Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5.1 or 4 and is prone to untrusted search path vulnerability. A flaw is present in the applications, which is caused when Entity Framework, a .NET Framework component, incorrectly restricts the path used for loading external libraries. Successful exploitation allows attackers to run arbitrary code.
Platform: |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Vista |
Microsoft Windows XP |
Microsoft Windows 8 |
Microsoft Windows Server 2012 |
Product: |
Microsoft .NET Framework 1.1 |
Microsoft .NET Framework 2.0 |
Microsoft .NET Framework 3.5.1 |
Microsoft .NET Framework 4.0 |