Unrated severityNVD Advisory· Published Jul 10, 2007· Updated Apr 23, 2026

CVE-2007-0041

Description

The PE Loader service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote attackers to execute arbitrary code via unspecified vectors involving an "unchecked buffer" and unvalidated message lengths, probably a buffer overflow.

Affected products

Microsoft/.net Framework3 versions
cpe:2.3:a:microsoft:.net_framework:1.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:microsoft:.net_framework:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:.net_framework:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:.net_framework:2.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/26003nvdVendor Advisory
www.vupen.com/english/advisories/2007/2482nvdVendor Advisory
www.us-cert.gov/cas/techalerts/TA07-191A.htmlnvdUS Government Resource
archive.cert.uni-stuttgart.de/bugtraq/2007/07/msg00254.htmlnvd
osvdb.org/35954nvd
www.securityfocus.com/bid/24778nvd
www.securitytracker.com/idnvd
docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-040nvd
exchange.xforce.ibmcloud.com/vulnerabilities/34637nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2093nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.050
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000