exploitDog

GHSA-g8v7-2hc8-72qm

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

Описание

The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check signatures, which allows remote attackers to make undetected changes to signed XML documents via unspecified vectors that preserve signature validity, aka "XML Digital Signature Spoofing Vulnerability."

The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check signatures, which allows remote attackers to make undetected changes to signed XML documents via unspecified vectors that preserve signature validity, aka "XML Digital Signature Spoofing Vulnerability."

Ссылки

EPSS

Процентиль: 98%

0.60243

Средний

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2013-1336

nvd

больше 12 лет назад

The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check signatures, which allows remote attackers to make undetected changes to signed XML documents via unspecified vectors that preserve signature validity, aka "XML Digital Signature Spoofing Vulnerability."

EPSS

Процентиль: 98%

0.60243

Средний

CVE ID

Дефекты

CWE-20