Описание
.NET Denial of Service Vulnerability
A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET web application.
A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the .NET application.
The update addresses the vulnerability by correcting how the .NET web application handles web requests.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| .NET Core 1.0 | ||
| .NET Core 1.1 | ||
| Microsoft .NET Framework 4.7 on Windows 10 Version 1703 for 32-bit Systems | ||
| Microsoft .NET Framework 4.7 on Windows 10 Version 1703 for x64-based Systems | ||
| Microsoft .NET Framework 4.6 on Windows 10 for 32-bit Systems | ||
| Microsoft .NET Framework 4.6 on Windows 10 for x64-based Systems | ||
| Microsoft .NET Framework 4.6.1 on Windows 10 Version 1511 for 32-bit Systems | ||
| Microsoft .NET Framework 4.6.1 on Windows 10 Version 1511 for x64-based Systems | ||
| Microsoft .NET Framework 4.6.2/4.7 on Windows 10 Version 1607 for 32-bit Systems | ||
| Microsoft .NET Framework 4.6.2/4.7 on Windows 10 Version 1607 for x64-based Systems |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
EPSS
Связанные уязвимости
Microsoft .NET Framework 4.6, 4.6.1, 4.6.2, and 4.7 allow an attacker to send specially crafted requests to a .NET web application, resulting in denial of service, aka .NET Denial of Service Vulnerability.
Microsoft .NET Framework 4.6, 4.6.1, 4.6.2, and 4.7 allow an attacker to send specially crafted requests to a .NET web application, resulting in denial of service, aka .NET Denial of Service Vulnerability.
Improper Input Validation in Microsoft.NETCore.App
EPSS