Описание
.NET and .NET Core Denial of Service Vulnerability
A denial of service vulnerability exists when .NET and .NET Core improperly process XML documents. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET application.
A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to a .NET (or .NET core) application.
The update addresses the vulnerability by correcting how .NET and .NET Core applications handle XML document processing.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| .NET Core 1.0 | ||
| .NET Core 1.1 | ||
| .NET Core 2.0 | ||
| PowerShell Core 6.0.0 | ||
| Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7 on Windows RT 8.1 | - | |
| Microsoft .NET Framework 4.7.1 on Windows 10 Version 1709 for 32-bit Systems | ||
| Microsoft .NET Framework 4.7.1 on Windows 10 Version 1709 for x64-based Systems | ||
| Microsoft .NET Framework 4.7.1 on Windows Server, version 1709 (Server Core Installation) | ||
| Microsoft .NET Framework 4.7 on Windows 10 Version 1703 for 32-bit Systems | ||
| Microsoft .NET Framework 4.7 on Windows 10 Version 1703 for x64-based Systems |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
EPSS
Связанные уязвимости
Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. 1.1 and 2.0 allow a denial of service vulnerability due to the way XML documents are processed, aka ".NET and .NET Core Denial Of Service Vulnerability". This CVE is unique from CVE-2018-0765.
Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. 1.1 and 2.0 allow a denial of service vulnerability due to the way XML documents are processed, aka ".NET and .NET Core Denial Of Service Vulnerability". This CVE is unique from CVE-2018-0765.
Denial of service vulnerability exists when .NET and .NET Core improperly process XML documents
EPSS