Описание
.NET and .NET Core Denial of Service Vulnerability
A denial of service vulnerability exists when .NET and .NET Core improperly process XML documents. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET application.
A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to a .NET (or .NET core) application.
The update addresses the vulnerability by correcting how .NET and .NET Core applications handle XML document processing.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| .NET Core 2.0 | ||
| Microsoft .NET Framework 4.7.1 on Windows 10 Version 1709 for x64-based Systems | ||
| Microsoft .NET Framework 4.7.1 on Windows Server, version 1709 (Server Core Installation) | ||
| Microsoft .NET Framework 3.5 on Windows 10 Version 1709 for 32-bit Systems | ||
| Microsoft .NET Framework 3.5 on Windows 10 Version 1709 for x64-based Systems | ||
| Microsoft .NET Framework 3.5 on Windows Server, version 1709 (Server Core Installation) | ||
| Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1 on Windows 7 for 32-bit Systems Service Pack 1 | ||
| Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1 on Windows 7 for x64-based Systems Service Pack 1 | ||
| Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1 on Windows 8.1 for 32-bit systems | ||
| Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1 on Windows 8.1 for x64-based systems |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
EPSS
Связанные уязвимости
A denial of service vulnerability exists when .NET and .NET Core improperly process XML documents, aka ".NET and .NET Core Denial of Service Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.7.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.7/4.7.1, Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6.2/4.7/4.7.1, .NET Core 2.0, Microsoft .NET Framework 4.7.2.
A denial of service vulnerability exists when .NET and .NET Core improperly process XML documents, aka ".NET and .NET Core Denial of Service Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.7.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.7/4.7.1, Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6.2/4.7/4.7.1, .NET Core 2.0, Microsoft .NET Framework 4.7.2.
Denial of service vulnerability exists when .NET and .NET Core improperly process XML documents
EPSS