Описание
.Net Framework and .Net Core Denial of Service Vulnerability
A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET Framework or .NET Core web application. The vulnerability can be exploited remotely, without authentication.
A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the .NET Framework or .NET Core application.
The update addresses the vulnerability by correcting how .NET Framework or .NET Core web applications handles web requests.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| .NET Core 1.0 | ||
| .NET Core 1.1 | ||
| PowerShell Core 6.1 | ||
| .NET Core 2.1 | ||
| .NET Core 2.2 | ||
| PowerShell Core 6.2 | ||
| Microsoft .NET Framework 4.7.2 on Windows 10 Version 1803 for 32-bit Systems | ||
| Microsoft .NET Framework 4.7.2 on Windows 10 Version 1803 for ARM64-based Systems | ||
| Microsoft .NET Framework 4.7.2 on Windows Server 2019 (Server Core installation) | ||
| Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows 7 for 32-bit Systems Service Pack 1 |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
Связанные уязвимости
A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0980.
A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0980.
Уязвимость программных платформ .NET Core, Microsoft .NET Framework и расширяемого средства автоматизации PowerShell Core, связанная с ошибками обработки запросов, позволяющая нарушителю вызвать отказ в обслуживании
ELSA-2019-1259: dotnet security, bug fix, and enhancement update (IMPORTANT)
EPSS