Microsoft .NET Framework Denial of Service Vulnerabilities

Last Update Date: 17 Feb 2016 Release Date: 11 Feb 2016 3412 Views

RISK: High Risk

High Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products
  1. .NET Framework Stack Overflow Denial of Service Vulnerability
    A denial of service vulnerability exists when .NET Framework fails to properly handle certain Extensible Stylesheet Language Transformations (XSLT). An attacker who successfully exploited this vulnerability could cause server performance to degrade significantly enough to cause a denial of service condition.
  2. Windows Forms Information Disclosure Vulnerability
    An information disclosure vulnerability exists in Microsoft .NET Framework that is caused when .NET's Windows Forms (WinForms) improperly handles icon data. An attacker who successfully exploited the vulnerability could send specially crafted icon data to a .NET service. The icon data could capture information that is then returned to the attacker within the icon's data.

Impact

  • Denial of Service
  • Information Disclosure

System / Technologies affected

  • Microsoft Windows Vista
  • Microsoft Windows Server 2008
  • Microsoft Windows 7
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows 8.1
  • Microsoft Windows Server 2012 and Windows Server 2012 R2
  • Microsoft Windows RT 8.1
  • Microsoft Windows 10

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

ISC BIND NXDOMAIN Redirection Processing Vulnerability

11 Feb 2016 3136 Views

Next

Mozilla Firefox ESR Remote Code Execution Vulnerability

17 Feb 2016 3362 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY