Endpoint Vulnerability

.NET and .NET Core Denial Of Service Vulnerability

Description

A Denial of Service vulnerability exists when .NET, and .NET core, improperly process XML documents. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to a .NET(or .NET core) application.

Affected Products

.NET Core 1.0,.NET Core 1.1,.NET Core 2.0,Microsoft .NET Framework 4.5.2 on Windows RT 8.1,Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7 on Windows RT 8.1,Microsoft .NET Framework 4.7.1 on Windows Server, version 1709 (Server Core Installation),Windows 10,Windows 7,Windows 8,Windows Server 2008

References

CVE-2018-0764,