Endpoint Vulnerability

Microsoft: .NET Denial of Service Vulnerability

Description

A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET web application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the .NET application. The update addresses the vulnerability by correcting how the .NET web application handles web requests.

Affected Products

Microsoft .NET Framework 4.5.2 on Windows RT 8.1,Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows RT 8.1,Microsoft .NET Framework 3.5 AND 4.8 on Windows Server, version 1903 (Server Core installation),Microsoft .NET Framework 3.5 on Windows Server, version 1803 (Server Core Installation),Microsoft .NET Framework 4.8 on Windows RT 8.1,Microsoft .NET Framework 4.8 on Windows Server, version 1803 (Server Core Installation),Windows Server 2016,Windows Server 2012,Windows 8,Windows Server 2008

References

CVE-2019-1083,