BID:69603

Microsoft .NET Framework CVE-2014-4072 Remote Denial of Service Vulnerability

CVE-2014-4072 |

Info

Microsoft .NET Framework CVE-2014-4072 Remote Denial of Service Vulnerability

Bugtraq ID:	69603
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2014-4072
Remote:	Yes
Local:	No
Published:	Sep 09 2014 12:00AM
Updated:	Sep 09 2014 12:00AM
Credit:	Alexander Klink of Cynops GmbH
Vulnerable:	Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.0 Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.0 SP2 Microsoft .NET Framework 2.0 SP2 Microsoft .NET Framework 1.1 SP1

Not Vulnerable:

Discussion

Microsoft .NET Framework CVE-2014-4072 Remote Denial of Service Vulnerability

Microsoft .NET Framework is prone to a remote denial-of-service vulnerability.

An attacker can exploit this issue to degrade the performance of a .NET-enabled website, causing a denial of service condition.

Exploit / POC

Microsoft .NET Framework CVE-2014-4072 Remote Denial of Service Vulnerability

Currently, we are not aware of any exploits. If you feel we are in error or if you are aware of any more recent information, please mail us at: [email protected].

Solution / Fix

Microsoft .NET Framework CVE-2014-4072 Remote Denial of Service Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

References

Microsoft .NET Framework CVE-2014-4072 Remote Denial of Service Vulnerability

References:

.NET Framework Homepage (Microsoft)
Microsoft Homepage (Microsoft)