Executive Summary

Summary
TitleSecurity Update for .NET Framework to Address Denial of Service (3137893)
Informations
NameMS16-019First vendor Publication2016-02-09
VendorMicrosoftLast vendor Modification2016-02-09
Severity (Vendor) N/ARevision1.0

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score5Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Severity Rating: Important
Revision Note: V1.0 (February 9, 2016): Bulletin published.
Summary: This security update resolves vulnerabilities in Microsoft .NET Framework. The more severe of the vulnerabilities could cause denial of service if an attacker insert specially crafted XSLT into a client-side XML web part, causing the server to recursively compile XSLT transforms.

Original Source

Url : https://technet.microsoft.com/en-us/library/security/MS16-019

CWE : Common Weakness Enumeration

%idName
50 %CWE-200Information Exposure
50 %CWE-94Failure to Control Generation of Code ('Code Injection')

CPE : Common Platform Enumeration

TypeDescriptionCount
Application6

Snort® IPS/IDS

DateDescription
2016-03-15Microsoft .NET Framework XSLT parser stack exhaustion attempt
RuleID : 37656 - Revision : 3 - Type : OS-WINDOWS
2016-03-15Microsoft .NET Framework XSLT parser stack exhaustion attempt
RuleID : 37655 - Revision : 3 - Type : OS-WINDOWS

Nessus® Vulnerability Scanner

DateDescription
2016-02-09Name : The remote host is affected by multiple vulnerabilities.
File : smb_nt_ms16-019.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
DateInformations
2016-12-06 09:26:20
  • Multiple Updates
2016-04-27 05:04:23
  • Multiple Updates
2016-02-19 21:28:51
  • Multiple Updates
2016-02-17 21:30:30
  • Multiple Updates
2016-02-16 21:29:36
  • Multiple Updates
2016-02-10 17:29:12
  • Multiple Updates
2016-02-10 13:23:49
  • Multiple Updates
2016-02-09 21:30:21
  • Multiple Updates
2016-02-09 21:17:49
  • First insertion