Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2018-0764: .NET and .NET Core Denial of Service Vulnerability

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Microsoft CVE-2018-0764: .NET and .NET Core Denial of Service Vulnerability

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
01/09/2018
Created
07/25/2018
Added
01/14/2019
Modified
11/18/2021

Description

A denial of service vulnerability exists when .NET and .NET Core improperly process XML documents. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to a .NET (or .NET core) application. The update addresses the vulnerability by correcting how .NET and .NET Core applications handle XML document processing.

Solution(s)

  • msft-kb4055269-537fc3ba-4248-40b8-9498-8a671abebfe9-kb4054172
  • msft-kb4055269-537fc3ba-4248-40b8-9498-8a671abebfe9-kb4054176
  • msft-kb4055269-537fc3ba-4248-40b8-9498-8a671abebfe9-kb4054183
  • msft-kb4055269-bf2df578-f134-46cb-ba69-16bc34fc592d-kb4054176
  • msft-kb4055269-fdecaf44-50a3-4667-a935-f9e7af0bb317-kb4054172
  • msft-kb4055269-fdecaf44-50a3-4667-a935-f9e7af0bb317-kb4054176
  • msft-kb4055269-fdecaf44-50a3-4667-a935-f9e7af0bb317-kb4054183
  • msft-kb4055270-31f13fa5-cfe3-411e-9048-5de152f2485f-kb4054171
  • msft-kb4055270-31f13fa5-cfe3-411e-9048-5de152f2485f-kb4054175
  • msft-kb4055270-31f13fa5-cfe3-411e-9048-5de152f2485f-kb4054181
  • msft-kb4055270-370c3401-f6b9-41fb-a31e-aaeb69e69c2e-kb4054171
  • msft-kb4055270-370c3401-f6b9-41fb-a31e-aaeb69e69c2e-kb4054175
  • msft-kb4055270-370c3401-f6b9-41fb-a31e-aaeb69e69c2e-kb4054181
  • msft-kb4055270-d92cbae4-c736-4cb6-805b-6d4964a2e88b-kb4054171
  • msft-kb4055270-d92cbae4-c736-4cb6-805b-6d4964a2e88b-kb4054175
  • msft-kb4055270-d92cbae4-c736-4cb6-805b-6d4964a2e88b-kb4054181
  • msft-kb4055271-0f6efea5-e7fe-4bab-80fa-4033e4a017ab-kb4054170
  • msft-kb4055271-0f6efea5-e7fe-4bab-80fa-4033e4a017ab-kb4054177
  • msft-kb4055271-0f6efea5-e7fe-4bab-80fa-4033e4a017ab-kb4054182
  • msft-kb4055271-5d01e572-6b11-4db1-bf45-394cafbebf76-kb4054170
  • msft-kb4055271-5d01e572-6b11-4db1-bf45-394cafbebf76-kb4054177
  • msft-kb4055271-5d01e572-6b11-4db1-bf45-394cafbebf76-kb4054182
  • msft-kb4055272-5e01da27-c82b-4f70-b55e-57221b9f41b8-kb4054174
  • msft-kb4055272-cda76bdd-be44-4581-8ab9-b7a6e512b3b1-kb4054172
  • msft-kb4055272-cda76bdd-be44-4581-8ab9-b7a6e512b3b1-kb4054174
  • msft-kb4055272-cda76bdd-be44-4581-8ab9-b7a6e512b3b1-kb4054183
  • msft-kb4055272-d6d7bbdb-3d44-41ed-8910-5914f268ae50-kb4054172
  • msft-kb4055272-d6d7bbdb-3d44-41ed-8910-5914f268ae50-kb4054174
  • msft-kb4055272-d6d7bbdb-3d44-41ed-8910-5914f268ae50-kb4054183
  • msft-kb4056888-664639c3-95e4-4deb-8b34-0d599c0a582b
  • msft-kb4056888-c0708f93-30a8-47ad-9892-f807c6f83014
  • msft-kb4056890-92aedd4d-0cea-4906-8353-0a8dea97f44c
  • microsoft-windows-windows_server_2016-1607-kb4056890
  • msft-kb4056890-e149510e-1e4a-4263-8eea-d09548b516a6
  • msft-kb4056891-64a4a722-8ee1-4315-8977-b970916497a7
  • msft-kb4056891-74b9cfdd-c2b4-4094-a7ac-49dafeacb837
  • msft-kb4056892-f5928a6a-8aba-4be4-8a38-07688e23afc5
  • msft-kb4056892-ff4a4508-e334-4006-bdde-c87f2a4f32eb
  • msft-kb4056893-006fa0ad-ba96-48b9-9d76-ba3746a04127
  • msft-kb4056893-421eb4c2-e9fc-4207-b853-e9737bfe0c6b

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;