Rapid7 Vulnerability & Exploit Database

MS16-091: Security Update for .NET Framework (3170048)

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

MS16-091: Security Update for .NET Framework (3170048)

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

07/12/2016

Created

07/25/2018

Added

07/12/2016

Modified

11/18/2021

Description

An information disclosure vulnerability exists when .NET Framework improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity declaration.

Solution(s)

WINDOWS-HOTFIX-MS16-084-22658655-0e69-4d2c-ace5-64d42eeb0e6f
WINDOWS-HOTFIX-MS16-084-7f722a3c-887f-41db-ae8a-a0fee28b4ae5
WINDOWS-HOTFIX-MS16-084-ac8d2656-7f38-4645-9b76-b43bc0f125bd
WINDOWS-HOTFIX-MS16-084-f227a554-3fe1-4e74-af64-0bd89596ca41
WINDOWS-HOTFIX-MS16-091-0d788942-e288-4be0-9509-dda277bfe2a6
WINDOWS-HOTFIX-MS16-091-10620d80-ff62-4cd7-9f7c-d4405ea71e78
WINDOWS-HOTFIX-MS16-091-11b27e92-75c7-446e-9763-542ecc5f2f66
WINDOWS-HOTFIX-MS16-091-19dc3974-eeb2-439a-99ce-8327346d0340
WINDOWS-HOTFIX-MS16-091-281805f8-a8b9-4fb8-9981-e0a5bf5d2369
WINDOWS-HOTFIX-MS16-091-2f4ec1fa-f40a-4b55-b2c3-19ef91e63862
WINDOWS-HOTFIX-MS16-091-40936d8c-8d94-48e2-9f2e-531a5775db2e
WINDOWS-HOTFIX-MS16-091-42e8f33a-1451-4e17-8d3e-5cbe5d114ab5
WINDOWS-HOTFIX-MS16-091-4f26fdf4-745a-4d46-a624-7ef32951cafe
WINDOWS-HOTFIX-MS16-091-54d9d0b1-ec0a-4c67-b477-d42e3ba4afda
WINDOWS-HOTFIX-MS16-091-57765bf4-c9e5-44e0-84c9-3f331ad49cbf
WINDOWS-HOTFIX-MS16-091-64f850dc-dfdc-4255-b878-6edfc8dd85e8
WINDOWS-HOTFIX-MS16-091-710d84bb-c6f1-4686-b2e1-706f266e6389
WINDOWS-HOTFIX-MS16-091-786495b0-dab7-46f4-90bb-d258c147a464
WINDOWS-HOTFIX-MS16-091-7a425008-6597-4ae1-b15e-61ee053b1f91
WINDOWS-HOTFIX-MS16-091-7b053e5b-04a5-4f47-92c5-74f6caba0de7
WINDOWS-HOTFIX-MS16-091-9ac0bff7-3bfa-4750-9df4-7c7e2c685bfb
WINDOWS-HOTFIX-MS16-091-a22f7742-60c3-4338-b23a-5e01e3806181
WINDOWS-HOTFIX-MS16-091-a3e135b2-6063-410e-a0e6-c45c9abbeac2
WINDOWS-HOTFIX-MS16-091-a78d5009-9f66-4b17-a50e-88f07e608d73
WINDOWS-HOTFIX-MS16-091-aa00d91e-a3da-45e4-89c7-5ea8630ddcdc
WINDOWS-HOTFIX-MS16-091-b9948eb6-d017-46fc-afb4-e4b82e93fdcc
WINDOWS-HOTFIX-MS16-091-bddb2934-700f-4188-a52a-6d52655cc7b6
WINDOWS-HOTFIX-MS16-091-bf933fb8-c44e-4cc3-9ff1-554256647cd1
WINDOWS-HOTFIX-MS16-091-cb1d7174-8213-40d2-b4dd-18a245800579
WINDOWS-HOTFIX-MS16-091-db3dfaf9-0596-406e-a0bf-d03eb6298920
WINDOWS-HOTFIX-MS16-091-dc65866d-0830-4b26-b9c5-33cb1831dc3d
WINDOWS-HOTFIX-MS16-091-dd61280a-65c4-4f66-8e6e-9801b0d1b1ee
WINDOWS-HOTFIX-MS16-091-e82ee675-482d-49ff-9c69-2ae35e26d0fa

References

https://attackerkb.com/topics/cve-2016-3255
91601
CVE - 2016-3255
MS16-091
3170048

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

MS16-091: Security Update for .NET Framework (3170048)

MS16-091: Security Update for .NET Framework (3170048)

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.