Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2018-0765: .NET and .NET Core Denial of Service Vulnerability

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Microsoft CVE-2018-0765: .NET and .NET Core Denial of Service Vulnerability

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
05/08/2018
Created
07/25/2018
Added
05/08/2018
Modified
11/18/2021

Description

A denial of service vulnerability exists when .NET and .NET Core improperly process XML documents. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to a .NET (or .NET core) application. The update addresses the vulnerability by correcting how .NET and .NET Core applications handle XML document processing.

Solution(s)

  • msft-kb4099637-192b76d7-3f2c-4b0c-88a3-8ece93530cc4-kb4095514
  • msft-kb4099637-192b76d7-3f2c-4b0c-88a3-8ece93530cc4-kb4095519
  • msft-kb4099637-192b76d7-3f2c-4b0c-88a3-8ece93530cc4-kb4096237
  • msft-kb4099637-cdc86be5-1781-4ca7-94d0-60c825e43a16-kb4095514
  • msft-kb4099637-cdc86be5-1781-4ca7-94d0-60c825e43a16-kb4095519
  • msft-kb4099637-cdc86be5-1781-4ca7-94d0-60c825e43a16-kb4096237
  • msft-kb4099637-e0947a57-3be5-4bce-8d82-3ba4a38c81dd-kb4095514
  • msft-kb4099638-56ad042e-adaa-4379-8155-53bcb97a7cfe-kb4095512
  • msft-kb4099638-56ad042e-adaa-4379-8155-53bcb97a7cfe-kb4095518
  • msft-kb4099638-56ad042e-adaa-4379-8155-53bcb97a7cfe-kb4096235
  • msft-kb4099638-73578b8f-2e95-42b2-9559-32f873423108-kb4095512
  • msft-kb4099638-73578b8f-2e95-42b2-9559-32f873423108-kb4095518
  • msft-kb4099638-73578b8f-2e95-42b2-9559-32f873423108-kb4096235
  • msft-kb4099638-fc652d36-6fae-412c-b2a6-91b246222ea0-kb4095512
  • msft-kb4099638-fc652d36-6fae-412c-b2a6-91b246222ea0-kb4095518
  • msft-kb4099638-fc652d36-6fae-412c-b2a6-91b246222ea0-kb4096235
  • msft-kb4099639-041c9d83-7a16-4e5d-8f2b-35d5cca0fc62-kb4095515
  • msft-kb4099639-041c9d83-7a16-4e5d-8f2b-35d5cca0fc62-kb4095517
  • msft-kb4099639-041c9d83-7a16-4e5d-8f2b-35d5cca0fc62-kb4096236
  • msft-kb4099639-be6a176d-f73e-46be-b458-248528b0a80f-kb4095515
  • msft-kb4099639-be6a176d-f73e-46be-b458-248528b0a80f-kb4095517
  • msft-kb4099639-be6a176d-f73e-46be-b458-248528b0a80f-kb4096236
  • msft-kb4099640-14133e96-e4fb-4c3e-9b50-df297991d9c7-kb4095513
  • msft-kb4099640-14133e96-e4fb-4c3e-9b50-df297991d9c7-kb4095519
  • msft-kb4099640-14133e96-e4fb-4c3e-9b50-df297991d9c7-kb4096237
  • msft-kb4099640-6f0fabe6-1e40-41a6-8cfd-8563cbdc503a-kb4095513
  • msft-kb4099640-6f0fabe6-1e40-41a6-8cfd-8563cbdc503a-kb4095519
  • msft-kb4099640-6f0fabe6-1e40-41a6-8cfd-8563cbdc503a-kb4096237
  • msft-kb4099640-75423fa5-ad47-4b3d-92ac-d3132a389ddf-kb4095513
  • msft-kb4103716-34e04a3c-fab2-4a5e-b231-a37aac882e0f
  • msft-kb4103716-8759c2a2-230b-4089-9c04-586cf2746a71
  • msft-kb4103721-eb863932-a151-446c-8884-ab5add176f94
  • msft-kb4103721-f7846ea0-3bd9-48a2-b230-0be2ad24b4ea
  • msft-kb4103721-fdd62b2a-0e40-4c06-b153-7d2f5e45f613
  • msft-kb4103723-54f93c06-1d96-40f5-bdc8-f9924dbcd522
  • msft-kb4103723-99a0b90d-2519-4700-be0c-e6c7b5bd04ec
  • msft-kb4103723-a74a9c4e-0823-4afc-8b58-cf1785a2e2b4
  • msft-kb4103727-0dae0270-e483-4c81-9914-263ec487c6c1
  • msft-kb4103727-6108aff5-77b2-4684-b1cb-749f3c040d8f
  • msft-kb4103727-c03178c9-b5d2-4c5f-819f-c8871513e23d
  • msft-kb4103731-610e3534-770e-4bab-845a-0159c0645106
  • msft-kb4103731-f80f24fa-933a-44d1-a83a-8013a727d881

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;