Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2019-0820: .NET Framework and .NET Core Denial of Service Vulnerability

Free InsightVM Trial No Credit Card Necessary

2024 Attack Intel Report Latest research by Rapid7 Labs

Back to Search

Microsoft CVE-2019-0820: .NET Framework and .NET Core Denial of Service Vulnerability

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

05/14/2019

Created

05/15/2019

Added

05/14/2019

Modified

01/31/2023

Description

A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to a .NET Framework (or .NET core) application. The update addresses the vulnerability by correcting how .NET Framework and .NET Core applications handle RegEx string processing.

Solution(s)

msft-kb4494440-4091b3b1-890f-4344-bf2c-cd6cc084a9a6
msft-kb4494440-db85a23a-f0f7-466e-ad06-73387fea46dd
msft-kb4494440-dd00e364-6182-4eb3-b4b3-49d6ca3f9d98
msft-kb4495584-111e26b5-2c16-49c4-afc6-08a321f8030d
msft-kb4495584-263b1a16-ac1f-48e8-bda6-bf63a81a6193
msft-kb4495584-f2bd4fcb-e104-4478-9868-a18a1081e2ec
msft-kb4495586-1f4f6123-e562-45fc-812d-8565feda7068
msft-kb4495586-8c9959a1-1474-4705-bee2-38d1bd9da8d3
msft-kb4495587-0d812232-271a-4257-b0df-8c7a29e76178
msft-kb4495587-4eb47b64-242f-49d4-9535-f9d2306f0adf
msft-kb4495587-b200b093-517a-4e9c-b99e-52e32cd35cdf
msft-kb4495587-c4d2428f-3853-451a-accf-e8dae8639ca3
msft-kb4495589-a9ec66a1-5804-4856-833c-097710280055
msft-kb4495589-e464cb4c-64c9-495f-9e32-3cbb77b8c33e
msft-kb4495590-0d1617e9-76aa-4525-85d6-2ff0492edaf2
msft-kb4495590-2359145f-3b72-40e1-aabb-d49ff89d1ede
msft-kb4495590-286128ba-ffdd-4095-96da-835a273bddb5
msft-kb4495591-397c2db2-1184-4369-9876-23d84e0f15de
msft-kb4495591-7031d09d-7eed-4c2b-afee-46e880d9f024
msft-kb4495591-72b98aa5-9139-4838-876f-a5920acb2bd4
msft-kb4495593-09d0a396-3cf0-4f37-97b7-e9cae8c84a0f
msft-kb4495593-16f35359-81fb-4b30-a567-da9bf3713a0d
msft-kb4495593-c05c68f5-3db1-4712-b037-b6bd490ec983
msft-kb4495593-eb85eff3-bbc4-493e-8a50-c7a6e39b45fa
msft-kb4495607-4a87ac49-68ca-4ad1-a15f-8fca8bb8e9f5
msft-kb4495607-759188e4-80d2-4f61-bf48-9c576e56aaf7
msft-kb4495607-9d695869-ad1e-4a59-9e02-95328a8a80bb
msft-kb4495609-15da3709-c66d-4b60-9e48-0f5cf5a7b49c
msft-kb4495609-38e63fc3-0e5f-4aa2-a6bf-a04098b3d9fa
msft-kb4495609-ec2c9f09-11d0-463f-9230-9d9aaeb98f74
msft-kb4495610-20f30b7c-93e5-45c8-8ebe-1c9822b24be6
msft-kb4495610-56da1195-0fe0-4ec3-a27b-1fdeb10e579c
msft-kb4495610-a743bc90-9261-4226-8f1d-6a1914e042a3
msft-kb4495611-3af98ae7-fcce-4cc6-aafc-d34d1828699c
msft-kb4495611-76c23c2d-3a79-4316-a945-521d2ae5db67
msft-kb4495612-91bfe1d2-b4be-4504-a9b2-f4c38663f9ce
msft-kb4495612-ae0f9a48-bff7-456e-ad5f-63ab8a7b408c
msft-kb4495612-d573d583-a0d2-4599-beb7-bee2b00c85f0
msft-kb4495613-18bfffaf-f04f-40ab-8d53-2d7f80a2cc65
msft-kb4495613-77b79a17-8c91-49cd-992c-d4cf8bca412a
msft-kb4495615-043be643-8514-40ac-af05-e5c06eac82be
msft-kb4495615-33b5bb44-c34b-41c9-81ac-f128eb0d92f1
msft-kb4495616-6beeae0c-5eba-41e7-a36f-25d066e9996b
msft-kb4495616-9319f393-a04b-4784-bdf4-7ce106f5ebcb
msft-kb4495616-f2fb1ffc-8697-4a95-9550-3c480ea955ef
msft-kb4495618-088084f7-8813-482e-8695-74621a46e83a
msft-kb4495618-0ad89e2b-00ec-4224-bad3-570438f6f3ba
msft-kb4495618-4895753d-ae40-4b12-8734-7b75d5439675
msft-kb4495620-01301843-6f2b-4267-bbb2-990e6b4cc220
msft-kb4495620-6d85d92c-4647-4e6b-8d8d-ec40d6baeb16
msft-kb4495620-ece422b0-873e-4c15-afe2-81bbc7fa7889
msft-kb4495623-07b1475a-2536-4379-a411-4dc4d3f09a9b
msft-kb4495623-427cb263-7a52-436b-adbb-c336b0db3149
msft-kb4495623-f9b10ac5-763b-4272-9732-2bb9179cdf5f
msft-kb4495625-3ec878d7-3a5a-4a37-b691-8bbc9149ec58
msft-kb4495625-82e46d3d-cb44-4610-a86a-7ddbe155df09
msft-kb4495627-7be33f12-75e7-482d-ac41-c6b21e103574
msft-kb4495627-9496645b-f3b5-4276-a891-141881e4cdbc
msft-kb4499154-44b16b5f-7af4-4d44-8f11-d890d152c2f7
msft-kb4499154-c266a444-9a8f-49cc-a989-767936db38ab
msft-kb4499167-02d7f039-e9d8-44a4-991c-7f0018dbb17b
msft-kb4499167-2ea0586a-8e8e-4677-bcd7-0d821e1f3e9c
msft-kb4499167-426f16ec-8a9b-4c38-a4f9-c018371d51cb
msft-kb4499179-7f17fdb3-7c5e-44c1-b12c-bc57af632380
msft-kb4499179-b166ef22-f8fd-4be4-b577-5dd5e689c5e9
msft-kb4499181-78d037a2-ac8c-4a2a-a2dd-4d706c402d25
msft-kb4499181-acf8762b-9546-4a51-8e26-d5790de3c4ab

References

https://attackerkb.com/topics/cve-2019-0820
CVE - 2019-0820
4494440
4495582
4495584
4495585
4495586
4495587
4495588
4495589
4495590
4495591
4495592
4495593
4495594
4495596
4495602
4495604
4495606
4495607
4495608
4495609
4495610
4495611
4495612
4495613
4495615
4495616
4495618
4495620
4495622
4495623
4495624
4495625
4495626
4495627
4498961
4498962
4498963
4498964
4499154
4499167
4499179
4499181
4499405
4499406
4499407
4499408
4499409

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2019-0820: .NET Framework and .NET Core Denial of Service Vulnerability

Microsoft CVE-2019-0820: .NET Framework and .NET Core Denial of Service Vulnerability

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.