Multiple vulnerabilities in Microsoft .NET Framework - MS16-019ID: oval:org.secpod.oval:def:32928 | Date: (C)2016-02-15 (M)2024-03-06 |
Class: PATCH | Family: windows |
The host is missing a critical security update according to Microsoft security bulletin, MS16-019. The update is required to fix multiple vulnerabilities, which fails to properly handle crafted icon data and certain Extensible Stylesheet Language Transformations (XSLT). Successful exploitation allows attackers to send specially crafted icon data to a .NET service and capture data or cause server performance to degrade inturn cause a denial of service.
Platform: |
Microsoft Windows 7 |
Microsoft Windows 8.1 |
Microsoft Windows 10 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Vista |
Product: |
Microsoft .NET Framework 2.0 |
Microsoft .NET Framework 3.5.1 |
Microsoft .NET Framework 4.5.2 |
Microsoft .NET Framework 4.6 |
Microsoft .NET Framework 4.6.1 |