Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0005

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2013-0005
Last Modified 02 Nov 2013 11:29:19
Published 09 Jan 2013 01:09:40
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-0005

Summary

The WCF Replace function in the Open Data (aka OData) protocol implementation in Microsoft .NET Framework 3.5, 3.5 SP1, 3.5.1, and 4, and the Management OData IIS Extension on Windows Server 2012, allows remote attackers to cause a denial of service (resource consumption and daemon restart) via crafted values in HTTP requests, aka "Replace Denial of Service Vulnerability."

Vulnerable Systems

Application

  • Microsoft .net Framework 3.5

  • Microsoft .net Framework 3.5.1

  • Microsoft .net Framework 4.0

  • Microsoft Management Odata Iis Extension -


References

MS - MS13-007

CERT - TA13-008A

Related Patches

MS13-007 Security Update for Microsoft .NET Framework 3.5 SP1 on XP, 2003, Vista, 2008 x86 (KB2736416)

MS13-007 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 x86 (KB2736418)

MS13-007 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 x64 (KB2736418)

MS13-007 Security Update for .NET 4 on XP, Server 2003, Vista, Win 7, Server 2008, Server 2008 R2 for x64 (KB2736428)


Last Updated: 27 May 2016 11:01:56