(MS13-040) Vulnerabilities in .NET Framework Could Allow Spoofing (2836440)
Publish Date: 14 Juni 2013
Schweregrad:: Mittel
CVE Kennungen:: CVE-2013-1336,CVE-2013-1337
Hinweisdatum: 14 Juni 2013
Beschreibung
This security update patches two vulnerabilities in the Microsoft .NET Framework. The more severe of the vulnerabilities could allow spoofing if a .NET application receives a maliciously crafted XML file. An attacker who successfully exploited the vulnerabilities could modify the contents of an XML file without invalidating the file's signature and could gain access to endpoint functions as if they were an authenticated user.
Lösungen
Betroffene Software und Version:
- Microsoft .NET Framework 2.0 Service Pack 2
- Microsoft .NET Framework 4
- Microsoft .NET Framework 4.5
- Microsoft .NET Framework 3.5.1
- Microsoft .NET Framework 3.5