Gravité: : Élevé
  Identifiant(s) CVE: : CVE-2014-0261
  Date du conseil: 16 janvier 2014

  Description

This security update resolves one privately reported vulnerability in Microsoft Dynamics AX. The vulnerability could allow denial of service if an authenticated attacker submits specially crafted data to an affected Microsoft Dynamics AX Application Object Server (AOS) instance. An attacker who successfully exploited this vulnerability could cause the target AOS instance to stop responding to client requests.

  Solutions

  Affected software and version:

  • Microsoft Dynamics AX 4.0 Service Pack 2[
  • Microsoft Dynamics AX 2009 Service Pack 1
  • Microsoft Dynamics AX 2012
  • Microsoft Dynamics AX 2012 R2