(MS14-004) Vulnerability in Microsoft Dynamics AX Could Allow Denial of Service (2880826)
Severity: HIGH
CVE Identifier: CVE-2014-0261
Advisory Date: JAN 16, 2014
DESCRIPTION
This security update resolves one privately reported vulnerability in Microsoft Dynamics AX. The vulnerability could allow denial of service if an authenticated attacker submits specially crafted data to an affected Microsoft Dynamics AX Application Object Server (AOS) instance. An attacker who successfully exploited this vulnerability could cause the target AOS instance to stop responding to client requests.
SOLUTION
AFFECTED SOFTWARE AND VERSION
- Microsoft Dynamics AX 4.0 Service Pack 2[
- Microsoft Dynamics AX 2009 Service Pack 1
- Microsoft Dynamics AX 2012
- Microsoft Dynamics AX 2012 R2