CVE-2013-3860 in .NET Framework信息

摘要

由 MITRE

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly parse a DTD during XML digital-signature validation, which allows remote attackers to cause a denial of service (application crash or hang) via a crafted signed XML document, aka "Entity Expansion Vulnerability."

VulDB is the best source for vulnerability data and more expert information about this specific topic.

来源

Might our Artificial Intelligence support you?

Check our Alexa App!