9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.241 Low
EPSS
Percentile
96.5%
09/08/2015
High
Multiple serious vulnerabilities have been found in .NET Framework. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or gain privileges.
.NET Framework 2.0 Service Pack 2
.NET Framework 3.5, 3.5.1
.NET Framework 4, 4.5, 4.5.1, 4.5.2, 4.6
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
DoS
CVE-2015-25049.3Critical
CVE-2015-25265.0Critical
3074549
3074548
3074552
3074229
3074232
3074231
3074228
3074553
3089662
support.microsoft.com/kb/3074228
support.microsoft.com/kb/3074229
support.microsoft.com/kb/3074231
support.microsoft.com/kb/3074232
support.microsoft.com/kb/3074548
support.microsoft.com/kb/3074549
support.microsoft.com/kb/3074552
support.microsoft.com/kb/3074553
support.microsoft.com/kb/3089662
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2504
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2526
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2504
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2526
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-.NET-Framework/