A denial of service vulnerability exists when the .NET implementation of Bond improperly parses input. An attacker who successfully exploited the vulnerability could cause a process using Bond to stop responding.
To exploit this vulnerability, an attacker would need to upload specially crafted content to a Bond parser.
The update addresses the vulnerability by correcting the way Bond processes input.