Lucene search

PRIOn knowledge basePRION:CVE-2013-0005

HistoryJan 09, 2013 - 6:09 p.m.

Denial of service

2013-01-0918:09:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.59 Medium

EPSS

Percentile

97.7%

JSON

The WCF Replace function in the Open Data (aka OData) protocol implementation in Microsoft .NET Framework 3.5, 3.5 SP1, 3.5.1, and 4, and the Management OData IIS Extension on Windows Server 2012, allows remote attackers to cause a denial of service (resource consumption and daemon restart) via crafted values in HTTP requests, aka “Replace Denial of Service Vulnerability.”

CPENameOperatorVersion
.net_frameworkeq3.5
.net_frameworkeq3.5 sp1
.net_frameworkeq3.5.1
.net_frameworkeq4.0

Name	Operator	Version
.net_framework	eq	3.5
.net_framework	eq	3.5 sp1
.net_framework	eq	3.5.1
.net_framework	eq	4.0

References

www.us-cert.gov/cas/techalerts/TA13-008A.html

docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-007

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16282

6.9 Medium

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.59 Medium

EPSS

Percentile

97.7%

JSON

Related for PRION:CVE-2013-0005