2 matches found
CVE-2013-1336
CVE-2013-1336 affects Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5. The vulnerability arises because the CLR does not properly validate signatures, enabling an attacker to modify signed XML files without breaking the signature (XML Digital Signature Spoofing). This is tied to the MS13...
Microsoft .NET XML Digital Signature Spoofing (MS13-040; CVE-2013-1336)
A spoofing vulnerability has been reported when the Microsoft .NET Framework fails to properly validate the signature of specially crafted XML files. Successful exploitation would allow an attacker to modify the contents of an XML file without invalidating the signature associated with the file...