3 matches found
The vulnerability of the Microsoft .NET Framework software platform, which allows a hacker to read arbitrary files
The vulnerability of the XML DTD parser component in the Microsoft .NET Framework is related to the lack of protection for operational data. Exploiting this vulnerability allows an attacker to remotely read arbitrary files by creating external declarations on XXE objects...
CVE-2015-6096
The XML DTD parser in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue, aka ".NET Information Disclosu...
CVE-2015-6096
The XML DTD parser in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue, aka ".NET Information Disclosu...