Denial of Service Vulnerability in Microsoft ASP.NET Framework
CVE-2009-1536
Currently unrated
Key Information:
- Vendor
Microsoft
- Vendor
- CVE Published:
- 12 August 2009
What is CVE-2009-1536?
The ASP.NET component of Microsoft .NET Framework, specifically in versions 2.0 SP1, SP2, and 3.5, allows remote attackers to disrupt service by exploiting improper request scheduling when running in integrated mode on IIS 7.0. By sending specially crafted HTTP requests, an attacker can initiate a denial of service condition that impacts the availability of the application.