Denial of Service Vulnerability in .NET Framework by Microsoft
CVE-2019-0864

5.5MEDIUM

Key Information:

Vendor: Microsoft
Status: Microsoft .net Framework 4.5.2; Microsoft .net Framework 4.6; Microsoft .net Framework 4.6.2 On Windows 10 For 32-bit Systems; Microsoft .net Framework 4.6.2 On Windows 10 For X64-based Systems
Vendor: CVE Published:; 16 May 2019

What is CVE-2019-0864?

A denial of service vulnerability exists in the .NET Framework due to improper handling of objects in heap memory. An attacker can exploit this vulnerability to cause applications to fail, potentially resulting in a loss of availability. This can affect the performance and stability of applications that rely on the .NET Framework, calling for immediate attention and remediation to safeguard against exploitation.

Affected Version(s)

Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2

Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2

Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2

References

https://portal.msrc.microsoft.com/en-US/security-guidance...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 16, 2019
Vulnerability Reserved
Nov 26, 2018