Microsoft .Net Framework and .Net Core CVE-2019-0980 Denial of Service Vulnerability

description-logoDescription

A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET Framework or .NET Core web application. The vulnerability can be exploited remotely, without authentication. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the .NET Framework or .NET Core application. The update addresses the vulnerability by correcting how .NET Framework or .NET Core web applications handles web requests.

affected-products-logoAffected Applications

Microsoft .NET Framework 4.5.2 on Windows RT 8.1
.NET Core 2.2
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows RT 8.1
Microsoft .NET Framework 4.7.2 on Windows Server version 1803 (Server Core Installation)
Microsoft .NET Framework 3.5 on Windows Server version 1803 (Server Core Installation)
.NET Core 2.1
Microsoft .NET Framework 4.8 on Windows RT 8.1
Microsoft .NET Framework 4.8 on Windows Server version 1803 (Server Core Installation)
Windows Server 2016
Windows Server 2012
Microsoft .NET Framework 3.5 on Windows Server version 1903 (Server Core installation)
Windows 8
Windows Server 2008
Windows 10
Windows 7
Microsoft .NET Framework 4.8 on Windows Server version 1903 (Server Core installation)
.NET Core 1.1
.NET Core 1.0
Windows Server 2019

CVE References

CVE-2019-0980