virus logo FortiClient Vulnerability

Microsoft .NET Framework and .NET Core CVE-2019-0820 Denial of Service Vulnerability

description-logoDescription

A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to a .NET Framework (or .NET core) application. The update addresses the vulnerability by correcting how .NET Framework and .NET Core applications handle RegEx string processing.

affected-products-logoAffected Applications

Microsoft .NET Framework 4.5.2 on Windows RT 8.1
.NET Core 2.2
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows RT 8.1
Microsoft .NET Framework 4.7.2 on Windows Server version 1803 (Server Core Installation)
Microsoft .NET Framework 3.5 on Windows Server version 1803 (Server Core Installation)
.NET Core 2.1
Microsoft .NET Framework 4.8 on Windows RT 8.1
Microsoft .NET Framework 4.8 on Windows Server version 1803 (Server Core Installation)
Windows Server 2016
Windows Server 2012
Microsoft .NET Framework 3.5 on Windows Server version 1903 (Server Core installation)
Windows 8
Windows 7
Windows 10
Windows Server 2008
Microsoft .NET Framework 4.8 on Windows Server version 1903 (Server Core installation)
.NET Core 1.1
.NET Core 1.0
Windows Server 2019

CVE References

CVE-2019-0820

Other References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0820
ID 58131
Created May 14, 2019
Description
Updated		 Dec 21, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Microsoft
Patch auto
Application Microsoft .NET Framework 4.5.2 on Windows RT 8.1 , .NET Core 2.2 , Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows RT 8.1 , Microsoft .NET Framework 4.7.2 on Windows Server version 1803 (Server Core Installation) , Microsoft .NET Framework 3.5 on Windows Server version 1803 (Server Core Installation) , .NET Core 2.1 , Microsoft .NET Framework 4.8 on Windows RT 8.1 , Microsoft .NET Framework 4.8 on Windows Server version 1803 (Server Core Installation) , Windows Server 2016 , Windows Server 2012 , Microsoft .NET Framework 3.5 on Windows Server version 1903 (Server Core installation) , Windows 8 , Windows 7 , Windows 10 , Windows Server 2008 , Microsoft .NET Framework 4.8 on Windows Server version 1903 (Server Core installation) , .NET Core 1.1 , .NET Core 1.0 , Windows Server 2019