MS.NET.Framework.Remote.Code.Execution.Vulnerability.MS14-057
Description
.NET framework is a software development framework developed by Microsoft.
The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 and below applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled.
Affected Products
Windows Vista SP2
Windows 7 SP1
Windows 8 and Windows 8.1
Windows Server 2003 SP2
Windows Server 2008 SP2
Windows Server 2008 R2 SP1
Windows Server 2012 and Windows Server 2012 R2
Impact
The vulnerable system could allow a remote attacker to retrieve content or modify application setting on the system, therefore there is a risk of creating a denial of service scenario, exposing sensitive information or executing arbitrary code.
Recommended Actions
Please download and apply patches as instructed in https://technet.microsoft.com/library/security/ms14-057.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |