Denial of Service Vulnerability in ASP.NET in Microsoft Windows - MS09-036
|ID: oval:org.secpod.oval:def:2512||Date: (C)2011-10-13 (M)2017-11-22|
|Class: PATCH||Family: windows|
The host is missing an important security update according to Microsoft security bulletin, MS09-036. The update is required to fix denial of service vulnerability. A flaw is present in the Microsoft .NET Framework component of Microsoft Windows, which fails to handle specially crafted HTTP requests. Successful exploitation could allow attackers to create specially crafted anonymous HTTP requests that could cause the affected Web server to become non-responsive until the associated application pool is restarted.
|Microsoft Windows Server 2008|
|Microsoft Windows Vista|
|Microsoft .NET Framework|