Improper input validation in Microsoft .Net_framework
CVE-2013-1336
The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check signatures, which allows remote attackers to make undetected changes to signed XML documents via unspecified vectors that…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.602 (98.3th percentile) — read the EPSS interpretation.
Affected products
- Microsoft .Net_framework — versions 2.0, 3.5, 3.5.1
- N/a — versions n/a
Weakness classification (CWE)
References
- TA13-134A (US Government Resource, x_refsource_CERT, third-party-advisory)
- MS13-040 (x_refsource_MS, vendor-advisory)
- oval:org.mitre.oval:def:16559 (x_refsource_OVAL, signature, vdb-entry)