Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly parse internationalized resource identifiers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted request to a .NET web application, aka ".NET Framework Remote Code Execution Vulnerability."
AV:N/AC:L/Au:N/C:C/I:C/A:CMicrosoft .net Framework
APPMicrosoft2.03.53.5.14.04.54.5.14.5.2
Related vulnerabilities
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properl...
Podatność omijania funkcji bezpieczeństwa w .NET, .NET Framework i Visual Studio
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properl...
A remote code execution vulnerability exists when Microsoft .NET Framework processes untrusted input, aka ".NE...
Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 mishandles signature validation f...