Description
Multiple serious vulnerabilities have been found in Microsoft .NET Framework. Malicious users can exploit these vulnerabilities to cause denial of service or obtain sensitive information.
Below is a complete list of vulnerabilities
- An improper handling of XSLT can be exploited remotely via a specially designed XML content to cause denial of service;
- An improper icon data handling at Windows Forms can be exploited remotely via a specially designed icon to obtain sensitive information.
Technical details
To mitigate vulnerability (1) do not load XSL stylesheets from untrusted sources.
Vulnerability (2) can be exploited by uploading specially designed data and getting response via uploaded icon information.
Original advisories
Related products
CVE list
- CVE-2016-0033 warning
- CVE-2016-0047 warning
KB list
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!