KLA10925
Information Disclosure vulnerability in Microsoft .NET Framework 4.6.2

Updated: 06/03/2020
Detect date
?
12/13/2016
Severity
?
Warning
Description

Mishandling of a developer-supplied key was found in Microsoft .NET 4.6.2 Framework’s Data Provider for SQL Server. By exploiting this vulnerability malicious users can obtain sensitive cleartext information. This vulnerability can be exploited remotely via leveraging key guessability.

Affected products

Microsoft .NET Framework 4.6.2 

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

https://technet.microsoft.com/library/security/ms16-155
CVE-2016-7270

Impacts
?
OSI 
[?]
Related products
Microsoft .NET Framework
CVE-IDS
?
CVE-2016-72705.0Critical
Microsoft official advisories
Microsoft Security Update Guide
KB list

3206632
3204801
3204802
3204805

Find out the statistics of the vulnerabilities spreading in your region