CVE-2018-0764
Description
Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. 1.1 and 2.0 allow a denial of service vulnerability due to the way XML documents are processed, aka .NET and .NET Core Denial Of Service Vulnerability. This CVE is unique from CVE-2018-0765.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
34.677
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 2.0, 3.0 on Windows Server 2008 SP2 for x64 (KB4054174) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 2.0, 3.0 on Windows Server 2008 SP2 for x64 (KB4054996) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 2.0, 3.0 on Windows Server 2008 SP2 (KB4054996) | Windows |
| Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1511 for x64-based Systems - Meltdown and Spectre (KB4056888) - Cumulative | Windows |
| Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1511 for x86-based Systems - Meltdown and Spectre(KB4056888) - Cumulative | Windows |
| Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1703 for x64-based Systems - Meltdown and Spectre (KB4056891) - Delta | Windows |
| Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1703 for x86-based Systems - Meltdown and Spectre (KB4056891) - Delta | Windows |
| Microsoft Edge Information Disclosure Vulnerability for Windows Server 2016 for x64-based Systems - Meltdown and Spectre (KB4056890) - Cumulative | Windows |
| Microsoft Edge Information Disclosure Vulnerability for Windows Server 2016 for x64-based Systems - Meltdown and Spectre (KB4056890) - Delta | Windows |
| Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1607 for x64-based Systems - Meltdown and Spectre (KB4056890) - Cumulative | Windows |
| Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1607 for x64-based Systems - Meltdown and Spectre (KB4056890) - Delta | Windows |
| Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1607 for x64-based Systems (KB4056890) - Cumulative | Windows |
| Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1607 for x64-based Systems (KB4056890) - Delta | Windows |
| Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1607 for x86-based Systems - Meltdown and Spectre (KB4056890) - Cumulative | Windows |
| Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1607 for x86-based Systems - Meltdown and Spectre (KB4056890) - Delta | Windows |
| Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1607 for x86-based Systems (KB4056890) - Cumulative | Windows |
| Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1607 for x86-based Systems (KB4056890) - Delta | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 7 and Server 2008 R2 for x64 (KB4054183) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 7 (KB4054183) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.6 on Windows Server 2008 SP2 for x64 (KB4054183) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.6 on Windows Server 2008 SP2 (KB4054183) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 2.0, 3.0 on Windows Server 2008 SP2 (KB4054174) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 8.1 and Server 2012 R2 for x64 (KB4054182) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 8.1 (KB4054182) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 8.1 and Server 2012 R2 for x64 (KB4055001) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 8.1 (KB4055001) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows Server 2012 for x64 (KB4054181) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows Server 2012 for x64 (KB4055000) | Windows |
| Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1709 for x64-based Systems - Meltdown and Spectre (KB4056892) - Cumulative | Windows |
| Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1709 for x64-based Systems - Meltdown and Spectre (KB4056892) - Delta | Windows |
| Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1709 for x86-based Systems - Meltdown and Spectre (KB4056892) - Cumulative | Windows |
| Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1709 for x86-based Systems - Meltdown and Spectre (KB4056892) - Delta | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 3.5.1 on Windows 7 and Server 2008 R2 for x64 (KB4054176) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 3.5.1 on Windows 7 (KB4054176) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 3.5.1 on Windows 7 and Server 2008 R2 for x64 (KB4054998) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 3.5.1 on Windows 7 (KB4054998) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 3.5 on Windows 8.1 and Server 2012 R2 for x64 (KB4054177) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 3.5 on Windows 8.1 (KB4054177) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 3.5 on Windows 8.1 and Server 2012 R2 for x64 (KB4054999) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 3.5 on Windows 8.1 (KB4054999) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 3.5 on Windows Server 2012 for x64 (KB4054175) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 3.5 on Windows Server 2012 for x64 (KB4054997) | Windows |
| Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1507 for x64-based Systems - Meltdown and Spectre(KB4056893) - Cumulative | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.5.2 on Windows 7 (KB4054172) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.5.2 on Windows 7 and Server 2008 R2 for x64 (KB4054172) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.5.2 on Windows Server 2008 SP2 for x64 (KB4054172) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.5.2 on Windows 7 and Server 2008 R2 for x64 (KB4054995) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.5.2 on Windows Server 2008 SP2 for x64 (KB4054995) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.5.2 on Windows Server 2008 SP2 (KB4054995) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.5.2 on Windows 8.1 and Server 2012 R2 for x64 (KB4054170) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.5.2 on Windows 8.1 (KB4054170) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.5.2 on Windows 8.1 and Server 2012 R2 for x64 (KB4054993) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.5.2 on Windows 8.1 (kb4054993) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.5.2 on Windows Server 2012 for x64 (KB4054171) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 7 (KB4055002) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 7 and Server 2008 R2 for x64 (KB4055002) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.6 on Windows Server 2008 SP2 for x64 (KB4055002) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.6 on Windows Server 2008 SP2 (KB4055002) | Windows |
| Microsoft Edge Information Disclosure Vulnerability for Windows Server 2016 for x64-based Systems - Meltdown and Spectre (KB4056890) - Cumulative | Windows |
| Microsoft Edge Information Disclosure Vulnerability for Windows Server 2016 for x64-based Systems - Meltdown and Spectre (KB4056890) - Delta | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows 7 SP1(KB4074880) | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows 7 SP1 and Server 2008 R2 SP1 (KB4074880) | Windows |
| Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1507 for x86-based Systems - Meltdown and Spectre (KB4056893) - Cumulative | Windows |
| .NET and .NET Core Denial of Service Vulnerability for .NET Framework 4.5.2 on Windows 7 (KB4054995) | Windows |
| Vulnerabilities CVE-2018-0765,CVE-2018-0764 are fixed in Nuget - System.Security.Cryptography.Xml 4.4.2 | Windows |
| Vulnerabilities CVE-2018-0764,CVE-2018-0786 are affected in Powershell for MAC 6.0.0 | Mac |
| Vulnerabilities CVE-2018-0765,CVE-2018-0764 are fixed in Nuget - System.Security.Cryptography.Xml for Linux 4.4.2 | Linux |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-23686 | KB4055272-2018-01 Security Only Update for .NET Framework 2.0, 3.0 on Windows Server 2008 SP2 for x64 (KB4054174) |
| PATCH-23680 | KB4055267,KB4074808,KB4076495,KB4057273 - 2018-01 Security and Quality Rollup for .NET Framework 2.0, 3.0 on Windows Server 2008 SP2 for x64 (KB4054996) |
| PATCH-23679 | KB4055267,KB4074808,KB4076495,KB4057273 - 2018-01 Security and Quality Rollup for .NET Framework 2.0, 3.0 on Windows Server 2008 SP2 (KB4054996) |
| PATCH-23624 | 2018-01 Cumulative Update for Windows 10 Version 1511 for x64-based Systems - Meltdown and Spectre (KB4056888) |
| PATCH-23623 | 2018-01 Cumulative Update for Windows 10 Version 1511 for x86-based Systems - Meltdown and Spectre(KB4056888) |
| PATCH-23627 | 2018-01 Cumulative Update for Windows Server 2016 for x64-based Systems - Meltdown and Spectre (KB4056890) |
| PATCH-23630 | 2018-01 Delta Update for Windows Server 2016 for x64-based Systems - Meltdown and Spectre (KB4056890) |
| PATCH-23626 | 2018-01 Cumulative Update for Windows 10 Version 1607 for x64-based Systems - Meltdown and Spectre (KB4056890) |
| PATCH-23629 | 2018-01 Delta Update for Windows 10 Version 1607 for x64-based Systems - Meltdown and Spectre (KB4056890) |
| PATCH-23827 | 2018-01 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4056890) |
| PATCH-23625 | 2018-01 Cumulative Update for Windows 10 Version 1607 for x86-based Systems - Meltdown and Spectre (KB4056890) |
| PATCH-23628 | 2018-01 Delta Update for Windows 10 Version 1607 for x86-based Systems - Meltdown and Spectre (KB4056890) |
| PATCH-23826 | 2018-01 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB4056890) |
| PATCH-23702 | KB4055269-2018-01 Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 7 and Server 2008 R2 for x64 (KB4054183) |
| PATCH-23701 | KB4055269-2018-01 Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 7 (KB4054183) |
| PATCH-23690 | KB4055272-2018-01 Security Only Update for .NET Framework 4.6 on Windows Server 2008 SP2 for x64 (KB4054183) |
| PATCH-23689 | KB4055272-2018-01 Security Only Update for .NET Framework 4.6 on Windows Server 2008 SP2 (KB4054183) |
| PATCH-23685 | KB4055272-2018-01 Security Only Update for .NET Framework 2.0, 3.0 on Windows Server 2008 SP2 (KB4054174) |
| PATCH-23783 | KB4055271-2018-01 Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 8.1 and Server 2012 R2 for x64 (KB4054182) |
| PATCH-23782 | KB4055271-2018-01 Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 8.1 (KB4054182) |
| PATCH-23714 | KB4055266-2018-01 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 8.1 and Server 2012 R2 for x64 (KB4055001) |
| PATCH-23713 | KB4055266-2018-01 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 8.1 (KB4055001) |
| PATCH-23708 | KB4055270-2018-01 Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows Server 2012 for x64 (KB4054181) |
| PATCH-23705 | KB4055265-2018-01 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows Server 2012 for x64 (KB4055000) |
| PATCH-23636 | 2018-01 Cumulative Update for Windows 10 Version 1709 for x64-based Systems - Meltdown and Spectre (KB4056892) |
| PATCH-23638 | 2018-01 Delta Update for Windows 10 Version 1709 for x64-based Systems - Meltdown and Spectre (KB4056892) |
| PATCH-23635 | 2018-01 Cumulative Update for Windows 10 Version 1709 for x86-based Systems - Meltdown and Spectre (KB4056892) |
| PATCH-23637 | 2018-01 Delta Update for Windows 10 Version 1709 for x86-based Systems - Meltdown and Spectre (KB4056892) |
| PATCH-23698 | KB4055269-2018-01 Security Only Update for .NET Framework 3.5.1 on Windows 7 and Server 2008 R2 for x64 (KB4054176) |
| PATCH-23697 | KB4055269-2018-01 Security Only Update for .NET Framework 3.5.1 on Windows 7 (KB4054176) |
| PATCH-23692 | KB4076492, KB4057270, KB4055532, KB4074805 - 2018-01 Security and Quality Rollup for .NET Framework 3.5.1 on Windows 7 and Server 2008 R2 for x64 (KB4054998) |
| PATCH-23691 | KB4076492, KB4057270, KB4055532,KB4074805 - 2018-01 Security and Quality Rollup for .NET Framework 3.5.1 on Windows 7 (KB4054998) |
| PATCH-23779 | KB4055271-2018-01 Security Only Update for .NET Framework 3.5 on Windows 8.1 and Server 2012 R2 for x64 (KB4054177) |
| PATCH-23715 | KB4055271-2018-01 Security Only Update for .NET Framework 3.5 on Windows 8.1 (KB4054177) |
| PATCH-23710 | KB4055266,KB4076494,KB4074807,KB4057272-2018-01 Security and Quality Rollup for .NET Framework 3.5 on Windows 8.1 and Server 2012 R2 for x64 (KB4054999) |
| PATCH-23706 | KB4055270-2018-01 Security Only Update for .NET Framework 3.5 on Windows Server 2012 for x64 (KB4054175) |
| PATCH-23703 | KB4076493, KB4057271, KB4055265,KB4074806 - 2018-01 Security and Quality Rollup for .NET Framework 3.5 on Windows Server 2012 for x64 (KB4054997) |
| PATCH-23622 | 2018-01 Cumulative Update for Windows 10 Version 1507 for x64-based Systems - Meltdown and Spectre(KB4056893) |
| PATCH-23699 | KB4055269-2018-01 Security Only Update for .NET Framework 4.5.2 on Windows 7 (KB4054172) |
| PATCH-23700 | KB4055269-2018-01 Security Only Update for .NET Framework 4.5.2 on Windows 7 and Server 2008 R2 for x64 (KB4054172) |
| PATCH-23688 | KB4055272-2018-01 Security Only Update for .NET Framework 4.5.2 on Windows Server 2008 SP2 for x64 (KB4054172) |
| PATCH-23781 | KB4055271-2018-01 Security Only Update for .NET Framework 4.5.2 on Windows 8.1 and Server 2012 R2 for x64 (KB4054170) |
| PATCH-23780 | KB4055271-2018-01 Security Only Update for .NET Framework 4.5.2 on Windows 8.1 (KB4054170) |
| PATCH-23712 | KB4055266-2018-01 Security and Quality Rollup for .NET Framework 4.5.2 on Windows 8.1 and Server 2012 R2 for x64 (KB4054993) |
| PATCH-23711 | KB4055266-2018-01 Security and Quality Rollup for .NET Framework 4.5.2 on Windows 8.1 (kb4054993) |
| PATCH-23707 | KB4055270-2018-01 Security Only Update for .NET Framework 4.5.2 on Windows Server 2012 for x64 (KB4054171) |
| PATCH-23696 | KB4055532-2018-01 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 7 and Server 2008 R2 for x64 (KB4055002) |
| PATCH-23684 | KB4055267-2018-01 Security and Quality Rollup for .NET Framework 4.6 on Windows Server 2008 SP2 for x64 (KB4055002) |
| PATCH-23683 | KB4055267-2018-01 Security and Quality Rollup for .NET Framework 4.6 on Windows Server 2008 SP2 (KB4055002) |
| PATCH-24178 | 2018-01 Cumulative Update for Windows Server 2016 for x64-based Systems - Meltdown and Spectre (KB4056890) |
| PATCH-23785 | KB4055532-2018-01 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows 7 SP1 and Server 2008 R2 SP1 (KB4074880) |
| PATCH-23621 | 2018-01 Cumulative Update for Windows 10 Version 1507 for x86-based Systems - Meltdown and Spectre (KB4056893) |
| PATCH-610913 | Powershell for MAC (Apple Silicon) (7.5.1) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234