Signature Detail

Short Name	HTTP:STC:MS-DOTNET-NAMESPACE-BO
Severity	High
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	Microsoft .NET Framework S.DS.P Namespace Method Buffer Overflow
Release Date	2013/08/22
Update Number	2292
Supported Platforms	idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Microsoft .NET Framework S.DS.P Namespace Method Buffer Overflow

This signature detects attempts to exploit a known vulnerability in the Microsoft .NET framework. A successful attack can lead to arbitrary code execution.

Extended Description

Buffer overflow in a System.DirectoryServices.Protocols (S.DS.P) namespace method in Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application that leverages a missing array-size check during a memory copy operation, aka "S.DS.P Buffer Overflow Vulnerability."

Affected Products

microsoft .net_framework 2.0 (sp2)
microsoft .net_framework 3.5
microsoft .net_framework 3.5.1
microsoft .net_framework 4.0
microsoft .net_framework 4.5

References

BugTraq: 57114
CVE: CVE-2013-0003

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Microsoft .NET Framework S.DS.P Namespace Method Buffer Overflow

Extended Description

Affected Products

References