CVE-2013-0005

EUVD-2013-0048
The WCF Replace function in the Open Data (aka OData) protocol implementation in Microsoft .NET Framework 3.5, 3.5 SP1, 3.5.1, and 4, and the Management OData IIS Extension on Windows Server 2012, allows remote attackers to cause a denial of service (resource consumption and daemon restart) via crafted values in HTTP requests, aka "Replace Denial of Service Vulnerability."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
Affected Products (NVD)
VendorProductVersion
microsoft.net_framework
3.5
microsoft.net_framework
3.5:sp1
microsoft.net_framework
3.5.1
microsoft.net_framework
4.0
microsoftmanagement_odata_iis_extension
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.us-cert.gov/cas/techalerts/TA13-008A.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-007
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16282
http://www.us-cert.gov/cas/techalerts/TA13-008A.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-007
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16282