CVE-2016-3255
EUVD-2016-429213.07.2016, 01:59
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka ".NET Information Disclosure Vulnerability."Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| microsoft | .net_framework | 2.0:sp2 |
| microsoft | .net_framework | 3.5 |
| microsoft | .net_framework | 3.5.1 |
| microsoft | .net_framework | 4.5.2 |
| microsoft | .net_framework | 4.6 |
| microsoft | .net_framework | 4.6.1 |
𝑥
= Vulnerable software versions
Windows Releases
Platform | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Windows 10 |
| ||||||||||||
| Windows 7 |
| ||||||||||||
| Windows 8.1 |
| ||||||||||||
| Windows RT 8.1 |
| ||||||||||||
| Windows Server 2008 |
| ||||||||||||
| Windows Server 2008 R2 |
| ||||||||||||
| Windows Server 2012 |
| ||||||||||||
| Windows Server 2012 R2 |
| ||||||||||||
| Windows Vista |
|
Common Weakness Enumeration
References