HTTP: Microsoft Windows CVE-2015-6096 Remote Code Execution

This signature detects an attempt to exploit a known Vulnerability in Microsoft's .Net framework. Successful exploitation could allow an attacker to execute arbitrary code into the application's context.

Extended Description

The XML DTD parser in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka ".NET Information Disclosure Vulnerability."

Affected Products

Microsoft .net_framework

References

CVE: CVE-2015-6096

Short Name
HTTP:STC:DL:CVE-2015-6096-CE
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2015-6096 Code Execution Microsoft Remote Windows
Release Date
11/10/2015
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3761
False Positive
Unknown
Vendors

Microsoft

CVSS Score

4.3

Found a potential security threat?