Description
Concurrent execution using shared resource with improper synchronization ('race condition') in .NET Framework allows an unauthorized attacker to deny service over a network.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
E
Unchanged
RL
O
RC
Changed
Affected products
- Microsoft / Microsoft .NET Framework 3.53.5.0 – 2.0.50727.8982 & 3.0.30729.8976
- Microsoft / Microsoft .NET Framework 3.5 AND 4.7.24.7.0 – 2.0.50727.9068 & 3.0.30729.9065 & 4.7.4141.0
- Microsoft / Microsoft .NET Framework 3.5 AND 4.84.8.0 – 2.0.50727.9068 & 3.0.30729.9065 & 4.8.4801.0
- Microsoft / Microsoft .NET Framework 3.5 AND 4.8.14.8.1 – 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0
- Microsoft / Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.24.7.0 – 4.8.4801.0
- Microsoft / Microsoft .NET Framework 4.7.210.0.0.0 – 2.0.50727.9068 & 3.0.30729.9065 & 4.7.4141.0
- Microsoft / Microsoft .NET Framework 4.84.8.0 – 2.0.50727.9181 & 3.0.30729.9165 & 4.8.4801.0
- Microsoft / Microsoft .NET Framework 4.8.14.8.0.0 – 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0