Microsoft Corporation Information for VU#903934

Hash table implementations vulnerable to algorithmic complexity attacks

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

Microsoft has released an update to the .NET Framework with Microsoft Security Bulletin MS11-100, which addresses this issue.

Vendor References

http://technet.microsoft.com/en-us/security/bulletin/ms11-100.mspx
http://technet.microsoft.com/en-us/security/advisory/2659883
http://blogs.technet.com/b/srd/archive/2011/12/27/more-information-about-the-december-2011-asp-net-vulnerability.aspx

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.