Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-59789
HistoryMay 14, 2013 - 12:00 a.m.

Microsoft .NET Framework XML Digital Signature CVE-2013-1336 Security Bypass Vulnerability

2013-05-1400:00:00
Symantec Security Response
www.symantec.com
13

0.91 High

EPSS

Percentile

98.9%

JSON

Description

Microsoft .NET Framework is prone to a security-bypass vulnerability because it fails to properly validate the signature of a specially crafted XML file. Attackers can exploit this issue to bypass XML digital signature validation and spoof XML content by conducting man-in-the-middle attacks. Successful exploits will cause victims to accept the spoofed XML files assuming they are legitimate.

Technologies Affected

  • Avaya CallPilot 4.0
  • Avaya CallPilot 4.0.1
  • Avaya CallPilot 5.0
  • Avaya CallPilot 5.0.1
  • Avaya CallPilot
  • Avaya CallPilot Unified Messaging
  • Avaya Communication Server 1000 Telephony Manager 3.0
  • Avaya Communication Server 1000 Telephony Manager 3.0.1
  • Avaya Communication Server 1000 Telephony Manager 4.0
  • Avaya Communication Server 1000 Telephony Manager 4.0.1
  • Avaya Communication Server 1000 Telephony Manager
  • Avaya Conferencing Standard Edition 6.0
  • Avaya Conferencing Standard Edition 6.0 SP1
  • Avaya Conferencing Standard Edition 6.0.1
  • Avaya Meeting Exchange - Client Registration Server 5.0
  • Avaya Meeting Exchange - Client Registration Server 5.0.1
  • Avaya Meeting Exchange - Client Registration Server 5.2
  • Avaya Meeting Exchange - Client Registration Server 5.2.1
  • Avaya Meeting Exchange - Client Registration Server 6.0
  • Avaya Meeting Exchange - Client Registration Server
  • Avaya Meeting Exchange - Enterprise Edition
  • Avaya Meeting Exchange - Recording Server 5.0
  • Avaya Meeting Exchange - Recording Server 5.0.1
  • Avaya Meeting Exchange - Recording Server 5.2
  • Avaya Meeting Exchange - Recording Server 5.2.1
  • Avaya Meeting Exchange - Recording Server 6.0
  • Avaya Meeting Exchange - Recording Server
  • Avaya Meeting Exchange - Streaming Server 5.0
  • Avaya Meeting Exchange - Streaming Server 5.0
  • Avaya Meeting Exchange - Streaming Server 5.0.1
  • Avaya Meeting Exchange - Streaming Server 5.2
  • Avaya Meeting Exchange - Streaming Server 5.2.1
  • Avaya Meeting Exchange - Streaming Server 6.0
  • Avaya Meeting Exchange - Streaming Server
  • Avaya Meeting Exchange - Web Conferencing Server 5.0
  • Avaya Meeting Exchange - Web Conferencing Server 5.0.1
  • Avaya Meeting Exchange - Web Conferencing Server 5.2
  • Avaya Meeting Exchange - Web Conferencing Server 5.2.1
  • Avaya Meeting Exchange - Web Conferencing Server 6.0
  • Avaya Meeting Exchange - Web Conferencing Server
  • Avaya Meeting Exchange - Webportal 5.0
  • Avaya Meeting Exchange - Webportal 5.0.1
  • Avaya Meeting Exchange - Webportal 5.2
  • Avaya Meeting Exchange - Webportal 5.2.1
  • Avaya Meeting Exchange - Webportal 6.0
  • Avaya Meeting Exchange - Webportal
  • Avaya Messaging Application Server 4
  • Avaya Messaging Application Server 5
  • Avaya Messaging Application Server 5.0
  • Avaya Messaging Application Server 5.0.1
  • Avaya Messaging Application Server 5.2
  • Avaya Messaging Application Server 5.2.1
  • Avaya Messaging Application Server
  • Avaya Messaging Application Server MM 1.1
  • Avaya Messaging Application Server MM 2.0
  • Avaya Messaging Application Server MM 3.0
  • Avaya Messaging Application Server MM 3.1
  • Microsoft .NET Framework 2.0 SP2
  • Microsoft .NET Framework 3.5
  • Microsoft .NET Framework 3.5.1
  • Microsoft .NET Framework 4.0
  • Microsoft .NET Framework 4.5

Recommendations

Block external access at the network boundary, unless external parties require service.
If global access isn’t needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of exploits.

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.

Communicate sensitive information through secure means.
Use multiple layers of encryption when communicating sensitive information between a client and a server. This will reduce the chance of a successful exploit.

Updates are available. Please see the references or vendor advisory for more information.

Related

cve 1
nvd 1
checkpoint_advisories 1
cvelist 1
prion 1
openvas 2
nessus 1
mskb 1
securityvulns 2
cve
cve
CVE-2013-1336
2013-05-15 03:36:34
nvd
nvd
CVE-2013-1336
2013-05-15 03:36:34
checkpoint_advisories
checkpoint_advisories
Microsoft .NET XML Digital Signature Spoofing (MS13-040; CVE-2013-1336)
2013-05-14 00:00:00
cvelist
cvelist
CVE-2013-1336
2013-05-15 01:00:00
prion
prion
Spoofing
2013-05-15 03:36:00
openvas
openvas
Microsoft .NET Framework Authentication Bypass and Spoofing Vulnerabilities (2836440)
2013-05-15 00:00:00
Microsoft .NET Framework Authentication Bypass and Spoofing Vulnerabilities (2836440)
2013-05-15 00:00:00
nessus
nessus
MS13-040: Vulnerabilities in .NET Framework Could Allow Spoofing (2836440)
2013-05-15 00:00:00
mskb
mskb
MS13-040: Vulnerabilities in the .NET Framework could allow spoofing: May 14, 2013
2013-05-14 00:00:00
securityvulns
securityvulns
Microsoft Lync code execution
2013-05-27 00:00:00
Microsoft Windows multiple security vulnerabilities
2013-05-27 00:00:00

0.91 High

EPSS

Percentile

98.9%

JSON
Related for SMNTC-59789
cve1nvd1checkpoint_advisories1cvelist1prion1openvas2nessus1mskb1securityvulns2