Intrusion PreventionMS.NET.Framework.AllocHGlobal.Integer.Overflow
Description
This indicates an attack attempt to exploit an Integer Overflow vulnerability in Microsoft .Net Framework.
The vulnerability is due to improper bound checking when the vulnerable software handles maliciously crafted packets. An attacker can exploit this to cause denial of services conditions within the affected application.
Affected Products
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 4
Microsoft .NET Framework 4.5/4.5.1/4.5.2
Microsoft .NET Framework 4.6
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 3.5
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
http://technet.microsoft.com/security/bulletin/MS15-101
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2019-11-22 | 15.729 | Name:MS. Net. Framework. AllocHGlobal. Integer. Overflow:MS. NET. Framework. AllocHGlobal. Integer. Overflow |
| 2019-02-01 | 14.540 | Name:Microsoft. Net. Framework. AllocHGlobal. Integer. Overflow:MS. Net. Framework. AllocHGlobal. Integer. Overflow |
| ID | 41325 |
| Created | Sep 08, 2015 |
| Updated | May 02, 2022 |
| Risk |
|
| CVE ID | CVE-2015-2504 |
| Exploit Prediction Score | 24.1% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | Other |