Critical severity9.8NVD Advisory· Published Mar 9, 2016· Updated May 6, 2026
CVE-2016-0132
CVE-2016-0132
Description
Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 mishandles signature validation for unspecified elements of XML documents, which allows remote attackers to spoof signatures via a modified document, aka ".NET XML Validation Security Feature Bypass."
Affected products
7cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:.net_framework:4.6.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3News mentions
0No linked articles in our index yet.