CVE-2013-3861

Name of the Vulnerable Software and Affected Versions Microsoft .NET Framework versions 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5

Description A denial of service issue exists, allowing remote attackers to cause an application crash or hang via crafted character sequences in JSON data. This could enable an attacker to cause a server or application to crash or become unresponsive.

Recommendations For Microsoft .NET Framework versions 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5, consider restricting the processing of JSON data from untrusted sources until a fix is available. As a temporary workaround, implement input validation to detect and prevent crafted character sequences in JSON data.