MS14-004 Vulnerability in Microsoft Dynamics AX Could Allow Denial of Service
2014-01-14 This security update resolves one privately reported vulnerability in Microsoft Dynamics AX. The vulnerability could allow denial of service if an authenticated attacker submits specially crafted data to an affected Microsoft Dynamics AX Application Object Server (AOS) instance. An attacker who successfully exploited this vulnerability could cause the target AOS instance to stop responding to client requests.
Vulnerabilities addressed in this bulletin:
Bulletin details at Microsoft.com
Vulnerabilities addressed in this bulletin:
- Query Filter DoS Vulnerability
- A denial of service vulnerability exists in Microsoft Dynamics AX that could allow an attacker to cause an AOS instance to become unresponsive.
CVE-2014-0261
Bulletin details at Microsoft.com
Related CVE Entries
Microsoft Dynamics AX 4.0 SP2, 2009 SP1, 2012, and 2012 R2 allows remote authenticated users to cause a denial of service (instance outage) via crafted data to an Application Object Server (AOS) instance, aka "Query Filter DoS Vulnerability."
Max CVSS
4.0
EPSS Score
1.26%
Published
2014-01-15
Updated
2018-10-12