Vigil@nce - Microsoft Dynamics AX: denial of service
January 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An authenticated attacker can send malicious data to Microsoft
Dynamics AX, in order to trigger a denial of service.
Impacted products: Windows (platform)
Severity: 2/4
Creation date: 14/01/2014
DESCRIPTION OF THE VULNERABILITY
The Microsoft Dynamics AX product is an ERP (Enterprise Resource
Planning).
However, when an AOS (Microsoft Dynamics AX Application Object
Server) instance receives special data, it stops. Technical
details are unknown.
An authenticated attacker can therefore send malicious data to
Microsoft Dynamics AX, in order to trigger a denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Microsoft-Dynamics-AX-denial-of-service-14086