Popis
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information, cause denial of service, gain privileges.
Below is a complete list of vulnerabilities:
- A cross-site-scripting (XSS) vulnerability Azure DevOps Server and Team Foundation Server can be exploited remotely via specially crafted payload to spoof user interface.
- A cross-site-scripting (XSS) vulnerability Azure DevOps Server can be exploited remotely via specially crafted payload to spoof user interface.
- Unspecified Microsoft Azure can be exploited remotely to spoof user interface.
- An information disclosure vulnerability in Open Enclave SDK can be exploited remotely to obtain sensitive information.
- A denial of service vulnerability in ASP.NET Core can be exploited remotely via specially crafted requests to cause denial of service.
- An elevation of privilege vulnerability in Azure DevOps Server can be exploited remotely via specially crafted request to gain privileges.
- A spoofing vulnerability in Azure DevOps Server can be exploited remotely via specially crafted payload to spoof user interface.
Oficiální doporučení
- CVE-2019-0874
- CVE-2019-0869
- CVE-2019-0876
- CVE-2019-0867
- CVE-2019-0866
- CVE-2019-0815
- CVE-2019-0871
- CVE-2019-0875
- CVE-2019-0857
- CVE-2019-0868
Související produkty
seznam CVE
- CVE-2019-0868 warning
- CVE-2019-0876 warning
- CVE-2019-0870 warning
- CVE-2019-0874 warning
- CVE-2019-0869 warning
- CVE-2019-0867 warning
- CVE-2019-0875 warning
- CVE-2019-0866 warning
- CVE-2019-0815 warning
- CVE-2019-0857 warning
- CVE-2019-0871 warning
seznam KB
Zobrazit více
Zjistěte statistiky zranitelností šířících se ve vaší oblasti statistics.securelist.com
Našli jste v popisu této chyby zabezpečení nepřesnost? Dej nám vědět!