Beschreibung
Multiple serious vulnerabilities were found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, perform cross-site scripting attacks.
Below is a complete list of vulnerabilities:
- A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code;
- A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code;
- A tampering vulnerability in .NET Core can be exploited remotely via specially crafted files to spoof user interface;
- A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code;
- A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code;
- A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code;
- A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code;
- A remote code execution vulnerability in Microsoft PowerShell can be exploited via specially crafted files to execute arbitrary code;
- A cross-site-scripting (XSS) vulnerability in Team Foundation Server can be exploited remotely via specially crafted request to perform cross-site scripting attacks;
- A remote code execution vulnerability in Team Foundation Server can be exploited via specially crafted files to execute arbitrary code;
- A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code;
- A tampering vulnerability in Microsoft PowerShell can be exploited remotely via specially crafted application to spoof user interface;
- A cross-site-scripting (XSS) vulnerability in Azure App Services can be exploited remotely via specially crafted request to perform cross-site scripting attacks;
- A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
Ursprüngliche Informationshinweise
- CVE-2018-8557
- CVE-2018-8416
- CVE-2018-8555
- CVE-2018-8556
- CVE-2018-8542
- CVE-2018-8543
- CVE-2018-8256
- CVE-2018-8602
- CVE-2018-8529
- CVE-2018-8541
- CVE-2018-8415
- CVE-2018-8600
- CVE-2018-8551
CVE Liste
- CVE-2018-8588 critical
- CVE-2018-8557 critical
- CVE-2018-8542 critical
- CVE-2018-8556 critical
- CVE-2018-8543 critical
- CVE-2018-8541 critical
- CVE-2018-8555 critical
- CVE-2018-8551 critical
- CVE-2018-8415 critical
- CVE-2018-8256 critical
- CVE-2018-8416 critical
- CVE-2018-8602 critical
- CVE-2018-8529 critical
- CVE-2018-8600 critical
KB Liste
Mehr erfahren
Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com
Sie haben einen Fehler in der Beschreibung der Schwachstelle gefunden? Mitteilen!