Beschreibung
Multiple serious vulnerabilities were found in Microsoft Developer tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, gain privileges.
Below is a complete list of vulnerabilities:
- Multiple memory corruption vulnerabilities in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code;
- An input validation vulnerability in Microsoft .NET Framework can be exploited remotely to execute arbitrary code;
- An improper handling of web requests vulnerability in Microsoft .NET Framework can be exploited remotely via specially crafted web request to cause denial of service;
- An elevation of privilege vulnerability in Diagnostics Hub Standard Collector Service can be exploited remotely to gain privileges.
- A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
Ursprüngliche Informationshinweise
CVE Liste
- CVE-2018-8583 critical
- CVE-2018-8540 critical
- CVE-2018-8517 critical
- CVE-2018-8624 critical
- CVE-2018-8629 critical
- CVE-2018-8617 critical
- CVE-2018-8599 critical
- CVE-2018-8618 critical
KB Liste
- 4469516
- 4470500
- 4470638
- 4471329
- 4471323
- 4470640
- 4470498
- 4471324
- 4470637
- 4470601
- 4470639
- 4470491
- 4470641
- 4470622
- 4470493
- 4470600
- 4471327
- 4470602
- 4470492
- 4470502
- 4470623
- 4471321
- 4470630
- 4470629
- 4470499
- 4470633
- 4471102
Mehr erfahren
Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com
Sie haben einen Fehler in der Beschreibung der Schwachstelle gefunden? Mitteilen!