Multiple vulnerabilities in Microsoft Developer Tools

Beschreibung

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Microsoft SQL Server Integration Service (VS extension) can be exploited remotely to execute arbitrary code.
2. A remote code execution vulnerability in Visual Studio can be exploited remotely to execute arbitrary code.
3. A remote code execution vulnerability in Azure DevOps Server can be exploited remotely to execute arbitrary code.
4. An elevation of privilege vulnerability in Visual Studio can be exploited remotely to gain privileges.
5. A denial of service vulnerability in .NET Framework can be exploited remotely to cause denial of service.
6. A denial of service vulnerability in Visual Studio can be exploited remotely to cause denial of service.
7. A remote code execution vulnerability in GitHub can be exploited remotely to execute arbitrary code.
8. A remote code execution vulnerability in .NET and Visual Studio can be exploited remotely to execute arbitrary code.
9. Integer overflow vulnerability can be exploited to execute arbitrary code.

Ursprüngliche Informationshinweise

• CVE-2023-21815

• CVE-2023-21553
• CVE-2023-21566
• CVE-2023-21722
• CVE-2023-23381
• CVE-2023-21567
• CVE-2023-41953
• CVE-2023-21568
• CVE-2023-21808
• CVE-2022-23521

Ausnutzung

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Betroffene Produkte

• Microsoft-.NET-Framework
• Microsoft-SQL-Server
• Microsoft-Visual-Studio
• Microsoft-Azure

CVE Liste

• CVE-2022-23521
  critical
• CVE-2023-21568
  high
• CVE-2023-21815
  critical
• CVE-2023-21553
  critical
• CVE-2023-21566
  critical
• CVE-2023-21722
  warning
• CVE-2023-23381
  critical
• CVE-2023-21567
  high
• CVE-2023-21808
  critical
• CVE-2023-41953
  high

KB Liste

• 5022838
• 5022858
• 5023286
• 5022782
• 5022734
• 5022733
• 5022728
• 5022783
• 5022731
• 5022732
• 5022784
• 5022727
• 5022729
• 5022503
• 5022786
• 5023288
• 5022785
• 5022497
• 5022730
• 5022735
• 5025792
• 5026610

Mehr erfahren

Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com