Code execution vulnerabilities in Microsoft Developer Tools

Description

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in .NET Framework can be exploited remotely to execute arbitrary code.
2. A remote code execution vulnerability in GDI+ can be exploited remotely via specially crafted embedded to execute arbitrary code.

Original advisories

• CVE-2016-0148

• CVE-2016-0145

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

• Microsoft-.NET-Framework

CVE list

• CVE-2016-0148
  high
• CVE-2016-0145
  critical

KB list

• 3147461
• 3147458
• 3143693
• 3142045
• 3142042
• 3142043
• 3142041

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com