KLA10786
Code execution vulnerabilities in Microsoft Developer Tools

Updated: 07/22/2020

Detect date ?	04/12/2016
Severity ?	Critical
Description	Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: A remote code execution vulnerability in .NET Framework can be exploited remotely to execute arbitrary code. A remote code execution vulnerability in GDI+ can be exploited remotely via specially crafted embedded to execute arbitrary code.
Affected products	Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6/4.6.1
Solution	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories	CVE-2016-0148 CVE-2016-0145
Impacts ?	ACE [?]
Related products	Microsoft .NET Framework
CVE-IDS ?	CVE-2016-01487.2High CVE-2016-01459.3Critical
Microsoft official advisories	Microsoft Security Update Guide
KB list	3147461 3147458 3143693 3142045 3142042 3142043 3142041
Exploitation	The following public exploits exists for this vulnerability: https://www.exploit-db.com/exploits/39743 Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
	Find out the statistics of the vulnerabilities spreading in your region

KLA10786Code execution vulnerabilities in Microsoft Developer Tools