Description
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, spoof user interface.
Below is a complete list of vulnerabilities:
- A remote code execution vulnerability in Visual Studio can be exploited remotely to execute arbitrary code.
- An information disclosure vulnerability in Visual Studio can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Visual Studio Code can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Visual Studio can be exploited remotely to gain privileges.
- A spoofing vulnerability in Visual Studio can be exploited remotely to spoof user interface.
- A remote code execution vulnerability in .NET DLL Hijacking can be exploited remotely to execute arbitrary code.
Original advisories
Exploitation
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
CVE list
- CVE-2023-28260 critical
- CVE-2023-28296 critical
- CVE-2023-28263 high
- CVE-2023-24893 critical
- CVE-2023-28262 critical
- CVE-2023-28299 high
KB list
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!