説明
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information, cause denial of service, gain privileges.
Below is a complete list of vulnerabilities:
- A cross-site-scripting (XSS) vulnerability Azure DevOps Server and Team Foundation Server can be exploited remotely via specially crafted payload to spoof user interface.
- A cross-site-scripting (XSS) vulnerability Azure DevOps Server can be exploited remotely via specially crafted payload to spoof user interface.
- Unspecified Microsoft Azure can be exploited remotely to spoof user interface.
- An information disclosure vulnerability in Open Enclave SDK can be exploited remotely to obtain sensitive information.
- A denial of service vulnerability in ASP.NET Core can be exploited remotely via specially crafted requests to cause denial of service.
- An elevation of privilege vulnerability in Azure DevOps Server can be exploited remotely via specially crafted request to gain privileges.
- A spoofing vulnerability in Azure DevOps Server can be exploited remotely via specially crafted payload to spoof user interface.
オリジナルアドバイザリー
- CVE-2019-0874
- CVE-2019-0869
- CVE-2019-0876
- CVE-2019-0867
- CVE-2019-0866
- CVE-2019-0815
- CVE-2019-0871
- CVE-2019-0875
- CVE-2019-0857
- CVE-2019-0868
関連製品
CVEリスト
- CVE-2019-0868 warning
- CVE-2019-0876 warning
- CVE-2019-0870 warning
- CVE-2019-0874 warning
- CVE-2019-0869 warning
- CVE-2019-0867 warning
- CVE-2019-0875 warning
- CVE-2019-0866 warning
- CVE-2019-0815 warning
- CVE-2019-0857 warning
- CVE-2019-0871 warning
KBリスト
も参照してください
お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com
この脆弱性についての記述に不正確な点がありますか? お知らせください!