Multiple vulnerabilities in Microsoft Developer Tools

説明

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, spoof user interface.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Visual Studio can be exploited remotely to execute arbitrary code.
2. An information disclosure vulnerability in Visual Studio can be exploited remotely to obtain sensitive information.
3. A remote code execution vulnerability in Visual Studio Code can be exploited remotely to execute arbitrary code.
4. An elevation of privilege vulnerability in Visual Studio can be exploited remotely to gain privileges.
5. A spoofing vulnerability in Visual Studio can be exploited remotely to spoof user interface.
6. A remote code execution vulnerability in .NET DLL Hijacking can be exploited remotely to execute arbitrary code.

オリジナルアドバイザリー

• CVE-2023-28296

• CVE-2023-28263
• CVE-2023-24893
• CVE-2023-28262
• CVE-2023-28299
• CVE-2023-28260

エクスプロイテーション

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

関連製品

• Microsoft-Visual-Studio

CVEリスト

• CVE-2023-28260
  critical
• CVE-2023-28296
  critical
• CVE-2023-28263
  high
• CVE-2023-24893
  critical
• CVE-2023-28262
  critical
• CVE-2023-28299
  high

KBリスト

• 5025916
• 5025915

も参照してください

お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com