Multiple vulnerabilities in Microsoft Developer Tools

説明

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, bypass security restrictions, spoof user interface.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in .NET, .NET Framework, and Visual Studio can be exploited remotely to gain privileges.
2. A denial of service vulnerability in Visual Studio can be exploited remotely to cause denial of service.
3. A security feature bypass vulnerability in ASP.NET Core can be exploited remotely to bypass security restrictions.
4. A denial of service vulnerability in ASP.NET Core can be exploited remotely to cause denial of service.
5. A spoofing vulnerability in Visual Studio Code Jupyter Extension can be exploited remotely to spoof user interface.
6. A security feature bypass vulnerability in ASP.NET can be exploited remotely to bypass security restrictions.

オリジナルアドバイザリー

• CVE-2023-36049

• CVE-2023-36042
• CVE-2023-36558
• CVE-2023-36038
• CVE-2023-36018
• CVE-2023-36560

関連製品

• Microsoft-.NET-Framework
• Microsoft-Visual-Studio
• .NET

CVEリスト

• CVE-2023-36558
  high
• CVE-2023-36049
  critical
• CVE-2023-36042
  high
• CVE-2023-36038
  critical
• CVE-2023-36018
  critical
• CVE-2023-36560
  critical

KBリスト

• 5032199
• 5032197
• 5032343
• 5032007
• 5032337
• 5032186
• 5032340
• 5032004
• 5032338
• 5032344
• 5032341
• 5032342
• 5032339
• 5032336
• 5032883
• 5032884
• 5031989
• 5032185
• 5034274
• 5034276
• 5033920
• 5034272
• 5034275
• 5033917

も参照してください

お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com