Descripción
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface.
Below is a complete list of vulnerabilities:
- A remote code execution vulnerability in Microsoft PowerShell can be exploited remotely via specially crafted files to execute arbitrary code.
- A tampering vulnerability in .NET Core can be exploited remotely via specially crafted files to spoof user interface.
- A tampering vulnerability in Microsoft PowerShell can be exploited remotely via specially crafted application to spoof user interface.
- A remote code execution vulnerability in Team Foundation Server (TFS) can be exploited remotely to execute arbitrary code.
- A cross-site-scripting (XSS) vulnerability in Team Foundation Server can be exploited remotely via specially crafted payload to spoof user interface.
Notas informativas originales
Productos relacionados
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-8
- Microsoft-Windows-7
- Microsoft-Windows-Server-2008
- Windows-RT
- Microsoft-Windows-10
- Team-Foundation-Server
Lista CVE
- CVE-2018-8415 warning
- CVE-2018-8256 critical
- CVE-2018-8416 warning
- CVE-2018-8602 warning
- CVE-2018-8529 critical
Lista KB
Leer más
Conozca las estadísticas de las vulnerabilidades que se propagan en su región statistics.securelist.com
¿Has encontrado algún error en la descripción de esta vulnerabilidad? ¡Háznoslo saber!