Descripción
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information, cause denial of service, gain privileges.
Below is a complete list of vulnerabilities:
- A cross-site-scripting (XSS) vulnerability Azure DevOps Server and Team Foundation Server can be exploited remotely via specially crafted payload to spoof user interface.
- A cross-site-scripting (XSS) vulnerability Azure DevOps Server can be exploited remotely via specially crafted payload to spoof user interface.
- Unspecified Microsoft Azure can be exploited remotely to spoof user interface.
- An information disclosure vulnerability in Open Enclave SDK can be exploited remotely to obtain sensitive information.
- A denial of service vulnerability in ASP.NET Core can be exploited remotely via specially crafted requests to cause denial of service.
- An elevation of privilege vulnerability in Azure DevOps Server can be exploited remotely via specially crafted request to gain privileges.
- A spoofing vulnerability in Azure DevOps Server can be exploited remotely via specially crafted payload to spoof user interface.
Notas informativas originales
- CVE-2019-0874
- CVE-2019-0869
- CVE-2019-0876
- CVE-2019-0867
- CVE-2019-0866
- CVE-2019-0815
- CVE-2019-0871
- CVE-2019-0875
- CVE-2019-0857
- CVE-2019-0868
Productos relacionados
Lista CVE
- CVE-2019-0868 warning
- CVE-2019-0876 warning
- CVE-2019-0870 warning
- CVE-2019-0874 warning
- CVE-2019-0869 warning
- CVE-2019-0867 warning
- CVE-2019-0875 warning
- CVE-2019-0866 warning
- CVE-2019-0815 warning
- CVE-2019-0857 warning
- CVE-2019-0871 warning
Lista KB
Leer más
Conozca las estadísticas de las vulnerabilidades que se propagan en su región statistics.securelist.com
¿Has encontrado algún error en la descripción de esta vulnerabilidad? ¡Háznoslo saber!