Kaspersky Threats — No se encontró la página que estás buscando.<br>Pero puedes ver nuestras últimas vulnerabilidades y amenazas descritas.

Kaspersky ID:

KLA11772

Fecha de detección:

05/12/2020

Actualizado:

01/28/2026

Descripción

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, execute arbitrary code.

Below is a complete list of vulnerabilities:

An elevation of privilege vulnerability in .NET Framework can be exploited remotely to gain privileges.
A denial of service vulnerability in .NET Core & .NET Framework can be exploited remotely via specially crafted requests to cause denial of service.
A denial of service vulnerability in ASP.NET Core can be exploited remotely via specially crafted requests to cause denial of service.
A remote code execution vulnerability in Visual Studio Code Python Extension can be exploited remotely to execute arbitrary code.
A remote code execution vulnerability in Visual Studio Code Python Extension can be exploited remotely via specially crafted file to execute arbitrary code.

Notas informativas originales

Explotación

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Productos relacionados

Lista CVE

CVE-2020-1066
critical
CVE-2020-1108
critical
CVE-2020-1161
critical
CVE-2020-1171
critical
CVE-2020-1192
critical

Lista KB

Leer más

Conozca las estadísticas de las vulnerabilidades que se propagan en su región statistics.securelist.com

¿Has encontrado algún error en la descripción de esta vulnerabilidad? ¡Háznoslo saber!

Kaspersky ID:

KLA11772

Fecha de detección:

05/12/2020

Actualizado:

01/28/2026

Nivel de gravedad

critical

Solución

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impactos

ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Productos afectados

Microsoft .NET Framework 3.5
Microsoft .NET Framework 4.5.2
ASP.NET Core 3.1
Microsoft .NET Framework 4.6
Microsoft Visual Studio 2019 version 16.5
Microsoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8)
Microsoft .NET Framework 3.5 AND 4.6/4.6.1/4.6.2
Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)
Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2
Microsoft .NET Framework 3.5 AND 4.7.1/4.7.2
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 4.8
.NET Core 3.1
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 3.5 AND 4.7.2
.NET Core 5.0
.NET Core 2.1
Visual Studio Code
Microsoft .NET Framework 3.5 AND 4.8
Microsoft Visual Studio 2019 version 16.0
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2

Multiple vulnerabilities in Microsoft Developer Tools

Descripción

Notas informativas originales

Explotación

Productos relacionados

Lista CVE

Lista KB

Leer más