Arbitrary code execution vulnerability in Microsoft .NET Framework

Описание

An improper validation of untrusted input was found in Microsoft .NET Framework. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed document or application.

---

Technical details

NB: This vulnerability does not have any public CVSS rating, so rating can be changed by the time.

Первичный источник обнаружения

• CVE-2017-8759
  CVE-2017-8759
  

Эксплуатация

This vulnerability can be exploited by the following malware:

https://threats.kaspersky.com/en/threat/Trojan-PSW.Win32.Azorult/

Public exploits exist for this vulnerability.

Связанные продукты

• Microsoft-.NET-Framework

Список CVE

• CVE-2017-8759
  critical

Список KB

• 4038788
• 4038782
• 4038783
• 4038781
• 4040955
• 4040956
• 4040957
• 4040958
• 4040959
• 4040960
• 4040964
• 4040965
• 4040966
• 4040967
• 4040971
• 4040972
• 4040973
• 4040974
• 4040975
• 4040977
• 4040978
• 4040979
• 4040980
• 4040981

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com