Дата обнаружения
|
10/07/2018 |
Уровень угрозы
|
Warning |
Описание
|
Multiple serious vulnerabilities have been found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, perform cross-site scripting attacks, gain privileges and spoof user interface. Below is a complete list of vulnerabilities:
|
Пораженные продукты
|
.NET Core 2.0 |
Решение
|
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel) |
Первичный источник обнаружения
|
CVE-2018-8286 CVE-2018-8279 CVE-2018-8294 CVE-2018-8276 CVE-2018-8280 CVE-2018-8290 CVE-2018-8288 CVE-2018-8291 CVE-2018-8275 CVE-2018-8287 CVE-2018-8356 CVE-2018-8298 CVE-2018-8319 CVE-2018-8326 CVE-2018-8306 CVE-2018-8202 CVE-2018-8172 CVE-2018-8260 CVE-2018-8327 CVE-2018-8171 CVE-2018-8232 CVE-2018-8284 CVE-2018-8283 |
Оказываемое влияние
?
|
ACE
[?]
OSI
[?]
SB
[?]
PE
[?]
SUI
[?]
|
Связанные продукты
|
Microsoft .NET Framework Microsoft Visual Studio Microsoft ASP.NET MVC ChakraCore |
CVE-IDS
|
CVE-2018-82867.5Critical
CVE-2018-82797.5Critical CVE-2018-82947.5Critical CVE-2018-82766.5High CVE-2018-82807.5Critical CVE-2018-82907.5Critical CVE-2018-82887.5Critical CVE-2018-82917.5Critical CVE-2018-82757.5Critical CVE-2018-82877.5Critical CVE-2018-83565.5High CVE-2018-82987.5Critical CVE-2018-83199.8Critical CVE-2018-83265.4High CVE-2018-83065.5High CVE-2018-82027.8Critical CVE-2018-81727.8Critical CVE-2018-82608.8Critical CVE-2018-83279.8Critical CVE-2018-81717.5Critical CVE-2018-82327.8Critical CVE-2018-82848.1Critical CVE-2018-82837.5Critical |
KB list
|
4338825 |
Microsoft official advisories
|
Microsoft Security Update Guide |
Эксплуатация
|
The following public exploits exists for this vulnerability: https://www.exploit-db.com/exploits/45214 https://www.exploit-db.com/exploits/45213 |