KLA11315
Multiple vulnerabilities in Microsoft Developer Tools

Обновлено: 21/09/2023
Дата обнаружения
11/09/2018
Уровень угрозы
Critical
Описание

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, spoof user interface.

Below is a complete list of vulnerabilities:

  1. A denial of service vulnerability in System.IO.Pipelines can be exploited remotely via specially crafted requests to cause denial of service.
  2. A denial of service vulnerability in OData can be exploited remotely via specially crafted requests to cause denial of service.
  3. A remote code execution vulnerability in .NET Framework can be exploited remotely via specially crafted file to execute arbitrary code.
  4. A spoofing vulnerability in Azure IoT SDK can be exploited remotely to spoof user interface.
Пораженные продукты

Microsoft.Data.OData
.NET Core 2.1
ASP.NET Core 2.1
System.IO.Pipelines
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4.5.2
Microsoft .NET Framework 4.6
Microsoft .NET Framework 4.7.2
Microsoft .NET Framework 4.7.1/4.7.2
ASP.NET Core 2.2
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2
Microsoft .NET Framework 4.7/4.7.1/4.7.2
C SDK for Azure IoT

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2018-8409
CVE-2018-8269
CVE-2018-8421
CVE-2018-8479
Оказываемое влияние
?
ACE 
[?]

DoS 
[?]

SB 
[?]

SUI 
[?]
Связанные продукты
Microsoft .NET Framework
Microsoft Azure
CVE-IDS
CVE-2018-82695.0Critical
CVE-2018-84796.8High
CVE-2018-84095.0Critical
KB list

4457128
4457056
4457028
4457131
4457132
4457025
4457054
4457044
4457034
4457037
4457027
4457045
4457029
4457142
4457030
4457043
4457055
4457035
4457138
4457036
4457042
4457033
4457026
4457053
4457038