Описание
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface.
Below is a complete list of vulnerabilities:
- A remote code execution vulnerability in Microsoft PowerShell can be exploited remotely via specially crafted files to execute arbitrary code.
- A tampering vulnerability in .NET Core can be exploited remotely via specially crafted files to spoof user interface.
- A tampering vulnerability in Microsoft PowerShell can be exploited remotely via specially crafted application to spoof user interface.
- A remote code execution vulnerability in Team Foundation Server (TFS) can be exploited remotely to execute arbitrary code.
- A cross-site-scripting (XSS) vulnerability in Team Foundation Server can be exploited remotely via specially crafted payload to spoof user interface.
Первичный источник обнаружения
Связанные продукты
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-8
- Microsoft-Windows-7
- Microsoft-Windows-Server-2008
- Windows-RT
- Microsoft-Windows-10
- Team-Foundation-Server
Список CVE
- CVE-2018-8415 warning
- CVE-2018-8256 critical
- CVE-2018-8416 warning
- CVE-2018-8602 warning
- CVE-2018-8529 critical
Список KB
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!