Multiple vulnerabilities in Microsoft Developer Tools

Описание

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Git for Visual Studio can be exploited remotely to execute arbitrary code.
2. A tampering vulnerability in Git for Visual Studio can be exploited remotely via specially crafted path to spoof user interface.
3. A spoofing vulnerability in Visual Studio Live Share can be exploited remotely to spoof user interface.

Первичный источник обнаружения

• CVE-2019-1352
  CVE-2019-1351
  CVE-2019-1387
  CVE-2019-1350
  CVE-2019-1354
  CVE-2019-1486
  CVE-2019-1349
  

Связанные продукты

• Microsoft-Visual-Studio

Список CVE

• CVE-2019-1352
  critical
• CVE-2019-1351
  warning
• CVE-2019-1387
  high
• CVE-2019-1350
  critical
• CVE-2019-1354
  critical
• CVE-2019-1486
  high
• CVE-2019-1349
  critical

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com