Multiple vulnerabilities in Microsoft Developer Tools

Описание

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Visual Studio Code can be exploited remotely to gain privileges.
2. A remote code execution vulnerability in .NET Framework can be exploited remotely to execute arbitrary code.
3. A denial of service vulnerability in .NET Core and Visual Studio can be exploited remotely to cause denial of service.

Первичный источник обнаружения

• CVE-2022-38020
  CVE-2022-26929
  CVE-2022-38013
  

Эксплуатация

Public exploits exist for this vulnerability.

Связанные продукты

• Microsoft-.NET-Framework
• Microsoft-Visual-Studio

Список CVE

• CVE-2022-38020
  high
• CVE-2022-26929
  critical
• CVE-2022-38013
  critical

Список KB

• 5017327
• 5017500
• 5017497
• 5017915
• 5017903
• 5017501
• 5017499

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com