CVE-2018-0786

🗓️ 10 Jan 2018 01:00:00Reported by microsoftType

".NET Security Feature Bypass Vulnerability in Microsoft .NET Framework and PowerShell Core

Reporter	Title	Published	Views	Family All 81
ALT Linux	Security fix for the ALT Linux 10 package dotnet-coreclr-3.1 version 2.0.5-alt1	22 Feb 201800:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 10 package dotnet-bootstrap-5.0 version 2.0.5-alt1	5 Feb 201800:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 10 package dotnet-bootstrap-6.0 version 2.0.5-alt1	5 Feb 201800:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 9 package dotnet-bootstrap-3.1 version 2.0.5-alt1	5 Feb 201800:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 9 package dotnet-corefx-3.1 version 2.0.5-alt1	5 Feb 201800:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 10 package dotnet-bootstrap-3.1 version 2.0.5-alt1	5 Feb 201800:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 9 package dotnet-coreclr-3.1 version 2.0.5-alt1	22 Feb 201800:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 9 package dotnet-bootstrap-5.0 version 2.0.5-alt1	5 Feb 201800:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 8 package dotnet-bootstrap version 2.0.5-alt1	5 Feb 201800:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 10 package dotnet-bootstrap-7.0 version 2.0.5-alt1	5 Feb 201800:00	–	altlinux

NVD

Node

microsoft .net_coreMatch1.0

microsoft .net_coreMatch2.0

microsoft powershell_coreMatch6.0

Node

microsoft .net_frameworkMatch2.0sp2

microsoft .net_frameworkMatch3.0sp2

AND

microsoft windows_server_2008Match-sp2

Node

microsoft .net_frameworkMatch3.5

AND

microsoft windows_10Match-

microsoft windows_10Match1511

microsoft windows_10Match1607

microsoft windows_10Match1703

microsoft windows_10Match1709

microsoft windows_8.1Match-

microsoft windows_server_2012Match-

microsoft windows_server_2012Matchr2

microsoft windows_server_2016Match-

Node

microsoft .net_frameworkMatch3.5.1

AND

microsoft windows_7Match-sp1

microsoft windows_server_2008Matchr2sp1itanium

microsoft windows_server_2008Matchr2sp1x64

Node

microsoft .net_frameworkMatch4.5.2

AND

microsoft windows_7Match-sp1

microsoft windows_8.1Match-

microsoft windows_rt_8.1Match-

microsoft windows_server_2008Match-sp2

microsoft windows_server_2008Matchr2sp1x64

microsoft windows_server_2012Match-

microsoft windows_server_2012Matchr2

Node

microsoft .net_frameworkMatch4.6

AND

microsoft windows_10Match-

microsoft windows_server_2008Match-sp2

Node

microsoft .net_frameworkMatch4.6.1

AND

microsoft windows_10Match1511

Node

microsoft .net_frameworkMatch4.6.2

microsoft .net_frameworkMatch4.7

AND

microsoft windows_10Match1607

microsoft windows_server_2016Match-

Node

microsoft .net_frameworkMatch4.6

microsoft .net_frameworkMatch4.6.1

microsoft .net_frameworkMatch4.6.2

microsoft .net_frameworkMatch4.7

AND

microsoft windows_7Match-sp1

microsoft windows_8.1Match-

microsoft windows_rt_8.1Match-

microsoft windows_server_2008Matchr2sp1x64

microsoft windows_server_2012Match-

microsoft windows_server_2012Matchr2

Node

microsoft .net_frameworkMatch4.7

AND

microsoft windows_10Match1703

Node

microsoft .net_frameworkMatch4.7.1

AND

microsoft windows_10Match1709

[
  {
    "product": ".NET Framework, .NET Core, and PowerShell Core",
    "vendor": "Microsoft Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Core 1.0 and 2.0, PowerShell Core 6.0.0"
      }
    ]
  }
]

Source	Link
securityfocus	www.securityfocus.com/bid/102380
securitytracker	www.securitytracker.com/id/1040152
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0786

21 Nov 2024 03:38Current

6.2Medium risk

Vulners AI Score6.2

CVSS 25

CVSS 37.5

EPSS0.02026

CWE-295