Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB4481486
HistoryJan 08, 2019 - 8:00 a.m.

Security and Quality Rollup updates for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2, and 4.6 for Windows Server 2008 SP2 (KB 4481486)

2019-01-0808:00:00
Microsoft
support.microsoft.com
14

7.4 High

AI Score

Confidence

High

0.019 Low

EPSS

Percentile

88.5%

JSON

Security and Quality Rollup updates for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2, and 4.6 for Windows Server 2008 SP2 (KB 4481486)

**Applies to:**Microsoft .NET Framework 2.0 Service Pack 2, Microsoft .NET Framework 3.0 Service Pack 2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6

Summary

This security update resolves a vulnerability in Microsoft .NET Framework that may cause an information disclosure that allows bypassing Cross-origin Resource Sharing (CORS) configurations.An attacker who successfully exploits the vulnerability could retrieve from a web application content that’s normally restricted.This security update addresses the vulnerability by enforcing CORS configuration to prevent its bypass.To learn more about this vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2019-0545.Important

  • All updates for .NET Framework 4.6 for Windows Server 2008 Service Pack 2 (SP2) require that the d3dcompiler_47.dll update is installed. We recommend that you install the included d3dcompiler_47.dll update before you apply this update. For more information about the d3dcompiler_47.dll update, see KB 4019478.
  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

Additional information about this security update

The following articles contain additional information about this security update as it relates to individual product versions.

  • 4480062 Description of the Security and Quality Rollup for .NET Framework 2.0 SP2 and 3.0 SP2 for Windows Server 2008 SP2 (KB 4480062)
  • 4480059 Description of the Security and Quality Rollup for .NET Framework 4.5.2 for Windows 7 SP1, Server 2008 R2 SP1, and Server 2008 SP2 (KB 4480059)
  • 4480055 Description of the Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1 and for .NET Framework 4.6 for Server 2008 SP2 (KB 4480055)

How to obtain help and support for this security update

Related

openvas 12
mskb 13
veracode 2
github 1
cvelist 1
prion 1
redhatcve 1
osv 2
nvd 1
symantec 1
nessus 13
mscve 1
cve 1
redhat 1
kaspersky 1
talosblog 1
openvas
openvas
Microsoft .NET Framework Information Disclosure Vulnerability (KB4480054)
2019-01-09 00:00:00
Microsoft .NET Framework Information Disclosure Vulnerability (KB4480063)
2019-01-09 00:00:00
Microsoft .NET Framework Information Disclosure Vulnerability (KB4480057)
2019-01-09 00:00:00
mskb
mskb
Security Only updates for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1 (KB 4481481)
2019-01-08 08:00:00
Security Only updates for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows Server 2012 (KB 4481483)
2019-01-08 08:00:00
Security and Quality Rollup updates for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1 (KB 4481480)
2019-01-08 08:00:00
veracode
veracode
Cross-Origin Resource Sharing (CORS) Bypass
2019-01-15 09:27:08
Cross-Origin Resource Sharing (CORS) Bypass
2019-01-09 02:50:50
github
github
Exposure of Sensitive Information in System.Net.Http
2022-05-14 01:41:10
cvelist
cvelist
CVE-2019-0545
2019-01-08 21:00:00
prion
prion
Information disclosure
2019-01-08 21:29:00
redhatcve
redhatcve
CVE-2019-0545
2019-01-08 21:20:57
osv
osv
CVE-2019-0545
2019-01-08 21:29:00
Exposure of Sensitive Information in System.Net.Http
2022-05-14 01:41:10
nvd
nvd
CVE-2019-0545
2019-01-08 21:29:00
symantec
symantec
Microsoft ASP.NET Core CVE-2019-0545 Information Disclosure Vulnerability
2019-01-08 00:00:00
nessus
nessus
Security Updates for Microsoft .NET Framework (January 2019)
2019-01-08 00:00:00
Security Update for .NET Core (January 2019)
2019-03-27 00:00:00
RHEL 7 : .NET Core on Red Hat Enterprise Linux (RHSA-2019:0040)
2019-01-14 00:00:00
mscve
mscve
.NET Framework Information Disclosure Vulnerability
2019-01-08 08:00:00
cve
cve
CVE-2019-0545
2019-01-08 21:29:00
redhat
redhat
(RHSA-2019:0040) Moderate: .NET Core on Red Hat Enterprise Linux security update
2019-01-09 08:33:36
kaspersky
kaspersky
KLA11399 Multiple vulnerabilities in Microsoft Developer Tools
2019-01-08 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday — January 2019: Vulnerability disclosures and Snort coverage
2019-01-08 11:40:00

7.4 High

AI Score

Confidence

High

0.019 Low

EPSS

Percentile

88.5%

JSON
Related for KB4481486
openvas12mskb13veracode2github1cvelist1prion1redhatcve1osv2nvd1symantec1nessus13mscve1cve1redhat1kaspersky1talosblog1