7 matches found
Remote Code Execution
.NET is vulnerable to Remote Code Execution RCE. The vulnerability exists in Microsoft.DiaSymReader.Native.amd64.dll when reading a corrupted PDB file which may lead to RCE...
Microsoft Security Advisory CVE-2023-36792: .NET Remote Code Execution Vulnerability
Microsoft Security Advisory CVE-2023-36792: .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update thei...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE via Microsoft.DiaSymReader.Native.amd64.dll when reading a corrupted PDB file. Note: This issue only affects Windows systems. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-x64 to version 7.0.11, 6.0.22 ...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE via Microsoft.DiaSymReader.Native.amd64.dll when reading a corrupted PDB file. Note: This issue only affects Windows systems. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-x86 to version 6.0.22, 7.0.11 ...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE via Microsoft.DiaSymReader.Native.amd64.dll when reading a corrupted PDB file. Note: This issue only affects Windows systems. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-x64 to version 6.0.22, 7.0.11 ...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE via the Microsoft.DiaSymReader.Native.amd64.dll file when reading a corrupted PDB file. Note: This issue only affects Windows systems. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-x64 to version 6.0.22...
PT-2023-5050 · Microsoft +1 · Visual Studio +2
Name of the Vulnerable Software and Affected Versions: Visual Studio affected versions not specified Description: The issue is related to insufficient input validation in Microsoft Visual Studio, which can be exploited to execute arbitrary code. This can allow an attacker to run malicious code on...