20 matches found
CVE-2020-0646
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'...
SharePoint Workflows - XOML Injection (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SharePoint Workflows XOML Injection', 'Description' = %q This module exploits a vulnerability within SharePoint and its .NET backend that allows ...
SharePoint Workflows XOML Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SharePoint Workflows XOML Injection', 'Description' = %q This module exploits a vulnerability within SharePoint and its .NET backend that allows ...
SharePoint Workflows XOML Injection Exploit
This Metasploit module exploits a vulnerability within SharePoint and its .NET backend that allows an attacker to execute commands using specially crafted XOML data sent to SharePoint via the Workflows functionality. This module requires Metasploit: https://metasploit.com/download Current source:...
CVE-2020-0646
creationtimestamp| type| source ---|---|--- 2020-03-25 16:34:46+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/sharepointworkflowsxoml.rb 2020-03-31 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/48275 2021-09-21 06:42:55+00:0...
SharePoint Workflows XOML Injection
This module exploits a vulnerability within SharePoint and its .NET backend that allows an attacker to execute commands using specially crafted XOML data sent to SharePoint via the Workflows functionality. This module requires Metasploit: https://metasploit.com/download Current source:...
Microsoft .NET Framework Multiple RCE Vulnerabilities (KB4532938)
This host is missing a critical security update according to Microsoft KB4532938 Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...
Microsoft .NET Framework Multiple RCE Vulnerabilities (KB4535102)
This host is missing a critical security update according to Microsoft KB4535102 Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...
CVE-2020-0646
CVE-2020-0646 is a remote code execution vulnerability in Microsoft .NET Framework that arises from improper input validation and is triggered by crafting XOML data sent to SharePoint Workflows. Multiple connected sources confirm exploitable behavior via .NET back-end and XOML injection, enabling...
January 14, 2020-KB4532938 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1903 and Windows Server 1903 RTM and Windows 10, version 1909 and Windows Server, version 1909
January 14, 2020-KB4532938 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1903 and Windows Server 1903 RTM and Windows 10, version 1909 and Windows Server, version 1909 Release Date: January 14, 2020 Version: .NET Framework 3.5 and 4.8 Summary A remote code execution...
January 14, 2020-KB4532936 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1803
January 14, 2020-KB4532936 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1803 Release Date: January 14, 2020 Version: .NET Framework 4.8 Summary A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly. An attacker who...
January 14, 2020-KB4532935 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1709
January 14, 2020-KB4532935 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1709 Release Date: January 14, 2020 Version: .NET Framework 4.8 Summary A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly. An attacker who...
Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 (KB4534977)
Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 KB4534977 Applies to: Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 4.6.2...
Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, RT 8.1, and Windows Server 2012 R2 (KB4535104)
Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, RT 8.1, and Windows Server 2012 R2 KB4535104 Applies to: Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1...
Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Windows Server 2008 R2 SP1 (KB4535102)
Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Windows Server 2008 R2 SP1 KB4535102 Applies to: Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1...
Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 (KB4535103)
Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 KB4535103 Applies to: Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 4.6.2...
Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB4534978)
Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Windows Server 2012 R2 KB4534978 Applies to: Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft .NET...
Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008 SP2 (KB4535105)
Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008 SP2 KB4535105 Applies to: Microsoft .NET Framework 2.0 Microsoft .NET Framework 3.0 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Summary A remote code execution vulnerability exists when the...
Microsoft .NET Framework CVE-2020-0646 Remote Code Execution Vulnerability
Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...
January 14, 2020-KB4532934 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703
January 14, 2020-KB4532934 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703 Release Date: January 14, 2020 Version: .NET Framework 4.8 Summary A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly. An attacker who...