Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:43470
HistoryOct 02, 2023 - 7:25 p.m.

Remote Code Execution (RCE)

2023-10-0219:25:39
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
19
.net
remote code execution
vulnerability
pdb
processing
microsoft
diasymreader
native
amd64
software

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

61.0%

.NET is vulnerable to Remote Code Execution (RCE). The vulnerability exists in Microsoft.DiaSymReader.Native.amd64.dll when processing a corrupted PDB file, potentially leading to remote code execution.

Affected configurations

Vulners
Node
-dotnet6-build\Matchedge6.0.112-r0
OR
-dotnet6-build\Matchedge6.0.116-r0
OR
-dotnet6-build\Matchedge6.0.107-r0
OR
-dotnet6-build\Matchedge6.0.109-r0
OR
-dotnet6-build\Matchedge6.0.114-r0
OR
-dotnet6-build\Matchedge6.0.110-r1
OR
-dotnet6-build\Matchedge6.0.116-r1
OR
-dotnet6-build\Matchedge6.0.110-r0
OR
-dotnet6-build\Matchedge6.0.105-r0
OR
-dotnet6-build\Matchedge6.0.103-r2
OR
-dotnet6-build\Matchedge6.0.108-r1
OR
-dotnet6-build\Matchedge6.0.113-r0
OR
-dotnet6-build\Matchedge6.0.104-r1
OR
-dotnet6-build\Matchedge6.0.115-r0
OR
-dotnet6-build\Matchedge6.0.102-r0
OR
-dotnet6-build\Matchedge6.0.108-r2
OR
-dotnet6-build\Matchedge6.0.103-r1
OR
-dotnet6-build\Matchedge6.0.108-r3
OR
-dotnet6-build\Matchedge6.0.110-r2
OR
-dotnet6-build\Matchedge6.0.103-r3
OR
-dotnet6-build\Matchedge6.0.106-r0
OR
-dotnet6-build\Matchedge6.0.111-r0
OR
-dotnet7-runtime\Matchedge7.0.4-r0
OR
-dotnet7-runtime\Matchedge7.0.12-r0
OR
-dotnet7-runtime\Matchedge7.0.0-r0
OR
-dotnet7-runtime\Matchedge7.0.10-r0
OR
-dotnet7-runtime\Matchedge7.0.5-r4
OR
-dotnet7-runtime\Matchedge7.0.2-r0
OR
-dotnet7-runtime\Matchedge7.0.5-r2
OR
-dotnet7-runtime\Matchedge7.0.5-r0
OR
-dotnet7-runtime\Matchedge7.0.0-r3
OR
-dotnet7-runtime\Matchedge7.0.5-r3
OR
-dotnet7-runtime\Matchedge7.0.8-r0
OR
-dotnet7-runtime\Matchedge7.0.11-r0
OR
-dotnet7-runtime\Matchedge7.0.1-r0
OR
-dotnet7-runtime\Matchedge7.0.5-r1
OR
-dotnet7-runtime\Matchedge7.0.0-r2
OR
-dotnet7-runtime\Matchedge7.0.7-r0
OR
-dotnet7-runtime\Matchedge7.0.9-r0
OR
-dotnet7-runtime\Matchedge7.0.3-r0
OR
-dotnet6-runtime\Match3.186.0.21-r0
OR
-dotnet6-runtime\Match3.186.0.22-r0
OR
-dotnet6-runtime\Match3.186.0.16-r2
OR
-dotnet6-runtime\Match3.186.0.18-r0
OR
-dotnet6-runtime\Match3.186.0.23-r0
OR
-dotnet6-runtime\Match3.186.0.16-r1
OR
-dotnet6-runtime\Match3.186.0.16-r3
OR
-dotnet6-runtime\Match3.186.0.20-r0
OR
-dotnet7-runtime\Match3.187.0.12-r0
OR
-dotnet7-runtime\Match3.187.0.11-r0
OR
-dotnet7-runtime\Match3.187.0.10-r0
OR
-dotnet7-runtime\Match3.187.0.5-r1
OR
-dotnet7-runtime\Match3.187.0.5-r2
OR
-dotnet7-runtime\Match3.187.0.7-r0
OR
-dotnet7-runtime\Match3.187.0.9-r0
OR
-dotnet7-runtime\Match3.187.0.5-r3
OR
-dotnet6-runtime\Matchedge6.0.5-r0
OR
-dotnet6-runtime\Matchedge6.0.10-r1
OR
-dotnet6-runtime\Matchedge6.0.10-r2
OR
-dotnet6-runtime\Matchedge6.0.11-r0
OR
-dotnet6-runtime\Matchedge6.0.8-r3
OR
-dotnet6-runtime\Matchedge6.0.16-r1
OR
-dotnet6-runtime\Matchedge6.0.6-r0
OR
-dotnet6-runtime\Matchedge6.0.8-r1
OR
-dotnet6-runtime\Matchedge6.0.20-r0
OR
-dotnet6-runtime\Matchedge6.0.21-r0
OR
-dotnet6-runtime\Matchedge6.0.2-r1
OR
-dotnet6-runtime\Matchedge6.0.3-r1
OR
-dotnet6-runtime\Matchedge6.0.16-r2
OR
-dotnet6-runtime\Matchedge6.0.4-r1
OR
-dotnet6-runtime\Matchedge6.0.23-r0
OR
-dotnet6-runtime\Matchedge6.0.16-r0
OR
-dotnet6-runtime\Matchedge6.0.7-r0
OR
-dotnet6-runtime\Matchedge6.0.12-r0
OR
-dotnet6-runtime\Matchedge6.0.18-r0
OR
-dotnet6-runtime\Matchedge6.0.3-r2
OR
-dotnet6-runtime\Matchedge6.0.19-r0
OR
-dotnet6-runtime\Matchedge6.0.9-r0
OR
-dotnet6-runtime\Matchedge6.0.5-r1
OR
-dotnet6-runtime\Matchedge6.0.13-r0
OR
-dotnet6-runtime\Matchedge6.0.14-r0
OR
-dotnet6-runtime\Matchedge6.0.3-r3
OR
-dotnet6-runtime\Matchedge6.0.8-r2
OR
-dotnet6-runtime\Matchedge6.0.22-r0
OR
-dotnet6-runtime\Matchedge6.0.15-r0
OR
-dotnet6-runtime\Matchedge6.0.10-r0
OR
-dotnet6-runtime\Matchedge6.0.16-r4
OR
-dotnet6-runtime\Matchedge6.0.16-r3
OR
-dotnet7-build\Matchedge7.0.105-r1
OR
-dotnet7-build\Matchedge7.0.103-r0
OR
-dotnet7-build\Matchedge7.0.101-r0
OR
-dotnet7-build\Matchedge7.0.100-r3
OR
-dotnet7-build\Matchedge7.0.105-r2
OR
-dotnet7-build\Matchedge7.0.104-r0
OR
-dotnet7-build\Matchedge7.0.102-r0
OR
-dotnet7-build\Matchedge7.0.105-r0
OR
-dotnet6-build\Matchedge6.0.112-r0
OR
-dotnet6-build\Matchedge6.0.116-r0
OR
-dotnet6-build\Matchedge6.0.107-r0
OR
-dotnet6-build\Matchedge6.0.109-r0
OR
-dotnet6-build\Matchedge6.0.114-r0
OR
-dotnet6-build\Matchedge6.0.110-r1
OR
-dotnet6-build\Matchedge6.0.116-r1
OR
-dotnet6-build\Matchedge6.0.110-r0
OR
-dotnet6-build\Matchedge6.0.105-r0
OR
-dotnet6-build\Matchedge6.0.103-r2
OR
-dotnet6-build\Matchedge6.0.108-r1
OR
-dotnet6-build\Matchedge6.0.113-r0
OR
-dotnet6-build\Matchedge6.0.104-r1
OR
-dotnet6-build\Matchedge6.0.115-r0
OR
-dotnet6-build\Matchedge6.0.102-r0
OR
-dotnet6-build\Matchedge6.0.108-r2
OR
-dotnet6-build\Matchedge6.0.103-r1
OR
-dotnet6-build\Matchedge6.0.108-r3
OR
-dotnet6-build\Matchedge6.0.110-r2
OR
-dotnet6-build\Matchedge6.0.103-r3
OR
-dotnet6-build\Matchedge6.0.106-r0
OR
-dotnet6-build\Matchedge6.0.111-r0
OR
-dotnet7-runtime\Matchedge7.0.4-r0
OR
-dotnet7-runtime\Matchedge7.0.12-r0
OR
-dotnet7-runtime\Matchedge7.0.0-r0
OR
-dotnet7-runtime\Matchedge7.0.10-r0
OR
-dotnet7-runtime\Matchedge7.0.5-r4
OR
-dotnet7-runtime\Matchedge7.0.2-r0
OR
-dotnet7-runtime\Matchedge7.0.5-r2
OR
-dotnet7-runtime\Matchedge7.0.5-r0
OR
-dotnet7-runtime\Matchedge7.0.0-r3
OR
-dotnet7-runtime\Matchedge7.0.5-r3
OR
-dotnet7-runtime\Matchedge7.0.8-r0
OR
-dotnet7-runtime\Matchedge7.0.11-r0
OR
-dotnet7-runtime\Matchedge7.0.1-r0
OR
-dotnet7-runtime\Matchedge7.0.5-r1
OR
-dotnet7-runtime\Matchedge7.0.0-r2
OR
-dotnet7-runtime\Matchedge7.0.7-r0
OR
-dotnet7-runtime\Matchedge7.0.9-r0
OR
-dotnet7-runtime\Matchedge7.0.3-r0
OR
-dotnet6-runtime\Match3.186.0.21-r0
OR
-dotnet6-runtime\Match3.186.0.22-r0
OR
-dotnet6-runtime\Match3.186.0.16-r2
OR
-dotnet6-runtime\Match3.186.0.18-r0
OR
-dotnet6-runtime\Match3.186.0.23-r0
OR
-dotnet6-runtime\Match3.186.0.16-r1
OR
-dotnet6-runtime\Match3.186.0.16-r3
OR
-dotnet6-runtime\Match3.186.0.20-r0
OR
-dotnet7-runtime\Match3.187.0.12-r0
OR
-dotnet7-runtime\Match3.187.0.11-r0
OR
-dotnet7-runtime\Match3.187.0.10-r0
OR
-dotnet7-runtime\Match3.187.0.5-r1
OR
-dotnet7-runtime\Match3.187.0.5-r2
OR
-dotnet7-runtime\Match3.187.0.7-r0
OR
-dotnet7-runtime\Match3.187.0.9-r0
OR
-dotnet7-runtime\Match3.187.0.5-r3
OR
-dotnet6-runtime\Matchedge6.0.5-r0
OR
-dotnet6-runtime\Matchedge6.0.10-r1
OR
-dotnet6-runtime\Matchedge6.0.10-r2
OR
-dotnet6-runtime\Matchedge6.0.11-r0
OR
-dotnet6-runtime\Matchedge6.0.8-r3
OR
-dotnet6-runtime\Matchedge6.0.16-r1
OR
-dotnet6-runtime\Matchedge6.0.6-r0
OR
-dotnet6-runtime\Matchedge6.0.8-r1
OR
-dotnet6-runtime\Matchedge6.0.20-r0
OR
-dotnet6-runtime\Matchedge6.0.21-r0
OR
-dotnet6-runtime\Matchedge6.0.2-r1
OR
-dotnet6-runtime\Matchedge6.0.3-r1
OR
-dotnet6-runtime\Matchedge6.0.16-r2
OR
-dotnet6-runtime\Matchedge6.0.4-r1
OR
-dotnet6-runtime\Matchedge6.0.23-r0
OR
-dotnet6-runtime\Matchedge6.0.16-r0
OR
-dotnet6-runtime\Matchedge6.0.7-r0
OR
-dotnet6-runtime\Matchedge6.0.12-r0
OR
-dotnet6-runtime\Matchedge6.0.18-r0
OR
-dotnet6-runtime\Matchedge6.0.3-r2
OR
-dotnet6-runtime\Matchedge6.0.19-r0
OR
-dotnet6-runtime\Matchedge6.0.9-r0
OR
-dotnet6-runtime\Matchedge6.0.5-r1
OR
-dotnet6-runtime\Matchedge6.0.13-r0
OR
-dotnet6-runtime\Matchedge6.0.14-r0
OR
-dotnet6-runtime\Matchedge6.0.3-r3
OR
-dotnet6-runtime\Matchedge6.0.8-r2
OR
-dotnet6-runtime\Matchedge6.0.22-r0
OR
-dotnet6-runtime\Matchedge6.0.15-r0
OR
-dotnet6-runtime\Matchedge6.0.10-r0
OR
-dotnet6-runtime\Matchedge6.0.16-r4
OR
-dotnet6-runtime\Matchedge6.0.16-r3
OR
-dotnet7-build\Matchedge7.0.105-r1
OR
-dotnet7-build\Matchedge7.0.103-r0
OR
-dotnet7-build\Matchedge7.0.101-r0
OR
-dotnet7-build\Matchedge7.0.100-r3
OR
-dotnet7-build\Matchedge7.0.105-r2
OR
-dotnet7-build\Matchedge7.0.104-r0
OR
-dotnet7-build\Matchedge7.0.102-r0
OR
-dotnet7-build\Matchedge7.0.105-r0
OR
-microsoft.netcore.app.runtime.win-arm64Range6.0.21
OR
-microsoft.netcore.app.runtime.win-arm64Range7.0.10
OR
-microsoft.netcore.app.runtime.win-x64Range6.0.21
OR
-microsoft.netcore.app.runtime.win-x64Range7.0.10
OR
-microsoft.netcore.app.runtime.win-x86Range6.0.21
OR
-microsoft.netcore.app.runtime.win-x86Range7.0.10
VendorProductVersionCPE
-dotnet6-build\edgecpe:2.3:a:-:dotnet6-build\:edge:6.0.112-r0:*:*:*:*:*:*:*
-dotnet6-build\edgecpe:2.3:a:-:dotnet6-build\:edge:6.0.116-r0:*:*:*:*:*:*:*
-dotnet6-build\edgecpe:2.3:a:-:dotnet6-build\:edge:6.0.107-r0:*:*:*:*:*:*:*
-dotnet6-build\edgecpe:2.3:a:-:dotnet6-build\:edge:6.0.109-r0:*:*:*:*:*:*:*
-dotnet6-build\edgecpe:2.3:a:-:dotnet6-build\:edge:6.0.114-r0:*:*:*:*:*:*:*
-dotnet6-build\edgecpe:2.3:a:-:dotnet6-build\:edge:6.0.110-r1:*:*:*:*:*:*:*
-dotnet6-build\edgecpe:2.3:a:-:dotnet6-build\:edge:6.0.116-r1:*:*:*:*:*:*:*
-dotnet6-build\edgecpe:2.3:a:-:dotnet6-build\:edge:6.0.110-r0:*:*:*:*:*:*:*
-dotnet6-build\edgecpe:2.3:a:-:dotnet6-build\:edge:6.0.105-r0:*:*:*:*:*:*:*
-dotnet6-build\edgecpe:2.3:a:-:dotnet6-build\:edge:6.0.103-r2:*:*:*:*:*:*:*
Rows per page:
1-10 of 991

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

61.0%