CVE-2018-8260
Description
A Remote Code Execution vulnerability exists in .NET software when the software fails to check the source markup of a file, aka .NET Framework Remote Code Execution Vulnerability. This affects .NET Framework 4.7.2, Microsoft .NET Framework 4.7.2.
Risk Information
Base Score
8.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
48.851
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Microsoft Browser Memory Corruption Vulnerability for Windows 10 Version 1803 for x64-based Systems (KB4338819) - Cumulative | Windows |
| Microsoft Browser Memory Corruption Vulnerability for Windows 10 Version 1803 for x64-based Systems (KB4338819) - Delta | Windows |
| Microsoft Browser Memory Corruption Vulnerability for Windows 10 Version 1803 for x86-based Systems (KB4338819) - Cumulative | Windows |
| Microsoft Browser Memory Corruption Vulnerability for Windows 10 Version 1803 for x86-based Systems (KB4338819) - Delta | Windows |
| Microsoft Browser Memory Corruption Vulnerability for Windows 10 Version 1703 for x64-based Systems (KB4338826) - Cumulative | Windows |
| Microsoft Browser Memory Corruption Vulnerability for Windows 10 Version 1703 for x64-based Systems (KB4338826) - Delta | Windows |
| Microsoft Browser Memory Corruption Vulnerability for Windows 10 Version 1703 for x86-based Systems (KB4338826) - Cumulative | Windows |
| Microsoft Browser Memory Corruption Vulnerability for Windows 10 Version 1703 for x86-based Systems (KB4338826) - Delta | Windows |
| Microsoft Browser Memory Corruption Vulnerability for Windows 10 Version 1709 for x64-based Systems (KB4338825) - Cumulative | Windows |
| Microsoft Browser Memory Corruption Vulnerability for Windows 10 Version 1709 for x64-based Systems (KB4338825) - Delta | Windows |
| Microsoft Browser Memory Corruption Vulnerability for Windows 10 Version 1709 for x86-based Systems (KB4338825) - Cumulative | Windows |
| Microsoft Browser Memory Corruption Vulnerability for Windows 10 Version 1709 for x86-based Systems (KB4338825) - Delta | Windows |
| Windows Denial of Service Vulnerability for Windows 10 Version 1607 for x64-based Systems (KB4338814) - Cumulative | Windows |
| Windows Denial of Service Vulnerability for Windows Server 2016 for x64-based Systems (KB4338814) - Cumulative | Windows |
| Windows Denial of Service Vulnerability for Windows 10 Version 1607 for x64-based Systems (KB4338814) - Delta | Windows |
| Windows Denial of Service Vulnerability for Windows Server 2016 for x64-based Systems (KB4338814) - Delta | Windows |
| Windows Denial of Service Vulnerability for Windows 10 Version 1607 for x86-based Systems (KB4338814) - Cumulative | Windows |
| Windows Denial of Service Vulnerability for Windows 10 Version 1607 for x86-based Systems (KB4338814) - Delta | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows 7 SP1 and Server 2008 R2 SP1, and for .NET Framework 4.6 for Server 2008 (KB4338420) x64 bases systems | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows 7 SP1 and Server 2008 R2 SP1, and for .NET Framework 4.6 for Server 2008 (KB4338420) | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows 7 SP1 and Server 2008 R2 SP1, and for .NET Framework 4.6 for Server 2008 x64 (KB 4338606) | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows 7 SP1 and Server 2008 R2 SP1, and for .NET Framework 4.6 for Server 2008 (KB 4338606) | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB4338419) | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB 4338419) | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows Server 2012 (KB4338418) | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows Server 2012 (KB 4338604) | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows 8.1 and Server 2012 R2 x64 (KB 4338605) | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows 8.1 and Server 2012 R2 (KB 4338605) | Windows |
| Microsoft Browser Memory Corruption Vulnerability for Windows Server 2016 (1709) for x64-based Systems (KB4338825) - Delta | Windows |
| Microsoft Browser Memory Corruption Vulnerability for Windows Server 2016 (1709) for x64-based Systems (KB4338825) - Cumulative | Windows |
| Windows Denial of Service Vulnerability for Windows 10 Version 1709 for x86-based Systems (KB4345420) - Cumulative | Windows |
| Windows Denial of Service Vulnerability for Windows Server 2016 (1709) for x64-based Systems (KB4345420) - Cumulative | Windows |
| Windows Denial of Service Vulnerability for Windows 10 Version 1709 for x64-based Systems (KB4345420) - Cumulative | Windows |
| Windows Denial of Service Vulnerability for Windows 10 Version 1607 for x64-based Systems (KB4345418) - Cumulative | Windows |
| Windows Denial of Service Vulnerability for Windows Server 2016 for x64-based Systems (KB4345418) - Cumulative | Windows |
| Windows Denial of Service Vulnerability for Windows 10 Version 1607 for x86-based Systems (KB4345418) - Cumulative | Windows |
| Microsoft Browser Memory Corruption Vulnerability for Windows Server 2016 (1803) for x64-based Systems (KB4338819) - Cumulative | Windows |
| Microsoft Browser Memory Corruption Vulnerability for Windows Server 2016 (1803) for x64-based Systems (KB4338819) - Delta | Windows |
| Windows Denial of Service Vulnerability for Windows Server 2016 (1803) for x64-based Systems (KB4345421) - Cumulative | Windows |
| Windows Denial of Service Vulnerability for Windows 10 Version 1803 for x64-based Systems (KB4345421) - Cumulative | Windows |
| Windows Denial of Service Vulnerability for Windows 10 Version 1803 for x86-based Systems (KB4345421) - Cumulative | Windows |
| Windows Denial of Service Vulnerability for Windows 10 Version 1703 for x64-based Systems (KB4345419) - Cumulative | Windows |
| Windows Denial of Service Vulnerability for Windows 10 Version 1703 for x86-based Systems (KB4345419) - Cumulative | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-24839 | 2018-07 Cumulative Update for Windows 10 Version 1803 for x64-based Systems (KB4338819) |
| PATCH-24838 | 2018-07 Delta Update for Windows 10 Version 1803 for x64-based Systems (KB4338819) |
| PATCH-24840 | 2018-07 Cumulative Update for Windows 10 Version 1803 for x86-based Systems (KB4338819) |
| PATCH-24837 | 2018-07 Delta Update for Windows 10 Version 1803 for x86-based Systems (KB4338819) |
| PATCH-24832 | 2018-07 Cumulative Update for Windows 10 Version 1709 for x64-based Systems (KB4338825) |
| PATCH-24831 | 2018-07 Delta Update for Windows 10 Version 1709 for x64-based Systems (KB4338825) |
| PATCH-24829 | 2018-07 Cumulative Update for Windows 10 Version 1709 for x86-based Systems (KB4338825) |
| PATCH-24833 | 2018-07 Delta Update for Windows 10 Version 1709 for x86-based Systems (KB4338825) |
| PATCH-24818 | 2018-07 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4338814) |
| PATCH-24817 | 2018-07 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4338814) |
| PATCH-24822 | 2018-07 Delta Update for Windows 10 Version 1607 for x64-based Systems (KB4338814) |
| PATCH-24819 | 2018-07 Delta Update for Windows Server 2016 for x64-based Systems (KB4338814) |
| PATCH-24820 | 2018-07 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB4338814) |
| PATCH-24821 | 2018-07 Delta Update for Windows 10 Version 1607 for x86-based Systems (KB4338814) |
| PATCH-24948 | KB4340556-Description of the Security and Quality Rollup updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows 7 SP1 and Server 2008 R2 SP1, and for .NET Framework 4.6 for Server 2008 (KB4338420) |
| PATCH-24942 | KB4340004 - Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows 7 SP1 and Server 2008 R2 SP1, and for .NET Framework 4.6 for Server 2008 x64 (KB 4338606) |
| PATCH-24907 | KB4340004 - Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows 7 SP1 and Server 2008 R2 SP1, and for .NET Framework 4.6 for Server 2008 (KB 4338606) |
| PATCH-24950 | KB4340557-Description of the Security and Quality Rollup updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows Server 2012 (KB4338418) |
| PATCH-24946 | KB4340005 - Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows Server 2012 (KB 4338604) |
| PATCH-24964 | KB4340006 - Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows 8.1 and Server 2012 R2 x64 (KB 4338605) |
| PATCH-24957 | KB4340006 - Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows 8.1 and Server 2012 R2 (KB 4338605) |
| PATCH-24830 | 2018-07 Delta Update for Windows Server 2016 (1709) for x64-based Systems (KB4338825) |
| PATCH-24834 | 2018-07 Cumulative Update for Windows Server 2016 (1709) for x64-based Systems (KB4338825) |
| PATCH-105796 | 2018-07 Cumulative Update for Windows 10 Version 1709 for x86-based Systems (KB4345420) |
| PATCH-105797 | 2018-07 Cumulative Update for Windows Server 2016 (1709) for x64-based Systems (KB4345420) |
| PATCH-105798 | 2018-07 Cumulative Update for Windows 10 Version 1709 for x64-based Systems (KB4345420) |
| PATCH-105791 | 2018-07 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4345418) |
| PATCH-105792 | 2018-07 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4345418) |
| PATCH-105793 | 2018-07 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB4345418) |
| PATCH-24835 | 2018-07 Cumulative Update for Windows Server 2016 (1803) for x64-based Systems (KB4338819) |
| PATCH-24836 | 2018-07 Delta Update for Windows Server 2016 (1803) for x64-based Systems (KB4338819) |
| PATCH-105799 | 2018-07 Cumulative Update for Windows Server 2016 (1803) for x64-based Systems (KB4345421) |
| PATCH-105800 | 2018-07 Cumulative Update for Windows 10 Version 1803 for x64-based Systems (KB4345421) |
| PATCH-105801 | 2018-07 Cumulative Update for Windows 10 Version 1803 for x86-based Systems (KB4345421) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234