CVE-2017-8759
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability."
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Microsoft Corporation | Microsoft .NET Framework | Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 | affected |
Weaknesses
- Remote Code Execution
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/100742
- https://github.com/bhdresh/CVE-2017-8759
- https://github.com/nccgroup/CVE-2017-8759
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8759
- https://www.exploit-db.com/exploits/42711/
- http://www.securitytracker.com/id/1039324
- https://github.com/GitHubAssessments/CVE_Assessments_01_2020
CISA ADP Vulnrichment
- SSVC:
- Exploitation: active
- Automatable: no
- Technical Impact: total
Additional References
References
- http://www.securityfocus.com/bid/100742
- https://github.com/bhdresh/CVE-2017-8759
- https://github.com/nccgroup/CVE-2017-8759
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8759
- https://www.exploit-db.com/exploits/42711/
- http://www.securitytracker.com/id/1039324
- https://github.com/GitHubAssessments/CVE_Assessments_01_2020
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.