CVE-2018-8172

Summary

A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup of a file for an unbuilt project, aka "Visual Studio Remote Code Execution Vulnerability." This affects Microsoft Visual Studio, Expression Blend 4.

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft Visual Studio2010 Service Pack 1affected
MicrosoftMicrosoft Visual Studio2012 Update 5affected
MicrosoftMicrosoft Visual Studio2013 Update 5affected
MicrosoftMicrosoft Visual Studio2015 Update 3affected
MicrosoftMicrosoft Visual Studio2017affected
MicrosoftMicrosoft Visual Studio2017 Version 15.7.5affected
MicrosoftMicrosoft Visual Studio2017 Version 15.8 Previewaffected
MicrosoftExpression Blend 4Service Pack 3affected

Weaknesses

  • Remote Code Execution

ADP Enrichment

CVE Program Container

Additional References

References