Dot NET Framework Insufficient Information Vulnerability

Summary

Dot NET Framework suffers from insufficient information vulnerability

Credit:

The information has been provided by Oleksandr Mirosh

The original article can be found at:https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1147


Details

A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka ‘.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability’.

 

Vulnerable Systems:

Dot NET Framework

Microsoft SharePoint

 

CVE Information:

CVE-2020-1147

 

Disclosure Timeline:
Published Date:7/14/2020

Categories: News