CVE-2018-8416

Опубликовано: 13 нояб. 2018

Источник: msrc

EPSS Низкий

Описание

.NET Core Tampering Vulnerability

A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who successfully exploited this vulnerability could write arbitrary files and directories to certain locations on a vulnerable system. However, an attacker would have limited control over the destination of the files and directories.

To exploit the vulnerability, an attacker must send a specially crafted file to a vulnerable system.

The security update fixes the vulnerability by ensuring .NET Core properly handles files.

Обновления

Продукт	Статья	Обновление
PowerShell Core 6.1	Release Notes	Security Update
.NET Core 2.1	Release Notes	Security Update
PowerShell Core 6.2	Release Notes	Security Update

Показывать по

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

Older Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 91%

0.06577

Низкий

Связанные уязвимости

CVE-2018-8416

CVSS3: 6.5

ubuntu

около 7 лет назад

A tampering vulnerability exists when .NET Core improperly handles specially crafted files, aka ".NET Core Tampering Vulnerability." This affects .NET Core 2.1.

CVE-2018-8416

CVSS3: 5.5

redhat

около 7 лет назад

A tampering vulnerability exists when .NET Core improperly handles specially crafted files, aka ".NET Core Tampering Vulnerability." This affects .NET Core 2.1.

CVE-2018-8416

CVSS3: 6.5

nvd

около 7 лет назад

A tampering vulnerability exists when .NET Core improperly handles specially crafted files, aka ".NET Core Tampering Vulnerability." This affects .NET Core 2.1.

GHSA-5633-f33j-c6f7

CVSS3: 6.5

github

больше 3 лет назад

Tampering vulnerability in .NET Core

EPSS

Процентиль: 91%

0.06577

Низкий