Test ID:	1.3.6.1.4.1.25623.1.0.815897
Category:	Windows : Microsoft Bulletins
Title:	Microsoft .NET Framework Multiple RCE Vulnerabilities (KB4532936)
Summary:	This host is missing a critical security; update according to Microsoft KB4532936.
Description:	Summary: This host is missing a critical security update according to Microsoft KB4532936. Vulnerability Insight: Multiple flaws exist due to: - Microsoft .NET Framework fails to check the source markup of a file. - Microsoft .NET Framework fails to validate input properly. Vulnerability Impact: Successful exploitation will allow an attacker to run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. Affected Software/OS: Microsoft .NET Framework 4.8 on Microsoft Windows 10 Version 1803. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2020-0646 http://packetstormsecurity.com/files/156930/SharePoint-Workflows-XOML-Injection.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0646 Common Vulnerability Exposure (CVE) ID: CVE-2020-0605 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0605 Common Vulnerability Exposure (CVE) ID: CVE-2020-0606 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0606
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.