ID de Prueba:	1.3.6.1.4.1.25623.1.0.816552
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft .NET Framework Multiple RCE Vulnerabilities (KB4535102)
Resumen:	This host is missing a critical security; update according to Microsoft KB4535102
Descripción:	Summary: This host is missing a critical security update according to Microsoft KB4535102 Vulnerability Insight: Multiple flaws exist due to: - Microsoft .NET Framework fails to check the source markup of a file. - Microsoft .NET Framework fails to validate input properly. Vulnerability Impact: Successful exploitation will allow an attacker to run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. Affected Software/OS: Microsoft .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Microsoft Windows 7 SP1 and Microsoft Windows Server 2008 R2 SP1. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-0646 http://packetstormsecurity.com/files/156930/SharePoint-Workflows-XOML-Injection.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0646 Common Vulnerability Exposure (CVE) ID: CVE-2020-0605 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0605 Common Vulnerability Exposure (CVE) ID: CVE-2020-0606 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0606
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.