HIGH 7.8 NuGet KEV
.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability
GHSA-g5vf-38cp-4px9 · CVE-2020-1147
Published · Modified
Description
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.
References
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2020-1147
- WEB https://github.com/dotnet/announcements/issues/159
- WEB https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1147
- WEB https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-1147
- WEB https://www.exploitalert.com/view-details.html?id=35992
- WEB http://packetstormsecurity.com/files/158694/SharePoint-DataSet-DataTable-Deserialization.html
- WEB http://packetstormsecurity.com/files/158876/Microsoft-SharePoint-Server-2019-Remote-Code-Execution.html
- WEB http://packetstormsecurity.com/files/163644/Microsoft-SharePoint-Server-2019-Remote-Code-Execution.html
Ready to move
Start Securing
Free, no credit card | First findings in minutes