← Back

CVE-2018-8172

nvd nist
Published: Jul 11, 2018Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup of a file for an unbuilt project, aka "Visual Studio Remote Code Execution Vulnerability." This affects Microsoft Visual Studio, Expression Blend 4.

Affected (9)

Microsoft
3 products
Expression Blend
Visual Studio
Visual Studio 2017
Configuration A
9 vulnerable
Vulnerable SoftwareAffected Versions
Microsoft
Expression Blend
Version 2 sp2
Expression Blend
Version 3 sp1
Expression Blend
Version 4 sp3
Microsoft
Visual Studio
Version 2010 sp1
Visual Studio
Version 2012 update_5
Visual Studio
Version 2013 update_5
Visual Studio
Version 2015 update3
Microsoft
Visual Studio 2017
All versions
Visual Studio 2017
Version 15.7.5

References (6)

Source: secure@microsoft.com
Third Party AdvisoryVDB Entry
Source: secure@microsoft.com
Broken LinkThird Party AdvisoryVDB Entry
Source: secure@microsoft.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.