CVE-2019-0657
5.9
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Exploitability: 2.2 / Impact: 3.6
Source: NVD
Description
A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'.
Affected (18)
Products: Microsoft: .net Core, Powershell Core, Visual Studio 2017, .net Framework
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.0 | |
| Version 6.0 | |
| All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2.0 sp2 |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 3.5 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 3.5.1 |
| Running on/with | Platform Versions |
|---|---|
Microsoft Windows Server 2008 | Version r2 sp1 |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.5.2 |
Configuration F
| Running on/with | Platform Versions |
|---|---|
Microsoft Windows Server 2008 | All versions |
Configuration G
| Running on/with | Platform Versions |
|---|---|
Microsoft Windows 10 | Version 1607 |
Microsoft Windows Server 2016 | All versions |
Configuration H
| Running on/with | Platform Versions |
|---|---|
Microsoft Windows 10 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.6.1 |
| Running on/with | Platform Versions |
|---|---|
Microsoft Windows 7 | All versions |
Microsoft Windows 8.1 | All versions |
Microsoft Windows Rt 8.1 | All versions |
Microsoft Windows Server 2008 | All versions |
Microsoft Windows Server 2012 | All versions |
Configuration J
| Running on/with | Platform Versions |
|---|---|
Microsoft Windows 10 | Version 1709 |
Microsoft Windows Server 2016 | Version 1709 |
Configuration K
| Running on/with | Platform Versions |
|---|---|
Microsoft Windows 10 | Version 1803 |
Microsoft Windows Server 2016 | Version 1803 |
Microsoft Windows Server 2019 | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.7.1 |
| Running on/with | Platform Versions |
|---|---|
Microsoft Windows 10 | Version 1703 |
References (6)
Source: secure@microsoft.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Timeline
No history available yet.