CVE-2018-8540

Published: Dec 12, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2, Microsoft .NET Framework 4.6.2.

Vendor	Product	Versions
Microsoft	Microsoft .NET Framework	affected `3.5 on Windows 10 for 32-bit Systems` affected `3.5 on Windows 10 for x64-based Systems` affected `3.5 on Windows 10 Version 1607 for 32-bit Systems` affected `3.5 on Windows 10 Version 1607 for x64-based Systems` affected `3.5 on Windows 10 Version 1703 for 32-bit Systems` +68 more versions

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8540

x_refsource_CONFIRM

106073

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-8540

Description

Affected Products

References