CVE-2020-1046

Published: Aug 17, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

A remote code execution vulnerability exists when Microsoft .NET Framework processes input. An attacker who successfully exploited this vulnerability could take control of an affected system. To exploit the vulnerability, an attacker would need to be able to upload a specially crafted file to a web application. The security update addresses the vulnerability by correcting how .NET Framework processes input.

Vendor	Product	Versions
Microsoft	Microsoft .NET Framework 3.5	affected `3.5.0 - < publication`
Microsoft	Microsoft .NET Framework 3.5 AND 4.8	affected `4.8.0 - < publication`
Microsoft	Microsoft .NET Framework 3.5 AND 4.7.2	affected `4.7.0 - < publication`
Microsoft	Microsoft .NET Framework 2.0 Service Pack 2	affected `2.0.0 - < publication`
Microsoft	Microsoft .NET Framework 3.5.1	affected `3.5.0 - < publication`

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1046

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-1046

Description

Affected Products

References