VDB
CVE-2019-1113
CVE-2019-1113
PUBLISHED
CVSS 6.800000190734863 MEDIUM
A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'.
EPSS 33.72% · 97.0th percentile
Risk Scores
CVSS 2.0
6.800000190734863
EPSS Score
33.72%
97.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systems | unspecified |
| Microsoft | Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for x64-based Systems | unspecified |
| Microsoft | Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1903 for x64-based Systems | unspecified |
| Microsoft | Microsoft .NET Framework 4.8 on Windows Server 2012 R2 (Server Core installation) | unspecified |
| Microsoft | Microsoft .NET Framework 4.8 on Windows 7 for 32-bit Systems Service Pack 1 | * |
| Microsoft | Microsoft .NET Framework 4.8 on Windows RT 8.1 | unspecified |
| Microsoft | Microsoft .NET Framework 3.5 AND 4.8 on Windows Server, version 1903 (Server Core installation) | 1903 |
| Microsoft | Microsoft .NET Framework 4.6 | Windows Server 2008 for x64-based Systems Service Pack 2, Windows Server 2008 for 32-bit Systems Service Pack 2 |
| Microsoft | Microsoft .NET Framework 4.8 on Windows Server 2012 R2 | unspecified |
| Microsoft | Microsoft .NET Framework 4.8 on Windows 10 Version 1803 for 32-bit Systems | unspecified |
| Microsoft | Microsoft .NET Framework 3.5 | *, Windows Server 2012, Windows Server 2012 (Server Core installation) |
| Microsoft | Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1903 for 32-bit Systems | unspecified |
| Microsoft | Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems | * |
| Microsoft | Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 | *, Windows Server 2012 R2 (Server Core installation), * |
| Microsoft | Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for 32-bit Systems | unspecified |
| Microsoft | Microsoft Visual Studio | 2017 |
| Microsoft | Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019 | unspecified |
| Microsoft | Microsoft .NET Framework 4.5.2 | *, Windows 7 for 32-bit Systems Service Pack 1, Windows 7 for x64-based Systems Service Pack 1 |
| Microsoft | Microsoft .NET Framework 4.8 on Windows 10 Version 1703 for x64-based Systems | unspecified |
| Microsoft | Microsoft .NET Framework 3.0 | Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2, *, Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2 |
…and 26 more
Exploit Intelligence
Timeline
- Jul 10, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Mar 22, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
- Mar 11, 2023 EPSS Score