VDB

GCVE-110-NCSC-2025-11

GCVE-110-NCSC-2025-11
Advisory PublishedCVSS 7.5/10
Vulnetix · Advisory published January 14, 2025
Microsoft heeft kwetsbaarheden verholpen in Visual Studio en .NET.

Weaknesses (CWE)

CWE-200Exposure of Sensitive Information to an Unauthorized ActorCWE-122Heap-based Buffer OverflowCWE-379Creation of Temporary File in Directory with Insecure PermissionsCWE-126Buffer Over-readCWE-284Improper Access Control

Risk Scores

CVSS 3.1
7.5/10
High · CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Affected Products

VendorProductVersionsPlatforms
microsoftmicrosoft_visual_studio_2017_version_15.9__includes_15.0_-_15.8_
microsoftmicrosoft_.net_framework_3.5_and_4.8
microsoft.net_8.0
microsoftmicrosoft_.net_framework_4.6.2
microsoftmicrosoft_.net_framework_3.5_and_4.6.2_4.7_4.7.1_4.7.2
microsoft.net_9.0
microsoftmicrosoft_.net_framework_3.5_and_4.7.2
microsoftmicrosoft_.net_framework_4.6.2_4.7_4.7.1_4.7.2
microsoftmicrosoft_.net_framework_4.6_4.6.2
microsoftmicrosoft_visual_studio_2022_version_17.6
microsoftmicrosoft_visual_studio_2019_version_16.11__includes_16.0_-_16.10_
microsoftmicrosoft_visual_studio_2022_version_17.10
microsoftmicrosoft_.net_framework_3.5_and_4.8.1
microsoftmicrosoft_visual_studio_2022_version_17.12
microsoftmicrosoft_.net_framework_4.8
microsoftmicrosoft_visual_studio_2022_version_17.8

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›