Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:38504
HistoryDec 16, 2022 - 1:58 a.m.

Remote Code Execution (RCE)

2022-12-1601:58:00
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
197

0.002 Low

EPSS

Percentile

57.4%

JSON

Microsoft.WindowsDesktop.App.Runtime is vulnerable to remote code execution. The vulnerability is due to parsing maliciously crafted xps files, as the library does not properly implement the allow-list of legal types when calling the read method, allowing an attacker to instantiate unexpected types via injecting malicious code, resulting in remote code execution.

Related

mskb 23
openvas 10
alpinelinux 1
cvelist 1
ubuntucve 1
cve 1
redhatcve 1
osv 1
nessus 5
veeam 1
mscve 1
github 1
prion 1
nvd 1
kaspersky 1
altlinux 2
qualysblog 1
rapid7blog 1
mskb
mskb
December 13, 2022-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 (KB5021092)
2022-12-13 08:00:00
December 13, 2022-Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.6.2 for Windows Server 2008 SP2 (KB5021094)
2022-12-13 08:00:00
December 13, 2022-Security Only Update for .NET Framework 2.0, 3.0, 4.6.2 for Windows Server 2008 SP2 (KB5021082)
2022-12-13 08:00:00
openvas
openvas
.NET Core Remote Code Execution Vulnerability - Windows
2022-12-15 00:00:00
Microsoft .NET Framework Remote Code Execution Vulnerability (KB5021091)
2022-12-14 00:00:00
Microsoft .NET Framework Remote Code Execution Vulnerability (KB5020873)
2022-12-14 00:00:00
alpinelinux
alpinelinux
CVE-2022-41089
2022-12-13 19:15:12
cvelist
cvelist
CVE-2022-41089 .NET Framework Remote Code Execution Vulnerability
2022-12-13 00:00:00
ubuntucve
ubuntucve
CVE-2022-41089
2022-12-13 00:00:00
cve
cve
CVE-2022-41089
2022-12-13 19:15:12
redhatcve
redhatcve
CVE-2022-41089
2022-12-14 11:04:59
osv
osv
.NET Remote Code Execution Vulnerability
2022-12-14 21:42:00
nessus
nessus
Security Updates for Microsoft ASP.NET Core (December 2022)
2022-12-15 00:00:00
Security Updates for Microsoft Visual Studio Products (Dec 2022)
2022-12-13 00:00:00
Security Updates for Microsoft .NET Framework (December 2022)
2022-12-15 00:00:00
veeam
veeam
How to Upgrade .NET and ASP.NET Runtimes When Using Veeam ONE 12 GA (build 12.0.0.2498) or Lower
2023-02-10 00:00:00
mscve
mscve
.NET Framework Remote Code Execution Vulnerability
2022-12-13 08:00:00
github
github
.NET Remote Code Execution Vulnerability
2022-12-14 21:42:00
prion
prion
Remote code execution
2022-12-13 19:15:00
nvd
nvd
CVE-2022-41089
2022-12-13 19:15:12
kaspersky
kaspersky
KLA20123 Multiple vulnerabilities in Microsoft Developer Tools
2022-12-13 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package dotnet-coreclr-3.1 version 3.1.32-alt1
2023-03-18 00:00:00
Security fix for the ALT Linux 10 package dotnet-bootstrap-3.1 version 3.1.32-alt1
2023-03-18 00:00:00
qualysblog
qualysblog
The DecemberΒ 2022 Patch Tuesday Security Update Review
2022-12-13 23:17:17
rapid7blog
rapid7blog
Patch Tuesday - December 2022
2022-12-13 21:24:06

0.002 Low

EPSS

Percentile

57.4%

JSON
Related for VERACODE:38504
mskb23openvas10alpinelinux1cvelist1ubuntucve1cve1redhatcve1osv1nessus5veeam1mscve1github1prion1nvd1kaspersky1altlinux2qualysblog1rapid7blog1