CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2017-8759

Known Exploited (CISA KEV)HIGH
7.8
CVSS Severity Score
EPSS Score35.0230%
EPSS Percentile90.52th
Published2017年9月13日
Last Modified2026年4月22日

Vulnerability Description

Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability."

Affected Platforms (CPE)

📦
Microsoft

.net Framework

= 4.5.2
📦
Microsoft

.net Framework

= 3.5.1
📦
Microsoft

.net Framework

= 3.5
📦
Microsoft

.net Framework

= 2.0
📦
Microsoft

.net Framework

= 4.6.1
📦
Microsoft

.net Framework

= 4.6
📦
Microsoft

.net Framework

= 4.7
📦
Microsoft

.net Framework

= 4.6.2

References & Advisories

🔗 http://www.securityfocus.com/bid/100742
🔗 http://www.securitytracker.com/id/1039324
🔗 https://github.com/GitHubAssessments/CVE_Assessments_01_2020
🔗 https://github.com/bhdresh/CVE-2017-8759
🔗 https://github.com/nccgroup/CVE-2017-8759
🔗 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8759
🔗 https://www.exploit-db.com/exploits/42711/
🔗 http://www.securityfocus.com/bid/100742

相關漏洞威脅

CVE-2014-180610.0

The .NET Remoting implementation in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly res...

CVE-2008-510010.0

The strong name (SN) implementation in Microsoft .NET Framework 2.0.50727 relies on the digital signature Public Key Token embedde...

CVE-2013-007310.0

The Windows Forms (aka WinForms) component in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly restrict ...

CVE-2014-407310.0

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 processes unverified data during interaction with the Click...