A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup of a file for an unbuilt project, aka "Visual Studio Remote Code Execution Vulnerability." This affects Microsoft Visual Studio, Expression Blend 4.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/104616 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1041253 | Broken Link Third Party Advisory VDB Entry |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8172 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2022, 20:03
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:microsoft:visual_studio:2017:*:*:*:*:*:*:* cpe:2.3:a:microsoft:visual_studio:2013:update5:*:*:*:*:*:* cpe:2.3:a:microsoft:visual_studio_2017:15.8:*:preview:*:*:*:*:* |
cpe:2.3:a:microsoft:visual_studio:2013:update_5:*:*:*:*:*:* cpe:2.3:a:microsoft:visual_studio_2017:-:*:*:*:*:*:*:* cpe:2.3:a:microsoft:visual_studio:2012:update_5:*:*:*:*:*:* cpe:2.3:a:microsoft:expression_blend:4:sp3:*:*:*:*:*:* |
References | (SECTRACK) http://www.securitytracker.com/id/1041253 - Broken Link, Third Party Advisory, VDB Entry |
12 Aug 2021, 14:45
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:microsoft:visual_studio:2017:15.8:preview:*:*:*:*:* |
cpe:2.3:a:microsoft:visual_studio_2017:15.7.5:*:*:*:*:*:*:* cpe:2.3:a:microsoft:visual_studio_2017:15.8:*:preview:*:*:*:*:* |
Information
Published : 2018-07-11 00:29
Updated : 2023-12-10 12:30
NVD link : CVE-2018-8172
Mitre link : CVE-2018-8172
CVE.ORG link : CVE-2018-8172
JSON object : View
Products Affected
microsoft
- expression_blend
- visual_studio
- visual_studio_2017
CWE