Showing 1 - 4 of 4

CVE-2023-32032

Status Candidate

Overview

.NET and Visual Studio Elevation of Privilege Vulnerability

Ubuntu Security Notice USN-6161-2: Posted Jun 23, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6161-2 - USN-6161-1 fixed vulnerabilities in .NET. The update introduced a regression with regards to how the runtime imported X.509 certificates. This update fixes the problem. It was discovered that .NET did not properly enforce certain restrictions when deserializing a DataSet or DataTable from XML. An attacker could possibly use this issue to elevate their privileges.; tags | advisory, vulnerability; systems | linux, ubuntu; advisories | CVE-2023-24936, CVE-2023-29331, CVE-2023-29337, CVE-2023-32032, CVE-2023-33128; SHA-256 | 67ee7be668513048889aa6b43f011d07bf3cb753ec723bc38e4592358e37c481; Download | Favorite | View

Red Hat Security Advisory 2023-3593-01: Posted Jun 16, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3593-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.107 and .NET Runtime 7.0.7. Issues addressed include bypass, code execution, denial of service, and heap corruption vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution; systems | linux, redhat; advisories | CVE-2023-24936, CVE-2023-29331, CVE-2023-29337, CVE-2023-32032, CVE-2023-33128; SHA-256 | 5b3a1cc3c89649f1f2474996a0c41a8cf16a81cd1ca0e72c72adc4bdca520389; Download | Favorite | View

Red Hat Security Advisory 2023-3592-01: Posted Jun 16, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3592-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.107 and .NET Runtime 7.0.7. Issues addressed include bypass, code execution, denial of service, and heap corruption vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution; systems | linux, redhat; advisories | CVE-2023-24936, CVE-2023-29331, CVE-2023-29337, CVE-2023-32032, CVE-2023-33128; SHA-256 | 136dd455aaf839c489ebd22d0921ec9b0c5132cb40b000142ae0239abb4c4d03; Download | Favorite | View

Ubuntu Security Notice USN-6161-1: Posted Jun 14, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6161-1 - It was discovered that .NET did not properly enforce certain restrictions when deserializing a DataSet or DataTable from XML. An attacker could possibly use this issue to elevate their privileges. Kevin Jones discovered that .NET did not properly handle the AIA fetching process for X.509 client certificates. An attacker could possibly use this issue to cause a denial of service.; tags | advisory, denial of service; systems | linux, ubuntu; advisories | CVE-2023-24936, CVE-2023-29331, CVE-2023-29337, CVE-2023-32032, CVE-2023-33128; SHA-256 | d9a88210f8d5a28da35d8d47eaac79e52239e45f7bc38b4cca8e4ed63b990813; Download | Favorite | View

Page 1 of 1 Back 1 Next