CVE-2018-8284

Name of the Vulnerable Software and Affected Versions Microsoft .NET Framework versions 2.0 through 4.7.2 Microsoft .NET Framework version 3.5 Microsoft .NET Framework version 3.5.1 Microsoft .NET Framework version 4.5.2 Microsoft .NET Framework version 4.6 Microsoft .NET Framework version 4.6.1 Microsoft .NET Framework version 4.6.2 Microsoft .NET Framework version 4.7 Microsoft .NET Framework version 4.7.1

Description A remote code execution issue exists due to improper input validation in the Microsoft .NET Framework. This could allow an attacker to take control of an affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights. The impact may be less severe for users with limited user rights compared to those operating with administrative rights.

Recommendations For Microsoft .NET Framework version 2.0, update to a newer version to mitigate the risk. For Microsoft .NET Framework version 3.5, update to a newer version to mitigate the risk. For Microsoft .NET Framework version 3.5.1, update to a newer version to mitigate the risk. For Microsoft .NET Framework version 4.5.2, update to a newer version to mitigate the risk. For Microsoft .NET Framework version 4.6, update to a newer version to mitigate the risk. For Microsoft .NET Framework version 4.6.1, update to a newer version to mitigate the risk. For Microsoft .NET Framework version 4.6.2, update to a newer version to mitigate the risk. For Microsoft .NET Framework version 4.7, update to a newer version to mitigate the risk. For Microsoft .NET Framework version 4.7.1, update to a newer version to mitigate the risk. For Microsoft .NET Framework version 4.7.2, update to a newer version to mitigate the risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.