CVE-2019-0613

Name of the Vulnerable Software and Affected Versions .NET Framework versions (affected versions not specified) Visual Studio versions (affected versions not specified)

Description A remote code execution issue exists due to the software's failure to properly check the source markup of a file. This could allow an attacker to run arbitrary code in the context of the current user. If the user has administrative rights, the attacker could gain control of the system, install programs, view or modify data, or create new accounts with full rights. The exploitation requires a user to open a specially crafted file with an affected version of the software.

Recommendations For .NET Framework, update to a version that includes the fix for this issue. For Visual Studio, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting the use of files from untrusted sources to minimize the risk of exploitation. Avoid opening specially crafted files with affected versions of .NET Framework or Visual Studio until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.