CVE-2019-0657

Name of the Vulnerable Software and Affected Versions Microsoft Visual Studio versions (affected versions not specified) Microsoft .NET Framework versions (affected versions not specified) Microsoft .NET Core versions (affected versions not specified) Microsoft PowerShell versions (affected versions not specified)

Description The issue is related to errors in the representation of information by the user interface, allowing a remote attacker to conduct spoofing attacks. It is also associated with the way certain .Net Framework API's and Visual Studio parse URL's, enabling attackers to bypass security logic that checks the ownership of user-provided URLs to specific nodes or subdomains, and establish a privileged connection to an untrusted service as if it were trusted.

Recommendations For Microsoft Visual Studio, update to a version that includes a fix for this issue. For Microsoft .NET Framework, update to a version that includes a fix for this issue. For Microsoft .NET Core, update to a version that includes a fix for this issue. For Microsoft PowerShell, update to a version that includes a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.