PT-2023-2927 · Microsoft+4 · .Net Framework+4

Ycdxsb

Published

2023-04-11

Updated

2025-02-03

CVE-2023-28260

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Microsoft .NET (affected versions not specified)

Description The issue is related to incorrect handling of the path search for DLL libraries in the Microsoft .NET platform. This can allow an attacker to execute arbitrary code.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Uncontrolled Search Path Element

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-427

Related Identifiers

ALT-PU-2023-4590

ALT-PU-2023-4591

ALT-PU-2023-4592

ALT-PU-2023-4593

ALT-PU-2023-4594

ALT-PU-2023-4595

ALT-PU-2023-4610

ALT-PU-2023-4611

ALT-PU-2024-16792

ALT-PU-2024-16794

ALT-PU-2024-16796

ALT-PU-2024-16939

BDU:2023-02907

BIT-DOTNET-2023-28260

BIT-DOTNET-SDK-2023-28260

CVE-2023-28260

GHSA-W4M3-43GP-X8HX

USN-6006-1

Affected Products

Alt Linux

Linuxmint

.Net Framework

Red Os

Ubuntu

PT-2023-2927 · Microsoft+4 · .Net Framework+4

CVE-2023-28260

Weakness Enumeration

Related Identifiers

Affected Products

References · 18