Multiple vulnerabilities in Microsoft Visual Studio

1) Input validation error

EUVDB-ID: #VU17644

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2019-0728

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code.

The vulnerability exists due to an error when Visual Studio Code processes environment variables after opening a project. A remote attacker can trick the victim into cloning a repository and opening it in Visual Studio Code to execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Install updates from vendor's website.

Vulnerable software versions CPE2.3

External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0728

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Spoofing attack

EUVDB-ID: #VU17638

Risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-0657

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

Description

The vulnerability allows a remote attacker to conduct spoofing attack.

The vulnerability exists in thev .Net Framework API's and Visual Studio in the way they parse URL's. A remote attacker can provide a URL string to an application that attempts to verify that the URL belongs to a specific hostname or to a subdomain of that hostname, bypass security logic intended to ensure that a user-provided URL belonged to a specific hostname or a subdomain of that hostname to cause privileged communication to be made to an untrusted service as if it was a trusted service.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Visual Studio: 15.0 26228.04 - 15.9

CPE2.3

• cpe:2.3:a:microsoft:visual_studio:15.0:26228.04:*:*:*:*:*:*
• cpe:2.3:a:microsoft:visual_studio:15.9:*:*:*:*:*:*:*

External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0657

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Memory corruption

EUVDB-ID: #VU17640

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2019-0613

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in .NET Framework and Visual Studio software when the software fails to check the source markup of a file. A remote attacker can create a specially crafted document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Visual Studio: 15.0 26228.04 - 15.9

CPE2.3

External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0613

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.