目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1000 CNY

100.0%
コーヒーを一杯おごる

CVE-2020-0646— Microsoft .NET Framework 操作系统命令注入漏洞

KEV EPSS 93.86% · P100
新しい脆弱性情報の通知を購読するログインして購読

I. CVE-2020-0646の基本情報

脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗

高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。

脆弱性タイトル
N/A
ソース: NVD (National Vulnerability Database)
脆弱性説明
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'.
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Microsoft .NET Framework 操作系统命令注入漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Microsoft .NET Framework是美国微软(Microsoft)公司的一种全面且一致的编程模型,也是一个用于构建Windows、Windows Store、Windows Phone、Windows Server和Microsoft Azure的应用程序的开发平台。该平台包括C#和Visual Basic编程语言、公共语言运行库和广泛的类库。 Microsoft .NET Framework中存在操作系统命令注入漏洞,该漏洞源于程序无法正确验证输入。攻击者可通过提交输入利用该漏洞控制受影响
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)

Shenlong 10 Questions — AI 深度分析

十问解析:根本原因、利用方式、修复建议、紧迫性。摘要免费,完整版需登录。

查看摘要 完整分析(登录)

影響を受ける製品

ベンダープロダクト影響を受けるバージョンCPE購読
MicrosoftMicrosoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 Windows 7 for 32-bit Systems Service Pack 1 -
MicrosoftMicrosoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 Windows 10 Version 1607 for 32-bit Systems -
MicrosoftMicrosoft .NET Framework 4.8 on Windows 10 Version 1803 for 32-bit Systems unspecified -
MicrosoftMicrosoft .NET Framework 4.8 on Windows 10 Version 1803 for x64-based Systems unspecified -
MicrosoftMicrosoft .NET Framework 4.8 on Windows Server, version 1803 (Server Core Installation) unspecified -
MicrosoftMicrosoft .NET Framework 4.8 on Windows 10 Version 1709 for 32-bit Systems unspecified -
MicrosoftMicrosoft .NET Framework 4.8 on Windows 10 Version 1709 for x64-based Systems unspecified -
MicrosoftMicrosoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systems unspecified -
MicrosoftMicrosoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems unspecified -
MicrosoftMicrosoft .NET Framework 4.8 on Windows Server 2016 unspecified -
MicrosoftMicrosoft .NET Framework 4.8 on Windows Server 2016 (Server Core installation) unspecified -
MicrosoftMicrosoft .NET Framework 4.8 on Windows 7 for 32-bit Systems Service Pack 1 unspecified -
MicrosoftMicrosoft .NET Framework 4.8 on Windows 7 for x64-based Systems Service Pack 1 unspecified -
MicrosoftMicrosoft .NET Framework 4.8 on Windows 8.1 for 32-bit systems unspecified -
MicrosoftMicrosoft .NET Framework 4.8 on Windows 8.1 for x64-based systems unspecified -
MicrosoftMicrosoft .NET Framework 4.8 on Windows RT 8.1 unspecified -
MicrosoftMicrosoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 unspecified -
MicrosoftMicrosoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) unspecified -
MicrosoftMicrosoft .NET Framework 4.8 on Windows Server 2012 unspecified -
MicrosoftMicrosoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation) unspecified -
MicrosoftMicrosoft .NET Framework 4.8 on Windows Server 2012 R2 unspecified -
MicrosoftMicrosoft .NET Framework 4.8 on Windows Server 2012 R2 (Server Core installation) unspecified -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for 32-bit Systems unspecified -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for x64-based Systems unspecified -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.8 on Windows Server 2019 unspecified -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.8 on Windows Server 2019 (Server Core installation) unspecified -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1903 for 32-bit Systems unspecified -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1903 for x64-based Systems unspecified -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.8 on Windows Server, version 1903 (Server Core installation) 1903 -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for 32-bit Systems unspecified -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for x64-based Systems unspecified -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019 unspecified -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019 (Server Core installation) unspecified -
MicrosoftMicrosoft .NET Framework 4.6 Windows Server 2008 for 32-bit Systems Service Pack 2 -
MicrosoftMicrosoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 -
MicrosoftMicrosoft .NET Framework 3.5 Windows 10 Version 1607 for 32-bit Systems -
MicrosoftMicrosoft .NET Framework 3.5.1 Windows 7 for 32-bit Systems Service Pack 1 -
MicrosoftMicrosoft .NET Framework 4.5.2 Windows 7 for 32-bit Systems Service Pack 1 -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for 32-bit Systems unspecified -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.8 on Windows Server, version 1909 (Server Core installation) unspecified -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for x64-based Systems unspecified -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.7.2 on Windows Server, version 1803 (Server Core Installation) unspecified -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.7.2 on Windows 10 for 32-bit Systems unspecified -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1803 for 32-bit Systems unspecified -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1803 for x64-based Systems unspecified -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.7.1/4.7.2 on Windows 10 Version 1709 for x64-based Systems unspecified -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 (Server Core installation) unspecified -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.7.2 on Windows 10 for x64-based Systems unspecified -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for 32-bit Systems unspecified -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.7.1/4.7.2 on Windows 10 Version 1709 for 32-bit Systems unspecified -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for x64-based Systems unspecified -
MicrosoftMicrosoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 unspecified -

II. CVE-2020-0646の公開POC

#POC説明ソースリンクShenlongリンク
1A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'. https://github.com/projectdiscovery/nuclei-templates/blob/main/code/cves/2020/CVE-2020-0646.yamlPOC詳細
AI生成POCプレミアム

公開POCは見つかりませんでした。

ログインしてAI POCを生成

III. CVE-2020-0646のインテリジェンス情報

登录查看更多情报信息。

Same Patch Batch · Microsoft · 2020-01-14 · 49 CVEs total

CVE-2020-0638Microsoft Update Notification Manager 安全漏洞
CVE-2020-0641Microsoft Windows Media Service 安全漏洞
CVE-2020-0643微软 Microsoft Windows 信息泄露漏洞
CVE-2020-0651Microsoft Excel 缓冲区错误漏洞
CVE-2020-0652Microsoft Office 缓冲区错误漏洞
CVE-2020-0653Microsoft Excel 缓冲区错误漏洞
CVE-2020-0654Microsoft OneDrive 安全漏洞
CVE-2020-0656Microsoft Dynamics 365 跨站脚本漏洞
CVE-2020-0650Microsoft Excel 缓冲区错误漏洞
CVE-2020-0639Microsoft Windows Common Log File System驱动程序信息泄露漏洞
CVE-2020-0640Microsoft Internet Explorer 缓冲区错误漏洞
CVE-2020-0637微软 Microsoft Remote Desktop Web Access 信息泄露漏洞
CVE-2020-0636Microsoft Windows Subsystem for Linux 安全漏洞
CVE-2020-0635Microsoft Windows和Microsoft Windows Server 安全漏洞
CVE-2020-0634Microsoft Windows Common Log File System Driver 安全漏洞
CVE-2020-0633Microsoft Windows Search Indexer 安全漏洞
CVE-2020-0632Microsoft Windows Search Indexer 安全漏洞
CVE-2020-0631Microsoft Windows Search Indexer 安全漏洞
CVE-2020-0630Microsoft Windows Search Indexer 安全漏洞
CVE-2020-0629Microsoft Windows Search Indexer 安全漏洞

Showing 20 of 49 CVEs. View all on vendor page →

IV. 関連脆弱性

同じ製品: Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2
同じベンダー: Microsoft

V. CVE-2020-0646へのコメント

まだコメントはありません

コメントを残す