Security Updates for Microsoft .NET Framework (September 2018)

Medium Nessus Plugin ID 117431


The Microsoft .NET Framework installation on the remote host is missing a security update.


The Microsoft .NET Framework installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability :

- A remote code execution vulnerability exists when Microsoft .NET Framework processes input. An attacker who successfully exploited this vulnerability could take control of an affected system. (CVE-2018-8421)


Microsoft has released security updates for Microsoft .NET Framework.

See Also

Plugin Details

Severity: Medium

ID: 117431

File Name: smb_nt_ms18_sep_dotnet.nasl

Version: 1.5

Type: local

Agent: windows

Published: 2018/09/12

Modified: 2018/12/14

Dependencies: 51351, 57033, 13855, 99364

Risk Information

Risk Factor: Medium

CVSS Score Source: manual

CVSS Score Rationale: Nvd score unavailable. assigned score for local rce.

CVSS v2.0

Base Score: 6.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS v3.0

Base Score: 8.4

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/a:microsoft:.net_framework

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Patch Publication Date: 2018/09/11

Vulnerability Publication Date: 2018/09/11

Reference Information

CVE: CVE-2018-8421

MSKB: 4457035, 4457038, 4457033, 4457142, 4457030, 4457025, 4457027, 4457026, 4457043, 4457028, 4457128, 4457045, 4457044, 4457132, 4457131, 4457036, 4457037, 4457034, 4457053, 4457054, 4457055, 4457056, 4457138, 4457029, 4457042

MSFT: MS18-4457035, MS18-4457038, MS18-4457033, MS18-4457142, MS18-4457030, MS18-4457025, MS18-4457027, MS18-4457026, MS18-4457043, MS18-4457028, MS18-4457128, MS18-4457045, MS18-4457044, MS18-4457132, MS18-4457131, MS18-4457036, MS18-4457037, MS18-4457034, MS18-4457053, MS18-4457054, MS18-4457055, MS18-4457056, MS18-4457138, MS18-4457029, MS18-4457042