Detections
Analytics
Security Updates for Microsoft .NET Framework (September 2023)
high Nessus Plugin ID 181375
Language:
Synopsis
The Microsoft .NET Framework installation on the remote host is missing a security update.Description
The Microsoft .NET Framework installation on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities, as follows:- Multiple vulnerabilities in DiaSymReader.dll where parsing an corrupted PDB can result in remote code execution. (CVE-2023-36792, CVE-2023-36793, CVE-2023-36794 CVE-2023-36796)
- A vulnerability in the WPF XML parser where an unsandboxed parser can lead to remote code execution.
(CVE-2023-36788)
Solution
Microsoft has released security updates for Microsoft .NET Framework.See Also
http://www.nessus.org/u?3bbdfd35
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36788
https://support.microsoft.com/en-us/help/5029942
https://support.microsoft.com/en-us/help/5029943
https://support.microsoft.com/en-us/help/5029944
https://support.microsoft.com/en-us/help/5029945
https://support.microsoft.com/en-us/help/5029946
https://support.microsoft.com/en-us/help/5029947
https://support.microsoft.com/en-us/help/5029948
https://support.microsoft.com/en-us/help/5030030
https://support.microsoft.com/en-us/help/5030160
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36792
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36793
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36794
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36796
https://support.microsoft.com/en-us/help/5029915
https://support.microsoft.com/en-us/help/5029916
https://support.microsoft.com/en-us/help/5029917
https://support.microsoft.com/en-us/help/5029919
https://support.microsoft.com/en-us/help/5029920
https://support.microsoft.com/en-us/help/5029921
https://support.microsoft.com/en-us/help/5029922
https://support.microsoft.com/en-us/help/5029923
https://support.microsoft.com/en-us/help/5029924
https://support.microsoft.com/en-us/help/5029925
https://support.microsoft.com/en-us/help/5029926
https://support.microsoft.com/en-us/help/5029927
https://support.microsoft.com/en-us/help/5029928
https://support.microsoft.com/en-us/help/5029929
https://support.microsoft.com/en-us/help/5029931
https://support.microsoft.com/en-us/help/5029932
https://support.microsoft.com/en-us/help/5029933
https://support.microsoft.com/en-us/help/5029937
https://support.microsoft.com/en-us/help/5029938
Plugin Details
Severity: High
ID: 181375
File Name: smb_nt_ms23_sep_dotnet.nasl
Version: 1.4
Type: local
Agent: windows
Family: Windows : Microsoft Bulletins
Published: 9/13/2023
Updated: 11/16/2023
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 7.2
Temporal Score: 5.3
Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2023-36796
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:microsoft:.net_framework
Required KB Items: SMB/MS_Bulletin_Checks/Possible
Exploit Ease: No known exploits are available
Patch Publication Date: 9/12/2023
Vulnerability Publication Date: 9/12/2023
Reference Information
CVE: CVE-2023-36788, CVE-2023-36792, CVE-2023-36793, CVE-2023-36794, CVE-2023-36796
IAVA: 2023-A-0470-S
MSFT: MS23-5029916, MS23-5029917, MS23-5029919, MS23-5029920, MS23-5029921, MS23-5029922, MS23-5029923, MS23-5029924, MS23-5029925, MS23-5029926, MS23-5029927, MS23-5029928, MS23-5029929, MS23-5029931, MS23-5029932, MS23-5029933, MS23-5029937, MS23-5029938, MS23-5029940, MS23-5029941, MS23-5029942, MS23-5029943, MS23-5029944, MS23-5029945, MS23-5029946, MS23-5029947, MS23-5029948, MS23-5030030, MS23-5030160
MSKB: 5029915, 5029916, 5029917, 5029919, 5029920, 5029921, 5029922, 5029923, 5029924, 5029925, 5029926, 5029927, 5029928, 5029929, 5029931, 5029932, 5029933, 5029937, 5029938, 5029940, 5029941, 5029942, 5029943, 5029944, 5029945, 5029946, 5029947, 5029948, 5030030, 5030160