CVE-2018-8172 PoC — Microsoft Visual Studio 输入验证错误漏洞

Source

https://github.com/SyFi/CVE-2018-8172

Associated Vulnerability

Title:Microsoft Visual Studio 输入验证错误漏洞 (CVE-2018-8172)
Description:Microsoft Visual Studio是美国微软（Microsoft）公司的一款开发工具套件系列产品，也是一个基本完整的开发工具集，它包括了整个软件生命周期中所需要的大部分工具。 Microsoft Visual Studio中存在远程代码执行漏洞，该漏洞源于程序没有正确的检测未构建项目文件的源标记。远程攻击者可借助特制的文件利用该漏洞在当前用户的上下文中执行任意代码。以下产品和版本受到影响受到影响：Microsoft Expression Blend 4 SP3；Microsoft Visual

Description

Microsoft Visual Studio CVE-2018-8172 Remote Code Execution Vulnerability

Readme

# CVE-2018-8172
Microsoft Visual Studio CVE-2018-8172 Remote Code Execution Vulnerability


http://darkcert.com/2018/08/microsoft-visual-studio-remote-code-execution-cve-2018-8172/

https://twitter.com/SyFi2k

File Snapshot


 [4.0K]  /data/pocs/d8d6a738c0f7f4482761b7b8fc0bb1653f693b18
├── [8.2K]  poc.resx
└── [ 209]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!