CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-0597

Untrusted search path vulnerability in the installer of Visual Studio Code allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.023

EPSS Ranking 84.2%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.8

References

http://jvn.jp/en/jp/JVN91151862/index.html
http://www.securityfocus.com/bid/104563
https://blogs.technet.microsoft.com/srd/2018/04/04/triaging-a-dll-planting-vulnerability/
http://jvn.jp/en/jp/JVN91151862/index.html
http://www.securityfocus.com/bid/104563
https://blogs.technet.microsoft.com/srd/2018/04/04/triaging-a-dll-planting-vulnerability/

Products affected by CVE-2018-0597

Microsoft » Visual Studio Code » Version: N/A

cpe:2.3:a:microsoft:visual_studio_code:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-0597

Products

Pricing

Contact Us