Jul 2024: .NET and Visual Studio Remote Code Execution Vulnerability: CVE-2024-35264 July 2024

Jul 2024: .NET and Visual Studio Remote Code Execution Vulnerability
CVE-2024-35264 Published on July 9, 2024

.NET and Visual Studio Remote Code Execution Vulnerability
.NET and Visual Studio Remote Code Execution Vulnerability

Weakness Type

What is a Dangling pointer Vulnerability?

Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

CVE-2024-35264 has been classified to as a Dangling pointer vulnerability or weakness.

Products Associated with CVE-2024-35264

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2024-35264 are published in these products:

Affected Versions

Version - is affected.

Version 1.0.0 and below 8.0.7 is affected.

Version 17.4.0 and below 17.4.21 is affected.

Version 17.8.0 and below 17.8.12 is affected.

Version 17.10 and below 17.10.4 is affected.

Version 17.6.0 and below 17.6.17 is affected.

Vulnerable Packages

The following package name and versions may be associated with CVE-2024-35264

Package Manager	Vulnerable Package	Versions	Fixed In
nuget	Microsoft.AspNetCore.App.Runtime.win-x86	>= 8.0.0, <= 8.0.6	8.0.7
nuget	Microsoft.AspNetCore.App.Runtime.win-x64	>= 8.0.0, <= 8.0.6	8.0.7
nuget	Microsoft.AspNetCore.App.Runtime.linux-musl-arm64	>= 8.0.0, <= 8.0.6	8.0.7
nuget	Microsoft.AspNetCore.App.Runtime.linux-musl-x64	>= 8.0.0, <= 8.0.6	8.0.7
nuget	Microsoft.AspNetCore.App.Runtime.linux-musl-arm	>= 8.0.0, <= 8.0.6	8.0.7
nuget	Microsoft.AspNetCore.App.Runtime.win-arm64	>= 8.0.0, <= 8.0.6	8.0.7
nuget	Microsoft.AspNetCore.App.Runtime.win-arm	>= 8.0.0, <= 8.0.6	8.0.7
nuget	Microsoft.AspNetCore.App.Runtime.linux-arm64	>= 8.0.0, <= 8.0.6	8.0.7
nuget	Microsoft.AspNetCore.App.Runtime.osx-x64	>= 8.0.0, <= 8.0.6	8.0.7
nuget	Microsoft.AspNetCore.App.Runtime.linux-arm	>= 8.0.0, <= 8.0.6	8.0.7
nuget	Microsoft.AspNetCore.App.Runtime.osx-arm64	>= 8.0.0, <= 8.0.6	8.0.7
nuget	Microsoft.AspNetCore.App.Runtime.linux-x64	>= 8.0.0, <= 8.0.6	8.0.7

Package Manager

Vulnerable Package

Versions

Fixed In

nuget

Microsoft.AspNetCore.App.Runtime.win-x86

>= 8.0.0, <= 8.0.6

8.0.7

nuget

Microsoft.AspNetCore.App.Runtime.win-x64

>= 8.0.0, <= 8.0.6

8.0.7

nuget

Microsoft.AspNetCore.App.Runtime.linux-musl-arm64

>= 8.0.0, <= 8.0.6

8.0.7

nuget

Microsoft.AspNetCore.App.Runtime.linux-musl-x64

>= 8.0.0, <= 8.0.6

8.0.7

nuget

Microsoft.AspNetCore.App.Runtime.linux-musl-arm

>= 8.0.0, <= 8.0.6

8.0.7

nuget

Microsoft.AspNetCore.App.Runtime.win-arm64

>= 8.0.0, <= 8.0.6

8.0.7

nuget

Microsoft.AspNetCore.App.Runtime.win-arm

>= 8.0.0, <= 8.0.6

8.0.7

nuget

Microsoft.AspNetCore.App.Runtime.linux-arm64

>= 8.0.0, <= 8.0.6

8.0.7

nuget

Microsoft.AspNetCore.App.Runtime.osx-x64

>= 8.0.0, <= 8.0.6

8.0.7

nuget

Microsoft.AspNetCore.App.Runtime.linux-arm

>= 8.0.0, <= 8.0.6

8.0.7

nuget

Microsoft.AspNetCore.App.Runtime.osx-arm64

>= 8.0.0, <= 8.0.6

8.0.7

nuget

Microsoft.AspNetCore.App.Runtime.linux-x64

>= 8.0.0, <= 8.0.6

8.0.7

Exploit Probability

EPSS

4.36%

Percentile

88.80%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Jul 2024: .NET and Visual Studio Remote Code Execution VulnerabilityCVE-2024-35264 Published on July 9, 2024

Weakness Type

What is a Dangling pointer Vulnerability?

Products Associated with CVE-2024-35264

Affected Versions

Vulnerable Packages

Exploit Probability

Jul 2024: .NET and Visual Studio Remote Code Execution Vulnerability
CVE-2024-35264 Published on July 9, 2024