CVE-2020-0605

Source
https://cve.org/CVERecord?id=CVE-2020-0605
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-0605.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-0605
Published
2020-01-14T23:15:30.427Z
Modified
2026-07-08T05:56:30.278914863Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0606.

Database specific
{
    "unresolved_ranges": [
        {
            "cpes": [
                "cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*",
                "cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:microsoft:.net_framework:4.6.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*"
            ],
            "vendor_product": "microsoft:.net_framework",
            "extracted_events": [
                {
                    "introduced": "3.0-sp2"
                },
                {
                    "last_affected": "3.0-sp2"
                },
                {
                    "introduced": "3.5"
                },
                {
                    "last_affected": "3.5"
                },
                {
                    "introduced": "3.5"
                },
                {
                    "last_affected": "3.5"
                },
                {
                    "introduced": "4.6.2"
                },
                {
                    "last_affected": "4.6.2"
                },
                {
                    "introduced": "4.7"
                },
                {
                    "last_affected": "4.7"
                },
                {
                    "introduced": "4.7.1"
                },
                {
                    "last_affected": "4.7.1"
                },
                {
                    "introduced": "4.7.2"
                },
                {
                    "last_affected": "4.7.2"
                },
                {
                    "introduced": "3.5"
                },
                {
                    "last_affected": "3.5"
                },
                {
                    "introduced": "4.7.2"
                },
                {
                    "last_affected": "4.7.2"
                },
                {
                    "introduced": "3.5"
                },
                {
                    "last_affected": "3.5"
                },
                {
                    "introduced": "4.8"
                },
                {
                    "last_affected": "4.8"
                },
                {
                    "introduced": "3.5.1"
                },
                {
                    "last_affected": "3.5.1"
                },
                {
                    "introduced": "4.5.2"
                },
                {
                    "last_affected": "4.5.2"
                },
                {
                    "introduced": "4.6"
                },
                {
                    "last_affected": "4.6"
                },
                {
                    "introduced": "4.6.2"
                },
                {
                    "last_affected": "4.6.2"
                },
                {
                    "introduced": "4.7"
                },
                {
                    "last_affected": "4.7"
                },
                {
                    "introduced": "4.7.1"
                },
                {
                    "last_affected": "4.7.1"
                },
                {
                    "introduced": "4.7.2"
                },
                {
                    "last_affected": "4.7.2"
                },
                {
                    "introduced": "4.6"
                },
                {
                    "last_affected": "4.6"
                },
                {
                    "introduced": "4.6.1"
                },
                {
                    "last_affected": "4.6.1"
                },
                {
                    "introduced": "4.6.2"
                },
                {
                    "last_affected": "4.6.2"
                },
                {
                    "introduced": "4.7"
                },
                {
                    "last_affected": "4.7"
                },
                {
                    "introduced": "4.7.1"
                },
                {
                    "last_affected": "4.7.1"
                },
                {
                    "introduced": "4.7.2"
                },
                {
                    "last_affected": "4.7.2"
                },
                {
                    "introduced": "4.8"
                },
                {
                    "last_affected": "4.8"
                }
            ],
            "source": "CPE_STRING"
        }
    ]
}
References

Affected packages

Git / github.com/dotnet/core

Affected ranges

Type
GIT
Repo
https://github.com/dotnet/core
Events
Database specific
{
    "cpe": [
        "cpe:2.3:a:microsoft:.net_core:1.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:microsoft:.net_core:3.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:microsoft:.net_core:3.1:*:*:*:*:*:*:*"
    ],
    "extracted_events": [
        {
            "introduced": "1.0"
        },
        {
            "last_affected": "1.0"
        },
        {
            "introduced": "3.0"
        },
        {
            "last_affected": "3.0"
        },
        {
            "introduced": "3.1"
        },
        {
            "last_affected": "3.1"
        }
    ],
    "source": "CPE_STRING"
}

Affected versions

1.*
1.0
3.*
3.0
3.1
v1.*
v1.0.0
v1.0.1
v1.0.10
v1.0.11
v1.0.12
v1.0.13
v1.0.14
v1.0.15
v1.0.16
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.0.7
v1.0.8
v1.0.9
v1.1
v1.1.0
v1.1.0-preview1
v1.1.1
v1.1.10
v1.1.11
v1.1.12
v1.1.13
v1.1.2
v1.1.4
v1.1.5
v1.1.6
v1.1.7
v1.1.8
v1.1.9
v2.*
v2.0.0
v2.0.0-preview1
v2.0.0-preview2
v2.0.3
v2.0.4
v2.0.5
v2.0.6
v2.0.7
v2.0.7-2
v2.0.9
v2.1-preview1
v2.1-preview2
v2.1-rc1
v2.1.0
v2.1.1
v2.1.11
v2.1.12
v2.1.13
v2.1.14
v2.1.2
v2.1.3
v2.1.4
v2.1.5
v2.1.6
v2.1.7
v2.1.8
v2.1.9
v2.2.0
v2.2.0-preview1
v2.2.0-preview3
v2.2.1
v2.2.2
v2.2.3
v2.2.5
v2.2.6
v2.2.7
v2.2.8
v3.*
v3.0.0
v3.0.0-preview1
v3.0.0-preview2
v3.0.0-preview3
v3.0.0-preview4
v3.0.0-preview5
v3.0.0-preview6
v3.0.0-preview7
v3.0.0-preview8
v3.0.0-preview9
v3.0.0-rc1
v3.0.1
v3.1.0
v3.1.0-preview1
v3.1.0-preview2
v3.1.0-preview3

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-0605.json"