CVE-2024-29059 - Microsoft .NET Framework Information Disclosure Vulnerability

项目:Microsoft

产品:.NET Framework

添加日期:2025-02-04到期日:2025-02-25最后更新:June 21, 2025

漏洞名称

Microsoft .NET Framework Information Disclosure Vulnerability

描述

Microsoft .NET Framework contains an information disclosure vulnerability that exposes the ObjRef URI to an attacker, ultimately enabling remote code execution.

已知用于勒索软件活动吗?

Unknown

采集行动

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

其他说明

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29059

https://nvd.nist.gov/vuln/detail/CVE-2024-29059

相关新闻文章

CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacksFebruary 5, 2025

CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25February 5, 2025

相关 CWE

CWE-209