CVE-2020-1066-EXP支持Windows 7和Windows Server 2008 R2操作系统
引用 这个漏洞属于Windows CardSpace服务未正确处理符号链接对象导致的任意文件替换的本地权限提升漏洞 申明 作者poc仅供研究目的,如果读者利用本poc从事其他行为,与本人无关 目录 [toc] 分析 漏洞影响范围 适用于Windows7和Windows Server 2008 R2的普通用户和开启特殊配置的IIS用户 漏洞原
An elevation of privilege vulnerability exists in .NET Framework which could allow an malicious user to elevate their privilege level.To exploit the vulnerability, an attacker would first have to access the local machine, and then run a malicious program.The update addresses the vulnerability by correcting how .NET Framework activates COM objects., aka '.NET Framework Elevation of Privilege Vulnerability'.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft .net_framework 3.0 |
||
microsoft .net_framework 3.5.1 |