CVE-2019-0537

5 documents5 sources
Severity
5.5MEDIUM
EPSS
26.9%
top 3.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft Microsoft Visual StudioMicrosoft Visual Studio
Timeline
PublishedJan 8
Latest updateMay 13

Description

An information disclosure vulnerability exists when Visual Studio improperly discloses arbitrary file contents if the victim opens a malicious .vscontent file, aka "Microsoft Visual Studio Information Disclosure Vulnerability." This affects Microsoft Visual Studio.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDmicrosoft/visual_studio2010, 2012+1
CVEListV5microsoft/microsoft_visual_studio2010 Service Pack 1, 2012 Update 5+1

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

3
GHSA
GHSA-j22w-3p2c-jwhf: An information disclosure vulnerability exists when Visual Studio improperly discloses arbitrary file contents if the victim opens a malicious2022-05-13
CVEList
CVE-2019-0537: An information disclosure vulnerability exists when Visual Studio improperly discloses arbitrary file contents if the victim opens a malicious2019-01-08
VulnCheck
Microsoft Visual Studio Information Disclosure Vulnerability2019

📋Vendor Advisories

1
Microsoft
Microsoft Visual Studio Information Disclosure Vulnerability2019-01-08
CVE-2019-0537 (MEDIUM CVSS 5.5) | An information disclosure vulnerabi | cvebase.io