High severity8.1NVD Advisory· Published Jul 11, 2018· Updated Jun 17, 2026
CVE-2018-8284
CVE-2018-8284
Description
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.
Affected products
2- Range: multiple versions from 2.0 to 4.7.2
- Range: 2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2
Patches
Vulnerability mechanics
References
3- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8284nvdPatchVendor Advisory
- www.securityfocus.com/bid/104667nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1041257nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.