Vulnerabilities > CVE-2023-26314

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

mono-project

debian

NVD

Published: 2023-02-22

Updated: 2023-03-02

Summary

The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter.

Vulnerable Configurations

Part	Description	Count
Application	Mono-Project Mono Project Mono 6.8.0.105\+Dfsg-3 Mono Project Mono 5.18.0.240\+Dfsg-3	2
OS	Debian Debian Debian Linux 10.0	1

References

https://bugs.debian.org/972146
https://www.openwall.com/lists/oss-security/2023/01/05/1
https://lists.debian.org/debian-lts-announce/2023/02/msg00037.html

Vulnerabilities > CVE-2023-26314 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2023-26314"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2023-26314