Microsoft 3D Builder app Multiple Remote Code Execution Vulnerabilities (February 2023)

high Nessus Plugin ID 171547

Language:

Version 1.5 Mar 27, 2024, 7:16 PM Detection (store app vuln plugins will require paranoia when we are unable to determine path) Plugin Feed: 202403271916
Version 1.4 Sep 15, 2023, 10:10 AM IAVM reference Plugin Feed: 202309151010
Version 1.3 Sep 4, 2023, 4:15 PM Exploit attributes ("Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available") CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C") Plugin Feed: 202309041615
Version 1.2 Feb 20, 2023, 2:37 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C". "CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C". "CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C") Exploit attributes ("Exploit available" set to "False". "Exploit available" set to "False". "Exploit available" set to "False". "Exploit available" set to "False". "Exploitability ease" set to "No known exploits are available". "Exploitability ease" set to "No known exploits are available". "Exploitability ease" set to "No known exploits are available") Plugin Feed: 202302201437
Version 1.1 Feb 17, 2023, 10:07 PM STIG Severity (set to "I") IAVM reference Plugin Feed: 202302172207
Version 1.0 Feb 16, 2023, 4:25 PM New Plugin Feed: 202302161625

* Changelogs are generally available for changes made after Nov 1, 2022