|Number of vulnerabilities||1|
|CVE ID|| CVE-2019-0809
|Public exploit||Public exploit code for vulnerability #1 is available.|
|Vulnerable software versions||
Visual Studio 2017 version 15.9
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to the application loads DLL libraries in an insecure manner in Visual Studio C++ Redistributable Installer. A remote attacker can place a specially crafted .dll file on a remote SMB fileshare, trick the victim into opening a file, associated with the vulnerable application, and execute arbitrary code on victim's system.Remediation
Install updates from vendor's website.External links