Windows : Microsoft Bulletins : Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2829996)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.903202

Kategorie: Windows : Microsoft Bulletins

Titel: Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2829996)

Zusammenfassung: This host is missing an important security update according to; Microsoft Bulletin MS13-036.

Beschreibung: Summary:
This host is missing an important security update according to
Microsoft Bulletin MS13-036.

Vulnerability Insight:
Multiple flaws are due to:

- Improper handling of certain objects in kernel memory.

- Improper parsing of crafted OpenType font files.

Vulnerability Impact:
Successful exploitation will allow remote attackers to gain escalated
privileges.

Affected Software/OS:
- Microsoft Windows 8

- Microsoft Windows Server 2012

- Microsoft Windows XP x32 Edition Service Pack 3 and prior

- Microsoft Windows XP x64 Edition Service Pack 2 and prior

- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior

- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior

- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior

- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior

- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
7.1

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C

Querverweis: BugTraq ID: 58853
BugTraq ID: 58858
BugTraq ID: 58859
BugTraq ID: 58860
Common Vulnerability Exposure (CVE) ID: CVE-2013-1283
Cert/CC Advisory: TA13-100A
http://www.us-cert.gov/ncas/alerts/TA13-100A
Microsoft Security Bulletin: MS13-036
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-036
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16563
Common Vulnerability Exposure (CVE) ID: CVE-2013-1291
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16504
Common Vulnerability Exposure (CVE) ID: CVE-2013-1292
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16575
Common Vulnerability Exposure (CVE) ID: CVE-2013-1293
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16485

Copyright Copyright (C) 2013 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.903202
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2829996)
Zusammenfassung:	This host is missing an important security update according to; Microsoft Bulletin MS13-036.
Beschreibung:	Summary: This host is missing an important security update according to Microsoft Bulletin MS13-036. Vulnerability Insight: Multiple flaws are due to: - Improper handling of certain objects in kernel memory. - Improper parsing of crafted OpenType font files. Vulnerability Impact: Successful exploitation will allow remote attackers to gain escalated privileges. Affected Software/OS: - Microsoft Windows 8 - Microsoft Windows Server 2012 - Microsoft Windows XP x32 Edition Service Pack 3 and prior - Microsoft Windows XP x64 Edition Service Pack 2 and prior - Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior - Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior - Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior - Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior - Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Querverweis:	BugTraq ID: 58853 BugTraq ID: 58858 BugTraq ID: 58859 BugTraq ID: 58860 Common Vulnerability Exposure (CVE) ID: CVE-2013-1283 Cert/CC Advisory: TA13-100A http://www.us-cert.gov/ncas/alerts/TA13-100A Microsoft Security Bulletin: MS13-036 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-036 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16563 Common Vulnerability Exposure (CVE) ID: CVE-2013-1291 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16504 Common Vulnerability Exposure (CVE) ID: CVE-2013-1292 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16575 Common Vulnerability Exposure (CVE) ID: CVE-2013-1293 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16485
Copyright	Copyright (C) 2013 Greenbone Networks GmbH