Windows : Microsoft Bulletins : Microsoft Windows 'HTTP.sys' Denial of Service Vulnerability (3148795)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.807314

Categoría: Windows : Microsoft Bulletins

Título: Microsoft Windows 'HTTP.sys' Denial of Service Vulnerability (3148795)

Resumen: This host is missing an important security; update according to Microsoft Bulletin MS16-049.

Descripción: Summary:
This host is missing an important security
update according to Microsoft Bulletin MS16-049.

Vulnerability Insight:
A denial of service flaw exists in the HTTP
2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted
HTTP 2.0 requests.

Vulnerability Impact:
Successful exploitation will allow an
attacker to cause a Denial of Service.

Affected Software/OS:
- Microsoft Windows 10 x32/x64

- Microsoft Windows 10 Version 1511 x32/x64

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-0150
Microsoft Security Bulletin: MS16-049
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-049
http://www.securitytracker.com/id/1035546

Copyright Copyright (C) 2016 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.807314
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Windows 'HTTP.sys' Denial of Service Vulnerability (3148795)
Resumen:	This host is missing an important security; update according to Microsoft Bulletin MS16-049.
Descripción:	Summary: This host is missing an important security update according to Microsoft Bulletin MS16-049. Vulnerability Insight: A denial of service flaw exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests. Vulnerability Impact: Successful exploitation will allow an attacker to cause a Denial of Service. Affected Software/OS: - Microsoft Windows 10 x32/x64 - Microsoft Windows 10 Version 1511 x32/x64 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-0150 Microsoft Security Bulletin: MS16-049 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-049 http://www.securitytracker.com/id/1035546
Copyright	Copyright (C) 2016 Greenbone Networks GmbH