English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.815023
Categoría:Windows : Microsoft Bulletins
Título:Microsoft Windows Multiple Vulnerabilities (KB4493475)
Resumen:This host is missing a critical security; update according to Microsoft KB4493475
Descripción:Summary:
This host is missing a critical security
update according to Microsoft KB4493475

Vulnerability Insight:
Multiple flaws exist due to:

- The scripting engine improperly handles objects in memory in Microsoft Edge.

- The IOleCvt interface improperly renders ASP webpage content.

- An error in the scripting engine which handles objects in memory in Internet Explorer.

- Windows improperly handles calls to the LUAFV driver.

- Windows GDI component improperly discloses the contents of its memory.

- Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle
objects in memory.

- Microsoft XML Core Services MSXML parser improperly processes user input.

- OLE automation improperly handles objects in memory.

- Windows Task Scheduler improperly discloses credentials to Windows Credential
Manager.

- Terminal Services component improperly discloses the contents of its memory.

- The Win32k component fails to properly handle objects in memory.

- The win32k component improperly provides kernel information.

- Windows Jet Database Engine improperly handles objects in memory.

- Windows improperly handles objects in memory.

- Microsoft browsers do not properly validate input under specific conditions.

- An error in the Microsoft Server Message Block (SMB) Server when an attacker
with valid credentials attempts to open a specially crafted file over the SMB
protocol on the same machine.

- Windows TCP/IP stack improperly handles fragmented IP packets.

Vulnerability Impact:
Successful exploitation will allow an attacker
to run arbitrary code, disclose sensitive information and compromise the user's
system.

Affected Software/OS:
- Microsoft Windows 10 for 32-bit Systems

- Microsoft Windows 10 for x64-based Systems

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2019-0688
BugTraq ID: 107685
http://www.securityfocus.com/bid/107685
https://arxiv.org/pdf/1906.10478.pdf
Common Vulnerability Exposure (CVE) ID: CVE-2019-0730
https://www.exploit-db.com/exploits/46713/
http://packetstormsecurity.com/files/152533/Microsoft-Windows-LUAFV-Delayed-Virtualization-MAXIMUM_ACCESS-DesiredAccess-Privilege-Escalation.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0730
Common Vulnerability Exposure (CVE) ID: CVE-2019-0848
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0848
Common Vulnerability Exposure (CVE) ID: CVE-2019-0849
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0849
Common Vulnerability Exposure (CVE) ID: CVE-2019-0851
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0851
Common Vulnerability Exposure (CVE) ID: CVE-2019-0731
https://www.exploit-db.com/exploits/46714/
http://packetstormsecurity.com/files/152534/Microsoft-Windows-LUAFV-Delayed-Virtualization-Cross-Process-Handle-Duplication-Privilege-Escalation.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0731
Common Vulnerability Exposure (CVE) ID: CVE-2019-0732
https://www.exploit-db.com/exploits/46716/
http://packetstormsecurity.com/files/152536/Microsoft-Windows-LUAFV-NtSetCachedSigningLevel-Device-Guard-Bypass.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0732
Common Vulnerability Exposure (CVE) ID: CVE-2019-0735
https://www.exploit-db.com/exploits/46712/
http://packetstormsecurity.com/files/152532/Microsoft-Windows-CSRSS-SxSSrv-Cached-Manifest-Privilege-Escalation.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0735
Common Vulnerability Exposure (CVE) ID: CVE-2019-0853
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0853
https://www.zerodayinitiative.com/advisories/ZDI-19-362/
https://www.zerodayinitiative.com/advisories/ZDI-19-363/
Common Vulnerability Exposure (CVE) ID: CVE-2019-0856
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0856
Common Vulnerability Exposure (CVE) ID: CVE-2019-0739
BugTraq ID: 107708
http://www.securityfocus.com/bid/107708
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0739
Common Vulnerability Exposure (CVE) ID: CVE-2019-0752
http://packetstormsecurity.com/files/153078/Microsoft-Internet-Explorer-Windows-10-1809-17763.316-Memory-Corruption.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0752
https://www.zerodayinitiative.com/advisories/ZDI-19-359/
Common Vulnerability Exposure (CVE) ID: CVE-2019-0753
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0753
Common Vulnerability Exposure (CVE) ID: CVE-2019-0764
BugTraq ID: 107731
http://www.securityfocus.com/bid/107731
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0764
Common Vulnerability Exposure (CVE) ID: CVE-2019-0859
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0859
Common Vulnerability Exposure (CVE) ID: CVE-2019-0860
BugTraq ID: 107722
http://www.securityfocus.com/bid/107722
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0860
Common Vulnerability Exposure (CVE) ID: CVE-2019-0861
BugTraq ID: 107724
http://www.securityfocus.com/bid/107724
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0861
Common Vulnerability Exposure (CVE) ID: CVE-2019-0862
BugTraq ID: 107727
http://www.securityfocus.com/bid/107727
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0862
Common Vulnerability Exposure (CVE) ID: CVE-2019-0790
BugTraq ID: 107702
http://www.securityfocus.com/bid/107702
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0790
Common Vulnerability Exposure (CVE) ID: CVE-2019-0791
BugTraq ID: 107726
http://www.securityfocus.com/bid/107726
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0791
Common Vulnerability Exposure (CVE) ID: CVE-2019-0877
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0877
Common Vulnerability Exposure (CVE) ID: CVE-2019-0879
BugTraq ID: 107741
http://www.securityfocus.com/bid/107741
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0879
Common Vulnerability Exposure (CVE) ID: CVE-2019-0792
BugTraq ID: 107728
http://www.securityfocus.com/bid/107728
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0792
Common Vulnerability Exposure (CVE) ID: CVE-2019-0793
BugTraq ID: 107729
http://www.securityfocus.com/bid/107729
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0793
Common Vulnerability Exposure (CVE) ID: CVE-2019-0794
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0794
Common Vulnerability Exposure (CVE) ID: CVE-2019-0795
BugTraq ID: 107732
http://www.securityfocus.com/bid/107732
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0795
Common Vulnerability Exposure (CVE) ID: CVE-2019-0796
https://www.exploit-db.com/exploits/46715/
http://packetstormsecurity.com/files/152535/Microsoft-Windows-LUAFV-LuafvCopyShortName-Arbitrary-Short-Name-Privilege-Escalation.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0796
Common Vulnerability Exposure (CVE) ID: CVE-2019-0806
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0806
Common Vulnerability Exposure (CVE) ID: CVE-2019-0810
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0810
https://www.zerodayinitiative.com/advisories/ZDI-19-361/
Common Vulnerability Exposure (CVE) ID: CVE-2019-0812
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0812
Common Vulnerability Exposure (CVE) ID: CVE-2019-0835
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0835
Common Vulnerability Exposure (CVE) ID: CVE-2019-0836
BugTraq ID: 107719
http://www.securityfocus.com/bid/107719
https://www.exploit-db.com/exploits/46718/
http://packetstormsecurity.com/files/152538/Microsoft-Windows-LUAFV-PostLuafvPostReadWrite-SECTION_OBJECT_POINTERS-Race-Condition.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0836
Common Vulnerability Exposure (CVE) ID: CVE-2019-0838
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0838
Common Vulnerability Exposure (CVE) ID: CVE-2019-0839
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0839
Common Vulnerability Exposure (CVE) ID: CVE-2019-0842
BugTraq ID: 107725
http://www.securityfocus.com/bid/107725
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0842
Common Vulnerability Exposure (CVE) ID: CVE-2019-0844
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0844
Common Vulnerability Exposure (CVE) ID: CVE-2019-0845
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0845
Common Vulnerability Exposure (CVE) ID: CVE-2019-0846
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0846
Common Vulnerability Exposure (CVE) ID: CVE-2019-0847
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0847
Common Vulnerability Exposure (CVE) ID: CVE-2019-0802
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0802
Common Vulnerability Exposure (CVE) ID: CVE-2019-0803
http://packetstormsecurity.com/files/153034/Microsoft-Windows-Win32k-Privilege-Escalation.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0803
Common Vulnerability Exposure (CVE) ID: CVE-2019-0805
https://www.exploit-db.com/exploits/46717/
http://packetstormsecurity.com/files/152537/Microsoft-Windows-LUAFV-Delayed-Virtualization-Cache-Manager-Poisoning-Privilege-Escalation.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0805
Common Vulnerability Exposure (CVE) ID: CVE-2019-0673
BugTraq ID: 106930
http://www.securityfocus.com/bid/106930
Common Vulnerability Exposure (CVE) ID: CVE-2019-0674
BugTraq ID: 106931
http://www.securityfocus.com/bid/106931
Common Vulnerability Exposure (CVE) ID: CVE-2019-0671
BugTraq ID: 106928
http://www.securityfocus.com/bid/106928
CopyrightCopyright (C) 2019 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2024 E-Soft Inc. Todos los derechos reservados.