Windows : Microsoft Bulletins : Microsoft Windows Kernel-Mode Drivers Code Execution Vulnerability (3119075)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.806776

Kategorie: Windows : Microsoft Bulletins

Titel: Microsoft Windows Kernel-Mode Drivers Code Execution Vulnerability (3119075)

Zusammenfassung: This host is missing an important security; update according to Microsoft Bulletin MS15-135.

Beschreibung: Summary:
This host is missing an important security
update according to Microsoft Bulletin MS15-135.

Vulnerability Insight:
Multiple flaws are due to:

- Multiple local privilege escalation vulnerabilities.

- Multiple remote code execution vulnerabilities when the Windows font library
improperly handles specially crafted embedded fonts

Vulnerability Impact:
Successful exploitation will allow an attacker
to execute arbitrary code in kernel mode with elevated privileges.

Affected Software/OS:
- Microsoft Windows 8 x32/x64

- Microsoft Windows 10 x32/x64

- Microsoft Windows 8.1 x32/x64

- Microsoft Windows Server 2012/2012R2

- Microsoft Windows 10 Version 1511 x32/x64

- Microsoft Windows Vista x32/x64 Service Pack 2

- Microsoft Windows Server 2008 x32/x64 Service Pack 2

- Microsoft Windows 7 x32/x64 Service Pack 1

- Microsoft Windows Server 2008 R2 x64 Service Pack 1

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2015-6171
Microsoft Security Bulletin: MS15-135
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-135
http://www.securitytracker.com/id/1034334
Common Vulnerability Exposure (CVE) ID: CVE-2015-6173
Common Vulnerability Exposure (CVE) ID: CVE-2015-6174
Common Vulnerability Exposure (CVE) ID: CVE-2015-6175
Common Vulnerability Exposure (CVE) ID: CVE-2015-6106
Microsoft Security Bulletin: MS15-128
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-128
http://www.securitytracker.com/id/1034331
http://www.securitytracker.com/id/1034332
http://www.securitytracker.com/id/1034333
http://www.securitytracker.com/id/1034336
Common Vulnerability Exposure (CVE) ID: CVE-2015-6107
Common Vulnerability Exposure (CVE) ID: CVE-2015-6108
http://www.securitytracker.com/id/1034329
http://www.securitytracker.com/id/1034330

Copyright Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.806776
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Windows Kernel-Mode Drivers Code Execution Vulnerability (3119075)
Zusammenfassung:	This host is missing an important security; update according to Microsoft Bulletin MS15-135.
Beschreibung:	Summary: This host is missing an important security update according to Microsoft Bulletin MS15-135. Vulnerability Insight: Multiple flaws are due to: - Multiple local privilege escalation vulnerabilities. - Multiple remote code execution vulnerabilities when the Windows font library improperly handles specially crafted embedded fonts Vulnerability Impact: Successful exploitation will allow an attacker to execute arbitrary code in kernel mode with elevated privileges. Affected Software/OS: - Microsoft Windows 8 x32/x64 - Microsoft Windows 10 x32/x64 - Microsoft Windows 8.1 x32/x64 - Microsoft Windows Server 2012/2012R2 - Microsoft Windows 10 Version 1511 x32/x64 - Microsoft Windows Vista x32/x64 Service Pack 2 - Microsoft Windows Server 2008 x32/x64 Service Pack 2 - Microsoft Windows 7 x32/x64 Service Pack 1 - Microsoft Windows Server 2008 R2 x64 Service Pack 1 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-6171 Microsoft Security Bulletin: MS15-135 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-135 http://www.securitytracker.com/id/1034334 Common Vulnerability Exposure (CVE) ID: CVE-2015-6173 Common Vulnerability Exposure (CVE) ID: CVE-2015-6174 Common Vulnerability Exposure (CVE) ID: CVE-2015-6175 Common Vulnerability Exposure (CVE) ID: CVE-2015-6106 Microsoft Security Bulletin: MS15-128 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-128 http://www.securitytracker.com/id/1034331 http://www.securitytracker.com/id/1034332 http://www.securitytracker.com/id/1034333 http://www.securitytracker.com/id/1034336 Common Vulnerability Exposure (CVE) ID: CVE-2015-6107 Common Vulnerability Exposure (CVE) ID: CVE-2015-6108 http://www.securitytracker.com/id/1034329 http://www.securitytracker.com/id/1034330
Copyright	Copyright (C) 2015 Greenbone AG