English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.811515
Kategorie:Windows : Microsoft Bulletins
Titel:Microsoft Windows Multiple Vulnerabilities (KB4025339)
Zusammenfassung:This host is missing a critical security; update according to Microsoft KB4025339
Beschreibung:Summary:
This host is missing a critical security
update according to Microsoft KB4025339

Vulnerability Insight:
Multiple flaws exist if:

- Microsoft Windows fails to properly handle objects in memory.

- The way JavaScript engines render when handling objects in memory in
Microsoft browsers.

- Windows Explorer improperly handles executable files and shares during
rename operations.

- An affected Microsoft browser does not properly parse HTTP content.

- Windows improperly handles calls to Advanced Local Procedure Call (ALPC).

- Microsoft Windows when Kerberos falls back to NT LAN Manager (NTLM)
Authentication Protocol as the default authentication protocol.

- Windows Kernel improperly handles objects in memory.

- The Windows kernel fails to properly initialize a memory address,
allowing an attacker to retrieve information that could lead to a Kernel Address
Space Layout Randomization (KASLR) bypass.

- PSObject wraps a CIM Instance.

- Microsoft Graphics Component fails to properly handle objects in memory.

- VBScript engine, when rendered in Internet Explorer, improperly handles
objects in memory.

- Microsoft Browsers improperly handle redirect requests.

- Microsoft Windows when Kerberos fails to prevent tampering with the SNAME
field during ticket exchange.

- Internet Explorer improperly accesses objects in memory.

- Windows System Information Console when it improperly parses XML input
containing a reference to an external entity.

- Windows Performance Monitor Console when it improperly parses XML
input containing a reference to an external entity.

- Microsoft WordPad parses specially crafted files.

- Windows Search improperly handles objects in memory.

- Windows Explorer attempts to open a non-existent file.

- Windows improperly handles objects in memory.

Vulnerability Impact:
Successful exploitation will allow an attacker
to obtain information to further compromise the user's system, gain the same
user rights as the current user, run arbitrary code in the context of another
user, trick a user by redirecting the user to a specially crafted website, run
processes in an elevated cretrieve the base address of the kernel driver from
a compromised process, embed an ActiveX control marked 'safe for initialization'
in an application or Microsoft Office document that hosts the Internet Explorer
rendering engine, force the browser to send data that would otherwise be
restricted to a destination web site of their choice, bypass Extended Protection
for Authentication, read arbitrary files via an XML external entity (XXE)
declaration and cause a denial of service.

Affected Software/OS:
- Microsoft Windows 10 Version 1607 x32/x64

- Microsoft Windows Server 2016

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2017-8592
BugTraq ID: 99396
http://www.securityfocus.com/bid/99396
http://www.securitytracker.com/id/1038859
http://www.securitytracker.com/id/1038860
Common Vulnerability Exposure (CVE) ID: CVE-2017-8595
BugTraq ID: 99403
http://www.securityfocus.com/bid/99403
http://www.securitytracker.com/id/1038849
Common Vulnerability Exposure (CVE) ID: CVE-2017-8596
BugTraq ID: 99405
http://www.securityfocus.com/bid/99405
Common Vulnerability Exposure (CVE) ID: CVE-2017-8598
BugTraq ID: 99417
http://www.securityfocus.com/bid/99417
Common Vulnerability Exposure (CVE) ID: CVE-2017-8599
BugTraq ID: 99393
http://www.securityfocus.com/bid/99393
http://www.securitytracker.com/id/1038858
Common Vulnerability Exposure (CVE) ID: CVE-2017-8601
BugTraq ID: 99420
http://www.securityfocus.com/bid/99420
https://www.exploit-db.com/exploits/42479/
Common Vulnerability Exposure (CVE) ID: CVE-2017-8602
BugTraq ID: 99390
http://www.securityfocus.com/bid/99390
Common Vulnerability Exposure (CVE) ID: CVE-2017-0170
BugTraq ID: 99398
http://www.securityfocus.com/bid/99398
http://www.securitytracker.com/id/1038855
Common Vulnerability Exposure (CVE) ID: CVE-2017-8463
BugTraq ID: 99389
http://www.securityfocus.com/bid/99389
http://www.securitytracker.com/id/1038850
Common Vulnerability Exposure (CVE) ID: CVE-2017-8603
BugTraq ID: 99406
http://www.securityfocus.com/bid/99406
Common Vulnerability Exposure (CVE) ID: CVE-2017-8604
BugTraq ID: 99407
http://www.securityfocus.com/bid/99407
Common Vulnerability Exposure (CVE) ID: CVE-2017-8605
BugTraq ID: 99388
http://www.securityfocus.com/bid/99388
Common Vulnerability Exposure (CVE) ID: CVE-2017-8606
BugTraq ID: 99408
http://www.securityfocus.com/bid/99408
http://www.securitytracker.com/id/1038848
Common Vulnerability Exposure (CVE) ID: CVE-2017-8607
BugTraq ID: 99410
http://www.securityfocus.com/bid/99410
Common Vulnerability Exposure (CVE) ID: CVE-2017-8467
BugTraq ID: 99409
http://www.securityfocus.com/bid/99409
http://www.securitytracker.com/id/1038853
Common Vulnerability Exposure (CVE) ID: CVE-2017-8486
BugTraq ID: 99414
http://www.securityfocus.com/bid/99414
Common Vulnerability Exposure (CVE) ID: CVE-2017-8608
BugTraq ID: 99412
http://www.securityfocus.com/bid/99412
Common Vulnerability Exposure (CVE) ID: CVE-2017-8609
BugTraq ID: 99418
http://www.securityfocus.com/bid/99418
Common Vulnerability Exposure (CVE) ID: CVE-2017-8611
BugTraq ID: 99391
http://www.securityfocus.com/bid/99391
Common Vulnerability Exposure (CVE) ID: CVE-2017-8618
BugTraq ID: 99399
http://www.securityfocus.com/bid/99399
https://www.exploit-db.com/exploits/42337/
Common Vulnerability Exposure (CVE) ID: CVE-2017-8495
BugTraq ID: 99424
http://www.securityfocus.com/bid/99424
https://www.orpheus-lyre.info/
http://www.securitytracker.com/id/1038862
Common Vulnerability Exposure (CVE) ID: CVE-2017-8556
BugTraq ID: 99439
http://www.securityfocus.com/bid/99439
http://www.securitytracker.com/id/1038856
Common Vulnerability Exposure (CVE) ID: CVE-2017-8619
BugTraq ID: 99392
http://www.securityfocus.com/bid/99392
Common Vulnerability Exposure (CVE) ID: CVE-2017-8557
BugTraq ID: 99387
http://www.securityfocus.com/bid/99387
Common Vulnerability Exposure (CVE) ID: CVE-2017-8561
BugTraq ID: 99426
http://www.securityfocus.com/bid/99426
Common Vulnerability Exposure (CVE) ID: CVE-2017-8562
BugTraq ID: 99397
http://www.securityfocus.com/bid/99397
Common Vulnerability Exposure (CVE) ID: CVE-2017-8563
BugTraq ID: 99402
http://www.securityfocus.com/bid/99402
Common Vulnerability Exposure (CVE) ID: CVE-2017-8564
BugTraq ID: 99428
http://www.securityfocus.com/bid/99428
https://www.exploit-db.com/exploits/42338/
Common Vulnerability Exposure (CVE) ID: CVE-2017-8565
BugTraq ID: 99394
http://www.securityfocus.com/bid/99394
http://www.securitytracker.com/id/1038854
Common Vulnerability Exposure (CVE) ID: CVE-2017-8566
BugTraq ID: 99404
http://www.securityfocus.com/bid/99404
Common Vulnerability Exposure (CVE) ID: CVE-2017-8573
BugTraq ID: 99431
http://www.securityfocus.com/bid/99431
Common Vulnerability Exposure (CVE) ID: CVE-2017-8574
BugTraq ID: 99438
http://www.securityfocus.com/bid/99438
Common Vulnerability Exposure (CVE) ID: CVE-2017-8577
BugTraq ID: 99416
http://www.securityfocus.com/bid/99416
Common Vulnerability Exposure (CVE) ID: CVE-2017-8578
BugTraq ID: 99419
http://www.securityfocus.com/bid/99419
Common Vulnerability Exposure (CVE) ID: CVE-2017-8580
BugTraq ID: 99421
http://www.securityfocus.com/bid/99421
Common Vulnerability Exposure (CVE) ID: CVE-2017-8581
BugTraq ID: 99423
http://www.securityfocus.com/bid/99423
Common Vulnerability Exposure (CVE) ID: CVE-2017-8582
BugTraq ID: 99429
http://www.securityfocus.com/bid/99429
http://www.securitytracker.com/id/1038863
Common Vulnerability Exposure (CVE) ID: CVE-2017-8584
BugTraq ID: 99434
http://www.securityfocus.com/bid/99434
http://www.securitytracker.com/id/1038865
Common Vulnerability Exposure (CVE) ID: CVE-2017-8585
BugTraq ID: 99432
http://www.securityfocus.com/bid/99432
RedHat Security Advisories: RHSA-2017:3248
https://access.redhat.com/errata/RHSA-2017:3248
http://www.securitytracker.com/id/1038864
Common Vulnerability Exposure (CVE) ID: CVE-2017-8588
BugTraq ID: 99400
http://www.securityfocus.com/bid/99400
http://www.securitytracker.com/id/1038857
Common Vulnerability Exposure (CVE) ID: CVE-2017-8589
BugTraq ID: 99425
http://www.securityfocus.com/bid/99425
http://www.securitytracker.com/id/1038866
Common Vulnerability Exposure (CVE) ID: CVE-2017-8590
BugTraq ID: 99427
http://www.securityfocus.com/bid/99427
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.