English | Deutsch | Español | Português
 Benutzerkennung:
 Passwort:
Registrieren
 About:   Dediziert  | Erweitert  | Standard  | Wiederkehrend  | Risikolos  | Desktop  | Basis  | Einmalig  | Sicherheits Siegel  | FAQ
  Preis/Funktionszusammenfassung  | Bestellen  | Neue Anfälligkeiten  | Vertraulichkeit  | Anfälligkeiten Suche
 Anfälligkeitssuche        Suche in 143769 CVE Beschreibungen
und 71225 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.814215
Kategorie:Windows : Microsoft Bulletins
Titel:Microsoft Windows Multiple Vulnerabilities (KB4457142)
Zusammenfassung:This host is missing a critical security; update according to Microsoft KB4457142
Beschreibung:Summary:
This host is missing a critical security
update according to Microsoft KB4457142

Vulnerability Insight:
Multiple flaw exists due to,

- An error in the way that the Chakra scripting engine handles objects in memory.

- An error when Microsoft Edge PDF Reader improperly handles objects in memory.

- An error when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles
objects in memory.

- An error when Internet Explorer improperly accesses objects in memory.

- An error in Windows that allows a sandbox escape.

- An error in Microsoft Edge that could allow an attacker to escape from the
AppContainer sandbox in the browser.

- An error in Internet Explorer due to how scripts are handled that allows a
universal cross-site scripting (UXSS) condition.

- An error when Windows Hyper-V on a host server fails to properly validate input
from an authenticated user on a guest operating system.

- An error when Microsoft Hyper-V Network Switch on a host server fails to properly
validate input from a privileged user on a guest operating system.

- An error in the Microsoft JET Database Engine that could allow remote code
execution on an affected system.

- An error when the Windows Kernel API improperly handles registry objects in memory.

- An error when the Windows kernel improperly handles objects in memory.

- An error when the Windows Graphics component improperly handles objects in memory.

- An error when Windows Hyper-V BIOS loader fails to provide a high-entropy source.

- An error when Windows Hyper-V on a host operating system fails to properly
validate input from an authenticated user on a guest operating system.

- An error when the Windows kernel fails to properly initialize a memory address.

- A security feature bypass exists when Device Guard incorrectly validates an
untrusted file.

- An error when Windows does not properly handle specially crafted image files.

- An error when the scripting engine does not properly handle objects in memory in
Microsoft browsers.

- An error in the way that the Windows Kernel handles objects in memory.

- An error when Windows Subsystem for Linux improperly handles case sensitivity.

- An error in the Microsoft Server Block Message (SMB) when an attacker sends
specially crafted requests to the server.

- Microsoft is aware of a denial of service vulnerability (named FragmentSmack
CVE-2018-5391) affecting Windows systems.

- An error when the Windows font library improperly handles specially crafted
embedded fonts.

- An error when the Microsoft XML Core Services MSXML parser processes user
input.

- An error when Windows improperly handles calls to Advanced Local Procedure
Call (ALPC).

- An error when the Windows GDI component improperly discloses the contents of its
memory.

- An error when Microsoft Edge improperly handles specific HTML content.

Vulnerability Impact:
Successful exploitation will allow remote
attacker to gain the same user rights as the current user, run processes in
an elevated context, escape sandbox, access any session, execute arbitrary code,
conduct a DoS condition, take complete control of an affected system, disclose
contents of System memory, gain access to sensitive information, bypass security
restrictions, make an unsigned file appear to be signed and replace or delete
arbitrary files.

Affected Software/OS:
Windows 10 Version 1709 for 32-bit Systems

Windows 10 Version 1709 for 64-based Systems

Solution:
Run Windows Update and update the
listed hotfixes or download and update mentioned hotfixes in the advisory
from the Reference link.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2018-5391
https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html
https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f
Debian Security Information: DSA-4272 (Google Search)
https://www.debian.org/security/2018/dsa-4272
RedHat Security Advisories: RHSA-2018:2785
https://access.redhat.com/errata/RHSA-2018:2785
RedHat Security Advisories: RHSA-2018:2791
https://access.redhat.com/errata/RHSA-2018:2791
RedHat Security Advisories: RHSA-2018:2846
https://access.redhat.com/errata/RHSA-2018:2846
RedHat Security Advisories: RHSA-2018:2924
https://access.redhat.com/errata/RHSA-2018:2924
RedHat Security Advisories: RHSA-2018:2925
https://access.redhat.com/errata/RHSA-2018:2925
RedHat Security Advisories: RHSA-2018:2933
https://access.redhat.com/errata/RHSA-2018:2933
RedHat Security Advisories: RHSA-2018:2948
https://access.redhat.com/errata/RHSA-2018:2948
RedHat Security Advisories: RHSA-2018:3083
https://access.redhat.com/errata/RHSA-2018:3083
RedHat Security Advisories: RHSA-2018:3096
https://access.redhat.com/errata/RHSA-2018:3096
RedHat Security Advisories: RHSA-2018:3459
https://access.redhat.com/errata/RHSA-2018:3459
RedHat Security Advisories: RHSA-2018:3540
https://access.redhat.com/errata/RHSA-2018:3540
RedHat Security Advisories: RHSA-2018:3586
https://access.redhat.com/errata/RHSA-2018:3586
RedHat Security Advisories: RHSA-2018:3590
https://access.redhat.com/errata/RHSA-2018:3590
https://usn.ubuntu.com/3740-1/
https://usn.ubuntu.com/3740-2/
https://usn.ubuntu.com/3741-1/
https://usn.ubuntu.com/3741-2/
https://usn.ubuntu.com/3742-1/
https://usn.ubuntu.com/3742-2/
CERT/CC vulnerability note: VU#641765
https://www.kb.cert.org/vuls/id/641765
BugTraq ID: 105108
http://www.securityfocus.com/bid/105108
http://www.securitytracker.com/id/1041476
http://www.securitytracker.com/id/1041637
Common Vulnerability Exposure (CVE) ID: CVE-2018-0965
BugTraq ID: 105229
http://www.securityfocus.com/bid/105229
http://www.securitytracker.com/id/1041624
Common Vulnerability Exposure (CVE) ID: CVE-2018-8271
BugTraq ID: 105247
http://www.securityfocus.com/bid/105247
http://www.securitytracker.com/id/1041635
Common Vulnerability Exposure (CVE) ID: CVE-2018-8315
BugTraq ID: 105251
http://www.securityfocus.com/bid/105251
http://www.securitytracker.com/id/1041623
Common Vulnerability Exposure (CVE) ID: CVE-2018-8332
BugTraq ID: 105248
http://www.securityfocus.com/bid/105248
http://www.securitytracker.com/id/1041628
Common Vulnerability Exposure (CVE) ID: CVE-2018-8335
BugTraq ID: 105224
http://www.securityfocus.com/bid/105224
http://www.securitytracker.com/id/1041634
Common Vulnerability Exposure (CVE) ID: CVE-2018-8337
BugTraq ID: 105250
http://www.securityfocus.com/bid/105250
Common Vulnerability Exposure (CVE) ID: CVE-2018-8354
BugTraq ID: 105232
http://www.securityfocus.com/bid/105232
Common Vulnerability Exposure (CVE) ID: CVE-2018-8367
BugTraq ID: 105245
http://www.securityfocus.com/bid/105245
Common Vulnerability Exposure (CVE) ID: CVE-2018-8392
BugTraq ID: 105213
http://www.securityfocus.com/bid/105213
http://www.securitytracker.com/id/1041625
Common Vulnerability Exposure (CVE) ID: CVE-2018-8393
BugTraq ID: 105214
http://www.securityfocus.com/bid/105214
Common Vulnerability Exposure (CVE) ID: CVE-2018-8410
https://www.exploit-db.com/exploits/45436/
BugTraq ID: 105256
http://www.securityfocus.com/bid/105256
Common Vulnerability Exposure (CVE) ID: CVE-2018-8419
BugTraq ID: 105238
http://www.securityfocus.com/bid/105238
Common Vulnerability Exposure (CVE) ID: CVE-2018-8420
BugTraq ID: 105259
http://www.securityfocus.com/bid/105259
http://www.securitytracker.com/id/1041627
Common Vulnerability Exposure (CVE) ID: CVE-2018-8421
BugTraq ID: 105222
http://www.securityfocus.com/bid/105222
http://www.securitytracker.com/id/1041636
Common Vulnerability Exposure (CVE) ID: CVE-2018-8424
BugTraq ID: 105261
http://www.securityfocus.com/bid/105261
Common Vulnerability Exposure (CVE) ID: CVE-2018-8425
BugTraq ID: 105255
http://www.securityfocus.com/bid/105255
Common Vulnerability Exposure (CVE) ID: CVE-2018-8433
BugTraq ID: 105264
http://www.securityfocus.com/bid/105264
Common Vulnerability Exposure (CVE) ID: CVE-2018-8434
BugTraq ID: 105239
http://www.securityfocus.com/bid/105239
Common Vulnerability Exposure (CVE) ID: CVE-2018-8435
BugTraq ID: 105240
http://www.securityfocus.com/bid/105240
Common Vulnerability Exposure (CVE) ID: CVE-2018-8438
BugTraq ID: 105249
http://www.securityfocus.com/bid/105249
Common Vulnerability Exposure (CVE) ID: CVE-2018-8439
BugTraq ID: 105233
http://www.securityfocus.com/bid/105233
Common Vulnerability Exposure (CVE) ID: CVE-2018-8440
https://blog.0patch.com/2018/08/how-we-micropatched-publicly-dropped.html
https://blog.0patch.com/2018/09/comparing-our-micropatch-with.html
BugTraq ID: 105153
http://www.securityfocus.com/bid/105153
http://www.securitytracker.com/id/1041578
Common Vulnerability Exposure (CVE) ID: CVE-2018-8442
BugTraq ID: 105234
http://www.securityfocus.com/bid/105234
Common Vulnerability Exposure (CVE) ID: CVE-2018-8443
BugTraq ID: 105228
http://www.securityfocus.com/bid/105228
Common Vulnerability Exposure (CVE) ID: CVE-2018-8446
BugTraq ID: 105217
http://www.securityfocus.com/bid/105217
Common Vulnerability Exposure (CVE) ID: CVE-2018-8447
BugTraq ID: 105257
http://www.securityfocus.com/bid/105257
http://www.securitytracker.com/id/1041632
Common Vulnerability Exposure (CVE) ID: CVE-2018-8449
https://www.exploit-db.com/exploits/45435/
BugTraq ID: 105272
http://www.securityfocus.com/bid/105272
http://www.securitytracker.com/id/1041642
Common Vulnerability Exposure (CVE) ID: CVE-2018-8452
BugTraq ID: 105252
http://www.securityfocus.com/bid/105252
Common Vulnerability Exposure (CVE) ID: CVE-2018-8455
BugTraq ID: 105211
http://www.securityfocus.com/bid/105211
Common Vulnerability Exposure (CVE) ID: CVE-2018-8456
BugTraq ID: 105227
http://www.securityfocus.com/bid/105227
Common Vulnerability Exposure (CVE) ID: CVE-2018-8457
BugTraq ID: 105207
http://www.securityfocus.com/bid/105207
Common Vulnerability Exposure (CVE) ID: CVE-2018-8461
BugTraq ID: 105258
http://www.securityfocus.com/bid/105258
Common Vulnerability Exposure (CVE) ID: CVE-2018-8462
BugTraq ID: 105274
http://www.securityfocus.com/bid/105274
http://www.securitytracker.com/id/1041629
Common Vulnerability Exposure (CVE) ID: CVE-2018-8464
BugTraq ID: 105265
http://www.securityfocus.com/bid/105265
Common Vulnerability Exposure (CVE) ID: CVE-2018-8465
BugTraq ID: 105242
http://www.securityfocus.com/bid/105242
Common Vulnerability Exposure (CVE) ID: CVE-2018-8466
https://www.exploit-db.com/exploits/45571/
BugTraq ID: 105243
http://www.securityfocus.com/bid/105243
Common Vulnerability Exposure (CVE) ID: CVE-2018-8467
https://www.exploit-db.com/exploits/45572/
BugTraq ID: 105244
http://www.securityfocus.com/bid/105244
Common Vulnerability Exposure (CVE) ID: CVE-2018-8468
https://www.exploit-db.com/exploits/45502/
BugTraq ID: 105275
http://www.securityfocus.com/bid/105275
Common Vulnerability Exposure (CVE) ID: CVE-2018-8469
BugTraq ID: 105263
http://www.securityfocus.com/bid/105263
Common Vulnerability Exposure (CVE) ID: CVE-2018-8470
BugTraq ID: 105267
http://www.securityfocus.com/bid/105267
Common Vulnerability Exposure (CVE) ID: CVE-2018-8475
BugTraq ID: 105277
http://www.securityfocus.com/bid/105277
http://www.securitytracker.com/id/1041626
CopyrightCopyright (C) 2018 Greenbone Networks GmbH

Dies ist nur einer von 71225 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Registrierung eines neuen Benutzers
Email:
Benutzerkennung:
Passwort:
Bitte schicken Sie mir den monatlichen Newsletter, der mich über die neuesten Services, Verbesserungen und Umfragen informiert.
Bitte schicken Sie mir eine Anfälligkeitstest Benachrichtigung, wenn ein neuer Test hinzugefügt wird.
   Datenschutz
Anmeldung für registrierte Benutzer
 
Benutzerkennung:   
Passwort:  

 Benutzerkennung oder Passwort vergessen?
Email/Benutzerkennung:




Startseite | Über uns | Kontakt | Partnerprogramme | Developer APIs | Datenschutz | Mailinglisten | Missbrauch
Sicherheits Überprüfungen | Verwaltete DNS | Netzwerk Überwachung | Webseiten Analysator | Internet Recherche Berichte
Web Sonde

© 1998-2019 E-Soft Inc. Alle Rechte vorbehalten.