English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.814697
Kategorie:Windows : Microsoft Bulletins
Titel:Microsoft Windows Multiple Vulnerabilities (KB4489868)
Zusammenfassung:This host is missing a critical security; update according to Microsoft KB4489868
Beschreibung:Summary:
This host is missing a critical security
update according to Microsoft KB4489868

Vulnerability Insight:
Multiple flaws exist due to:

- Microsoft Edge does not properly enforce cross-domain policies.

- An error in way scripting engine handles objects in memory in Microsoft Edge.

- Click2Play protection in Microsoft Edge improperly handles flash objects.

- ChakraCore scripting engine improperly handles objects in memory.

- Windows Jet Database Engine improperly handles objects in memory.

- Windows GDI component improperly discloses the contents of its memory.

- Windows kernel improperly handles objects in memory.

- The win32k component improperly provides kernel information.

- Microsoft XML Core Services MSXML parser improperly processes user input.

- The Win32k component fails to properly handle objects in memory.

- Windows Print Spooler does not properly handle objects in memory.

- An integer overflow in Windows Subsystem for Linux.

- Microsoft Hyper-V Network Switch on a host server fails to properly
validate input from a privileged user on a guest operating system.

- Windows kernel fails to properly handle objects in memory.

- Windows DHCP client does not validate specially crafted DHCP responses
to a client.

- Microsoft Hyper-V on a host server fails to properly validate input from
a privileged user on a guest operating system.

- Windows SMB Server fails to properly handle handles certain requests.

- VBScript engine improperly handles objects in memory.

- Windows Deployment Services TFTP Server improperly handles objects in
memory.

- Windows AppX Deployment Server allows file creation in arbitrary
locations.

- Microsoft browsers improperly handle requests of different origins.

- Internet Explorer improperly accesses objects in memory.

- Internet Explorer fails to validate the correct Security Zone of requests
for specific URLs.

- The ActiveX Data objects (ADO) improperly handles objects in memory.

- Internet Explorer VBScript execution policy does not properly restrict
VBScript under specific conditions, and to allow requests that should otherwise
be ignored.

Vulnerability Impact:
Successful exploitation will allow
an attacker to elevate privileges, execute arbitrary code on a victim system,
cause a target system to stop responding and bypass security restrictions.

Affected Software/OS:
- Microsoft Windows 10 Version 1803 for 32-bit Systems

- Microsoft Windows 10 Version 1803 for x64-based Systems

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2019-0603
Common Vulnerability Exposure (CVE) ID: CVE-2019-0609
Common Vulnerability Exposure (CVE) ID: CVE-2019-0780
Common Vulnerability Exposure (CVE) ID: CVE-2019-0782
Common Vulnerability Exposure (CVE) ID: CVE-2019-0783
Common Vulnerability Exposure (CVE) ID: CVE-2019-0611
Common Vulnerability Exposure (CVE) ID: CVE-2019-0612
Common Vulnerability Exposure (CVE) ID: CVE-2019-0614
Common Vulnerability Exposure (CVE) ID: CVE-2019-0617
Common Vulnerability Exposure (CVE) ID: CVE-2019-0784
Common Vulnerability Exposure (CVE) ID: CVE-2019-0797
Common Vulnerability Exposure (CVE) ID: CVE-2019-0821
Common Vulnerability Exposure (CVE) ID: CVE-2019-0678
Common Vulnerability Exposure (CVE) ID: CVE-2019-0680
Common Vulnerability Exposure (CVE) ID: CVE-2019-0682
Common Vulnerability Exposure (CVE) ID: CVE-2019-0689
Common Vulnerability Exposure (CVE) ID: CVE-2019-0690
Common Vulnerability Exposure (CVE) ID: CVE-2019-0692
Common Vulnerability Exposure (CVE) ID: CVE-2019-0693
Common Vulnerability Exposure (CVE) ID: CVE-2019-0694
Common Vulnerability Exposure (CVE) ID: CVE-2019-0695
Common Vulnerability Exposure (CVE) ID: CVE-2019-0696
Common Vulnerability Exposure (CVE) ID: CVE-2019-0697
Common Vulnerability Exposure (CVE) ID: CVE-2019-0698
Common Vulnerability Exposure (CVE) ID: CVE-2019-0701
Common Vulnerability Exposure (CVE) ID: CVE-2019-0702
Common Vulnerability Exposure (CVE) ID: CVE-2019-0703
Common Vulnerability Exposure (CVE) ID: CVE-2019-0704
Common Vulnerability Exposure (CVE) ID: CVE-2019-0726
Common Vulnerability Exposure (CVE) ID: CVE-2019-0746
Common Vulnerability Exposure (CVE) ID: CVE-2019-0754
Common Vulnerability Exposure (CVE) ID: CVE-2019-0755
http://packetstormsecurity.com/files/153407/Microsoft-Windows-CmpAddRemoveContainerToCLFSLog-Arbitrary-File-Directory-Creation.html
http://packetstormsecurity.com/files/153408/Microsoft-Windows-Font-Cache-Service-Insecure-Sections.html
Common Vulnerability Exposure (CVE) ID: CVE-2019-0756
Common Vulnerability Exposure (CVE) ID: CVE-2019-0759
Common Vulnerability Exposure (CVE) ID: CVE-2019-0761
Common Vulnerability Exposure (CVE) ID: CVE-2019-0762
Common Vulnerability Exposure (CVE) ID: CVE-2019-0763
Common Vulnerability Exposure (CVE) ID: CVE-2019-0765
Common Vulnerability Exposure (CVE) ID: CVE-2019-0766
Common Vulnerability Exposure (CVE) ID: CVE-2019-0767
Common Vulnerability Exposure (CVE) ID: CVE-2019-0768
Common Vulnerability Exposure (CVE) ID: CVE-2019-0769
Common Vulnerability Exposure (CVE) ID: CVE-2019-0770
Common Vulnerability Exposure (CVE) ID: CVE-2019-0771
Common Vulnerability Exposure (CVE) ID: CVE-2019-0772
Common Vulnerability Exposure (CVE) ID: CVE-2019-0773
Common Vulnerability Exposure (CVE) ID: CVE-2019-0774
Common Vulnerability Exposure (CVE) ID: CVE-2019-0775
Common Vulnerability Exposure (CVE) ID: CVE-2019-0776
Common Vulnerability Exposure (CVE) ID: CVE-2019-0639
https://www.zerodayinitiative.com/advisories/ZDI-20-122/
Common Vulnerability Exposure (CVE) ID: CVE-2019-0665
Common Vulnerability Exposure (CVE) ID: CVE-2019-0666
Common Vulnerability Exposure (CVE) ID: CVE-2019-0667
Common Vulnerability Exposure (CVE) ID: CVE-2019-0601
BugTraq ID: 106883
http://www.securityfocus.com/bid/106883
CopyrightCopyright (C) 2019 Greenbone Networks GmbH

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.