English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.815020
Kategorie:Windows : Microsoft Bulletins
Titel:Microsoft Windows Multiple Vulnerabilities (KB4493464)
Zusammenfassung:This host is missing a critical security; update according to Microsoft KB4493464
Beschreibung:Summary:
This host is missing a critical security
update according to Microsoft KB4493464

Vulnerability Insight:
Multiple flaws exist due to:

- The scripting engine improperly handles objects in memory in Microsoft Edge.

- Windows AppX Deployment Service (AppXSVC) improperly handles hard links.

- Windows kernel improperly handles objects in memory.

- The IOleCvt interface improperly renders ASP webpage content.

- The scripting engine improperly handles objects in memory in Internet Explorer.

- Windows improperly handles calls to the LUAFV driver.

- Windows GDI component improperly discloses the contents of its memory.

- Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle
objects in memory.

- Microsoft XML Core Services MSXML parser improperly processes user input.

- OLE automation improperly handles objects in memory.

- Windows Task Scheduler improperly discloses credentials to Windows Credential
Manager.

- Terminal Services component improperly discloses the contents of its memory.

- The Win32k component fails to properly handle objects in memory.

- The win32k component improperly provides kernel information.

- Windows Jet Database Engine improperly handles objects in memory.

- Windows improperly handles objects in memory.

- Microsoft browsers do not properly validate input under specific conditions.

- An error in the Microsoft Server Message Block (SMB) Server when an attacker
with valid credentials attempts to open a specially crafted file over the SMB
protocol on the same machine.

- Windows TCP/IP stack improperly handles fragmented IP packets.

- Windows DirectX improperly handles objects in memory.

Vulnerability Impact:
Successful exploitation will allow an attacker
to escalate privileges, run arbitrary code, disclose sensitive information,
bypass security restrictions and compromise the user's system.

Affected Software/OS:
- Microsoft Windows 10 Version 1803 for 32-bit Systems

- Microsoft Windows 10 Version 1803 for x64-based Systems

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2019-0685
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0685
Common Vulnerability Exposure (CVE) ID: CVE-2019-0688
BugTraq ID: 107685
http://www.securityfocus.com/bid/107685
https://arxiv.org/pdf/1906.10478.pdf
Common Vulnerability Exposure (CVE) ID: CVE-2019-0730
https://www.exploit-db.com/exploits/46713/
http://packetstormsecurity.com/files/152533/Microsoft-Windows-LUAFV-Delayed-Virtualization-MAXIMUM_ACCESS-DesiredAccess-Privilege-Escalation.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0730
Common Vulnerability Exposure (CVE) ID: CVE-2019-0848
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0848
Common Vulnerability Exposure (CVE) ID: CVE-2019-0849
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0849
Common Vulnerability Exposure (CVE) ID: CVE-2019-0731
https://www.exploit-db.com/exploits/46714/
http://packetstormsecurity.com/files/152534/Microsoft-Windows-LUAFV-Delayed-Virtualization-Cross-Process-Handle-Duplication-Privilege-Escalation.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0731
Common Vulnerability Exposure (CVE) ID: CVE-2019-0732
https://www.exploit-db.com/exploits/46716/
http://packetstormsecurity.com/files/152536/Microsoft-Windows-LUAFV-NtSetCachedSigningLevel-Device-Guard-Bypass.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0732
Common Vulnerability Exposure (CVE) ID: CVE-2019-0851
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0851
Common Vulnerability Exposure (CVE) ID: CVE-2019-0853
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0853
https://www.zerodayinitiative.com/advisories/ZDI-19-362/
https://www.zerodayinitiative.com/advisories/ZDI-19-363/
Common Vulnerability Exposure (CVE) ID: CVE-2019-0856
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0856
Common Vulnerability Exposure (CVE) ID: CVE-2019-0735
https://www.exploit-db.com/exploits/46712/
http://packetstormsecurity.com/files/152532/Microsoft-Windows-CSRSS-SxSSrv-Cached-Manifest-Privilege-Escalation.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0735
Common Vulnerability Exposure (CVE) ID: CVE-2019-0739
BugTraq ID: 107708
http://www.securityfocus.com/bid/107708
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0739
Common Vulnerability Exposure (CVE) ID: CVE-2019-0752
http://packetstormsecurity.com/files/153078/Microsoft-Internet-Explorer-Windows-10-1809-17763.316-Memory-Corruption.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0752
https://www.zerodayinitiative.com/advisories/ZDI-19-359/
Common Vulnerability Exposure (CVE) ID: CVE-2019-0753
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0753
Common Vulnerability Exposure (CVE) ID: CVE-2019-0764
BugTraq ID: 107731
http://www.securityfocus.com/bid/107731
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0764
Common Vulnerability Exposure (CVE) ID: CVE-2019-0859
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0859
Common Vulnerability Exposure (CVE) ID: CVE-2019-0860
BugTraq ID: 107722
http://www.securityfocus.com/bid/107722
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0860
Common Vulnerability Exposure (CVE) ID: CVE-2019-0861
BugTraq ID: 107724
http://www.securityfocus.com/bid/107724
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0861
Common Vulnerability Exposure (CVE) ID: CVE-2019-0862
BugTraq ID: 107727
http://www.securityfocus.com/bid/107727
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0862
Common Vulnerability Exposure (CVE) ID: CVE-2019-0786
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0786
Common Vulnerability Exposure (CVE) ID: CVE-2019-0790
BugTraq ID: 107702
http://www.securityfocus.com/bid/107702
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0790
Common Vulnerability Exposure (CVE) ID: CVE-2019-0791
BugTraq ID: 107726
http://www.securityfocus.com/bid/107726
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0791
Common Vulnerability Exposure (CVE) ID: CVE-2019-0877
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0877
Common Vulnerability Exposure (CVE) ID: CVE-2019-0879
BugTraq ID: 107741
http://www.securityfocus.com/bid/107741
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0879
Common Vulnerability Exposure (CVE) ID: CVE-2019-0792
BugTraq ID: 107728
http://www.securityfocus.com/bid/107728
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0792
Common Vulnerability Exposure (CVE) ID: CVE-2019-0793
BugTraq ID: 107729
http://www.securityfocus.com/bid/107729
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0793
Common Vulnerability Exposure (CVE) ID: CVE-2019-0794
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0794
Common Vulnerability Exposure (CVE) ID: CVE-2019-0795
BugTraq ID: 107732
http://www.securityfocus.com/bid/107732
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0795
Common Vulnerability Exposure (CVE) ID: CVE-2019-0796
https://www.exploit-db.com/exploits/46715/
http://packetstormsecurity.com/files/152535/Microsoft-Windows-LUAFV-LuafvCopyShortName-Arbitrary-Short-Name-Privilege-Escalation.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0796
Common Vulnerability Exposure (CVE) ID: CVE-2019-0806
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0806
Common Vulnerability Exposure (CVE) ID: CVE-2019-0810
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0810
https://www.zerodayinitiative.com/advisories/ZDI-19-361/
Common Vulnerability Exposure (CVE) ID: CVE-2019-0812
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0812
Common Vulnerability Exposure (CVE) ID: CVE-2019-0814
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0814
Common Vulnerability Exposure (CVE) ID: CVE-2019-0829
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0829
Common Vulnerability Exposure (CVE) ID: CVE-2019-0835
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0835
Common Vulnerability Exposure (CVE) ID: CVE-2019-0836
BugTraq ID: 107719
http://www.securityfocus.com/bid/107719
https://www.exploit-db.com/exploits/46718/
http://packetstormsecurity.com/files/152538/Microsoft-Windows-LUAFV-PostLuafvPostReadWrite-SECTION_OBJECT_POINTERS-Race-Condition.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0836
Common Vulnerability Exposure (CVE) ID: CVE-2019-0837
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0837
Common Vulnerability Exposure (CVE) ID: CVE-2019-0838
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0838
Common Vulnerability Exposure (CVE) ID: CVE-2019-0839
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0839
Common Vulnerability Exposure (CVE) ID: CVE-2019-0840
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0840
Common Vulnerability Exposure (CVE) ID: CVE-2019-0841
https://www.exploit-db.com/exploits/46683/
http://packetstormsecurity.com/files/152463/Microsoft-Windows-AppX-Deployment-Service-Privilege-Escalation.html
http://packetstormsecurity.com/files/153009/Internet-Explorer-JavaScript-Privilege-Escalation.html
http://packetstormsecurity.com/files/153114/Microsoft-Windows-AppX-Deployment-Service-Local-Privilege-Escalation.html
http://packetstormsecurity.com/files/153215/Microsoft-Windows-AppX-Deployment-Service-Local-Privilege-Escalation.html
http://packetstormsecurity.com/files/153642/AppXSvc-Hard-Link-Privilege-Escalation.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0841
https://www.zerodayinitiative.com/advisories/ZDI-19-360/
Common Vulnerability Exposure (CVE) ID: CVE-2019-0842
BugTraq ID: 107725
http://www.securityfocus.com/bid/107725
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0842
Common Vulnerability Exposure (CVE) ID: CVE-2019-0844
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0844
Common Vulnerability Exposure (CVE) ID: CVE-2019-0845
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0845
Common Vulnerability Exposure (CVE) ID: CVE-2019-0846
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0846
Common Vulnerability Exposure (CVE) ID: CVE-2019-0847
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0847
Common Vulnerability Exposure (CVE) ID: CVE-2019-0802
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0802
Common Vulnerability Exposure (CVE) ID: CVE-2019-0803
http://packetstormsecurity.com/files/153034/Microsoft-Windows-Win32k-Privilege-Escalation.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0803
Common Vulnerability Exposure (CVE) ID: CVE-2019-0805
https://www.exploit-db.com/exploits/46717/
http://packetstormsecurity.com/files/152537/Microsoft-Windows-LUAFV-Delayed-Virtualization-Cache-Manager-Poisoning-Privilege-Escalation.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0805
Common Vulnerability Exposure (CVE) ID: CVE-2017-5715
BugTraq ID: 102376
http://www.securityfocus.com/bid/102376
Bugtraq: 20190624 [SECURITY] [DSA 4469-1] libvirt security update (Google Search)
https://seclists.org/bugtraq/2019/Jun/36
Bugtraq: 20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu (Google Search)
https://seclists.org/bugtraq/2019/Nov/16
CERT/CC vulnerability note: VU#180049
https://www.kb.cert.org/vuls/id/180049
CERT/CC vulnerability note: VU#584653
http://www.kb.cert.org/vuls/id/584653
Cisco Security Advisory: 20180104 CPU Side-Channel Information Disclosure Vulnerabilities
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel
Debian Security Information: DSA-4120 (Google Search)
https://www.debian.org/security/2018/dsa-4120
Debian Security Information: DSA-4187 (Google Search)
https://www.debian.org/security/2018/dsa-4187
Debian Security Information: DSA-4188 (Google Search)
https://www.debian.org/security/2018/dsa-4188
Debian Security Information: DSA-4213 (Google Search)
https://www.debian.org/security/2018/dsa-4213
https://www.exploit-db.com/exploits/43427/
FreeBSD Security Advisory: FreeBSD-SA-18:03
https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.asc
https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc
https://security.gentoo.org/glsa/201810-06
http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html
http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html
https://spectreattack.com/
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html
https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html
https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html
https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html
https://lists.debian.org/debian-lts-announce/2020/03/msg00025.html
https://lists.debian.org/debian-lts-announce/2021/08/msg00019.html
RedHat Security Advisories: RHSA-2018:0292
https://access.redhat.com/errata/RHSA-2018:0292
http://www.securitytracker.com/id/1040071
SuSE Security Announcement: SUSE-SU-2018:0006 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00002.html
SuSE Security Announcement: SUSE-SU-2018:0007 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00003.html
SuSE Security Announcement: SUSE-SU-2018:0008 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html
SuSE Security Announcement: SUSE-SU-2018:0009 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00005.html
SuSE Security Announcement: SUSE-SU-2018:0010 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html
SuSE Security Announcement: SUSE-SU-2018:0011 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html
SuSE Security Announcement: SUSE-SU-2018:0012 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html
SuSE Security Announcement: SUSE-SU-2018:0019 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00012.html
SuSE Security Announcement: SUSE-SU-2018:0020 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00013.html
SuSE Security Announcement: openSUSE-SU-2018:0013 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00009.html
SuSE Security Announcement: openSUSE-SU-2018:0022 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html
SuSE Security Announcement: openSUSE-SU-2018:0023 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html
https://usn.ubuntu.com/usn/usn-3516-1/
https://usn.ubuntu.com/3531-1/
https://usn.ubuntu.com/3531-3/
https://usn.ubuntu.com/3540-2/
https://usn.ubuntu.com/3541-2/
https://usn.ubuntu.com/3542-2/
https://usn.ubuntu.com/3549-1/
https://usn.ubuntu.com/3560-1/
https://usn.ubuntu.com/3561-1/
https://usn.ubuntu.com/3580-1/
https://usn.ubuntu.com/3581-1/
https://usn.ubuntu.com/3581-2/
https://usn.ubuntu.com/3582-1/
https://usn.ubuntu.com/3582-2/
https://usn.ubuntu.com/3594-1/
https://usn.ubuntu.com/3597-1/
https://usn.ubuntu.com/3597-2/
https://usn.ubuntu.com/3620-2/
https://usn.ubuntu.com/3690-1/
https://usn.ubuntu.com/3777-3/
Common Vulnerability Exposure (CVE) ID: CVE-2017-5753
BugTraq ID: 102371
http://www.securityfocus.com/bid/102371
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html
https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html
https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html
https://usn.ubuntu.com/3540-1/
https://usn.ubuntu.com/3541-1/
https://usn.ubuntu.com/3542-1/
Common Vulnerability Exposure (CVE) ID: CVE-2017-5754
BugTraq ID: 102378
http://www.securityfocus.com/bid/102378
BugTraq ID: 106128
http://www.securityfocus.com/bid/106128
Debian Security Information: DSA-4078 (Google Search)
https://www.debian.org/security/2018/dsa-4078
Debian Security Information: DSA-4082 (Google Search)
https://www.debian.org/security/2018/dsa-4082
https://meltdownattack.com/
https://www.oracle.com/security-alerts/cpuapr2020.html
https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html
https://usn.ubuntu.com/usn/usn-3522-2/
https://usn.ubuntu.com/3522-3/
https://usn.ubuntu.com/3522-4/
https://usn.ubuntu.com/3523-1/
https://usn.ubuntu.com/usn/usn-3523-2/
https://usn.ubuntu.com/usn/usn-3524-2/
https://usn.ubuntu.com/usn/usn-3525-1/
https://usn.ubuntu.com/3583-1/
Common Vulnerability Exposure (CVE) ID: CVE-2019-0671
BugTraq ID: 106928
http://www.securityfocus.com/bid/106928
Common Vulnerability Exposure (CVE) ID: CVE-2019-0673
BugTraq ID: 106930
http://www.securityfocus.com/bid/106930
Common Vulnerability Exposure (CVE) ID: CVE-2019-0674
BugTraq ID: 106931
http://www.securityfocus.com/bid/106931
Common Vulnerability Exposure (CVE) ID: CVE-2019-0694
CopyrightCopyright (C) 2019 Greenbone Networks GmbH

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.