English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.812767
Category:Windows : Microsoft Bulletins
Title:Microsoft Windows Multiple Vulnerabilities (KB4074598)
Summary:This host is missing a critical security; update according to Microsoft KB4074598
Description:Summary:
This host is missing a critical security
update according to Microsoft KB4074598

Vulnerability Insight:
Multiple flaws exist due to:

- The software fails to properly handle objects in memory.

- The Microsoft Windows Embedded OpenType (EOT) font engine fails to properly
parse specially crafted embedded fonts.

- The scripting engine improperly handles objects in memory.

- The Windows Common Log File System (CLFS) driver improperly handles objects
in memory.

- The VBScript improperly discloses the contents of its memory.

- The Windows Kernel handles objects in memory.

- The Windows kernel fails to properly initialize a memory address.

- Microsoft has deprecated the Document Signing functionality in XPS Viewer.

Vulnerability Impact:
Successful exploitation will allow an attacker
who successfully exploited the vulnerability to run arbitrary code in the
context of the current user, read data that was not intended to be disclosed,
gain the same user rights as the current user, obtain information to further
compromise the user's system, spoof content, perform phishing attacks, or
otherwise manipulate content of a document.

Affected Software/OS:
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1

- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-0742
BugTraq ID: 102937
http://www.securityfocus.com/bid/102937
http://www.securitytracker.com/id/1040373
Common Vulnerability Exposure (CVE) ID: CVE-2018-0755
BugTraq ID: 102934
http://www.securityfocus.com/bid/102934
http://www.securitytracker.com/id/1040374
Common Vulnerability Exposure (CVE) ID: CVE-2018-0757
BugTraq ID: 102947
http://www.securityfocus.com/bid/102947
Common Vulnerability Exposure (CVE) ID: CVE-2018-0760
BugTraq ID: 102953
http://www.securityfocus.com/bid/102953
Common Vulnerability Exposure (CVE) ID: CVE-2018-0761
BugTraq ID: 102952
http://www.securityfocus.com/bid/102952
Common Vulnerability Exposure (CVE) ID: CVE-2018-0810
BugTraq ID: 102938
http://www.securityfocus.com/bid/102938
Common Vulnerability Exposure (CVE) ID: CVE-2018-0820
BugTraq ID: 102945
http://www.securityfocus.com/bid/102945
Common Vulnerability Exposure (CVE) ID: CVE-2018-0825
BugTraq ID: 102920
http://www.securityfocus.com/bid/102920
http://www.securitytracker.com/id/1040366
Common Vulnerability Exposure (CVE) ID: CVE-2018-0829
BugTraq ID: 102948
http://www.securityfocus.com/bid/102948
Common Vulnerability Exposure (CVE) ID: CVE-2018-0830
BugTraq ID: 102949
http://www.securityfocus.com/bid/102949
Common Vulnerability Exposure (CVE) ID: CVE-2018-0840
BugTraq ID: 102886
http://www.securityfocus.com/bid/102886
https://www.exploit-db.com/exploits/44077/
http://www.securitytracker.com/id/1040369
http://www.securitytracker.com/id/1040372
Common Vulnerability Exposure (CVE) ID: CVE-2018-0842
BugTraq ID: 102946
http://www.securityfocus.com/bid/102946
http://www.securitytracker.com/id/1040371
Common Vulnerability Exposure (CVE) ID: CVE-2018-0844
BugTraq ID: 102929
http://www.securityfocus.com/bid/102929
http://www.securitytracker.com/id/1040380
Common Vulnerability Exposure (CVE) ID: CVE-2018-0846
BugTraq ID: 102931
http://www.securityfocus.com/bid/102931
Common Vulnerability Exposure (CVE) ID: CVE-2018-0847
BugTraq ID: 102861
http://www.securityfocus.com/bid/102861
http://www.securitytracker.com/id/1040370
Common Vulnerability Exposure (CVE) ID: CVE-2018-0855
BugTraq ID: 102936
http://www.securityfocus.com/bid/102936
Common Vulnerability Exposure (CVE) ID: CVE-2018-0866
BugTraq ID: 103032
http://www.securityfocus.com/bid/103032
https://www.exploit-db.com/exploits/44153/
CopyrightCopyright (C) 2018 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.