English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.815439
Category:Windows : Microsoft Bulletins
Title:Microsoft Windows Multiple Vulnerabilities (KB4512488)
Summary:This host is missing a critical security; update according to Microsoft KB4512488
Description:Summary:
This host is missing a critical security
update according to Microsoft KB4512488

Vulnerability Insight:
Multiple flaws exist due to:

- Windows improperly handles objects in memory.

- Microsoft Hyper-V Network Switch on a host server fails to properly
validate input from a privileged user on a guest operating system.

- Windows font library improperly handles specially crafted embedded
fonts.

- Windows improperly handles calls to Advanced Local Procedure Call (ALPC).

- Windows Jet Database Engine improperly handles objects in memory.

- Windows GDI component improperly discloses the contents of its memory.

- Windows kernel fails to properly handle objects in memory.

- Microsoft XML Core Services MSXML parser improperly processes user input.

Vulnerability Impact:
Successful exploitation will allow an attacker
to cause a target system to stop responding, run arbitrary code on the client
machine and obtain information to further compromise a user's system.

Affected Software/OS:
- Microsoft Windows 8.1 for 32-bit/x64

- Microsoft Windows Server 2012 R2

Solution:
The vendor has released updates. Please see
the references for more information.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2019-0714
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0714
Common Vulnerability Exposure (CVE) ID: CVE-2019-0715
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0715
Common Vulnerability Exposure (CVE) ID: CVE-2019-0716
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0716
Common Vulnerability Exposure (CVE) ID: CVE-2019-1168
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1168
Common Vulnerability Exposure (CVE) ID: CVE-2019-1172
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1172
Common Vulnerability Exposure (CVE) ID: CVE-2019-0718
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0718
Common Vulnerability Exposure (CVE) ID: CVE-2019-0720
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0720
Common Vulnerability Exposure (CVE) ID: CVE-2019-0723
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0723
Common Vulnerability Exposure (CVE) ID: CVE-2019-0736
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0736
Common Vulnerability Exposure (CVE) ID: CVE-2019-1177
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1177
Common Vulnerability Exposure (CVE) ID: CVE-2019-1178
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1178
Common Vulnerability Exposure (CVE) ID: CVE-2019-1057
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1057
Common Vulnerability Exposure (CVE) ID: CVE-2019-1078
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1078
Common Vulnerability Exposure (CVE) ID: CVE-2019-1180
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1180
Common Vulnerability Exposure (CVE) ID: CVE-2019-1181
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190819-01-windows-en
https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdf
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181
Common Vulnerability Exposure (CVE) ID: CVE-2019-1133
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1133
Common Vulnerability Exposure (CVE) ID: CVE-2019-1182
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182
Common Vulnerability Exposure (CVE) ID: CVE-2019-1183
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1183
Common Vulnerability Exposure (CVE) ID: CVE-2019-1145
http://packetstormsecurity.com/files/154081/Microsoft-Font-Subsetting-DLL-MergeFontPackage-Dangling-Pointer.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1145
Common Vulnerability Exposure (CVE) ID: CVE-2019-1146
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1146
Common Vulnerability Exposure (CVE) ID: CVE-2019-1147
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1147
Common Vulnerability Exposure (CVE) ID: CVE-2019-1192
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1192
Common Vulnerability Exposure (CVE) ID: CVE-2019-1193
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1193
Common Vulnerability Exposure (CVE) ID: CVE-2019-1194
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1194
Common Vulnerability Exposure (CVE) ID: CVE-2019-1148
http://packetstormsecurity.com/files/154084/Microsoft-Font-Subsetting-DLL-GetGlyphId-Out-Of-Bounds-Read.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1148
Common Vulnerability Exposure (CVE) ID: CVE-2019-1149
http://packetstormsecurity.com/files/154086/Microsoft-Font-Subsetting-DLL-FixSbitSubTables-Heap-Corruption.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1149
Common Vulnerability Exposure (CVE) ID: CVE-2019-1150
http://packetstormsecurity.com/files/154087/Microsoft-Font-Subsetting-DLL-ReadTableIntoStructure-Heap-Corruption.html
http://packetstormsecurity.com/files/154093/Microsoft-Font-Subsetting-DLL-WriteTableFromStructure-Out-Of-Bounds-Read.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1150
Common Vulnerability Exposure (CVE) ID: CVE-2019-1151
http://packetstormsecurity.com/files/154092/Microsoft-Font-Subsetting-DLL-ReadAllocFormat12CharGlyphMapList-Heap-Corruption.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1151
Common Vulnerability Exposure (CVE) ID: CVE-2019-1152
http://packetstormsecurity.com/files/154096/Microsoft-Font-Subsetting-DLL-MakeFormat12MergedGlyphList-Heap-Corruption.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1152
Common Vulnerability Exposure (CVE) ID: CVE-2019-1206
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1206
Common Vulnerability Exposure (CVE) ID: CVE-2019-1212
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1212
Common Vulnerability Exposure (CVE) ID: CVE-2019-1153
http://packetstormsecurity.com/files/154098/Microsoft-Font-Subsetting-DLL-FixSbitSubTableFormat1-Out-Of-Bounds-Read.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1153
Common Vulnerability Exposure (CVE) ID: CVE-2019-1155
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1155
Common Vulnerability Exposure (CVE) ID: CVE-2019-9506
CERT/CC vulnerability note: VU#918987
https://www.kb.cert.org/vuls/id/918987/
http://seclists.org/fulldisclosure/2019/Aug/11
http://seclists.org/fulldisclosure/2019/Aug/13
http://seclists.org/fulldisclosure/2019/Aug/14
http://seclists.org/fulldisclosure/2019/Aug/15
http://www.cs.ox.ac.uk/publications/publication12404-abstract.html
https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli
https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html
https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html
https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html
RedHat Security Advisories: RHSA-2019:2975
https://access.redhat.com/errata/RHSA-2019:2975
RedHat Security Advisories: RHSA-2019:3055
https://access.redhat.com/errata/RHSA-2019:3055
RedHat Security Advisories: RHSA-2019:3076
https://access.redhat.com/errata/RHSA-2019:3076
RedHat Security Advisories: RHSA-2019:3089
https://access.redhat.com/errata/RHSA-2019:3089
RedHat Security Advisories: RHSA-2019:3165
https://access.redhat.com/errata/RHSA-2019:3165
RedHat Security Advisories: RHSA-2019:3187
https://access.redhat.com/errata/RHSA-2019:3187
RedHat Security Advisories: RHSA-2019:3217
https://access.redhat.com/errata/RHSA-2019:3217
RedHat Security Advisories: RHSA-2019:3218
https://access.redhat.com/errata/RHSA-2019:3218
RedHat Security Advisories: RHSA-2019:3220
https://access.redhat.com/errata/RHSA-2019:3220
RedHat Security Advisories: RHSA-2019:3231
https://access.redhat.com/errata/RHSA-2019:3231
RedHat Security Advisories: RHSA-2019:3309
https://access.redhat.com/errata/RHSA-2019:3309
RedHat Security Advisories: RHSA-2019:3517
https://access.redhat.com/errata/RHSA-2019:3517
RedHat Security Advisories: RHSA-2020:0204
https://access.redhat.com/errata/RHSA-2020:0204
SuSE Security Announcement: openSUSE-SU-2019:2307 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html
SuSE Security Announcement: openSUSE-SU-2019:2308 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html
https://usn.ubuntu.com/4115-1/
https://usn.ubuntu.com/4118-1/
https://usn.ubuntu.com/4147-1/
Common Vulnerability Exposure (CVE) ID: CVE-2019-1156
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1156
Common Vulnerability Exposure (CVE) ID: CVE-2019-1157
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1157
Common Vulnerability Exposure (CVE) ID: CVE-2019-1158
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1158
Common Vulnerability Exposure (CVE) ID: CVE-2019-1159
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1159
Common Vulnerability Exposure (CVE) ID: CVE-2019-1162
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1162
Common Vulnerability Exposure (CVE) ID: CVE-2019-1164
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1164
Common Vulnerability Exposure (CVE) ID: CVE-2019-1143
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1143
Common Vulnerability Exposure (CVE) ID: CVE-2019-1144
http://packetstormsecurity.com/files/154085/Microsoft-Font-Subsetting-DLL-MergeFormat12Cmap-MakeFormat12MergedGlyphList-Double-Free.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1144
Common Vulnerability Exposure (CVE) ID: CVE-2019-1187
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1187
CopyrightCopyright (C) 2019 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.