Windows : Microsoft Bulletins : Microsoft Windows Kernel-Mode Drivers Privilege Escalation Vulnerabilities (2984615)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.804807

Categoría: Windows : Microsoft Bulletins

Título: Microsoft Windows Kernel-Mode Drivers Privilege Escalation Vulnerabilities (2984615)

Resumen: This host is missing an important security update according to; Microsoft Bulletin MS14-045.

Descripción: Summary:
This host is missing an important security update according to
Microsoft Bulletin MS14-045.

Vulnerability Insight:
Multiple flaws exist due to:

- An error within win32k.sys when handling window handle thread-owned objects.

- A double fetch error within win32k.sys when processing font files.

- An error related to Windows kernel pool.

Vulnerability Impact:
Successful exploitation will allow attackers to disclose certain sensitive
information and gain escalated privileges.

Affected Software/OS:
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior

- Microsoft Windows Vista x32/x64 Service Pack 2 and prior

- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior

- Microsoft Windows 7 x32/x64 Service Pack 1 and prior

- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

- Microsoft Windows 8 x32/x64

- Microsoft Windows 8.1 x32/x64

- Microsoft Windows Server 2012/R2

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2014-0318
BugTraq ID: 69142
http://www.securityfocus.com/bid/69142
Microsoft Security Bulletin: MS14-045
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-045
http://secunia.com/advisories/60673
Common Vulnerability Exposure (CVE) ID: CVE-2014-1819
BugTraq ID: 69143
http://www.securityfocus.com/bid/69143
Common Vulnerability Exposure (CVE) ID: CVE-2014-4064
BugTraq ID: 69144
http://www.securityfocus.com/bid/69144

Copyright Copyright (C) 2014 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.804807
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Windows Kernel-Mode Drivers Privilege Escalation Vulnerabilities (2984615)
Resumen:	This host is missing an important security update according to; Microsoft Bulletin MS14-045.
Descripción:	Summary: This host is missing an important security update according to Microsoft Bulletin MS14-045. Vulnerability Insight: Multiple flaws exist due to: - An error within win32k.sys when handling window handle thread-owned objects. - A double fetch error within win32k.sys when processing font files. - An error related to Windows kernel pool. Vulnerability Impact: Successful exploitation will allow attackers to disclose certain sensitive information and gain escalated privileges. Affected Software/OS: - Microsoft Windows 2003 x32/x64 Service Pack 2 and prior - Microsoft Windows Vista x32/x64 Service Pack 2 and prior - Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior - Microsoft Windows 7 x32/x64 Service Pack 1 and prior - Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior - Microsoft Windows 8 x32/x64 - Microsoft Windows 8.1 x32/x64 - Microsoft Windows Server 2012/R2 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0318 BugTraq ID: 69142 http://www.securityfocus.com/bid/69142 Microsoft Security Bulletin: MS14-045 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-045 http://secunia.com/advisories/60673 Common Vulnerability Exposure (CVE) ID: CVE-2014-1819 BugTraq ID: 69143 http://www.securityfocus.com/bid/69143 Common Vulnerability Exposure (CVE) ID: CVE-2014-4064 BugTraq ID: 69144 http://www.securityfocus.com/bid/69144
Copyright	Copyright (C) 2014 Greenbone AG