Windows : Microsoft Bulletins : Microsoft Windows Create Process Elevation of Privilege Vulnerability (3031432)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.805272

Categoría: Windows : Microsoft Bulletins

Título: Microsoft Windows Create Process Elevation of Privilege Vulnerability (3031432)

Resumen: This host is missing an important security; update according to Microsoft Bulletin MS15-015.

Descripción: Summary:
This host is missing an important security
update according to Microsoft Bulletin MS15-015.

Vulnerability Insight:
Flaw exists as impersonation levels are not
properly validated or enforced when creating processes.

Vulnerability Impact:
Successful exploitation will allow local
attacker to gain elevated privileges.

Affected Software/OS:
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior

- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

- Microsoft Windows 8 x32/x64

- Microsoft Windows 8.1 x32/x64

- Microsoft Windows Server 2012/R2

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-0062
BugTraq ID: 72458
http://www.securityfocus.com/bid/72458
Microsoft Security Bulletin: MS15-015
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-015
http://www.securitytracker.com/id/1031724
http://secunia.com/advisories/62840
XForce ISS Database: ms-windows-cve20150062-priv-esc(100437)
https://exchange.xforce.ibmcloud.com/vulnerabilities/100437
XForce ISS Database: win-ms15kb3031432-update(100438)
https://exchange.xforce.ibmcloud.com/vulnerabilities/100438

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.805272
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Windows Create Process Elevation of Privilege Vulnerability (3031432)
Resumen:	This host is missing an important security; update according to Microsoft Bulletin MS15-015.
Descripción:	Summary: This host is missing an important security update according to Microsoft Bulletin MS15-015. Vulnerability Insight: Flaw exists as impersonation levels are not properly validated or enforced when creating processes. Vulnerability Impact: Successful exploitation will allow local attacker to gain elevated privileges. Affected Software/OS: - Microsoft Windows 7 x32/x64 Service Pack 1 and prior - Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior - Microsoft Windows 8 x32/x64 - Microsoft Windows 8.1 x32/x64 - Microsoft Windows Server 2012/R2 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-0062 BugTraq ID: 72458 http://www.securityfocus.com/bid/72458 Microsoft Security Bulletin: MS15-015 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-015 http://www.securitytracker.com/id/1031724 http://secunia.com/advisories/62840 XForce ISS Database: ms-windows-cve20150062-priv-esc(100437) https://exchange.xforce.ibmcloud.com/vulnerabilities/100437 XForce ISS Database: win-ms15kb3031432-update(100438) https://exchange.xforce.ibmcloud.com/vulnerabilities/100438
Copyright	Copyright (C) 2015 Greenbone AG