ID de Prueba:	1.3.6.1.4.1.25623.1.0.810811
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Graphics Component Multiple Vulnerabilities (4013075)
Resumen:	This host is missing a critical security; update according to Microsoft Bulletin MS17-013.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS17-013. Vulnerability Insight: Multiple flaws are due to - The way the Windows Graphics Device Interface (GDI) handles objects in memory. - The Windows GDI component improperly discloses the contents of its memory. - The way that the Color Management Module (ICM32.dll) handles objects in memory. Vulnerability Impact: Successful exploitation will allow an attacker to perform remote code execution, gain access to potentially sensitive information and gain elevated privileges. Affected Software/OS: - Microsoft Windows 8 x86/x64 - Microsoft Windows XP SP2 x64 / SP3 x86 - Microsoft Windows 8.1 x32/x64 - Microsoft Windows 10/1511/1607 x32/x64 - Microsoft Windows Server 2012/2012R2/2016 - Microsoft Windows Vista x32/x64 Edition Service Pack 2 - Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 - Microsoft Windows 7 x32/x64 Edition Service Pack 1 - Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 - Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-0001 BugTraq ID: 96057 http://www.securityfocus.com/bid/96057 http://www.securitytracker.com/id/1038002 Common Vulnerability Exposure (CVE) ID: CVE-2017-0005 BugTraq ID: 96033 http://www.securityfocus.com/bid/96033 Common Vulnerability Exposure (CVE) ID: CVE-2017-0025 BugTraq ID: 96626 http://www.securityfocus.com/bid/96626 Common Vulnerability Exposure (CVE) ID: CVE-2017-0047 BugTraq ID: 96034 http://www.securityfocus.com/bid/96034 Common Vulnerability Exposure (CVE) ID: CVE-2017-0060 BugTraq ID: 96713 http://www.securityfocus.com/bid/96713 https://www.exploit-db.com/exploits/41656/ Common Vulnerability Exposure (CVE) ID: CVE-2017-0062 BugTraq ID: 96715 http://www.securityfocus.com/bid/96715 https://www.exploit-db.com/exploits/41658/ Common Vulnerability Exposure (CVE) ID: CVE-2017-0073 BugTraq ID: 96637 http://www.securityfocus.com/bid/96637 Common Vulnerability Exposure (CVE) ID: CVE-2017-0061 BugTraq ID: 96638 http://www.securityfocus.com/bid/96638 https://www.exploit-db.com/exploits/41657/ Common Vulnerability Exposure (CVE) ID: CVE-2017-0063 BugTraq ID: 96643 http://www.securityfocus.com/bid/96643 https://www.exploit-db.com/exploits/41659/ Common Vulnerability Exposure (CVE) ID: CVE-2017-0038 BugTraq ID: 96023 http://www.securityfocus.com/bid/96023 https://www.exploit-db.com/exploits/41363/ https://0patch.blogspot.com/2017/02/0patching-0-day-windows-gdi32dll-memory.html https://bugs.chromium.org/p/project-zero/issues/detail?id=992 https://github.com/k0keoyo/CVE-2017-0038-EXP-C-JS http://www.securitytracker.com/id/1037845 Common Vulnerability Exposure (CVE) ID: CVE-2017-0108 BugTraq ID: 96722 http://www.securityfocus.com/bid/96722 https://www.exploit-db.com/exploits/41647/ Common Vulnerability Exposure (CVE) ID: CVE-2017-0014 BugTraq ID: 96013 http://www.securityfocus.com/bid/96013 https://secuniaresearch.flexerasoftware.com/secunia_research/2017-9/
Copyright	Copyright (C) 2017 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.