English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.810922
Categoría:Windows : Microsoft Bulletins
Título:Microsoft Windows Multiple Vulnerabilities (KB4015219)
Resumen:This host is missing an important security; update according to Microsoft security update KB4015219.
Descripción:Summary:
This host is missing an important security
update according to Microsoft security update KB4015219.

Vulnerability Insight:
Multiple flaws are due to:

- The open-source libjpeg image-processing library fails to properly handle
objects in memory.

- The win32k component improperly provides kernel information.

- An error in the way that the Scripting Engine renders when handling objects
in memory in Microsoft browsers.

- The VBScript engine, when rendered in Internet Explorer, improperly handles
objects in memory.

- Microsoft Graphics Component fails to properly handle objects in memory.

- Microsoft .NET Framework fails to properly validate input before loading
libraries.

- Windows Hyper-V Network Switch on a host server fails to properly validate
input from an authenticated user on a guest operating system.

- Windows fails to properly sanitize handles in memory.

- LDAP request buffer lengths are improperly calculated.

- Windows kernel improperly handles objects in memory.

- Windows kernel-mode driver fails to properly handle objects in memory.

- Adobe Type Manager Font Driver (ATMFD.dll) fails to properly handle objects
in memory.

- Edge Content Security Policy (CSP) fails to properly validate certain
specially crafted documents.

- Chakra scripting engine does not properly handle objects in memory.

- Internet Explorer does not properly enforce cross-domain policies.

- Microsoft Windows OLE fails an integrity-level check

Vulnerability Impact:
Successful exploitation will allow an attacker
to obtain information to further compromise the user's system, execute arbitrary
code in the context of the current user, gain the same user rights as the current
user, could take control of an affected system and cause a host machine to crash.

Affected Software/OS:
Microsoft Windows 10 Version 1511 x32/x64.

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2017-0202
BugTraq ID: 97441
http://www.securityfocus.com/bid/97441
https://www.exploit-db.com/exploits/41941/
http://www.securitytracker.com/id/1038238
Common Vulnerability Exposure (CVE) ID: CVE-2017-0203
BugTraq ID: 97443
http://www.securityfocus.com/bid/97443
http://www.securitytracker.com/id/1038234
Common Vulnerability Exposure (CVE) ID: CVE-2017-0205
BugTraq ID: 97442
http://www.securityfocus.com/bid/97442
Common Vulnerability Exposure (CVE) ID: CVE-2017-0208
BugTraq ID: 97460
http://www.securityfocus.com/bid/97460
Common Vulnerability Exposure (CVE) ID: CVE-2017-0210
BugTraq ID: 97512
http://www.securityfocus.com/bid/97512
Common Vulnerability Exposure (CVE) ID: CVE-2017-0211
BugTraq ID: 97514
http://www.securityfocus.com/bid/97514
https://www.exploit-db.com/exploits/41902/
http://www.securitytracker.com/id/1038240
Common Vulnerability Exposure (CVE) ID: CVE-2017-0192
BugTraq ID: 97452
http://www.securityfocus.com/bid/97452
http://www.securitytracker.com/id/1038231
Common Vulnerability Exposure (CVE) ID: CVE-2017-0191
BugTraq ID: 97466
http://www.securityfocus.com/bid/97466
http://www.securitytracker.com/id/1038239
Common Vulnerability Exposure (CVE) ID: CVE-2017-0189
BugTraq ID: 97420
http://www.securityfocus.com/bid/97420
Common Vulnerability Exposure (CVE) ID: CVE-2017-0188
BugTraq ID: 97475
http://www.securityfocus.com/bid/97475
Common Vulnerability Exposure (CVE) ID: CVE-2017-0186
BugTraq ID: 97438
http://www.securityfocus.com/bid/97438
Common Vulnerability Exposure (CVE) ID: CVE-2017-0184
BugTraq ID: 97435
http://www.securityfocus.com/bid/97435
Common Vulnerability Exposure (CVE) ID: CVE-2017-0185
BugTraq ID: 97437
http://www.securityfocus.com/bid/97437
http://www.securitytracker.com/id/1038230
Common Vulnerability Exposure (CVE) ID: CVE-2017-0183
BugTraq ID: 97428
http://www.securityfocus.com/bid/97428
Common Vulnerability Exposure (CVE) ID: CVE-2017-0182
BugTraq ID: 97427
http://www.securityfocus.com/bid/97427
Common Vulnerability Exposure (CVE) ID: CVE-2017-0179
BugTraq ID: 97426
http://www.securityfocus.com/bid/97426
Common Vulnerability Exposure (CVE) ID: CVE-2017-0178
BugTraq ID: 97416
http://www.securityfocus.com/bid/97416
Common Vulnerability Exposure (CVE) ID: CVE-2017-0167
BugTraq ID: 97473
http://www.securityfocus.com/bid/97473
https://www.exploit-db.com/exploits/41880/
Common Vulnerability Exposure (CVE) ID: CVE-2017-0166
BugTraq ID: 97446
http://www.securityfocus.com/bid/97446
http://www.securitytracker.com/id/1038245
Common Vulnerability Exposure (CVE) ID: CVE-2017-0165
BugTraq ID: 97467
http://www.securityfocus.com/bid/97467
https://www.exploit-db.com/exploits/41901/
Common Vulnerability Exposure (CVE) ID: CVE-2017-0163
BugTraq ID: 97465
http://www.securityfocus.com/bid/97465
http://www.securitytracker.com/id/1038233
Common Vulnerability Exposure (CVE) ID: CVE-2017-0162
BugTraq ID: 97461
http://www.securityfocus.com/bid/97461
Common Vulnerability Exposure (CVE) ID: CVE-2017-0160
BugTraq ID: 97447
http://www.securityfocus.com/bid/97447
https://www.exploit-db.com/exploits/41903/
http://www.securitytracker.com/id/1038236
Common Vulnerability Exposure (CVE) ID: CVE-2017-0158
BugTraq ID: 97455
http://www.securityfocus.com/bid/97455
Common Vulnerability Exposure (CVE) ID: CVE-2017-0156
BugTraq ID: 97507
http://www.securityfocus.com/bid/97507
http://www.securitytracker.com/id/1038237
Common Vulnerability Exposure (CVE) ID: CVE-2017-0093
BugTraq ID: 97419
http://www.securityfocus.com/bid/97419
Common Vulnerability Exposure (CVE) ID: CVE-2017-0058
BugTraq ID: 97462
http://www.securityfocus.com/bid/97462
https://www.exploit-db.com/exploits/41879/
Common Vulnerability Exposure (CVE) ID: CVE-2013-6629
BugTraq ID: 63676
http://www.securityfocus.com/bid/63676
Debian Security Information: DSA-2799 (Google Search)
http://www.debian.org/security/2013/dsa-2799
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html
http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.html
http://security.gentoo.org/glsa/glsa-201406-32.xml
https://security.gentoo.org/glsa/201606-03
HPdes Security Advisory: HPSBUX03091
http://marc.info/?l=bugtraq&m=140852886808946&w=2
HPdes Security Advisory: HPSBUX03092
http://marc.info/?l=bugtraq&m=140852974709252&w=2
HPdes Security Advisory: SSRT101667
HPdes Security Advisory: SSRT101668
http://www.mandriva.com/security/advisories?name=MDVSA-2013:273
RedHat Security Advisories: RHSA-2013:1803
http://rhn.redhat.com/errata/RHSA-2013-1803.html
RedHat Security Advisories: RHSA-2013:1804
http://rhn.redhat.com/errata/RHSA-2013-1804.html
RedHat Security Advisories: RHSA-2014:0413
https://access.redhat.com/errata/RHSA-2014:0413
RedHat Security Advisories: RHSA-2014:0414
https://access.redhat.com/errata/RHSA-2014:0414
http://www.securitytracker.com/id/1029470
http://www.securitytracker.com/id/1029476
http://secunia.com/advisories/56175
http://secunia.com/advisories/58974
http://secunia.com/advisories/59058
SuSE Security Announcement: openSUSE-SU-2013:1776 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html
SuSE Security Announcement: openSUSE-SU-2013:1777 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html
SuSE Security Announcement: openSUSE-SU-2013:1861 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html
SuSE Security Announcement: openSUSE-SU-2013:1916 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html
SuSE Security Announcement: openSUSE-SU-2013:1917 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html
SuSE Security Announcement: openSUSE-SU-2013:1918 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html
SuSE Security Announcement: openSUSE-SU-2013:1957 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html
SuSE Security Announcement: openSUSE-SU-2013:1958 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html
SuSE Security Announcement: openSUSE-SU-2013:1959 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html
SuSE Security Announcement: openSUSE-SU-2014:0008 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html
SuSE Security Announcement: openSUSE-SU-2014:0065 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html
http://www.ubuntu.com/usn/USN-2052-1
http://www.ubuntu.com/usn/USN-2053-1
http://www.ubuntu.com/usn/USN-2060-1
Common Vulnerability Exposure (CVE) ID: CVE-2017-0181
BugTraq ID: 97445
http://www.securityfocus.com/bid/97445
Common Vulnerability Exposure (CVE) ID: CVE-2017-0180
BugTraq ID: 97444
http://www.securityfocus.com/bid/97444
CopyrightCopyright (C) 2017 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.