Windows : Microsoft Bulletins : Microsoft .NET Framework Multiple Vulnerabilities (KB4338419)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.813490

Categoría: Windows : Microsoft Bulletins

Título: Microsoft .NET Framework Multiple Vulnerabilities (KB4338419)

Resumen: This host is missing an important security; update according to Microsoft KB4338419.

Descripción: Summary:
This host is missing an important security
update according to Microsoft KB4338419.

Vulnerability Insight:
Multiple flaws are due to:

- An error when Microsoft .NET Framework components do not correctly validate
certificates.

- An error in the way how .NET Framework activates COM objects.

- An error when the Microsoft .NET Framework fails to validate input properly.

- An error when the .NET Framework fails to check the source markup of a file.

Vulnerability Impact:
Successful exploitation will allow an attacker
to gain elevated privileges, bypass security restrictions and take control of an
affected system allowing to install programs or view data, change data, delete
data or create new accounts with full user rights.

Affected Software/OS:
Microsoft .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 for Microsoft Windows 8.1 and Microsoft Windows Server 2012 R2.

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2018-8356
BugTraq ID: 104664
http://www.securityfocus.com/bid/104664
http://www.securitytracker.com/id/1041257
Common Vulnerability Exposure (CVE) ID: CVE-2018-8284
BugTraq ID: 104667
http://www.securityfocus.com/bid/104667
Common Vulnerability Exposure (CVE) ID: CVE-2018-8202
BugTraq ID: 104665
http://www.securityfocus.com/bid/104665
Common Vulnerability Exposure (CVE) ID: CVE-2018-8260
BugTraq ID: 104666
http://www.securityfocus.com/bid/104666

Copyright Copyright (C) 2018 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.813490
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft .NET Framework Multiple Vulnerabilities (KB4338419)
Resumen:	This host is missing an important security; update according to Microsoft KB4338419.
Descripción:	Summary: This host is missing an important security update according to Microsoft KB4338419. Vulnerability Insight: Multiple flaws are due to: - An error when Microsoft .NET Framework components do not correctly validate certificates. - An error in the way how .NET Framework activates COM objects. - An error when the Microsoft .NET Framework fails to validate input properly. - An error when the .NET Framework fails to check the source markup of a file. Vulnerability Impact: Successful exploitation will allow an attacker to gain elevated privileges, bypass security restrictions and take control of an affected system allowing to install programs or view data, change data, delete data or create new accounts with full user rights. Affected Software/OS: Microsoft .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 for Microsoft Windows 8.1 and Microsoft Windows Server 2012 R2. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-8356 BugTraq ID: 104664 http://www.securityfocus.com/bid/104664 http://www.securitytracker.com/id/1041257 Common Vulnerability Exposure (CVE) ID: CVE-2018-8284 BugTraq ID: 104667 http://www.securityfocus.com/bid/104667 Common Vulnerability Exposure (CVE) ID: CVE-2018-8202 BugTraq ID: 104665 http://www.securityfocus.com/bid/104665 Common Vulnerability Exposure (CVE) ID: CVE-2018-8260 BugTraq ID: 104666 http://www.securityfocus.com/bid/104666
Copyright	Copyright (C) 2018 Greenbone AG