English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.814085
Categoría:Windows : Microsoft Bulletins
Título:Microsoft Windows Multiple Vulnerabilities (KB4464330)
Resumen:This host is missing a critical security; update according to Microsoft KB4464330
Descripción:Summary:
This host is missing a critical security
update according to Microsoft KB4464330

Vulnerability Insight:
Multiple flaws exist due to:

- Windows Hyper-V on a host server fails to properly validate input from an
authenticated user on a guest operating system.

- Internet Explorer improperly accesses objects in memory.

- Windows Media Player improperly discloses file information.

- DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in
memory.

- Windows Theme API does not properly decompress files.

- NTFS improperly checks access.

- Chakra scripting engine handles objects in memory in Microsoft Edge.

- Microsoft Graphics Components improperly handle objects in memory.

- Windows Win32k component fails to properly handle objects in memory.

- Microsoft Edge improperly accesses objects in memory.

- An input validation error in Windows Graphics Device Interface (GDI).

- Windows Kernel improperly handles objects in memory.

- Microsoft XML Core Services MSXML parser improperly processes user input.

- An input validation error in Device Guard.

- Filter Manager improperly handles objects in memory.

- Microsoft Windows Codecs Library improperly handles objects in memory.

Vulnerability Impact:
Successful exploitation will allow an attacker
to run arbitrary code, bypass security restriction, gain the same user rights
as the current user, obtain information to further compromise the user's system,
improperly discloses file information and escalate privileges.

Affected Software/OS:
- Microsoft Windows 10 Version 1809 for 32-bit Systems

- Microsoft Windows 10 Version 1809 for x64-based Systems

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2018-8494
BugTraq ID: 105457
http://www.securityfocus.com/bid/105457
http://www.securitytracker.com/id/1041844
Common Vulnerability Exposure (CVE) ID: CVE-2018-8497
BugTraq ID: 105478
http://www.securityfocus.com/bid/105478
http://www.securitytracker.com/id/1041828
Common Vulnerability Exposure (CVE) ID: CVE-2018-8503
BugTraq ID: 105464
http://www.securityfocus.com/bid/105464
http://www.securitytracker.com/id/1041825
Common Vulnerability Exposure (CVE) ID: CVE-2018-8320
BugTraq ID: 105503
http://www.securityfocus.com/bid/105503
http://www.securitytracker.com/id/1041830
Common Vulnerability Exposure (CVE) ID: CVE-2018-8330
BugTraq ID: 105477
http://www.securityfocus.com/bid/105477
Common Vulnerability Exposure (CVE) ID: CVE-2018-8333
BugTraq ID: 105507
http://www.securityfocus.com/bid/105507
http://www.securitytracker.com/id/1041831
Common Vulnerability Exposure (CVE) ID: CVE-2018-8411
BugTraq ID: 105508
http://www.securityfocus.com/bid/105508
https://www.exploit-db.com/exploits/45624/
http://www.securitytracker.com/id/1041832
Common Vulnerability Exposure (CVE) ID: CVE-2018-8413
BugTraq ID: 105448
http://www.securityfocus.com/bid/105448
http://packetstormsecurity.com/files/156027/Microsoft-Windows-Theme-API-File-Parsing.html
http://www.securitytracker.com/id/1041824
Common Vulnerability Exposure (CVE) ID: CVE-2018-8423
https://blog.0patch.com/2018/09/outrunning-attackers-on-jet-database.html
https://blog.0patch.com/2018/10/patching-re-patching-and-meta-patching.html
http://www.securitytracker.com/id/1041837
Common Vulnerability Exposure (CVE) ID: CVE-2018-8432
BugTraq ID: 105458
http://www.securityfocus.com/bid/105458
http://www.securitytracker.com/id/1041823
Common Vulnerability Exposure (CVE) ID: CVE-2018-8453
BugTraq ID: 105467
http://www.securityfocus.com/bid/105467
http://packetstormsecurity.com/files/153669/Microsoft-Windows-NtUserSetWindowFNID-Win32k-User-Callback.html
https://securelist.com/cve-2018-8453-used-in-targeted-attack
Common Vulnerability Exposure (CVE) ID: CVE-2018-8460
BugTraq ID: 105449
http://www.securityfocus.com/bid/105449
http://www.securitytracker.com/id/1041841
Common Vulnerability Exposure (CVE) ID: CVE-2018-8472
BugTraq ID: 105488
http://www.securityfocus.com/bid/105488
Common Vulnerability Exposure (CVE) ID: CVE-2018-8473
BugTraq ID: 105459
http://www.securityfocus.com/bid/105459
Common Vulnerability Exposure (CVE) ID: CVE-2018-8481
BugTraq ID: 105452
http://www.securityfocus.com/bid/105452
http://www.securitytracker.com/id/1041829
Common Vulnerability Exposure (CVE) ID: CVE-2018-8482
BugTraq ID: 105469
http://www.securityfocus.com/bid/105469
Common Vulnerability Exposure (CVE) ID: CVE-2018-8484
BugTraq ID: 105500
http://www.securityfocus.com/bid/105500
Common Vulnerability Exposure (CVE) ID: CVE-2018-8486
BugTraq ID: 105501
http://www.securityfocus.com/bid/105501
Common Vulnerability Exposure (CVE) ID: CVE-2018-8489
BugTraq ID: 105479
http://www.securityfocus.com/bid/105479
http://www.securitytracker.com/id/1041834
Common Vulnerability Exposure (CVE) ID: CVE-2018-8490
BugTraq ID: 105480
http://www.securityfocus.com/bid/105480
Common Vulnerability Exposure (CVE) ID: CVE-2018-8491
BugTraq ID: 105454
http://www.securityfocus.com/bid/105454
Common Vulnerability Exposure (CVE) ID: CVE-2018-8492
BugTraq ID: 105455
http://www.securityfocus.com/bid/105455
http://www.securitytracker.com/id/1041842
Common Vulnerability Exposure (CVE) ID: CVE-2018-8505
BugTraq ID: 105468
http://www.securityfocus.com/bid/105468
Common Vulnerability Exposure (CVE) ID: CVE-2018-8506
BugTraq ID: 105466
http://www.securityfocus.com/bid/105466
http://www.securitytracker.com/id/1041833
Common Vulnerability Exposure (CVE) ID: CVE-2018-8510
BugTraq ID: 105470
http://www.securityfocus.com/bid/105470
Common Vulnerability Exposure (CVE) ID: CVE-2018-8511
BugTraq ID: 105471
http://www.securityfocus.com/bid/105471
Common Vulnerability Exposure (CVE) ID: CVE-2018-8513
BugTraq ID: 105473
http://www.securityfocus.com/bid/105473
CopyrightCopyright (C) 2018 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.