English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.815052
Categoría:Windows : Microsoft Bulletins
Título:Microsoft Windows Multiple Vulnerabilities (KB4499151)
Resumen:This host is missing a critical security; update according to Microsoft KB4499151
Descripción:Summary:
This host is missing a critical security
update according to Microsoft KB4499151

Vulnerability Insight:
Multiple flaws exist as,

- Scripting engine improperly handles objects in memory in Microsoft browsers.

- Windows Error Reporting (WER) improperly handles files.

- Microsoft Windows OLE fails to properly validate user input.

- An error in Microsoft Windows when a man-in-the-middle attacker is able to
successfully decode and replace authentication request using Kerberos.

- Windows Kernel improperly handles key enumeration.

- Windows Jet Database Engine improperly handles objects in memory.

- Windows GDI component improperly discloses the contents of its memory.

- Speculative execution side channel vulnerabilities known as Microarchitectural
Data Sampling.

- Microsoft browsers improperly access objects in memory.

- Internet Explorer improperly handles URLs and objects in memory.

- An error in the Network Driver Interface Specification (NDIS).

- Windows fails to properly handle certain symbolic links.

- Windows Server DHCP service improperly process specially crafted packets.

Vulnerability Impact:
Successful exploitation will allow a remote
attacker to elevate privileges, execute arbitrary code, read unauthorized
information and take control of the affected system.

Affected Software/OS:
- Microsoft Windows 8.1 for 32-bit/x64

- Microsoft Windows Server 2012 R2

Solution:
The vendor has released updates. Please see
the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2018-11091
Bugtraq: 20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu (Google Search)
https://seclists.org/bugtraq/2019/Nov/16
FreeBSD Security Advisory: FreeBSD-SA-19:26
https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc
http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html
http://seclists.org/fulldisclosure/2018/May/32
https://www.sec-consult.com/en/blog/advisories/arbitrary-file-upload-cross-site-scripting-in-mybiz-myprocurenet/
Common Vulnerability Exposure (CVE) ID: CVE-2018-12126
Bugtraq: 20190624 [SECURITY] [DSA 4447-2] intel-microcode security update (Google Search)
https://seclists.org/bugtraq/2019/Jun/28
Bugtraq: 20190624 [SECURITY] [DSA 4469-1] libvirt security update (Google Search)
https://seclists.org/bugtraq/2019/Jun/36
Bugtraq: 20191112 [SECURITY] [DSA 4564-1] linux security update (Google Search)
https://seclists.org/bugtraq/2019/Nov/15
Bugtraq: 20200114 [SECURITY] [DSA 4602-1] xen security update (Google Search)
https://seclists.org/bugtraq/2020/Jan/21
Debian Security Information: DSA-4602 (Google Search)
https://www.debian.org/security/2020/dsa-4602
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/
https://www.freebsd.org/security/advisories/FreeBSD-SA-19:07.mds.asc
https://security.gentoo.org/glsa/202003-56
https://lists.debian.org/debian-lts-announce/2019/06/msg00018.html
RedHat Security Advisories: RHSA-2019:1455
https://access.redhat.com/errata/RHSA-2019:1455
RedHat Security Advisories: RHSA-2019:2553
https://access.redhat.com/errata/RHSA-2019:2553
SuSE Security Announcement: openSUSE-SU-2019:1505 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html
SuSE Security Announcement: openSUSE-SU-2019:1805 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html
SuSE Security Announcement: openSUSE-SU-2019:1806 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html
https://usn.ubuntu.com/3977-3/
Common Vulnerability Exposure (CVE) ID: CVE-2018-12127
Common Vulnerability Exposure (CVE) ID: CVE-2018-12130
Common Vulnerability Exposure (CVE) ID: CVE-2019-0683
Common Vulnerability Exposure (CVE) ID: CVE-2019-0707
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0707
Common Vulnerability Exposure (CVE) ID: CVE-2019-0725
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0725
Common Vulnerability Exposure (CVE) ID: CVE-2019-0734
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0734
Common Vulnerability Exposure (CVE) ID: CVE-2019-0758
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0758
Common Vulnerability Exposure (CVE) ID: CVE-2019-0863
http://packetstormsecurity.com/files/153008/Angry-Polar-Bear-2-Microsoft-Windows-Error-Reporting-Local-Privilege-Escalation.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0863
Common Vulnerability Exposure (CVE) ID: CVE-2019-0881
http://packetstormsecurity.com/files/152988/Microsoft-Windows-CmKeyBodyRemapToVirtualForEnum-Arbitrary-Key-Enumeration.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0881
Common Vulnerability Exposure (CVE) ID: CVE-2019-0882
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0882
Common Vulnerability Exposure (CVE) ID: CVE-2019-0884
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0884
Common Vulnerability Exposure (CVE) ID: CVE-2019-0885
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0885
Common Vulnerability Exposure (CVE) ID: CVE-2019-0889
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0889
Common Vulnerability Exposure (CVE) ID: CVE-2019-0890
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0890
Common Vulnerability Exposure (CVE) ID: CVE-2019-0891
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0891
Common Vulnerability Exposure (CVE) ID: CVE-2019-0893
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0893
Common Vulnerability Exposure (CVE) ID: CVE-2019-0894
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0894
Common Vulnerability Exposure (CVE) ID: CVE-2019-0895
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0895
Common Vulnerability Exposure (CVE) ID: CVE-2019-0896
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0896
Common Vulnerability Exposure (CVE) ID: CVE-2019-0897
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0897
Common Vulnerability Exposure (CVE) ID: CVE-2019-0898
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0898
Common Vulnerability Exposure (CVE) ID: CVE-2019-0899
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0899
Common Vulnerability Exposure (CVE) ID: CVE-2019-0900
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0900
Common Vulnerability Exposure (CVE) ID: CVE-2019-0901
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0901
Common Vulnerability Exposure (CVE) ID: CVE-2019-0902
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0902
Common Vulnerability Exposure (CVE) ID: CVE-2019-0903
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0903
Common Vulnerability Exposure (CVE) ID: CVE-2019-0911
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0911
Common Vulnerability Exposure (CVE) ID: CVE-2019-0918
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0918
Common Vulnerability Exposure (CVE) ID: CVE-2019-0921
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0921
Common Vulnerability Exposure (CVE) ID: CVE-2019-0930
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0930
Common Vulnerability Exposure (CVE) ID: CVE-2019-0936
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0936
Common Vulnerability Exposure (CVE) ID: CVE-2019-0940
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0940
Common Vulnerability Exposure (CVE) ID: CVE-2019-0961
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0961
CopyrightCopyright (C) 2019 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.