Windows : Microsoft Bulletins : Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2876315)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.902994

Categoría: Windows : Microsoft Bulletins

Título: Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2876315)

Resumen: This host is missing an important security update according to;Microsoft Bulletin MS13-076.

Descripción: Summary:
This host is missing an important security update according to
Microsoft Bulletin MS13-076.

Vulnerability Insight:
Multiple flaws are due to error related to multiple fetch within the
kernel-mode driver (win32k.sys).

Vulnerability Impact:
Successful exploitation will allow remote attackers to gain escalated
privileges, read arbitrary kernel memory and cause a DoS (Denial of
Service).

Affected Software/OS:
- Microsoft Windows 8

- Microsoft Windows Server 2012

- Microsoft Windows XP x32 Edition Service Pack 3 and prior

- Microsoft Windows XP x64 Edition Service Pack 2 and prior

- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior

- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior

- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior

- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior

- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-1341
Cert/CC Advisory: TA13-253A
http://www.us-cert.gov/ncas/alerts/TA13-253A
Microsoft Security Bulletin: MS13-076
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-076
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18660
Common Vulnerability Exposure (CVE) ID: CVE-2013-1342
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18714
Common Vulnerability Exposure (CVE) ID: CVE-2013-1343
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18551
Common Vulnerability Exposure (CVE) ID: CVE-2013-1344
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18792
Common Vulnerability Exposure (CVE) ID: CVE-2013-3864
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18553
Common Vulnerability Exposure (CVE) ID: CVE-2013-3865
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18813
Common Vulnerability Exposure (CVE) ID: CVE-2013-3866
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18951

Copyright Copyright (C) 2013 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.902994
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2876315)
Resumen:	This host is missing an important security update according to;Microsoft Bulletin MS13-076.
Descripción:	Summary: This host is missing an important security update according to Microsoft Bulletin MS13-076. Vulnerability Insight: Multiple flaws are due to error related to multiple fetch within the kernel-mode driver (win32k.sys). Vulnerability Impact: Successful exploitation will allow remote attackers to gain escalated privileges, read arbitrary kernel memory and cause a DoS (Denial of Service). Affected Software/OS: - Microsoft Windows 8 - Microsoft Windows Server 2012 - Microsoft Windows XP x32 Edition Service Pack 3 and prior - Microsoft Windows XP x64 Edition Service Pack 2 and prior - Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior - Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior - Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior - Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior - Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-1341 Cert/CC Advisory: TA13-253A http://www.us-cert.gov/ncas/alerts/TA13-253A Microsoft Security Bulletin: MS13-076 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-076 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18660 Common Vulnerability Exposure (CVE) ID: CVE-2013-1342 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18714 Common Vulnerability Exposure (CVE) ID: CVE-2013-1343 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18551 Common Vulnerability Exposure (CVE) ID: CVE-2013-1344 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18792 Common Vulnerability Exposure (CVE) ID: CVE-2013-3864 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18553 Common Vulnerability Exposure (CVE) ID: CVE-2013-3865 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18813 Common Vulnerability Exposure (CVE) ID: CVE-2013-3866 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18951
Copyright	Copyright (C) 2013 Greenbone AG