Windows : Microsoft Bulletins : Microsoft Windows Server 2012 Multiple Vulnerabilities (KB4519974)

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.815492

Category: Windows : Microsoft Bulletins

Title: Microsoft Windows Server 2012 Multiple Vulnerabilities (KB4519974)

Summary: This host is missing a critical security; update according to Microsoft KB4519974

Description: Summary:
This host is missing a critical security
update according to Microsoft KB4519974

Vulnerability Insight:
Multiple flaws exist due to:

- Microsoft Browsers does not properly parse HTTP content.

- VBScript engine improperly handles objects in memory.

- Microsoft Browsers improperly handle browser cookies.

- Internet Explorer improperly accesses objects in memory.

- Scripting engine handles objects in memory in Internet Explorer.

- Microsoft browsers improperly handle requests of different origins.

Vulnerability Impact:
Successful exploitation will allow an attacker
to run arbitrary code on the client machine, bypass security restrictions
and conduct spoofing attack.

Affected Software/OS:
Microsoft Windows Server 2012.

Solution:
The vendor has released updates. Please see
the references for more information.

CVSS Score:
7.6

CVSS Vector:
AV:N/AC:H/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2019-0608
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0608
Common Vulnerability Exposure (CVE) ID: CVE-2019-1238
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1238
Common Vulnerability Exposure (CVE) ID: CVE-2019-1357
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1357
Common Vulnerability Exposure (CVE) ID: CVE-2019-1371
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1371
Common Vulnerability Exposure (CVE) ID: CVE-2019-1367
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1367
Common Vulnerability Exposure (CVE) ID: CVE-2019-1192
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1192

Copyright Copyright (C) 2019 Greenbone Networks GmbH

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.815492
Category:	Windows : Microsoft Bulletins
Title:	Microsoft Windows Server 2012 Multiple Vulnerabilities (KB4519974)
Summary:	This host is missing a critical security; update according to Microsoft KB4519974
Description:	Summary: This host is missing a critical security update according to Microsoft KB4519974 Vulnerability Insight: Multiple flaws exist due to: - Microsoft Browsers does not properly parse HTTP content. - VBScript engine improperly handles objects in memory. - Microsoft Browsers improperly handle browser cookies. - Internet Explorer improperly accesses objects in memory. - Scripting engine handles objects in memory in Internet Explorer. - Microsoft browsers improperly handle requests of different origins. Vulnerability Impact: Successful exploitation will allow an attacker to run arbitrary code on the client machine, bypass security restrictions and conduct spoofing attack. Affected Software/OS: Microsoft Windows Server 2012. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.6 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2019-0608 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0608 Common Vulnerability Exposure (CVE) ID: CVE-2019-1238 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1238 Common Vulnerability Exposure (CVE) ID: CVE-2019-1357 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1357 Common Vulnerability Exposure (CVE) ID: CVE-2019-1371 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1371 Common Vulnerability Exposure (CVE) ID: CVE-2019-1367 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1367 Common Vulnerability Exposure (CVE) ID: CVE-2019-1192 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1192
Copyright	Copyright (C) 2019 Greenbone Networks GmbH