Windows : Microsoft Bulletins : Microsoft Windows Kernel-Mode Drivers Privilege Escalation Vulnerabilities (2984615)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.804807

Kategorie: Windows : Microsoft Bulletins

Titel: Microsoft Windows Kernel-Mode Drivers Privilege Escalation Vulnerabilities (2984615)

Zusammenfassung: This host is missing an important security update according to; Microsoft Bulletin MS14-045.

Beschreibung: Summary:
This host is missing an important security update according to
Microsoft Bulletin MS14-045.

Vulnerability Insight:
Multiple flaws exist due to:

- An error within win32k.sys when handling window handle thread-owned objects.

- A double fetch error within win32k.sys when processing font files.

- An error related to Windows kernel pool.

Vulnerability Impact:
Successful exploitation will allow attackers to disclose certain sensitive
information and gain escalated privileges.

Affected Software/OS:
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior

- Microsoft Windows Vista x32/x64 Service Pack 2 and prior

- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior

- Microsoft Windows 7 x32/x64 Service Pack 1 and prior

- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

- Microsoft Windows 8 x32/x64

- Microsoft Windows 8.1 x32/x64

- Microsoft Windows Server 2012/R2

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2014-0318
BugTraq ID: 69142
http://www.securityfocus.com/bid/69142
Microsoft Security Bulletin: MS14-045
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-045
http://secunia.com/advisories/60673
Common Vulnerability Exposure (CVE) ID: CVE-2014-1819
BugTraq ID: 69143
http://www.securityfocus.com/bid/69143
Common Vulnerability Exposure (CVE) ID: CVE-2014-4064
BugTraq ID: 69144
http://www.securityfocus.com/bid/69144

Copyright Copyright (C) 2014 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.804807
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Windows Kernel-Mode Drivers Privilege Escalation Vulnerabilities (2984615)
Zusammenfassung:	This host is missing an important security update according to; Microsoft Bulletin MS14-045.
Beschreibung:	Summary: This host is missing an important security update according to Microsoft Bulletin MS14-045. Vulnerability Insight: Multiple flaws exist due to: - An error within win32k.sys when handling window handle thread-owned objects. - A double fetch error within win32k.sys when processing font files. - An error related to Windows kernel pool. Vulnerability Impact: Successful exploitation will allow attackers to disclose certain sensitive information and gain escalated privileges. Affected Software/OS: - Microsoft Windows 2003 x32/x64 Service Pack 2 and prior - Microsoft Windows Vista x32/x64 Service Pack 2 and prior - Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior - Microsoft Windows 7 x32/x64 Service Pack 1 and prior - Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior - Microsoft Windows 8 x32/x64 - Microsoft Windows 8.1 x32/x64 - Microsoft Windows Server 2012/R2 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0318 BugTraq ID: 69142 http://www.securityfocus.com/bid/69142 Microsoft Security Bulletin: MS14-045 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-045 http://secunia.com/advisories/60673 Common Vulnerability Exposure (CVE) ID: CVE-2014-1819 BugTraq ID: 69143 http://www.securityfocus.com/bid/69143 Common Vulnerability Exposure (CVE) ID: CVE-2014-4064 BugTraq ID: 69144 http://www.securityfocus.com/bid/69144
Copyright	Copyright (C) 2014 Greenbone AG