Test Kennung:	1.3.6.1.4.1.25623.1.0.805979
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Windows Graphics Component Remote Code Execution Vulnerability (3089656)
Zusammenfassung:	This host is missing a critical security; update according to Microsoft Bulletin MS15-097.
Beschreibung:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS15-097. Vulnerability Insight: Multiple flaws exist due to: - An unspecified error in the Windows Adobe Type Manager Library which improperly handles specially crafted OpenType fonts. - An unspecified error in Windows Adobe Type Manager Library which fails to properly handle objects in memory. - Multiple errors in Windows kernel-mode driver which fails to properly handle objects in memory. - An unspecified error in the Windows kernel mode driver (Win32k.sys) which fails to properly validate and enforce integrity levels during certain process initialization scenarios. - An error in Windows kernel which fails to properly initialize a memory address. Vulnerability Impact: Successful exploitation will allow an attacker to do Kernel Address Space Layout Randomization (KASLR) bypass and execute arbitrary code taking complete control of the affected system. Affected Software/OS: - Microsoft Windows 8/8.1 x32/x64 - Microsoft Windows 10 x32/x64 - Microsoft Windows Server 2012/R2 - Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior - Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior - Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior - Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-2506 BugTraq ID: 76563 http://www.securityfocus.com/bid/76563 Microsoft Security Bulletin: MS15-097 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-097 http://www.securitytracker.com/id/1033485 Common Vulnerability Exposure (CVE) ID: CVE-2015-2507 BugTraq ID: 76591 http://www.securityfocus.com/bid/76591 https://www.exploit-db.com/exploits/38279/ Common Vulnerability Exposure (CVE) ID: CVE-2015-2508 BugTraq ID: 76592 http://www.securityfocus.com/bid/76592 https://www.exploit-db.com/exploits/38198/ Common Vulnerability Exposure (CVE) ID: CVE-2015-2510 BugTraq ID: 76593 http://www.securityfocus.com/bid/76593 https://www.exploit-db.com/exploits/38217/ http://www.securitytracker.com/id/1033500 http://www.securitytracker.com/id/1033501 Common Vulnerability Exposure (CVE) ID: CVE-2015-2511 BugTraq ID: 76597 http://www.securityfocus.com/bid/76597 https://www.exploit-db.com/exploits/38276/ Common Vulnerability Exposure (CVE) ID: CVE-2015-2512 BugTraq ID: 76589 http://www.securityfocus.com/bid/76589 https://www.exploit-db.com/exploits/38280/ Common Vulnerability Exposure (CVE) ID: CVE-2015-2517 BugTraq ID: 76606 http://www.securityfocus.com/bid/76606 https://www.exploit-db.com/exploits/38278/ Common Vulnerability Exposure (CVE) ID: CVE-2015-2518 BugTraq ID: 76607 http://www.securityfocus.com/bid/76607 https://www.exploit-db.com/exploits/38277/ Common Vulnerability Exposure (CVE) ID: CVE-2015-2527 BugTraq ID: 76599 http://www.securityfocus.com/bid/76599 https://www.exploit-db.com/exploits/38199/ Common Vulnerability Exposure (CVE) ID: CVE-2015-2529 BugTraq ID: 76602 http://www.securityfocus.com/bid/76602 Common Vulnerability Exposure (CVE) ID: CVE-2015-2546 BugTraq ID: 76608 http://www.securityfocus.com/bid/76608
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.