Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.902916
Kategorie:Windows : Microsoft Bulletins
Titel:Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2711167)
Zusammenfassung:This host is missing an important security update according to; Microsoft Bulletin MS12-042.
Beschreibung:Summary:
This host is missing an important security update according to
Microsoft Bulletin MS12-042.

Vulnerability Insight:
The flaws are due to an:

- Error in the User Mode Scheduler (UMS) when handling a particular system
request can be exploited to execute arbitrary code.

- Error in incorrect protection of BIOS ROM can be exploited to execute
arbitrary code.

Vulnerability Impact:
Successful exploitation could allow remote attackers to execute arbitrary
code with kernel-mode privileges.

Affected Software/OS:
- Microsoft Windows 7 x64 Edition Service Pack 1 and prior

- Microsoft Windows XP x32 Edition Service Pack 3 and prior

- Microsoft Windows 2K3 x32 Edition Service Pack 2 and prior

- Microsoft Windows Server 2008 x64 Edition Service Pack 1 and prior

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
8.3

CVSS Vector:
AV:A/AC:L/Au:N/C:C/I:C/A:C

Querverweis: BugTraq ID: 53856
BugTraq ID: 52820
Common Vulnerability Exposure (CVE) ID: CVE-2012-0217
Cert/CC Advisory: TA12-164A
http://www.us-cert.gov/cas/techalerts/TA12-164A.html
CERT/CC vulnerability note: VU#649219
http://www.kb.cert.org/vuls/id/649219
Debian Security Information: DSA-2501 (Google Search)
http://www.debian.org/security/2012/dsa-2501
Debian Security Information: DSA-2508 (Google Search)
http://www.debian.org/security/2012/dsa-2508
https://www.exploit-db.com/exploits/28718/
https://www.exploit-db.com/exploits/46508/
FreeBSD Security Advisory: FreeBSD-SA-12:04
http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc
http://security.gentoo.org/glsa/glsa-201309-24.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html
http://lists.xen.org/archives/html/xen-devel/2012-06/msg01072.html
Microsoft Security Bulletin: MS12-042
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-042
NETBSD Security Advisory: NetBSD-SA2012-003
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2012-003.txt.asc
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15596
http://secunia.com/advisories/55082
Common Vulnerability Exposure (CVE) ID: CVE-2012-1515
http://www.securityfocus.com/bid/52820
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15209
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17110
http://www.securitytracker.com/id?1026875
XForce ISS Database: vmware-esxserver-io-privilege-escalation(74480)
https://exchange.xforce.ibmcloud.com/vulnerabilities/74480
CopyrightCopyright (C) 2012 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.