 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.805582 |
| Categoría: | Windows : Microsoft Bulletins |
| Título: | Microsoft Windows Kernel-Mode Driver Privilege Elevation Vulnerabilities (3057839) |
| Resumen: | This host is missing an important security; update according to Microsoft Bulletin MS15-061. |
| Descripción: | Summary: This host is missing an important security update according to Microsoft Bulletin MS15-061. Vulnerability Insight: Multiple flaws exist due to: - Improper handling of buffer elements by windows kernel-mode driver under certain conditions. - Improper freeing of an object in memory by windows kernel-mode driver. - Insufficient validation of certain data passed from user mode by the windows kernel-mode driver. - Windows kernel-mode driver when it accesses an object in memory that has either not been correctly initialized or deleted. - Windows kernel-mode driver when it improperly validates user input. - Windows kernel-mode driver 'Win32k.sys' fails to properly free memory. Vulnerability Impact: Successful exploitation will allow remote attackers to bypass security, gain elevated privileges and execute arbitrary code on affected system. Affected Software/OS: - Microsoft Windows 8 x32/x64 - Microsoft Windows Server 2012/R2 - Microsoft Windows 8.1 x32/x64 - Microsoft Windows 2003 x32/x64 Service Pack 2 and prior - Microsoft Windows Vista x32/x64 Service Pack 2 and prior - Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior - Microsoft Windows 7 x32/x64 Service Pack 1 and prior - Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-1719 Microsoft Security Bulletin: MS15-061 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-061 http://www.securitytracker.com/id/1032525 Common Vulnerability Exposure (CVE) ID: CVE-2015-1720 Common Vulnerability Exposure (CVE) ID: CVE-2015-1721 https://www.exploit-db.com/exploits/38274/ Common Vulnerability Exposure (CVE) ID: CVE-2015-1722 https://www.exploit-db.com/exploits/38265/ https://www.exploit-db.com/exploits/38275/ Common Vulnerability Exposure (CVE) ID: CVE-2015-1723 https://www.exploit-db.com/exploits/38273/ Common Vulnerability Exposure (CVE) ID: CVE-2015-1724 https://www.exploit-db.com/exploits/38272/ Common Vulnerability Exposure (CVE) ID: CVE-2015-1725 https://www.exploit-db.com/exploits/38270/ https://www.exploit-db.com/exploits/38271/ Common Vulnerability Exposure (CVE) ID: CVE-2015-1726 https://www.exploit-db.com/exploits/38269/ Common Vulnerability Exposure (CVE) ID: CVE-2015-1727 https://www.exploit-db.com/exploits/38268/ Common Vulnerability Exposure (CVE) ID: CVE-2015-1768 BugTraq ID: 75024 http://www.securityfocus.com/bid/75024 Common Vulnerability Exposure (CVE) ID: CVE-2015-2360 BugTraq ID: 75025 http://www.securityfocus.com/bid/75025 |
| Copyright | Copyright (C) 2015 Greenbone AG |
| Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |