English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.812863
Category:Windows : Microsoft Bulletins
Title:Microsoft Windows Multiple Vulnerabilities (KB4093118)
Summary:This host is missing a critical security; update according to Microsoft KB4093118
Description:Summary:
This host is missing a critical security
update according to Microsoft KB4093118

Vulnerability Insight:
Multiple flaws exist due to:

- When the Windows font library improperly handles specially crafted embedded
fonts.

- When Internet Explorer improperly accesses objects in memory.

- When the Windows kernel fails to properly initialize a memory address.

- When the scripting engine does not properly handle objects in memory in
Internet Explorer.

- In Windows Adobe Type Manager Font Driver (ATMFD.

- In the Windows kernel that could allow an attacker to retrieve information
that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass.

- In the way that Windows SNMP Service handles malformed SNMP traps.

- When the Windows kernel improperly handles objects in memory.

- In the way that the VBScript engine handles objects in memory.

- In the way that Windows handles objects in memory.

- In Remote Desktop Protocol (RDP) when an attacker connects to the target
system using RDP and sends specially crafted requests.

- In the Microsoft JET Database Engine that could allow remote code execution on
an affected system.

Vulnerability Impact:
Successful exploitation will allow an attacker
to take control of the affected system, obtain information to further compromise
the user's system, execute arbitrary code, retrieve the memory address of a
kernel object, cause a target system to stop responding.

Affected Software/OS:
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1

- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-0870
BugTraq ID: 103595
http://www.securityfocus.com/bid/103595
http://www.securitytracker.com/id/1040653
Common Vulnerability Exposure (CVE) ID: CVE-2018-0887
BugTraq ID: 103629
http://www.securityfocus.com/bid/103629
http://www.securitytracker.com/id/1040657
Common Vulnerability Exposure (CVE) ID: CVE-2018-8116
BugTraq ID: 103705
http://www.securityfocus.com/bid/103705
http://www.securitytracker.com/id/1040656
Common Vulnerability Exposure (CVE) ID: CVE-2018-0960
BugTraq ID: 103663
http://www.securityfocus.com/bid/103663
Common Vulnerability Exposure (CVE) ID: CVE-2018-0967
BugTraq ID: 103652
http://www.securityfocus.com/bid/103652
http://www.securitytracker.com/id/1040659
Common Vulnerability Exposure (CVE) ID: CVE-2018-0969
BugTraq ID: 103644
http://www.securityfocus.com/bid/103644
https://www.exploit-db.com/exploits/44459/
Common Vulnerability Exposure (CVE) ID: CVE-2018-0970
BugTraq ID: 103645
http://www.securityfocus.com/bid/103645
https://www.exploit-db.com/exploits/44460/
Common Vulnerability Exposure (CVE) ID: CVE-2018-0971
BugTraq ID: 103648
http://www.securityfocus.com/bid/103648
https://www.exploit-db.com/exploits/44461/
Common Vulnerability Exposure (CVE) ID: CVE-2018-0972
BugTraq ID: 103659
http://www.securityfocus.com/bid/103659
https://www.exploit-db.com/exploits/44462/
Common Vulnerability Exposure (CVE) ID: CVE-2018-0973
BugTraq ID: 103660
http://www.securityfocus.com/bid/103660
https://www.exploit-db.com/exploits/44463/
Common Vulnerability Exposure (CVE) ID: CVE-2018-0974
BugTraq ID: 103661
http://www.securityfocus.com/bid/103661
https://www.exploit-db.com/exploits/44464/
Common Vulnerability Exposure (CVE) ID: CVE-2018-0975
BugTraq ID: 103662
http://www.securityfocus.com/bid/103662
https://www.exploit-db.com/exploits/44458/
Common Vulnerability Exposure (CVE) ID: CVE-2018-0976
BugTraq ID: 103651
http://www.securityfocus.com/bid/103651
http://www.securitytracker.com/id/1040658
Common Vulnerability Exposure (CVE) ID: CVE-2018-0981
BugTraq ID: 103621
http://www.securityfocus.com/bid/103621
Common Vulnerability Exposure (CVE) ID: CVE-2018-0987
BugTraq ID: 103623
http://www.securityfocus.com/bid/103623
Common Vulnerability Exposure (CVE) ID: CVE-2018-0988
BugTraq ID: 103615
http://www.securityfocus.com/bid/103615
Common Vulnerability Exposure (CVE) ID: CVE-2018-0989
BugTraq ID: 103624
http://www.securityfocus.com/bid/103624
Common Vulnerability Exposure (CVE) ID: CVE-2018-0991
BugTraq ID: 103614
http://www.securityfocus.com/bid/103614
Common Vulnerability Exposure (CVE) ID: CVE-2018-1003
BugTraq ID: 103655
http://www.securityfocus.com/bid/103655
http://www.securitytracker.com/id/1040651
Common Vulnerability Exposure (CVE) ID: CVE-2018-1004
BugTraq ID: 103657
http://www.securityfocus.com/bid/103657
http://www.securitytracker.com/id/1040655
Common Vulnerability Exposure (CVE) ID: CVE-2018-1008
BugTraq ID: 103658
http://www.securityfocus.com/bid/103658
http://www.securitytracker.com/id/1040673
Common Vulnerability Exposure (CVE) ID: CVE-2018-1010
BugTraq ID: 103594
http://www.securityfocus.com/bid/103594
Common Vulnerability Exposure (CVE) ID: CVE-2018-1012
BugTraq ID: 103597
http://www.securityfocus.com/bid/103597
Common Vulnerability Exposure (CVE) ID: CVE-2018-1013
BugTraq ID: 103599
http://www.securityfocus.com/bid/103599
Common Vulnerability Exposure (CVE) ID: CVE-2018-1015
BugTraq ID: 103600
http://www.securityfocus.com/bid/103600
Common Vulnerability Exposure (CVE) ID: CVE-2018-1016
BugTraq ID: 103601
http://www.securityfocus.com/bid/103601
Common Vulnerability Exposure (CVE) ID: CVE-2018-1018
BugTraq ID: 103610
http://www.securityfocus.com/bid/103610
Common Vulnerability Exposure (CVE) ID: CVE-2018-1020
BugTraq ID: 103612
http://www.securityfocus.com/bid/103612
Common Vulnerability Exposure (CVE) ID: CVE-2018-0996
BugTraq ID: 103602
http://www.securityfocus.com/bid/103602
Common Vulnerability Exposure (CVE) ID: CVE-2018-0997
BugTraq ID: 103618
http://www.securityfocus.com/bid/103618
Common Vulnerability Exposure (CVE) ID: CVE-2018-1000
BugTraq ID: 103603
http://www.securityfocus.com/bid/103603
https://lists.apache.org/thread.html/6c9991dbcb7358e18a46cd113fa0fd7586eaf312b1c7f7d4cdb16fa1@%3Csolr-user.lucene.apache.org%3E
https://lists.apache.org/thread.html/83315d9b28d9010eeeec360f3295105354b8ff30d94e75b5c67c13ac@%3Csolr-user.lucene.apache.org%3E
https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E
Common Vulnerability Exposure (CVE) ID: CVE-2018-1001
BugTraq ID: 103609
http://www.securityfocus.com/bid/103609
CopyrightCopyright (C) 2018 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.