English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.815438
Category:Windows : Microsoft Bulletins
Title:Microsoft Windows Multiple Vulnerabilities (KB4512506)
Summary:This host is missing a critical security; update according to Microsoft KB4512506.
Description:Summary:
This host is missing a critical security
update according to Microsoft KB4512506.

Vulnerability Insight:
Multiple flaws exist as,

- Microsoft Hyper-V Network Switch on a host server fails to properly validate
input from a privileged user on a guest operating system.

- Windows improperly handles objects in memory.

- VBScript engine improperly handles objects in memory.

- The XmlLite runtime (XmlLite.dll) improperly parses XML input.

- Microsoft browsers improperly handle requests of different origins.

- Windows Server DHCP service improperly process specially crafted packets.

- Bluetooth BR/EDR key negotiation vulnerability that exists at the hardware
specification level of any BR/EDR Bluetooth device.

Please see the references for more information about the vulnerabilities.

Vulnerability Impact:
Successful exploitation will allow
an attacker to crash the host server, execute arbitrary code on the target
system, obtain information that could be used to try to further compromise
the affected system and negotiate the offered key length of bluetooth
connection.

Affected Software/OS:
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1

- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Solution:
The vendor has released updates. Please see
the references for more information.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2019-0714
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0714
Common Vulnerability Exposure (CVE) ID: CVE-2019-0715
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0715
Common Vulnerability Exposure (CVE) ID: CVE-2019-0716
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0716
Common Vulnerability Exposure (CVE) ID: CVE-2019-0720
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0720
Common Vulnerability Exposure (CVE) ID: CVE-2019-0723
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0723
Common Vulnerability Exposure (CVE) ID: CVE-2019-0736
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0736
Common Vulnerability Exposure (CVE) ID: CVE-2019-1057
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1057
Common Vulnerability Exposure (CVE) ID: CVE-2019-1078
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1078
Common Vulnerability Exposure (CVE) ID: CVE-2019-1133
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1133
Common Vulnerability Exposure (CVE) ID: CVE-2019-1143
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1143
Common Vulnerability Exposure (CVE) ID: CVE-2019-1144
http://packetstormsecurity.com/files/154085/Microsoft-Font-Subsetting-DLL-MergeFormat12Cmap-MakeFormat12MergedGlyphList-Double-Free.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1144
Common Vulnerability Exposure (CVE) ID: CVE-2019-1145
http://packetstormsecurity.com/files/154081/Microsoft-Font-Subsetting-DLL-MergeFontPackage-Dangling-Pointer.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1145
Common Vulnerability Exposure (CVE) ID: CVE-2019-1146
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1146
Common Vulnerability Exposure (CVE) ID: CVE-2019-1147
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1147
Common Vulnerability Exposure (CVE) ID: CVE-2019-1148
http://packetstormsecurity.com/files/154084/Microsoft-Font-Subsetting-DLL-GetGlyphId-Out-Of-Bounds-Read.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1148
Common Vulnerability Exposure (CVE) ID: CVE-2019-1149
http://packetstormsecurity.com/files/154086/Microsoft-Font-Subsetting-DLL-FixSbitSubTables-Heap-Corruption.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1149
Common Vulnerability Exposure (CVE) ID: CVE-2019-1150
http://packetstormsecurity.com/files/154087/Microsoft-Font-Subsetting-DLL-ReadTableIntoStructure-Heap-Corruption.html
http://packetstormsecurity.com/files/154093/Microsoft-Font-Subsetting-DLL-WriteTableFromStructure-Out-Of-Bounds-Read.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1150
Common Vulnerability Exposure (CVE) ID: CVE-2019-1151
http://packetstormsecurity.com/files/154092/Microsoft-Font-Subsetting-DLL-ReadAllocFormat12CharGlyphMapList-Heap-Corruption.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1151
Common Vulnerability Exposure (CVE) ID: CVE-2019-1152
http://packetstormsecurity.com/files/154096/Microsoft-Font-Subsetting-DLL-MakeFormat12MergedGlyphList-Heap-Corruption.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1152
Common Vulnerability Exposure (CVE) ID: CVE-2019-1153
http://packetstormsecurity.com/files/154098/Microsoft-Font-Subsetting-DLL-FixSbitSubTableFormat1-Out-Of-Bounds-Read.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1153
Common Vulnerability Exposure (CVE) ID: CVE-2019-1154
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1154
Common Vulnerability Exposure (CVE) ID: CVE-2019-1155
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1155
Common Vulnerability Exposure (CVE) ID: CVE-2019-1156
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1156
Common Vulnerability Exposure (CVE) ID: CVE-2019-1157
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1157
Common Vulnerability Exposure (CVE) ID: CVE-2019-1158
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1158
Common Vulnerability Exposure (CVE) ID: CVE-2019-1159
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1159
Common Vulnerability Exposure (CVE) ID: CVE-2019-1162
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1162
Common Vulnerability Exposure (CVE) ID: CVE-2019-1164
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1164
Common Vulnerability Exposure (CVE) ID: CVE-2019-1168
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1168
Common Vulnerability Exposure (CVE) ID: CVE-2019-1169
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1169
Common Vulnerability Exposure (CVE) ID: CVE-2019-1177
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1177
Common Vulnerability Exposure (CVE) ID: CVE-2019-1178
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1178
Common Vulnerability Exposure (CVE) ID: CVE-2019-1181
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190819-01-windows-en
https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdf
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181
Common Vulnerability Exposure (CVE) ID: CVE-2019-1182
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182
Common Vulnerability Exposure (CVE) ID: CVE-2019-1183
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1183
Common Vulnerability Exposure (CVE) ID: CVE-2019-1187
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1187
Common Vulnerability Exposure (CVE) ID: CVE-2019-1192
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1192
Common Vulnerability Exposure (CVE) ID: CVE-2019-1193
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1193
Common Vulnerability Exposure (CVE) ID: CVE-2019-1194
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1194
Common Vulnerability Exposure (CVE) ID: CVE-2019-1212
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1212
Common Vulnerability Exposure (CVE) ID: CVE-2019-1228
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1228
Common Vulnerability Exposure (CVE) ID: CVE-2019-9506
CERT/CC vulnerability note: VU#918987
https://www.kb.cert.org/vuls/id/918987/
http://seclists.org/fulldisclosure/2019/Aug/11
http://seclists.org/fulldisclosure/2019/Aug/13
http://seclists.org/fulldisclosure/2019/Aug/14
http://seclists.org/fulldisclosure/2019/Aug/15
http://www.cs.ox.ac.uk/publications/publication12404-abstract.html
https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli
https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html
https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html
https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html
RedHat Security Advisories: RHSA-2019:2975
https://access.redhat.com/errata/RHSA-2019:2975
RedHat Security Advisories: RHSA-2019:3055
https://access.redhat.com/errata/RHSA-2019:3055
RedHat Security Advisories: RHSA-2019:3076
https://access.redhat.com/errata/RHSA-2019:3076
RedHat Security Advisories: RHSA-2019:3089
https://access.redhat.com/errata/RHSA-2019:3089
RedHat Security Advisories: RHSA-2019:3165
https://access.redhat.com/errata/RHSA-2019:3165
RedHat Security Advisories: RHSA-2019:3187
https://access.redhat.com/errata/RHSA-2019:3187
RedHat Security Advisories: RHSA-2019:3217
https://access.redhat.com/errata/RHSA-2019:3217
RedHat Security Advisories: RHSA-2019:3218
https://access.redhat.com/errata/RHSA-2019:3218
RedHat Security Advisories: RHSA-2019:3220
https://access.redhat.com/errata/RHSA-2019:3220
RedHat Security Advisories: RHSA-2019:3231
https://access.redhat.com/errata/RHSA-2019:3231
RedHat Security Advisories: RHSA-2019:3309
https://access.redhat.com/errata/RHSA-2019:3309
RedHat Security Advisories: RHSA-2019:3517
https://access.redhat.com/errata/RHSA-2019:3517
RedHat Security Advisories: RHSA-2020:0204
https://access.redhat.com/errata/RHSA-2020:0204
SuSE Security Announcement: openSUSE-SU-2019:2307 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html
SuSE Security Announcement: openSUSE-SU-2019:2308 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html
https://usn.ubuntu.com/4115-1/
https://usn.ubuntu.com/4118-1/
https://usn.ubuntu.com/4147-1/
CopyrightCopyright (C) 2019 Greenbone Networks GmbH

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.