English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.815834
Category:Windows : Microsoft Bulletins
Title:Microsoft Windows Multiple Vulnerabilities (KB4525232)
Summary:This host is missing a critical security; update according to Microsoft KB4525232
Description:Summary:
This host is missing a critical security
update according to Microsoft KB4525232

Vulnerability Insight:
Multiple flaws exist due to:

- Microsoft Hyper-V Network Switch on a host server fails to properly
validate input from a privileged user on a guest operating system.

- Windows Installer improperly handles certain filesystem operations.

- Windows Universal Plug and Play (UPnP) service improperly allows COM
object creation.

- Windows Jet Database Engine improperly handles objects in memory.

- Windows Graphics Component improperly handles objects in memory.

- Scripting engine improperly handles objects in memory in Internet Explorer.

- Windows Netlogon improperly handles a secure communications channel.

- Windows Win32k component fails to properly handle objects in memory.

Please see the references for more information about the vulnerabilities.

Vulnerability Impact:
Successful exploitation will allow an attacker
to crash the host server, execute code with elevated permissions, bypass security
restrictions, and disclose sensitive information to further compromise the user's
system.

Affected Software/OS:
- Microsoft Windows 10 for 32-bit Systems

- Microsoft Windows 10 for x64-based Systems

Solution:
The vendor has released updates. Please see
the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-12207
Bugtraq: 20200114 [SECURITY] [DSA 4602-1] xen security update (Google Search)
https://seclists.org/bugtraq/2020/Jan/21
https://support.f5.com/csp/article/K17269881?utm_source=f5support&utm_medium=RSS
Debian Security Information: DSA-4602 (Google Search)
https://www.debian.org/security/2020/dsa-4602
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/
https://security.gentoo.org/glsa/202003-56
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html
https://www.oracle.com/security-alerts/cpujul2020.html
RedHat Security Advisories: RHSA-2019:3916
https://access.redhat.com/errata/RHSA-2019:3916
RedHat Security Advisories: RHSA-2019:3936
https://access.redhat.com/errata/RHSA-2019:3936
RedHat Security Advisories: RHSA-2019:3941
https://access.redhat.com/errata/RHSA-2019:3941
RedHat Security Advisories: RHSA-2020:0026
https://access.redhat.com/errata/RHSA-2020:0026
RedHat Security Advisories: RHSA-2020:0028
https://access.redhat.com/errata/RHSA-2020:0028
RedHat Security Advisories: RHSA-2020:0204
https://access.redhat.com/errata/RHSA-2020:0204
SuSE Security Announcement: openSUSE-SU-2019:2710 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html
https://usn.ubuntu.com/4186-2/
Common Vulnerability Exposure (CVE) ID: CVE-2019-0712
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0712
Common Vulnerability Exposure (CVE) ID: CVE-2019-0719
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0719
Common Vulnerability Exposure (CVE) ID: CVE-2019-11135
Bugtraq: 20191118 [slackware-security] Slackware 14.2 kernel (SSA:2019-320-01) (Google Search)
https://seclists.org/bugtraq/2019/Nov/26
Bugtraq: 20191216 [SECURITY] [DSA 4565-2] intel-microcode security update (Google Search)
https://seclists.org/bugtraq/2019/Dec/28
https://kc.mcafee.com/corporate/index?page=content&id=SB10306
https://support.f5.com/csp/article/K02912734?utm_source=f5support&utm_medium=RSS
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03968en_us
http://packetstormsecurity.com/files/155375/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00270.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://lists.debian.org/debian-lts-announce/2019/12/msg00035.html
http://www.openwall.com/lists/oss-security/2019/12/10/3
http://www.openwall.com/lists/oss-security/2019/12/10/4
http://www.openwall.com/lists/oss-security/2019/12/11/1
RedHat Security Advisories: RHSA-2020:0279
https://access.redhat.com/errata/RHSA-2020:0279
RedHat Security Advisories: RHSA-2020:0366
https://access.redhat.com/errata/RHSA-2020:0366
RedHat Security Advisories: RHSA-2020:0555
https://access.redhat.com/errata/RHSA-2020:0555
RedHat Security Advisories: RHSA-2020:0666
https://access.redhat.com/errata/RHSA-2020:0666
RedHat Security Advisories: RHSA-2020:0730
https://access.redhat.com/errata/RHSA-2020:0730
SuSE Security Announcement: openSUSE-SU-2019:2527 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00046.html
SuSE Security Announcement: openSUSE-SU-2019:2528 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.html
Common Vulnerability Exposure (CVE) ID: CVE-2019-1380
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1380
https://www.zerodayinitiative.com/advisories/ZDI-19-987/
Common Vulnerability Exposure (CVE) ID: CVE-2019-1381
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1381
Common Vulnerability Exposure (CVE) ID: CVE-2019-1382
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1382
Common Vulnerability Exposure (CVE) ID: CVE-2019-1383
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1383
Common Vulnerability Exposure (CVE) ID: CVE-2019-1384
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1384
Common Vulnerability Exposure (CVE) ID: CVE-2019-1388
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1388
https://www.zerodayinitiative.com/advisories/ZDI-19-975/
Common Vulnerability Exposure (CVE) ID: CVE-2019-1389
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1389
Common Vulnerability Exposure (CVE) ID: CVE-2019-1390
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1390
Common Vulnerability Exposure (CVE) ID: CVE-2019-1391
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1391
Common Vulnerability Exposure (CVE) ID: CVE-2019-1392
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1392
Common Vulnerability Exposure (CVE) ID: CVE-2019-1393
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1393
https://www.zerodayinitiative.com/advisories/ZDI-19-983/
Common Vulnerability Exposure (CVE) ID: CVE-2019-1394
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1394
https://www.zerodayinitiative.com/advisories/ZDI-19-984/
Common Vulnerability Exposure (CVE) ID: CVE-2019-1395
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1395
https://www.zerodayinitiative.com/advisories/ZDI-19-981/
Common Vulnerability Exposure (CVE) ID: CVE-2019-1396
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1396
https://www.zerodayinitiative.com/advisories/ZDI-19-982/
Common Vulnerability Exposure (CVE) ID: CVE-2019-1397
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1397
Common Vulnerability Exposure (CVE) ID: CVE-2019-1405
http://packetstormsecurity.com/files/155723/Microsoft-UPnP-Local-Privilege-Elevation.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1405
Common Vulnerability Exposure (CVE) ID: CVE-2019-1406
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1406
Common Vulnerability Exposure (CVE) ID: CVE-2019-1407
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1407
Common Vulnerability Exposure (CVE) ID: CVE-2019-1408
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1408
https://www.zerodayinitiative.com/advisories/ZDI-19-1016/
https://www.zerodayinitiative.com/advisories/ZDI-19-976/
Common Vulnerability Exposure (CVE) ID: CVE-2019-1409
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1409
Common Vulnerability Exposure (CVE) ID: CVE-2019-1411
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1411
https://www.zerodayinitiative.com/advisories/ZDI-19-973/
Common Vulnerability Exposure (CVE) ID: CVE-2019-1415
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1415
Common Vulnerability Exposure (CVE) ID: CVE-2019-1417
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1417
Common Vulnerability Exposure (CVE) ID: CVE-2019-1418
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1418
Common Vulnerability Exposure (CVE) ID: CVE-2019-1419
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1419
https://www.zerodayinitiative.com/advisories/ZDI-19-977/
Common Vulnerability Exposure (CVE) ID: CVE-2019-1420
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1420
Common Vulnerability Exposure (CVE) ID: CVE-2019-1422
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1422
https://www.zerodayinitiative.com/advisories/ZDI-19-972/
Common Vulnerability Exposure (CVE) ID: CVE-2019-1424
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1424
Common Vulnerability Exposure (CVE) ID: CVE-2019-1426
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1426
Common Vulnerability Exposure (CVE) ID: CVE-2019-1429
http://packetstormsecurity.com/files/155433/Microsoft-Internet-Explorer-Use-After-Free.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1429
Common Vulnerability Exposure (CVE) ID: CVE-2019-1433
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1433
Common Vulnerability Exposure (CVE) ID: CVE-2019-1434
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1434
Common Vulnerability Exposure (CVE) ID: CVE-2019-1435
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1435
Common Vulnerability Exposure (CVE) ID: CVE-2019-1436
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1436
Common Vulnerability Exposure (CVE) ID: CVE-2019-1438
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1438
Common Vulnerability Exposure (CVE) ID: CVE-2019-1439
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1439
Common Vulnerability Exposure (CVE) ID: CVE-2019-1456
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1456
https://www.zerodayinitiative.com/advisories/ZDI-19-986/
CopyrightCopyright (C) 2019 Greenbone Networks GmbH

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.