Beschreibung
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, spoof user interface.
Below is a complete list of vulnerabilities:
- An elevation of privilege vulnerability in Windows can be exploited remotely to gain privileges.
- A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
- A remote code execution vulnerability in Jet Database Engine can be exploited remotely via specially crafted file to execute arbitrary code.
- A remote code execution vulnerability in Windows OLE can be exploited remotely via specially crafted file to execute arbitrary code.
- An information disclosure vulnerability in Windows GDI can be exploited remotely via specially crafted document to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Kernel can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows Error Reporting can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Internet Explorer can be exploited remotely via specially crafted content to obtain sensitive information.
- A spoofing vulnerability in Internet Explorer can be exploited remotely via specially crafted website to spoof user interface.
- A remote code execution vulnerability in Remote Desktop Services can be exploited remotely via specially crafted requests to execute arbitrary code.
- A remote code execution vulnerability in GDI+ can be exploited remotely via specially crafted website to execute arbitrary code.
- An elevation of privilege vulnerability in Windows can be exploited remotely via specially crafted application to gain privileges.
- A remote code execution vulnerability in Windows DHCP Server can be exploited remotely via specially crafted packets to execute arbitrary code.
Ursprüngliche Informationshinweise
- CVE-2019-0918
- CVE-2019-0889
- CVE-2019-0885
- CVE-2019-0884
- CVE-2019-0882
- CVE-2019-0881
- CVE-2019-0758
- CVE-2019-0863
- CVE-2019-0890
- CVE-2019-0961
- CVE-2019-0898
- CVE-2019-0899
- CVE-2019-0930
- CVE-2019-0921
- CVE-2019-0708
- CVE-2019-0891
- CVE-2019-0893
- CVE-2019-0902
- CVE-2019-0903
- CVE-2019-0896
- CVE-2019-0895
- CVE-2019-0936
- CVE-2019-0897
- CVE-2019-0900
- CVE-2019-0725
- CVE-2019-0894
- CVE-2019-0901
- ADV190013
Ausnutzung
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Betroffene Produkte
- Microsoft-Internet-Explorer
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-8
- Microsoft-Windows-7
- Microsoft-Windows-Server-2008
- Windows-RT
- Microsoft-Windows-10
- Microsoft-Edge
CVE Liste
- CVE-2019-0921 high
- CVE-2019-0918 critical
- CVE-2019-0884 critical
- CVE-2019-0930 high
- CVE-2019-0895 critical
- CVE-2019-0889 critical
- CVE-2019-0863 critical
- CVE-2019-0758 high
- CVE-2019-0891 critical
- CVE-2019-0936 critical
- CVE-2019-0900 critical
- CVE-2019-0961 high
- CVE-2019-0903 critical
- CVE-2019-0885 critical
- CVE-2019-0894 critical
- CVE-2019-0708 critical
- CVE-2019-0893 critical
- CVE-2019-0902 critical
- CVE-2019-0896 critical
- CVE-2019-0882 high
- CVE-2019-0897 critical
- CVE-2019-0725 critical
- CVE-2019-0901 critical
- CVE-2019-0898 critical
- CVE-2019-0734 critical
- CVE-2019-0890 critical
- CVE-2019-0881 critical
- CVE-2019-0899 critical
KB Liste
Mehr erfahren
Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com
Sie haben einen Fehler in der Beschreibung der Schwachstelle gefunden? Mitteilen!