Description
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, obtain sensitive information.
Below is a complete list of vulnerabilities:
- An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Internet Control Message Protocol (ICMP) can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Remote Procedure Call Runtime can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Point-to-Point Protocol over Ethernet (PPPoE) can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows Point-to-Point Protocol over Ethernet (PPPoE) can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows HTTP.sys can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows Media can be exploited remotely to execute arbitrary code.
- A denial of service vulnerability in Windows Secure Channel can be exploited remotely to cause denial of service.
- An information disclosure vulnerability in Client Server Run-Time Subsystem (CSRSS) can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Microsoft PostScript and PCL6 Class Printer Driver can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Windows Cryptographic Services can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Windows DNS Server can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Microsoft PostScript and PCL6 Class Printer Driver can be exploited remotely to execute arbitrary code.
- A denial of service vulnerability in Windows Internet Key Exchange (IKE) Extension can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Windows Accounts Picture can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Microsoft PostScript and PCL6 Class Printer Driver can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows Point-to-Point Tunneling Protocol can be exploited remotely to execute arbitrary code.
Fiches de renseignement originales
- CVE-2023-23401
- CVE-2023-23423
- CVE-2023-23405
- CVE-2023-24910
- CVE-2023-23421
- CVE-2023-23422
- CVE-2023-23415
- CVE-2023-21708
- CVE-2023-23420
- CVE-2023-24862
- CVE-2023-23385
- CVE-2023-23409
- CVE-2023-24908
- CVE-2023-24869
- CVE-2023-23394
- CVE-2023-23414
- CVE-2023-23410
- CVE-2023-23402
- CVE-2023-23407
- CVE-2023-24906
- CVE-2023-24858
- CVE-2023-23416
- CVE-2023-23400
- CVE-2023-23403
- CVE-2023-24856
- CVE-2023-24870
- CVE-2023-24867
- CVE-2023-23406
- CVE-2023-24863
- CVE-2023-24859
- CVE-2023-24911
- CVE-2023-23412
- CVE-2023-24913
- CVE-2023-24864
- CVE-2023-23404
- CVE-2023-24865
- CVE-2023-24872
- CVE-2023-24866
- CVE-2023-24868
- CVE-2023-23413
- CVE-2023-24909
- CVE-2023-24907
- CVE-2023-24876
- CVE-2023-24857
Exploitation
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Produits associés
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-Server-2008
Liste CVE
- CVE-2023-24861 high
- CVE-2023-23400 high
- CVE-2023-23423 critical
- CVE-2023-24910 critical
- CVE-2023-24868 critical
- CVE-2023-24858 critical
- CVE-2023-23413 critical
- CVE-2023-24907 critical
- CVE-2023-23422 critical
- CVE-2023-24870 high
- CVE-2023-23415 critical
- CVE-2023-21708 critical
- CVE-2023-24865 high
- CVE-2023-23385 high
- CVE-2023-24913 critical
- CVE-2023-24866 high
- CVE-2023-23414 high
- CVE-2023-23421 critical
- CVE-2023-23410 critical
- CVE-2023-23407 high
- CVE-2023-23403 critical
- CVE-2023-23406 critical
- CVE-2023-23401 critical
- CVE-2023-24859 critical
- CVE-2023-24911 warning
- CVE-2023-24867 critical
- CVE-2023-24909 critical
- CVE-2023-23405 critical
- CVE-2023-23404 critical
- CVE-2023-24856 critical
- CVE-2023-24876 critical
- CVE-2023-23412 critical
- CVE-2023-24863 high
- CVE-2023-24872 critical
- CVE-2023-24862 high
- CVE-2023-23420 critical
- CVE-2023-23409 high
- CVE-2023-24908 critical
- CVE-2023-24869 critical
- CVE-2023-23416 critical
- CVE-2023-23394 high
- CVE-2023-24857 high
- CVE-2023-23402 critical
- CVE-2023-24906 high
- CVE-2023-24864 critical
Liste KB
En savoir plus
Découvrez les statistiques de la propagation des vulnérabilités dans votre région statistics.securelist.com
Vous avez trouvé une inexactitude dans la description de cette vulnérabilité ? Faites-le nous savoir !