説明
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, spoof user interface.
Below is a complete list of vulnerabilities:
- An elevation of privilege vulnerability in Windows can be exploited remotely to gain privileges.
- A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
- A remote code execution vulnerability in Jet Database Engine can be exploited remotely via specially crafted file to execute arbitrary code.
- A remote code execution vulnerability in Windows OLE can be exploited remotely via specially crafted file to execute arbitrary code.
- An information disclosure vulnerability in Windows GDI can be exploited remotely via specially crafted document to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Kernel can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows Error Reporting can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Internet Explorer can be exploited remotely via specially crafted content to obtain sensitive information.
- A spoofing vulnerability in Internet Explorer can be exploited remotely via specially crafted website to spoof user interface.
- A remote code execution vulnerability in Remote Desktop Services can be exploited remotely via specially crafted requests to execute arbitrary code.
- A remote code execution vulnerability in GDI+ can be exploited remotely via specially crafted website to execute arbitrary code.
- An elevation of privilege vulnerability in Windows can be exploited remotely via specially crafted application to gain privileges.
- A remote code execution vulnerability in Windows DHCP Server can be exploited remotely via specially crafted packets to execute arbitrary code.
オリジナルアドバイザリー
- CVE-2019-0918
- CVE-2019-0889
- CVE-2019-0885
- CVE-2019-0884
- CVE-2019-0882
- CVE-2019-0881
- CVE-2019-0758
- CVE-2019-0863
- CVE-2019-0890
- CVE-2019-0961
- CVE-2019-0898
- CVE-2019-0899
- CVE-2019-0930
- CVE-2019-0921
- CVE-2019-0708
- CVE-2019-0891
- CVE-2019-0893
- CVE-2019-0902
- CVE-2019-0903
- CVE-2019-0896
- CVE-2019-0895
- CVE-2019-0936
- CVE-2019-0897
- CVE-2019-0900
- CVE-2019-0725
- CVE-2019-0894
- CVE-2019-0901
- ADV190013
エクスプロイテーション
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
関連製品
- Microsoft-Internet-Explorer
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-8
- Microsoft-Windows-7
- Microsoft-Windows-Server-2008
- Windows-RT
- Microsoft-Windows-10
- Microsoft-Edge
CVEリスト
- CVE-2019-0921 high
- CVE-2019-0918 critical
- CVE-2019-0884 critical
- CVE-2019-0930 high
- CVE-2019-0895 critical
- CVE-2019-0889 critical
- CVE-2019-0863 critical
- CVE-2019-0758 high
- CVE-2019-0891 critical
- CVE-2019-0936 critical
- CVE-2019-0900 critical
- CVE-2019-0961 high
- CVE-2019-0903 critical
- CVE-2019-0885 critical
- CVE-2019-0894 critical
- CVE-2019-0708 critical
- CVE-2019-0893 critical
- CVE-2019-0902 critical
- CVE-2019-0896 critical
- CVE-2019-0882 high
- CVE-2019-0897 critical
- CVE-2019-0725 critical
- CVE-2019-0901 critical
- CVE-2019-0898 critical
- CVE-2019-0734 critical
- CVE-2019-0890 critical
- CVE-2019-0881 critical
- CVE-2019-0899 critical
KBリスト
も参照してください
お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com
この脆弱性についての記述に不正確な点がありますか? お知らせください!