説明
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, cause denial of service.
Below is a complete list of vulnerabilities:
- A remote code execution vulnerability in Windows Remote Desktop Services can be exploited remotely to execute arbitrary code.
- An information disclosure vulnerability in Windows File Explorer can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
- A denial of service vulnerability in Windows Lightweight Directory Access Protocol (LDAP) can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Windows Lightweight Directory Access Protocol (LDAP) can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Input Method Editor (IME) can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Task Scheduler can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Microsoft Message Queuing (MSMQ) can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Remote Desktop Client can be exploited remotely to execute arbitrary code.
- A denial of service vulnerability in Microsoft Message Queuing (MSMQ) can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Windows IP Routing Management Snapin can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Windows Domain Name Service can be exploited remotely to execute arbitrary code.
- A denial of service vulnerability in Windows Remote Desktop Gateway (RD Gateway) can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Lightweight Directory Access Protocol (LDAP) Client can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Windows Local Security Authority Subsystem Service (LSASS) can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
オリジナルアドバイザリー
- CVE-2024-49082
- CVE-2024-49104
- CVE-2024-49090
- CVE-2024-49102
- CVE-2024-49113
- CVE-2024-49089
- CVE-2024-49112
- CVE-2024-49127
- CVE-2024-49079
- CVE-2024-49072
- CVE-2024-49122
- CVE-2024-49105
- CVE-2024-49096
- CVE-2024-49121
- CVE-2024-49080
- CVE-2024-49088
- CVE-2024-49091
- CVE-2024-49129
- CVE-2024-49124
- CVE-2024-49086
- CVE-2024-49138
- CVE-2024-49120
- CVE-2024-49126
- CVE-2024-49125
- CVE-2024-49085
- CVE-2024-49118
- CVE-2024-49084
エクスプロイテーション
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
関連製品
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-Server-2008
CVEリスト
- CVE-2024-49104 critical
- CVE-2024-49090 critical
- CVE-2024-49113 critical
- CVE-2024-49112 critical
- CVE-2024-49127 critical
- CVE-2024-49089 high
- CVE-2024-49079 critical
- CVE-2024-49122 critical
- CVE-2024-49121 critical
- CVE-2024-49129 critical
- CVE-2024-49124 critical
- CVE-2024-49120 critical
- CVE-2024-49126 critical
- CVE-2024-49125 critical
- CVE-2024-49118 critical
- CVE-2024-49102 critical
- CVE-2024-49084 high
- CVE-2024-49128 critical
- CVE-2024-49082 high
- CVE-2024-49072 critical
- CVE-2024-49105 critical
- CVE-2024-49080 critical
- CVE-2024-49088 critical
- CVE-2024-49096 critical
- CVE-2024-49091 high
- CVE-2024-49086 critical
- CVE-2024-49138 critical
- CVE-2024-49085 critical
KBリスト
も参照してください
お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com
この脆弱性についての記述に不正確な点がありますか? お知らせください!