Descripción
Multiple vulnerabilities were found in Microsoft Products (Extended support Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges.
Below is a complete list of vulnerabilities:
- A remote code execution vulnerability in Windows SMB can be exploited remotely via specially crafted packet to execute arbitrary code.
- A remote code execution vulnerability in GDI+ can be exploited remotely via specially crafted website to execute arbitrary code.
- An information disclosure vulnerability in Windows GDI can be exploited remotely via specially crafted document to obtain sensitive information.
- An information disclosure vulnerability in Windows Hyper-V can be exploited remotely via specially crafted application to obtain sensitive information.
- An information disclosure vulnerability in Windows can be exploited remotely via specially crafted application to obtain sensitive information.
- A remote code execution vulnerability in Microsoft Office Access Connectivity Engine can be exploited remotely via specially crafted file to execute arbitrary code.
- A remote code execution vulnerability in Jet Database Engine can be exploited remotely via specially crafted file to execute arbitrary code.
- A remote code execution vulnerability in Windows DHCP Server can be exploited remotely via specially crafted packets to execute arbitrary code.
- An elevation of privilege vulnerability in Win32k can be exploited remotely via specially crafted application to gain privileges.
- An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
- An information disclosure vulnerability in HID can be exploited remotely via specially crafted application to obtain sensitive information.
- An information disclosure vulnerability in Win32k can be exploited remotely via specially crafted application to obtain sensitive information.
Notas informativas originales
- CVE-2019-0618
- CVE-2019-0619
- CVE-2019-0635
- CVE-2019-0636
- CVE-2019-0674
- CVE-2019-0616
- CVE-2019-0671
- CVE-2019-0615
- CVE-2019-0599
- CVE-2019-0598
- CVE-2019-0595
- CVE-2019-0597
- CVE-2019-0596
- CVE-2019-0626
- CVE-2019-0625
- CVE-2019-0623
- CVE-2019-0621
- CVE-2019-0601
- CVE-2019-0600
- CVE-2019-0602
- CVE-2019-0628
- CVE-2019-0663
- CVE-2019-0662
- CVE-2019-0661
- CVE-2019-0660
- CVE-2019-0664
- CVE-2019-0673
- ADV190006
Explotación
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Productos relacionados
- Microsoft-Office
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-8
- Microsoft-Windows-7
- Microsoft-Windows-Server-2008
- Windows-RT
- Microsoft-Windows-10
Lista CVE
- CVE-2019-0673 critical
- CVE-2019-0674 critical
- CVE-2019-0671 critical
- CVE-2019-0636 high
- CVE-2019-0623 critical
- CVE-2019-0661 high
- CVE-2019-0599 critical
- CVE-2019-0595 critical
- CVE-2019-0664 high
- CVE-2019-0615 high
- CVE-2019-0600 warning
- CVE-2019-0619 high
- CVE-2019-0660 high
- CVE-2019-0616 high
- CVE-2019-0626 critical
- CVE-2019-0618 critical
- CVE-2019-0625 critical
- CVE-2019-0628 high
- CVE-2019-0602 high
- CVE-2019-0601 warning
- CVE-2019-0621 high
- CVE-2019-0635 high
- CVE-2019-0597 critical
- CVE-2019-0596 critical
- CVE-2019-0630 critical
- CVE-2019-0598 critical
- CVE-2019-0662 critical
- CVE-2019-0663 high
Lista KB
Leer más
Conozca las estadísticas de las vulnerabilidades que se propagan en su región statistics.securelist.com
¿Has encontrado algún error en la descripción de esta vulnerabilidad? ¡Háznoslo saber!