Описание
Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, obtain sensitive information, gain privileges.
Below is a complete list of vulnerabilities:
- Unspecified Microsoft Server Block Message can be exploited remotely via specially crafted requests to cause denial of service.
- A remote code execution vulnerability in Windows SMB can be exploited remotely via specially crafted packet to execute arbitrary code.
- An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
- A remote code execution vulnerability in Microsoft Graphics can be exploited remotely via specially crafted embedded to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Kernel can be exploited remotely via specially crafted application to gain privileges.
- A memory corruption vulnerability in Internet Explorer can be exploited remotely via specially crafted website to execute arbitrary code.
- A remote code execution vulnerability in Microsoft JET Database Engine can be exploited remotely via specially crafted to execute arbitrary code.
- An information disclosure vulnerability in Internet Explorer can be exploited remotely via specially crafted content to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely via specially crafted application to gain privileges.
- A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
- An information disclosure vulnerability in Microsoft Search can be exploited remotely via specially crafted messages to obtain sensitive information.
- A remote code execution vulnerability in Windows Search can be exploited remotely via specially crafted messages to execute arbitrary code.
- A remote code execution vulnerability in Windows Shell can be exploited remotely via specially crafted content to execute arbitrary code.
- An information disclosure vulnerability in Windows GDI can be exploited remotely via specially crafted application to obtain sensitive information.
- An information disclosure vulnerability in Windows SMB can be exploited remotely to obtain sensitive information.
Первичный источник обнаружения
- CVE-2017-11781
CVE-2017-11780
CVE-2017-11785
CVE-2017-11784
CVE-2017-11765
CVE-2017-11763
CVE-2017-11762
CVE-2017-8694
CVE-2017-11822
CVE-2017-8717
CVE-2017-11790
CVE-2017-11824
CVE-2017-11793
CVE-2017-8718
CVE-2017-8727
CVE-2017-11772
CVE-2017-11771
CVE-2017-11819
CVE-2017-8689
CVE-2017-11810
CVE-2017-11817
CVE-2017-11816
CVE-2017-11815
CVE-2017-11814
Эксплуатация
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Связанные продукты
- Microsoft-Internet-Explorer
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-8
- Microsoft-Windows-7
- Microsoft-Windows-Server-2008
- Windows-RT
- Microsoft-Windows-10
Список CVE
- CVE-2017-11762 critical
- CVE-2017-11763 critical
- CVE-2017-11765 high
- CVE-2017-11771 critical
- CVE-2017-11772 critical
- CVE-2017-11780 high
- CVE-2017-11781 critical
- CVE-2017-11784 high
- CVE-2017-11785 high
- CVE-2017-11814 high
- CVE-2017-11815 high
- CVE-2017-11816 high
- CVE-2017-11817 warning
- CVE-2017-11819 critical
- CVE-2017-11824 high
- CVE-2017-8689 high
- CVE-2017-8694 high
- CVE-2017-8717 critical
- CVE-2017-8718 critical
- CVE-2017-8727 critical
- CVE-2017-11810 critical
- CVE-2017-11790 warning
- CVE-2017-11793 critical
- CVE-2017-11822 critical
Список KB
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!