Kaspersky ID:
KLA11855
Дата обнаружения:
14/11/2017
Обновлено:
22/01/2024

Описание

Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, cause denial of service.

Below is a complete list of vulnerabilities:

  1. An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
  2. A memory corruption vulnerability in Internet Explorer can be exploited remotely via specially crafted website to execute arbitrary code.
  3. An information disclosure vulnerability in Windows EOT Font Engine can be exploited remotely via specially crafted embedded to obtain sensitive information.
  4. An information disclosure vulnerability in Scripting Engine can be exploited remotely via specially crafted content to obtain sensitive information.
  5. An information disclosure vulnerability in Windows GDI can be exploited remotely via specially crafted application to obtain sensitive information.
  6. An information disclosure vulnerability in Internet Explorer can be exploited remotely via specially crafted website to obtain sensitive information.
  7. A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
  8. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely via specially crafted application to gain privileges.
  9. A denial of service vulnerability in Windows Search can be exploited remotely via specially crafted messages to cause denial of service.
  10. An information disclosure vulnerability in Windows Media Player can be exploited remotely via specially crafted application to obtain sensitive information.

Первичный источник обнаружения

Эксплуатация

Public exploits exist for this vulnerability.

Связанные продукты

Список CVE

  • CVE-2017-11768
    warning
  • CVE-2017-11788
    warning
  • CVE-2017-11831
    warning
  • CVE-2017-11832
    warning
  • CVE-2017-11835
    warning
  • CVE-2017-11847
    critical
  • CVE-2017-11849
    warning
  • CVE-2017-11851
    warning
  • CVE-2017-11852
    warning
  • CVE-2017-11853
    warning
  • CVE-2017-11880
    warning
  • CVE-2017-11791
    warning
  • CVE-2017-11834
    warning
  • CVE-2017-11843
    critical
  • CVE-2017-11846
    critical
  • CVE-2017-11848
    warning
  • CVE-2017-11855
    critical
  • CVE-2017-11858
    critical
  • CVE-2017-11869
    critical

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Kaspersky IT Security Calculator:
Оцените ваш профиль кибербезопасности
Узнать больше
Встречай новый Kaspersky!
Каждая минута твоей онлайн-жизни заслуживает топовой защиты.
Узнать больше
Confirm changes?
Your message has been sent successfully.