Описание
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges, execute arbitrary code, cause denial of service.
Below is a complete list of vulnerabilities:
- An information disclosure vulnerability in Windows Internet Storage Name Service (iSNS) Server can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Microsoft PostScript Printer Driver can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Windows iSCSI Discovery Service can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Microsoft Protected Extensible Authentication Protocol (PEAP) can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Kerberos can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Microsoft PostScript Printer Driver can be exploited remotely to obtain sensitive information.
- A denial of service vulnerability in Windows Active Directory Domain Services API can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Windows MSHTML Platform can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
- A denial of service vulnerability in Microsoft Protected Extensible Authentication Protocol (PEAP) can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in NT OS Kernel can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows Distributed File System (DFS) can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Windows Fax Service can be exploited remotely to execute arbitrary code.
- A denial of service vulnerability in Windows iSCSI Discovery Service can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Microsoft WDAC OLE DB provider for SQL Server can be exploited remotely to execute arbitrary code.
- A denial of service vulnerability in Windows Secure Channel can be exploited remotely to cause denial of service.
- A denial of service vulnerability in Windows iSCSI Service can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Windows Media can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Microsoft ODBC Driver can be exploited remotely to execute arbitrary code.
- An information disclosure vulnerability in Microsoft Protected Extensible Authentication Protocol (PEAP) can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Microsoft SQL Server can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Microsoft SQL ODBC Driver can be exploited remotely to execute arbitrary code.
Первичный источник обнаружения
- CVE-2023-21699
CVE-2023-21800
CVE-2023-21801
CVE-2023-21803
CVE-2023-21823
CVE-2023-21689
CVE-2023-21690
CVE-2023-21817
CVE-2023-21693
CVE-2023-21816
CVE-2023-21805
CVE-2023-21812
CVE-2023-21701
CVE-2023-21688
CVE-2023-21822
CVE-2023-21820
CVE-2023-21695
CVE-2023-21694
CVE-2023-21700
CVE-2023-21685
CVE-2023-21799
CVE-2023-21818
CVE-2023-21697
CVE-2023-21811
CVE-2023-21684
CVE-2023-21692
CVE-2023-21702
CVE-2023-23376
CVE-2023-21686
CVE-2023-21802
CVE-2023-21797
CVE-2023-21813
CVE-2023-21798
CVE-2023-21691
CVE-2023-21705
CVE-2023-21528
CVE-2023-21713
CVE-2023-21718
CVE-2023-21804
Эксплуатация
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Связанные продукты
- Microsoft-SQL-Server
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-Server-2008
Список CVE
- CVE-2023-21699 high
- CVE-2023-21800 critical
- CVE-2023-21801 critical
- CVE-2023-21803 critical
- CVE-2023-21823 critical
- CVE-2023-21689 critical
- CVE-2023-21690 critical
- CVE-2023-21817 critical
- CVE-2023-21693 high
- CVE-2023-21816 critical
- CVE-2023-21805 critical
- CVE-2023-21812 critical
- CVE-2023-21701 critical
- CVE-2023-21688 critical
- CVE-2023-21822 critical
- CVE-2023-21820 high
- CVE-2023-21695 critical
- CVE-2023-21694 high
- CVE-2023-21700 critical
- CVE-2023-21685 critical
- CVE-2023-21799 critical
- CVE-2023-21818 critical
- CVE-2023-21697 high
- CVE-2023-21811 critical
- CVE-2023-21684 critical
- CVE-2023-21692 critical
- CVE-2023-21702 critical
- CVE-2023-23376 critical
- CVE-2023-21686 critical
- CVE-2023-21802 critical
- CVE-2023-21797 critical
- CVE-2023-21813 critical
- CVE-2023-21798 critical
- CVE-2023-21691 critical
- CVE-2023-21528 critical
- CVE-2023-21713 critical
- CVE-2023-21718 critical
- CVE-2023-21705 critical
- CVE-2023-21804 critical
Список KB
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!