Multiple vulnerabilities in Microsoft Windows

Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, cause denial of service.

Below is a complete list of vulnerabilities:

1. An information disclosure vulnerability in Windows Internet Storage Name Service (iSNS) Server can be exploited remotely to obtain sensitive information.
2. A remote code execution vulnerability in Microsoft PostScript Printer Driver can be exploited remotely to execute arbitrary code.
3. A remote code execution vulnerability in Windows iSCSI Discovery Service can be exploited remotely to execute arbitrary code.
4. A remote code execution vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
5. A remote code execution vulnerability in Microsoft Protected Extensible Authentication Protocol (PEAP) can be exploited remotely to execute arbitrary code.
6. An elevation of privilege vulnerability in Windows Kerberos can be exploited remotely to gain privileges.
7. An information disclosure vulnerability in Microsoft PostScript Printer Driver can be exploited remotely to obtain sensitive information.
8. A denial of service vulnerability in Windows Active Directory Domain Services API can be exploited remotely to cause denial of service.
9. A remote code execution vulnerability in Windows MSHTML Platform can be exploited remotely to execute arbitrary code.
10. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
11. A denial of service vulnerability in Microsoft Protected Extensible Authentication Protocol (PEAP) can be exploited remotely to cause denial of service.
12. An elevation of privilege vulnerability in NT OS Kernel can be exploited remotely to gain privileges.
13. An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
14. A remote code execution vulnerability in Windows Distributed File System (DFS) can be exploited remotely to execute arbitrary code.
15. A remote code execution vulnerability in Windows Fax Service can be exploited remotely to execute arbitrary code.
16. A denial of service vulnerability in Windows iSCSI Discovery Service can be exploited remotely to cause denial of service.
17. A remote code execution vulnerability in Microsoft WDAC OLE DB provider for SQL Server can be exploited remotely to execute arbitrary code.
18. A denial of service vulnerability in Windows Secure Channel can be exploited remotely to cause denial of service.
19. A denial of service vulnerability in Windows iSCSI Service can be exploited remotely to cause denial of service.
20. A remote code execution vulnerability in Windows Media can be exploited remotely to execute arbitrary code.
21. A remote code execution vulnerability in Microsoft ODBC Driver can be exploited remotely to execute arbitrary code.
22. An information disclosure vulnerability in Microsoft Protected Extensible Authentication Protocol (PEAP) can be exploited remotely to obtain sensitive information.
23. An information disclosure vulnerability in HTTP.sys can be exploited remotely to obtain sensitive information.

Первичный источник обнаружения

• CVE-2023-21699
  CVE-2023-21804
  CVE-2023-21801
  CVE-2023-21803
  CVE-2023-21823
  CVE-2023-21689
  CVE-2023-21690
  CVE-2023-21817
  CVE-2023-21693
  CVE-2023-21816
  CVE-2023-21805
  CVE-2023-21819
  CVE-2023-21812
  CVE-2023-21701
  CVE-2023-21688
  CVE-2023-21822
  CVE-2023-21820
  CVE-2023-21687
  CVE-2023-21694
  CVE-2023-21695
  CVE-2023-21700
  CVE-2023-21685
  CVE-2023-21799
  CVE-2023-21818
  CVE-2023-21697
  CVE-2023-21811
  CVE-2023-21684
  CVE-2023-21692
  CVE-2023-21702
  CVE-2023-23376
  CVE-2023-21686
  CVE-2023-21802
  CVE-2023-21797
  CVE-2023-21813
  CVE-2023-21798
  CVE-2023-21691
  

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-10
• Microsoft-Windows-Server-2016
• Microsoft-Windows-Server-2019
• Microsoft-Windows-11

Список CVE

• CVE-2023-21699
  high
• CVE-2023-21801
  high
• CVE-2023-21803
  critical
• CVE-2023-21823
  high
• CVE-2023-21689
  critical
• CVE-2023-21690
  critical
• CVE-2023-21817
  high
• CVE-2023-21693
  high
• CVE-2023-21816
  high
• CVE-2023-21805
  high
• CVE-2023-21812
  high
• CVE-2023-21701
  high
• CVE-2023-21688
  high
• CVE-2023-21822
  high
• CVE-2023-21820
  high
• CVE-2023-21695
  high
• CVE-2023-21694
  high
• CVE-2023-21700
  high
• CVE-2023-21685
  high
• CVE-2023-21799
  high
• CVE-2023-21818
  high
• CVE-2023-21697
  high
• CVE-2023-21811
  high
• CVE-2023-21684
  high
• CVE-2023-21692
  critical
• CVE-2023-21702
  high
• CVE-2023-23376
  high
• CVE-2023-21686
  high
• CVE-2023-21802
  high
• CVE-2023-21797
  high
• CVE-2023-21813
  high
• CVE-2023-21798
  high
• CVE-2023-21691
  high
• CVE-2023-21804
  high
• CVE-2023-21819
  high
• CVE-2023-21687
  high

Список KB

• 5022836
• 5022840
• 5022842
• 5022838
• 5022845
• 5022858
• 5022834
• 5022921

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com