Описание
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, gain privileges, spoof user interface.
Below is a complete list of vulnerabilities:
- A remote code execution vulnerability in Microsoft WDAC OLE DB provider for SQL Server can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Windows Pragmatic General Multicast (PGM) can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Microsoft ActiveX Data Objects can be exploited remotely to execute arbitrary code.
- An information disclosure vulnerability in Windows Kernel can be exploited remotely to obtain sensitive information.
- A DNSSEC verification vulnerability can be exploited remotely to cause denial of service.
- A denial of service vulnerability in Internet Connection Sharing (ICS) can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Microsoft Message Queuing (MSMQ) can be exploited remotely to gain privileges.
- A spoofing vulnerability in Windows Printing Service can be exploited remotely to spoof user interface.
- A denial of service vulnerability in Windows Network Address Translation (NAT) can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows DNS can be exploited remotely to obtain sensitive information.
- A denial of service vulnerability in Windows Lightweight Directory Access Protocol (LDAP) can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Windows OLE can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Microsoft ODBC Driver can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Microsoft Message Queuing (MSMQ) can be exploited remotely to execute arbitrary code.
Первичный источник обнаружения
- CVE-2024-21365
CVE-2024-21359
CVE-2024-21368
CVE-2024-21367
CVE-2024-21349
CVE-2024-21340
CVE-2023-50387
CVE-2024-21348
CVE-2024-21360
CVE-2024-21370
CVE-2024-21405
CVE-2024-21355
CVE-2024-21420
CVE-2024-21358
CVE-2024-21361
CVE-2024-21369
CVE-2024-21406
CVE-2024-21350
CVE-2024-21344
CVE-2024-21371
CVE-2024-21377
CVE-2024-21354
CVE-2024-21356
CVE-2024-21391
CVE-2024-21372
CVE-2024-21343
CVE-2024-21352
CVE-2024-21375
CVE-2024-21347
CVE-2024-21366
CVE-2024-21363
CVE-2024-21357
Эксплуатация
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Связанные продукты
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-Server-2008
Список CVE
- CVE-2024-21365 critical
- CVE-2024-21357 critical
- CVE-2024-21359 critical
- CVE-2024-21368 critical
- CVE-2024-21367 critical
- CVE-2024-21349 critical
- CVE-2024-21340 warning
- CVE-2023-50387 critical
- CVE-2024-21348 critical
- CVE-2024-21360 critical
- CVE-2024-21370 critical
- CVE-2024-21405 high
- CVE-2024-21355 high
- CVE-2024-21420 critical
- CVE-2024-21358 critical
- CVE-2024-21361 critical
- CVE-2024-21369 critical
- CVE-2024-21406 critical
- CVE-2024-21350 critical
- CVE-2024-21344 high
- CVE-2024-21371 high
- CVE-2024-21377 high
- CVE-2024-21354 critical
- CVE-2024-21356 high
- CVE-2024-21391 critical
- CVE-2024-21372 critical
- CVE-2024-21343 high
- CVE-2024-21352 critical
- CVE-2024-21375 critical
- CVE-2024-21347 critical
- CVE-2024-21366 critical
- CVE-2024-21363 critical
Список KB
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!