An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.
{"symantec": [{"lastseen": "2021-06-08T19:04:52", "description": "### Description\n\nMicrosoft Windows is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication mechanism and gain unauthorized access. This may lead to further attacks.\n\n### Technologies Affected\n\n * Microsoft .NET Framework 2.0 SP2 \n * Microsoft .NET Framework 3.0 SP2 \n * Microsoft .NET Framework 3.5 \n * Microsoft .NET Framework 3.5.1 \n * Microsoft .NET Framework 4.5.2 \n * Microsoft .NET Framework 4.6 \n * Microsoft .NET Framework 4.6.1 \n * Microsoft .NET Framework 4.6.2 \n * Microsoft .NET Framework 4.7 \n * Microsoft .NET Framework 4.7.1 \n * Microsoft .NET Framework 4.7.2 \n * Microsoft .NET Framework 4.8 \n * Microsoft Microsoft.IdentityModel 7.0.0 \n * Microsoft SharePoint Enterprise Server 2013 Service Pack 1 \n * Microsoft SharePoint Enterprise Server 2016 \n * Microsoft SharePoint Foundation 2010 SP2 \n * Microsoft SharePoint Foundation 2013 SP1 \n * Microsoft SharePoint Server 2019 \n * Microsoft Windows 10 Version 1607 for 32-bit Systems \n * Microsoft Windows 10 Version 1607 for x64-based Systems \n * Microsoft Windows 10 Version 1709 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for 32-bit Systems \n * Microsoft Windows 10 Version 1803 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for x64-based Systems \n * Microsoft Windows 10 Version 1809 for 32-bit Systems \n * Microsoft Windows 10 Version 1809 for ARM64-based Systems \n * Microsoft Windows 10 Version 1809 for x64-based Systems \n * Microsoft Windows 10 Version 1903 for 32-bit Systems \n * Microsoft Windows 10 Version 1903 for ARM64-based Systems \n * Microsoft Windows 10 Version 1903 for x64-based Systems \n * Microsoft Windows 10 for 32-bit Systems \n * Microsoft Windows 10 for x64-based Systems \n * Microsoft Windows 10 version 1703 for 32-bit Systems \n * Microsoft Windows 10 version 1703 for x64-based Systems \n * Microsoft Windows 10 version 1709 for 32-bit Systems \n * Microsoft Windows 10 version 1709 for x64-based Systems \n * Microsoft Windows 7 for 32-bit Systems SP1 \n * Microsoft Windows 7 for x64-based Systems SP1 \n * Microsoft Windows 8.1 for 32-bit Systems \n * Microsoft Windows 8.1 for 64-bit Systems \n * Microsoft Windows RT 8.1 \n * Microsoft Windows Server 1803 \n * Microsoft Windows Server 1903 \n * Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 \n * Microsoft Windows Server 2008 R2 for x64-based Systems SP1 \n * Microsoft Windows Server 2008 for 32-bit Systems SP2 \n * Microsoft Windows Server 2008 for Itanium-based Systems SP2 \n * Microsoft Windows Server 2008 for x64-based Systems SP2 \n * Microsoft Windows Server 2012 \n * Microsoft Windows Server 2012 R2 \n * Microsoft Windows Server 2016 \n * Microsoft Windows Server 2019 \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nIf global access isn't needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of exploits.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2019-07-09T00:00:00", "type": "symantec", "title": "Microsoft Windows WCF/WIF SAML Token CVE-2019-1006 Authentication Bypass Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2019-1006"], "modified": "2019-07-09T00:00:00", "id": "SMNTC-108978", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/108978", "cvss": {"score": 0.0, "vector": "NONE"}}], "mskb": [{"lastseen": "2023-06-23T19:13:24", "description": "None\n## Summary\n\nThis security update resolves an Authentication Bypass vulnerability that allows SAML tokens to be signed by using arbitrary symmetric keys in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF). To learn more about the vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2019-1006](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1006>). \n \n**Note** To apply this security update, you must have the release version of [Service Pack 2 for Microsoft SharePoint Foundation 2010](<https://support.microsoft.com/help/2687464/description-of-sharepoint-foundation-2010-sp2>) installed on the computer.\n\n## How to get and install the update\n\n### Method 1: Microsoft Update\n\nThis update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>).\n\n### Method 2: Microsoft Update Catalog\n\nTo get the standalone package for this update, go to the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/Search.aspx?q=KB4475510>) website.\n\n### Method 3: Microsoft Download Center\n\nYou can get the standalone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.\n\n * [Download security update 4475510 for the 64-bit version of SharePoint Foundation 2010](<http://www.microsoft.com/download/details.aspx?familyid=3820347c-8d04-4e04-9a59-c9c55aaf1e45>)\n\n## More information\n\n### Security update deployment information\n\nFor deployment information about this update, see [security update deployment information: July 9, 2019](<https://support.microsoft.com/help/20190709>).\n\n### Security update replacement information\n\nThis security update replaces previously released security update [4464573](<http://support.microsoft.com/kb/4464573>).\n\n### File hash information\n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nwssloc2010-kb4475510-fullfile-x64-glb.exe| 6DEB5E7AD8EA3ACCE1FD47521FD97D7BE0F1DC46| 913525E726995E358D04B2A00981AC2E3ADE54B04FBACDCF703D643F8CF1DC16 \n \nFile informationDownload the [list of files that are included in security update 4475510](<https://download.microsoft.com/download/6/9/C/69C38AFE-B5D4-491D-A524-E703BE1D6FCF/4475510.csv>).\n\n## How to get help and support for this security update\n\nHelp for installing updates: [Protect yourself online](<https://www.microsoft.com/safety/pc-security/updates.aspx>) \n \nHelp for protecting your Windows-based computer from viruses and malware: [Microsoft Security](<http://support.microsoft.com/contactus/cu_sc_virsec_master>) \n \nLocal support according to your country: [International Support](<https://www.microsoft.com/en-us/locale.aspx>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-07-09T07:00:00", "type": "mskb", "title": "Description of the security update for SharePoint Foundation 2010: July 9, 2019", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1006"], "modified": "2019-07-09T07:00:00", "id": "KB4475510", "href": "https://support.microsoft.com/en-us/help/4475510", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-23T19:13:38", "description": "None\n## Summary\n\nThis security update resolves an Authentication Bypass vulnerability that allows SAML tokens to be signed by using arbitrary symmetric keys in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF). To learn more about the vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2019-1006](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1006>). \n \n**Note** To apply this security update, you must have the release version of [Service Pack 1 for Microsoft SharePoint Foundation 2013](<http://support.microsoft.com/kb/2880551>) installed on the computer.\n\n## Improvements and fixes\n\nThis security update contains the following improvement:\n\n * Makes changes so that the first year of an era in Japanese dates on a timeline view shows as the special Kanji (\u5143) character. The Japanese date format is now consistent between the calendar date picker and the timeline view.\n\n## How to get and install the update\n\n### Method 1: Microsoft Update\n\nThis update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>).\n\n### Method 2: Microsoft Update Catalog\n\nTo get the standalone package for this update, go to the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/Search.aspx?q=KB4475527>) website.\n\n### Method 3: Microsoft Download Center\n\nYou can get the standalone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.\n\n * [Download security update 4475527 for the 64-bit version of SharePoint Foundation 2013](<http://www.microsoft.com/download/details.aspx?familyid=8cbd174c-7d10-427b-9dac-d83591e96db0>)\n\n## More Information\n\n### Security update deployment information\n\nFor deployment information about this update, see [security update deployment information: July 9, 2019](<https://support.microsoft.com/help/20190709>).\n\n### Security update replacement information\n\nThis security update replaces previously released security update [4464602](<http://support.microsoft.com/kb/4464602>).\n\n### File hash information\n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nsts2013-kb4475527-fullfile-x64-glb.exe| FC15EAE0399841931CF4B93FF7F5FB14646C1A78| CEA9F92E2782121D4C1A12E4A7792223773708543B599E67D1B4B85338A5BEB7 \n \nFile informationThe English (United States) version of this software update installs files that have the attributes that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.\n\n## \n\n__\n\nFor all supported x64-based versions of SharePoint Foundation 2013\n\nFile identifier| File name| File version| File size| Date| Time \n---|---|---|---|---|--- \nmicrosoft.cobaltcore.dll| microsoft.cobaltcore.dll| 15.0.4991.1000| 1211112| 12-Jun-19| 06:49 \ncsisrv.dll| csisrv.dll| 15.0.5111.1000| 1417296| 12-Jun-19| 06:50 \ncsisrvexe.exe| csisrvexe.exe| 15.0.5085.1000| 210512| 12-Jun-19| 06:50 \nonfda.dll| onfda.dll| 15.0.5111.1000| 2158368| 12-Jun-19| 06:50 \njsapiextensibilitymanager.debug.js| jsapiextensibilitymanager.debug.js| | 20163| 12-Jun-19| 06:50 \nganttsharepointapishim.generated.debug.js| ganttapishim.generated.debug.js| | 6812| 12-Jun-19| 06:50 \nganttsharedapi.generated.debug.js| ganttsharedapi.generated.debug.js| | 4617| 12-Jun-19| 06:50 \ntimelinesharepointapishim.generated.debug.js| timelineapishim.generated.debug.js| | 1842| 12-Jun-19| 06:50 \ntimelinesharedapi.generated.debug.js| timelinesharedapi.generated.debug.js| | 3420| 12-Jun-19| 06:50 \nmsoidclil.dll| msoidclil.dll| 7.250.4556.0| 1446248| 12-Jun-19| 06:49 \nmsoidclil.dll.x64| msoidclil.dll| 7.250.4556.0| 1446248| 12-Jun-19| 06:49 \nmsoidres.dll| msoidres.dll| 7.250.4556.0| 830864| 12-Jun-19| 06:49 \nmsoidres.dll.x64| msoidres.dll| 7.250.4556.0| 830864| 12-Jun-19| 06:49 \nmsoidclil.dll| msoidclil.dll| 7.250.4556.0| 1220456| 12-Jun-19| 06:49 \nmsoidclil.dll.x86| msoidclil.dll| 7.250.4556.0| 1220456| 12-Jun-19| 06:50 \nmsoidres.dll| msoidres.dll| 7.250.4556.0| 830864| 12-Jun-19| 06:49 \nmsoidres.dll.x86| msoidres.dll| 7.250.4556.0| 830864| 12-Jun-19| 06:50 \ncompat.bro| compat.browser| | 14781| 12-Jun-19| 06:50 \nmicrosoft.naturallanguage.keywordextraction.resources.en.dll| microsoft.naturallanguage.keywordextraction.resources.dll| 15.0.5051.1000| 2752832| 12-Jun-19| 06:49 \ndevdash15.png| devdash15.png| | 699| 15-Jun-19| 05:55 \ndevsitegettingstarted.png| devsitegettingstarted.png| | 4798| 15-Jun-19| 05:55 \ngettingstarted.png| gettingstarted.png| | 4260| 15-Jun-19| 05:55 \ngettingstartedwithappcatalogsite.png| gettingstartedwithappcatalogsite.png| | 1518| 15-Jun-19| 05:55 \nspcommon.png| spcommon.png| | 19434| 15-Jun-19| 05:55 \nspimn.png| spimn.png| | 4248| 15-Jun-19| 05:55 \nspnav.png| spnav.png| | 651| 15-Jun-19| 05:55 \nsproaming.png| sproaming.png| | 8717| 15-Jun-19| 05:55 \nspstorefront.png| spstorefront.png| | 4785| 15-Jun-19| 05:55 \nspstorefrontbkg.png| spstorefrontbkg.png| | 239| 15-Jun-19| 05:55 \nacatrb16.png| stsappcatalogribbon16x16.png| | 475| 15-Jun-19| 05:55 \nacatrb32.png| stsappcatalogribbon32x32.png| | 790| 15-Jun-19| 05:55 \nattach16.png| attach16.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1025| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1026| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1027| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1028| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1029| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1030| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1031| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1032| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1033| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1035| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1036| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1037| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1038| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1040| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1041| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1042| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1043| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1044| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1045| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1046| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1048| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1049| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1050| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1051| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1053| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1054| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1055| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1057| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1058| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1060| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1061| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1062| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1063| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1066| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1069| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1071| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1081| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1086| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1087| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1106| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_1110| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_2052| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_2070| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_2074| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_2108| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_3082| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.112_16_n.png_3098| 112_16_n.16x16x32.png| | 261| 15-Jun-19| 05:55 \nmb_taskhome.png| mb_taskhome.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1025| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1026| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1027| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1028| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1029| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1030| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1031| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1032| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1033| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1035| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1036| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1037| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1038| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1040| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1041| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1042| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1043| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1044| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1045| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1046| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1048| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1049| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1050| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1051| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1053| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1054| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1055| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1057| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1058| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1060| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1061| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1062| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1063| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1066| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1069| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1071| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1081| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1086| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1087| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1106| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_1110| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_2052| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_2070| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_2074| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_2108| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_3082| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nwac.livebooks.notetags.intl.23_16_n.png_3098| 23_16_n.16x16x32.png| | 266| 15-Jun-19| 05:55 \nsz256_icaccdb.png| 256_icaccdb.png| | 3163| 15-Jun-19| 05:55 \nsz256_icdocm.png| 256_icdocm.png| | 4691| 15-Jun-19| 05:55 \nsz256_icdocx.png| 256_icdocx.png| | 3496| 15-Jun-19| 05:55 \nsz256_icdotm.png| 256_icdotm.png| | 4571| 15-Jun-19| 05:55 \nsz256_icdotx.png| 256_icdotx.png| | 3286| 15-Jun-19| 05:55 \nsz256_icmpd.png| 256_icmpd.png| | 2843| 15-Jun-19| 05:55 \nsz256_icmpp.png| 256_icmpp.png| | 2920| 15-Jun-19| 05:55 \nsz256_icmpt.png| 256_icmpt.png| | 2840| 15-Jun-19| 05:55 \nsz256_icnotebk.png| 256_icnotebk.png| | 2801| 15-Jun-19| 05:55 \nsz256_icodp.png| 256_icodp.png| | 4326| 15-Jun-19| 05:55 \nsz256_icods.png| 256_icods.png| | 4778| 15-Jun-19| 05:55 \nsz256_icodt.png| 256_icodt.png| | 4894| 15-Jun-19| 05:55 \nsz256_icone.png| 256_icone.png| | 2553| 15-Jun-19| 05:55 \nsz256_iconp.png| 256_iconp.png| | 2601| 15-Jun-19| 05:55 \nsz256_icont.png| 256_icont.png| | 2801| 15-Jun-19| 05:55 \nsz256_icpotm.png| 256_icpotm.png| | 4812| 15-Jun-19| 05:55 \nsz256_icpotx.png| 256_icpotx.png| | 3571| 15-Jun-19| 05:55 \nsz256_icpps.png| 256_icpps.png| | 4436| 15-Jun-19| 05:55 \nsz256_icppsm.png| 256_icppsm.png| | 5074| 15-Jun-19| 05:55 \nsz256_icppsx.png| 256_icppsx.png| | 3888| 15-Jun-19| 05:55 \nsz256_icpptm.png| 256_icpptm.png| | 4916| 15-Jun-19| 05:55 \nsz256_icpptx.png| 256_icpptx.png| | 3721| 15-Jun-19| 05:55 \nsz256_icpub.png| 256_icpub.png| | 2844| 15-Jun-19| 05:55 \nsz256_icvdx.png| 256_icvdx.png| | 4317| 15-Jun-19| 05:55 \nsz256_icvsx.png| 256_icvsx.png| | 2932| 15-Jun-19| 05:55 \nsz256_icvtx.png| 256_icvtx.png| | 4256| 15-Jun-19| 05:55 \nsz256_icxlsb.png| 256_icxlsb.png| | 3236| 15-Jun-19| 05:55 \nsz256_icxlsm.png| 256_icxlsm.png| | 4694| 15-Jun-19| 05:55 \nsz256_icxltm.png| 256_icxltm.png| | 4561| 15-Jun-19| 05:55 \nsz256_icxltx.png| 256_icxltx.png| | 3227| 15-Jun-19| 05:55 \nsz256_icxsn.png| 256_icxsn.png| | 2466| 15-Jun-19| 05:55 \naddhero.20x20x32.png| addhero.20x20x32.png| | 437| 15-Jun-19| 05:55 \naddimagecamera.11x11x32.png| addimagecamera.11x11x32.png| | 236| 15-Jun-19| 05:55 \naddimagecamera.16x16x32.png| addimagecamera.16x16x32.png| | 289| 15-Jun-19| 05:55 \naddlink.11x11x32.png| addlink.11x11x32.png| | 210| 15-Jun-19| 05:55 \naddlink.16x16x32.png| addlink.16x16x32.png| | 267| 15-Jun-19| 05:55 \naddr_getmap.16x16x32.png| addr_getmap.16x16x32.png| | 603| 15-Jun-19| 05:55 \naddrbook.png| addressbook.png| | 235| 15-Jun-19| 05:55 \naddtasktotimeline.png| addtasktotimeline.png| | 236| 15-Jun-19| 05:54 \npwa.images.addtasktotimeline.png| addtasktotimeline.png| | 236| 15-Jun-19| 05:54 \nannouncements.11x11x32.png| announcements.11x11x32.png| | 320| 15-Jun-19| 05:55 \naskmeaboutupdated.11x11x32.png| askmeaboutupdated.11x11x32.png| | 199| 15-Jun-19| 05:55 \nattractmodefollowstar.128x128x32.png| attractmodefollowstar.128x128x32.png| | 1398| 15-Jun-19| 05:55 \naudiopreview.png| audiopreview.png| | 13196| 15-Jun-19| 05:55 \nbirthday.11x11x32.png| birthday.11x11x32.png| | 156| 15-Jun-19| 05:55 \nblogabout96.png| blogabout96.png| | 1390| 15-Jun-19| 05:55 \ncancelglyph.16x16x32.png| cancelglyph.16x16x32.png| | 183| 15-Jun-19| 05:55 \ncentraladmin_apps.48x48x32.png| centraladmin_apps.48x48x32.png| | 585| 15-Jun-19| 05:55 \ncentraladmin_apps_appmanagement.32x32x32.png| centraladmin_apps_appmanagement.32x32x32.png| | 721| 15-Jun-19| 05:55 \ncentraladmin_apps_marketplace.32x32x32.png| centraladmin_apps_marketplace.32x32x32.png| | 515| 15-Jun-19| 05:55 \ncentraladmin_office365.32x32x24.png| centraladmin_office365.32x32x24.png| | 395| 15-Jun-19| 05:55 \ncentraladmin_office365.48x48x24.png| centraladmin_office365.48x48x24.png| | 546| 15-Jun-19| 05:55 \nchecknames.png| checknames.png| | 379| 15-Jun-19| 05:55 \ncoauth_placeholderneedrefresh.16x16x32.png| coauth_placeholderneedrefresh.16x16x32.png| | 283| 15-Jun-19| 05:55 \ncoauth_placeholderneedrefresh.24x24x32.png| coauth_placeholderneedrefresh.24x24x32.png| | 378| 15-Jun-19| 05:55 \ncommentcollapse12.png| commentcollapse12.png| | 164| 15-Jun-19| 05:55 \ncommentcollapse12rtl.png| commentcollapse12rtl.png| | 166| 15-Jun-19| 05:55 \ncommentexpand12.png| commentexpand12.png| | 238| 15-Jun-19| 05:55 \ncommentexpand12rtl.png| commentexpand12rtl.png| | 222| 15-Jun-19| 05:55 \ndeletefilterglyph.png| deletefilterglyph.png| | 352| 15-Jun-19| 05:55 \ndisableddeletefilterglyph.png| disableddeletefilterglyph.png| | 352| 15-Jun-19| 05:55 \ndwnarsml.png| downarrowsmall.11x7x32.png| | 272| 15-Jun-19| 05:55 \necbtn.png| ecbbutton.png| | 132| 15-Jun-19| 05:55 \necbtnr.png| ecbbuttonrtl.png| | 118| 15-Jun-19| 05:55 \nellipsis.11x11x32.png| ellipsis.11x11x32.png| | 140| 15-Jun-19| 05:55 \nellipsis.16x16x32.png| ellipsis.16x16x32.png| | 161| 15-Jun-19| 05:55 \nerrorbck.png| errorbck.png| | 318| 15-Jun-19| 05:55 \nexit.png| exit.png| | 249| 15-Jun-19| 05:55 \nexit.png_14| exit.png| | 249| 15-Jun-19| 05:55 \nfirstrundocmove48.png| firstrundocmove48.png| | 834| 15-Jun-19| 05:55 \nfirstrunfoldersync48.png| firstrunfoldersync48.png| | 816| 15-Jun-19| 05:55 \nfirstrunfollow48.png| firstrunfollow48.png| | 1262| 15-Jun-19| 05:55 \nfirstrunmobile48.png| firstrunmobile48.png| | 530| 15-Jun-19| 05:55 \nfirstrunprivacyemail48.png| firstrunprivacyemail48.png| | 1070| 15-Jun-19| 05:55 \nfirstrunprivacysettings48.png| firstrunprivacysettings48.png| | 1117| 15-Jun-19| 05:55 \nfirstrunupdateprofile48.png| firstrunupdateprofile48.png| | 617| 15-Jun-19| 05:55 \nmb_folder.png| mb_folder.png| | 323| 15-Jun-19| 05:55 \nfolder.gif_0001| folder.gif| | 73| 15-Jun-19| 05:55 \nhelpbullet.5x15x32.png| helpbullet.5x15x32.png| | 99| 15-Jun-19| 05:55 \nhelpscrolldown.15x15x32.png| helpscrolldown.15x15x32.png| | 109| 15-Jun-19| 05:55 \nhelpscrollleft.15x15x32.png| helpscrollleft.15x15x32.png| | 107| 15-Jun-19| 05:55 \nhelpscrollright.15x15x32.png| helpscrollright.15x15x32.png| | 108| 15-Jun-19| 05:55 \nhelpscrollup.15x15x32.png| helpscrollup.15x15x32.png| | 108| 15-Jun-19| 05:55 \nicaccdb.png| icaccdb.png| | 1376| 15-Jun-19| 05:55 \nicaccde.png| icaccde.png| | 1376| 15-Jun-19| 05:55 \nicdoc.png| icdoc.png| | 1375| 15-Jun-19| 05:55 \nicdocm.png| icdocm.png| | 1474| 15-Jun-19| 05:55 \nicdocx.png| icdocx.png| | 1398| 15-Jun-19| 05:55 \nicdot.png| icdot.png| | 1329| 15-Jun-19| 05:55 \nicdotm.png| icdotm.png| | 1414| 15-Jun-19| 05:55 \nicdotx.png| icdotx.png| | 1360| 15-Jun-19| 05:55 \nicgen.gif| icgen.gif| | 90| 15-Jun-19| 05:55 \nicmpd.png| icmpd.png| | 1394| 15-Jun-19| 05:55 \nicmpp.png| icmpp.png| | 1387| 15-Jun-19| 05:55 \nicmpt.png| icmpt.png| | 1356| 15-Jun-19| 05:55 \nicnotebk.png| icnotebk.png| | 1332| 15-Jun-19| 05:55 \nicodp.png| icodp.png| | 1535| 15-Jun-19| 05:55 \nicods.png| icods.png| | 1603| 15-Jun-19| 05:55 \nicodt.png| icodt.png| | 1545| 15-Jun-19| 05:55 \nicone.png| icone.png| | 1339| 15-Jun-19| 05:55 \niconp.png| iconp.png| | 1382| 15-Jun-19| 05:55 \nicont.png| icont.png| | 1332| 15-Jun-19| 05:55 \nicpdf.png| icpdf.png| | 236| 15-Jun-19| 05:55 \nicpot.png| icpot.png| | 1343| 15-Jun-19| 05:55 \nicpotm.png| icpotm.png| | 1441| 15-Jun-19| 05:55 \nicpotx.png| icpotx.png| | 1373| 15-Jun-19| 05:55 \nicppa.png| icppa.png| | 1278| 15-Jun-19| 05:55 \nicppam.png| icppam.png| | 1309| 15-Jun-19| 05:55 \nicpps.png| icpps.png| | 1394| 15-Jun-19| 05:55 \nicppsm.png| icppsm.png| | 1425| 15-Jun-19| 05:55 \nicppsx.png| icppsx.png| | 1335| 15-Jun-19| 05:55 \nicppt.png| icppt.png| | 1395| 15-Jun-19| 05:55 \nicpptm.png| icpptm.png| | 1464| 15-Jun-19| 05:55 \nicpptx.png| icpptx.png| | 1413| 15-Jun-19| 05:55 \nicpub.png| icpub.png| | 1395| 15-Jun-19| 05:55 \nicspdgeneric.png| icspdgeneric.png| | 1430| 15-Jun-19| 05:55 \nicvdx.png| icvdx.png| | 1407| 15-Jun-19| 05:55 \nicvisiogeneric.png| icvisiogeneric.png| | 1407| 15-Jun-19| 05:55 \nicvsx.png| icvsx.png| | 1321| 15-Jun-19| 05:55 \nicvtx.png| icvtx.png| | 1376| 15-Jun-19| 05:55 \nicxla.png| icxla.png| | 1362| 15-Jun-19| 05:55 \nicxlam.png| icxlam.png| | 1373| 15-Jun-19| 05:55 \nicxls.png| icxls.png| | 1460| 15-Jun-19| 05:55 \nicxlsb.png| icxlsb.png| | 1430| 15-Jun-19| 05:55 \nicxlsm.png| icxlsm.png| | 1535| 15-Jun-19| 05:55 \nicxlsx.png| icxlsx.png| | 1474| 15-Jun-19| 05:55 \nicxlt.png| icxlt.png| | 1428| 15-Jun-19| 05:55 \nicxltm.png| icxltm.png| | 1470| 15-Jun-19| 05:55 \nicxltx.png| icxltx.png| | 1409| 15-Jun-19| 05:55 \nicxsn.png| icxsn.png| | 1326| 15-Jun-19| 05:55 \nmb_picture.png| mb_picture.png| | 469| 15-Jun-19| 05:55 \nitagnda.png| itagnda.png| | 220| 15-Jun-19| 05:55 \nitann.png| itann.png| | 392| 15-Jun-19| 05:55 \nitappcat.png| itappcatalog.png| | 265| 15-Jun-19| 05:55 \nitappreq.png| itapprequests.png| | 294| 15-Jun-19| 05:55 \nitcat.gif| itcat.gif| | 115| 15-Jun-19| 05:55 \nitcommcat.png| itcommcat.png| | 271| 15-Jun-19| 05:55 \nitcommem.png| itcommem.png| | 280| 15-Jun-19| 05:55 \nitcommnt.gif| itcommnt.gif| | 189| 15-Jun-19| 05:55 \nitcontct.gif| itcontct.gif| | 208| 15-Jun-19| 05:55 \nitcontct.png| itcontct.png| | 280| 15-Jun-19| 05:55 \nitdatash.png| itdatash.png| | 165| 15-Jun-19| 05:55 \nitdecis.png| itdecis.png| | 300| 15-Jun-19| 05:55 \nitdisc.png| itdisc.png| | 298| 15-Jun-19| 05:55 \nitdl.png| itdl.png| | 277| 15-Jun-19| 05:55 \nitebl.png| itebl.png| | 224| 15-Jun-19| 05:55 \nitevent.png| itevent.png| | 223| 15-Jun-19| 05:55 \nitfl.png| itfl.png| | 177| 15-Jun-19| 05:55 \nitgbcall.gif| itgbcall.gif| | 308| 15-Jun-19| 05:55 \nitgbfaci.gif| itgbfaci.gif| | 127| 15-Jun-19| 05:55 \nitgbwher.gif| itgbwher.gif| | 222| 15-Jun-19| 05:55 \nitgen.png| itgen.png| | 165| 15-Jun-19| 05:55 \nitil.png| itil.png| | 292| 15-Jun-19| 05:55 \nitime.png| itime.png| | 177| 15-Jun-19| 05:55 \nitiss.png| itiss.png| | 345| 15-Jun-19| 05:55 \nitissue.png| itissue.png| | 343| 15-Jun-19| 05:55 \nitlink.png| itlink.png| | 482| 15-Jun-19| 05:55 \nitobject.png| itobject.png| | 307| 15-Jun-19| 05:55 \nitposts.gif| itposts.gif| | 81| 15-Jun-19| 05:55 \nittask.png| ittask.png| | 343| 15-Jun-19| 05:55 \nitthgbrg.png| itthgbrg.png| | 323| 15-Jun-19| 05:55 \nitwp.png| itwp.png| | 590| 15-Jun-19| 05:55 \nmb_gear.png| mb_gear.png| | 455| 15-Jun-19| 05:55 \nmb_audio.png| mb_audio.png| | 671| 15-Jun-19| 05:55 \nlg_icdoc.png| lg_icdoc.png| | 1542| 15-Jun-19| 05:55 \nlg_icdocm.png| lg_icdocm.png| | 1874| 15-Jun-19| 05:55 \nlg_icdocx.png| lg_icdocx.png| | 1656| 15-Jun-19| 05:55 \nlg_icdot.png| lg_icdot.png| | 1492| 15-Jun-19| 05:55 \nlg_icdotm.png| lg_icdotm.png| | 1779| 15-Jun-19| 05:55 \nlg_icdotx.png| lg_icdotx.png| | 1573| 15-Jun-19| 05:55 \nlg_gen.gif| lg_icgen.gif| | 171| 15-Jun-19| 05:55 \nlg_mpd.png| lg_icmpd.png| | 1587| 15-Jun-19| 05:55 \nlg_mpp.png| lg_icmpp.png| | 1583| 15-Jun-19| 05:55 \nlg_mpt.png| lg_icmpt.png| | 1552| 15-Jun-19| 05:55 \nlg_icodp.png| lg_icodp.png| | 1786| 15-Jun-19| 05:55 \nlg_icods.png| lg_icods.png| | 1845| 15-Jun-19| 05:55 \nlg_icodt.png| lg_icodt.png| | 1861| 15-Jun-19| 05:55 \nlg_icone.png| lg_icone.png| | 1484| 15-Jun-19| 05:55 \nlg_iconp.png| lg_iconp.png| | 1558| 15-Jun-19| 05:55 \nlg_icont.png| lg_icont.png| | 1544| 15-Jun-19| 05:55 \nlg_icpdf.png| lg_icpdf.png| | 451| 15-Jun-19| 05:55 \nlg_icpot.png| lg_icpot.png| | 1495| 15-Jun-19| 05:55 \nlg_icpotm.png| lg_icpotm.png| | 1785| 15-Jun-19| 05:55 \nlg_icpotx.png| lg_icpotx.png| | 1593| 15-Jun-19| 05:55 \nlg_icppa.png| lg_icppa.png| | 1397| 15-Jun-19| 05:55 \nlg_icppam.png| lg_icppam.png| | 1506| 15-Jun-19| 05:55 \nlg_icpps.png| lg_icpps.png| | 1696| 15-Jun-19| 05:55 \nlg_icppsm.png| lg_icppsm.png| | 1823| 15-Jun-19| 05:55 \nlg_icppsx.png| lg_icppsx.png| | 1603| 15-Jun-19| 05:55 \nlg_icppt.png| lg_icppt.png| | 1607| 15-Jun-19| 05:55 \nlg_icpptm.png| lg_icpptm.png| | 1894| 15-Jun-19| 05:55 \nlg_icpptx.png| lg_icpptx.png| | 1709| 15-Jun-19| 05:55 \nlg_pub.png| lg_icpub.png| | 1587| 15-Jun-19| 05:55 \nlgvdw.gif| lg_icvdw.gif| | 464| 15-Jun-19| 05:55 \nlg_vdx.png| lg_icvdx.png| | 1839| 15-Jun-19| 05:55 \nlg_vsdm.gif| lg_icvsdm.gif| | 577| 15-Jun-19| 05:55 \nlg_vsdx.gif| lg_icvsdx.gif| | 540| 15-Jun-19| 05:55 \nlg_vssm.gif| lg_icvssm.gif| | 468| 15-Jun-19| 05:55 \nlg_vssx.gif| lg_icvssx.gif| | 468| 15-Jun-19| 05:55 \nlg_vstm.gif| lg_icvstm.gif| | 502| 15-Jun-19| 05:55 \nlg_vsx.png| lg_icvsx.png| | 1549| 15-Jun-19| 05:55 \nlg_vtx.png| lg_icvtx.png| | 1686| 15-Jun-19| 05:55 \nlg_icxla.png| lg_icxla.png| | 1553| 15-Jun-19| 05:55 \nlg_icxlam.png| lg_icxlam.png| | 1579| 15-Jun-19| 05:55 \nlg_icxls.png| lg_icxls.png| | 1558| 15-Jun-19| 05:55 \nlg_icxlsb.png| lg_icxlsb.png| | 1598| 15-Jun-19| 05:55 \nlg_icxlsm.png| lg_icxlsm.png| | 1856| 15-Jun-19| 05:55 \nlg_icxlsx.png| lg_icxlsx.png| | 1635| 15-Jun-19| 05:55 \nlg_icxlt.png| lg_icxlt.png| | 1498| 15-Jun-19| 05:55 \nlg_icxltm.png| lg_icxltm.png| | 1783| 15-Jun-19| 05:55 \nlg_xltx.gif| lg_icxltx.gif| | 377| 15-Jun-19| 05:55 \nlg_icxltx.png| lg_icxltx.png| | 1570| 15-Jun-19| 05:55 \nlg_xsn.png| lg_icxsn.png| | 1418| 15-Jun-19| 05:55 \nlink.gif| link.gif| | 359| 15-Jun-19| 05:55 \nltagnda.png| ltagnda.png| | 594| 15-Jun-19| 05:55 \nltann.png| ltann.png| | 905| 15-Jun-19| 05:55 \nltappcat.png| ltappcatalog.png| | 1167| 15-Jun-19| 05:55 \nltappreq.png| ltapprequests.png| | 1504| 15-Jun-19| 05:55 \nltcat.gif| ltcat.gif| | 402| 15-Jun-19| 05:55 \nltcommcat.png| ltcommcat.png| | 492| 15-Jun-19| 05:55 \nltcommem.png| ltcommem.png| | 589| 15-Jun-19| 05:55 \nltcommnt.gif| ltcommnt.gif| | 375| 15-Jun-19| 05:55 \nltcontct.gif| ltcontct.gif| | 409| 15-Jun-19| 05:55 \nltcontct.png| ltcontct.png| | 579| 15-Jun-19| 05:55 \nltdatash.png| ltdatash.png| | 195| 15-Jun-19| 05:55 \nltdecis.png| ltdecis.png| | 785| 15-Jun-19| 05:55 \nltdisc.png| ltdisc.png| | 472| 15-Jun-19| 05:55 \nltdl.png| ltdl.png| | 417| 15-Jun-19| 05:55 \nltebl.png| ltebl.png| | 459| 15-Jun-19| 05:55 \nltevent.png| ltevent.png| | 209| 15-Jun-19| 05:55 \nltfl.png| ltfl.png| | 409| 15-Jun-19| 05:55 \nltgbcall.gif| ltgbcall.gif| | 396| 15-Jun-19| 05:55 \nltgbfaci.gif| ltgbfaci.gif| | 390| 15-Jun-19| 05:55 \nltgbwher.gif| ltgbwher.gif| | 422| 15-Jun-19| 05:55 \nltgen.png| ltgen.png| | 195| 15-Jun-19| 05:55 \nltil.png| ltil.png| | 543| 15-Jun-19| 05:55 \nltime.png| ltime.png| | 346| 15-Jun-19| 05:55 \nltiss.png| ltiss.png| | 1426| 15-Jun-19| 05:55 \nltissue.png| ltissue.png| | 681| 15-Jun-19| 05:55 \nltlink.png| ltlink.png| | 2074| 15-Jun-19| 05:55 \nltobject.png| ltobject.png| | 821| 15-Jun-19| 05:55 \nltposts.gif| ltposts.gif| | 385| 15-Jun-19| 05:55 \nltsurvey.png| ltsurvey.png| | 225| 15-Jun-19| 05:55 \nlttask.png| lttask.png| | 1176| 15-Jun-19| 05:55 \nltthgbrg.png| ltthgbrg.png| | 754| 15-Jun-19| 05:55 \nltwp.png| ltwp.png| | 706| 15-Jun-19| 05:55 \nmb_video.png| mb_video.png| | 209| 15-Jun-19| 05:55 \nmappushpin.25x39x32.png| mappushpin.25x39x32.png| | 1070| 15-Jun-19| 05:55 \nmappushpindisabled.25x39x32.png| mappushpindisabled.25x39x32.png| | 1026| 15-Jun-19| 05:55 \nmappushpinhover.25x39x32.png| mappushpinhover.25x39x32.png| | 1037| 15-Jun-19| 05:55 \nmapview.31x22x32.png| mapview.31x22x32.png| | 672| 15-Jun-19| 05:55 \nmb_button_bg.png| mb_button_bg.png| | 194| 15-Jun-19| 05:55 \nmention.11x11x32.png| mention.11x11x32.png| | 274| 15-Jun-19| 05:55 \nmtagnda.png| mtagnda.png| | 413| 15-Jun-19| 05:55 \nmtann.png| mtann.png| | 520| 15-Jun-19| 05:55 \nmtappcat.png| mtappcatalog.png| | 414| 15-Jun-19| 05:55 \nmtappreq.png| mtapprequests.png| | 548| 15-Jun-19| 05:55 \nmtcat.gif| mtcat.gif| | 197| 15-Jun-19| 05:55 \nmtcommcat.png| mtcommcat.png| | 330| 15-Jun-19| 05:55 \nmtcommem.png| mtcommem.png| | 388| 15-Jun-19| 05:55 \nmtcommnt.gif| mtcommnt.gif| | 193| 15-Jun-19| 05:55 \nmtcontct.gif| mtcontct.gif| | 137| 15-Jun-19| 05:55 \nmtcontct.png| mtcontct.png| | 293| 15-Jun-19| 05:55 \nmtdatash.png| mtdatash.png| | 129| 15-Jun-19| 05:55 \nmtdecis.png| mtdecis.png| | 516| 15-Jun-19| 05:55 \nmtdisc.png| mtdisc.png| | 307| 15-Jun-19| 05:55 \nmtdl.png| mtdl.png| | 252| 15-Jun-19| 05:55 \nmtebl.png| mtebl.png| | 245| 15-Jun-19| 05:55 \nmtevent.png| mtevent.png| | 135| 15-Jun-19| 05:55 \nmtfl.png| mtfl.png| | 227| 15-Jun-19| 05:55 \nmtgbcall.gif| mtgbcall.gif| | 396| 15-Jun-19| 05:55 \nmtgbfaci.gif| mtgbfaci.gif| | 377| 15-Jun-19| 05:55 \nmtgbwher.gif| mtgbwher.gif| | 390| 15-Jun-19| 05:55 \nmtgen.png| mtgen.png| | 129| 15-Jun-19| 05:55 \nmtil.png| mtil.png| | 280| 15-Jun-19| 05:55 \nmtime.png| mtime.png| | 188| 15-Jun-19| 05:55 \nmtiss.png| mtiss.png| | 534| 15-Jun-19| 05:55 \nmtissue.png| mtissue.png| | 447| 15-Jun-19| 05:55 \nmtlink.png| mtlink.png| | 565| 15-Jun-19| 05:55 \nmtobject.png| mtobject.png| | 460| 15-Jun-19| 05:55 \nmtposts.gif| mtposts.gif| | 197| 15-Jun-19| 05:55 \nmtsurvey.png| mtsurvey.png| | 141| 15-Jun-19| 05:55 \nmttask.png| mttask.png| | 405| 15-Jun-19| 05:55 \nmtthgbrg.png| mtthgbrg.png| | 526| 15-Jun-19| 05:55 \nmtwp.png| mtwp.png| | 391| 15-Jun-19| 05:55 \nmb_file.png| mb_file.png| | 215| 15-Jun-19| 05:55 \nnowfollowing.11x11x32.png| nowfollowing.11x11x32.png| | 257| 15-Jun-19| 05:55 \no365brandsuite.png| o365brandsuite.png| | 2122| 15-Jun-19| 05:55 \npersonplaceholder200.png| personplaceholder.200x150x32.png| | 2438| 15-Jun-19| 05:55 \npersonplaceholder32.png| personplaceholder.32x32x32.png| | 737| 15-Jun-19| 05:55 \npersonplaceholder42.png| personplaceholder.42x42x32.png| | 728| 15-Jun-19| 05:55 \npersonplaceholder96.png| personplaceholder.96x96x32.png| | 1500| 15-Jun-19| 05:55 \nprojectmanagedeliverables.16x16x32.png| projectmanagedeliverables.16x16x32.png| | 219| 15-Jun-19| 05:55 \npromotedsitetile.150x150x32.png| promotedsitetile.150x150x32.png| | 2530| 15-Jun-19| 05:55 \nrepliedto.11x11x32.png| repliedto.11x11x32.png| | 257| 15-Jun-19| 05:55 \nmb_excel.png| mb_excel.png| | 572| 15-Jun-19| 05:55 \nmb_onenote.png| mb_onenote.png| | 456| 15-Jun-19| 05:55 \nmb_text.png| mb_text.png| | 268| 15-Jun-19| 05:55 \nmb_ppt.png| mb_ppt.png| | 577| 15-Jun-19| 05:55 \nmb_word.png| mb_word.png| | 535| 15-Jun-19| 05:55 \nmb_site.png| mb_siteworkspace.png| | 822| 15-Jun-19| 05:55 \nselectioncheckmarkcolumn.10x10x32.png| selectioncheckmarkcolumn.10x10x32.png| | 229| 15-Jun-19| 05:55 \nsharepointfoundation16.png| sharepointfoundation16.png| | 560| 15-Jun-19| 05:55 \nfavicon.ico| favicon.ico| | 7886| 15-Jun-19| 05:55 \nsharepointdesigner32.png| sharepointdesigner32.png| | 1613| 15-Jun-19| 05:55 \nsharepointmetroapptile.png| sharepointmetroapptile.png| | 3992| 15-Jun-19| 05:55 \nsiteicon.png| siteicon.png| | 2345| 15-Jun-19| 05:55 \naccsrv.images.progcircle16.gif| hig_progcircle_loading16.gif| | 420| 15-Jun-19| 05:53 \nloadingcirclests16.gif| loadingcirclests16.gif| | 420| 15-Jun-19| 05:53 \naccsrv.images.progcircle24.gif| hig_progcircle_loading24.gif| | 878| 15-Jun-19| 05:53 \ngears_anv4.gif_0001| gears_anv4.gif| | 878| 15-Jun-19| 05:53 \nloadin24.gif| hig_progcircle_loading24.gif| | 878| 15-Jun-19| 05:53 \nloadin24.png| hig_progcircle_loading24.gif| | 878| 15-Jun-19| 05:53 \nprogress_circle_24.gif| progress-circle-24.gif| | 878| 15-Jun-19| 05:53 \nmb_navigation.png| mb_navigation.png| | 255| 15-Jun-19| 05:55 \nspstorefrontappdefault.16x16x32.png| spstorefrontappdefault.16x16x32.png| | 296| 15-Jun-19| 05:55 \nspstorefrontappdefault.96x96x32.png| spstorefrontappdefault.96x96x32.png| | 1036| 15-Jun-19| 05:55 \ntag.11x11x32.png| tag.11x11x32.png| | 228| 15-Jun-19| 05:55 \nupdatelink.16x16x32.png| updatelink.16x16x32.png| | 320| 15-Jun-19| 05:55 \nusquig.png| usersquiggle.png| | 150| 15-Jun-19| 05:55 \nvideopreview.png| videopreview.png| | 7110| 15-Jun-19| 05:55 \nmb_page.png| mb_page.png| | 710| 15-Jun-19| 05:55 \nmb_xml.png| mb_xml.png| | 464| 15-Jun-19| 05:55 \nbusdata.dll| microsoft.businessdata.dll| 15.0.4420.1017| 116920| 12-Jun-19| 06:49 \nbusdatar.dll| microsoft.businessdata.dll| 15.0.4420.1017| 116920| 12-Jun-19| 06:49 \nmicrosoft_web_design_server.dll| microsoft.web.design.server.dll| 15.0.5085.1000| 402208| 12-Jun-19| 06:50 \nmicrosoft_web_design_server_intl.dll| microsoft.web.design.server.intl.dll| 15.0.4420.1017| 21640| 12-Jun-19| 06:50 \nbdcmdsch.xsd| bdcmetadata.xsd| | 26300| | \nbdcmeta.xsd| bdcmetadata.xsd| | 26300| 12-Jun-19| 06:49 \nbdcmdsc2.xsd| bdcmetadataresource.xsd| | 13089| | \nbdcmetar.xsd| bdcmetadataresource.xsd| | 13089| 12-Jun-19| 06:49 \nonetnative.dll| onetnative.dll| 15.0.4919.1000| 523008| 12-Jun-19| 06:49 \nxlsrv.onetnative.dll| onetnative.dll| 15.0.4919.1000| 523008| 12-Jun-19| 06:49 \nonetutil.dll| onetutil.dll| 15.0.5153.1000| 2625104| 12-Jun-19| 06:50 \noffice_extension_manager_js| sp.officeextensionmanager.js| | 34379| 12-Jun-19| 06:50 \nosfserver_client_dll| microsoft.sharepoint.client.workflowservices.dll| 15.0.4599.1000| 39128| 12-Jun-19| 06:50 \nosfserver_silverlight_dll| microsoft.sharepoint.client.workflowservices.silverlight.dll| 15.0.4599.1000| 39152| 12-Jun-19| 06:50 \nosfserver_serverproxy_dll| microsoft.sharepoint.workflowservices.serverproxy.dll| 15.0.4599.1000| 110280| 12-Jun-19| 06:50 \nosfserver_shared_dll| microsoft.sharepoint.workflowservicesbase.dll| 15.0.4877.1000| 88360| 12-Jun-19| 06:50 \nosfserver_shared_dll_intl| microsoft.sharepoint.workflowservicesbase.intl.dll| 15.0.4420.1017| 12464| 12-Jun-19| 06:50 \nproxylibrary.osfserver.xml| proxylibrary.osfserver.xml| | 164| 12-Jun-19| 06:50 \nosfserver_clientdbg_js| sp.workflowservices.debug.js| | 58451| 12-Jun-19| 06:50 \nosfserver_clientdbg_js.x64| sp.workflowservices.debug.js| | 58451| 12-Jun-19| 06:50 \nosfserver_client_js| sp.workflowservices.js| | 34083| 12-Jun-19| 06:50 \nosfserver_client_js.x64| sp.workflowservices.js| | 34083| 12-Jun-19| 06:50 \naddwrkfl.aspx| addwrkfl.aspx| | 61362| 12-Jun-19| 06:50 \nassocwrkfl.aspx| assocwrkfl.aspx| | 4655| 12-Jun-19| 06:50 \navailableworkflow.aspx| availableworkflow.aspx| | 7966| 12-Jun-19| 06:50 \nmytasks.aspx| mytasks.aspx| | 6818| 12-Jun-19| 06:50 \noextnmgr.aspx| officeextensionmanager.aspx| | 2196| 12-Jun-19| 06:50 \nremwrkfl.aspx| remwrkfl.aspx| | 16619| 12-Jun-19| 06:50 \nosfserver.resx| osfserver.resx| | 45025| 12-Jun-19| 06:50 \nrunningworkflows.aspx| runningworkflows.aspx| | 8570| 12-Jun-19| 06:50 \nvalidapp.osfsrv.xml| validappendpoints.osfserver.xml| | 1245| 12-Jun-19| 06:50 \nwfstart.asx| wfstart.aspx| | 202| 12-Jun-19| 06:50 \nworkflow.asx| workflow.aspx| | 25914| 12-Jun-19| 06:50 \nworkflowtaskpane.aspx| workflowtaskpane.aspx| | 1180| 12-Jun-19| 06:50 \nwrksetng.aspx| wrksetng.aspx| | 15843| 12-Jun-19| 06:50 \nwrkstat.aspx| wrkstat.aspx| | 27940| 12-Jun-19| 06:50 \nosfextap.dll| microsoft.sharepoint.officeextension.applicationpages.dll| 15.0.4420.1017| 12960| 12-Jun-19| 06:50 \nwfform.js| wfformtemplates.js| | 5024| 12-Jun-19| 06:50 \nosfap.dll| microsoft.sharepoint.workflowservices.applicationpages.dll| 15.0.4755.1000| 96880| 12-Jun-19| 06:50 \nwebconfig.osfserver.xml| webconfig.osfserver.xml| | 504| 12-Jun-19| 06:50 \naddgallery.xap_silverlight| addgallery.xap| | 367086| 12-Jun-19| 06:50 \nmicrosoft.sharepoint.client.xap| microsoft.sharepoint.client.xap| | 227864| 12-Jun-19| 06:50 \nwsstlb.net| microsoft.sharepoint.search.administration.mssitlb.dll| | 90792| 12-Jun-19| 06:50 \nsearchom.dll_0003| microsoft.sharepoint.search.dll| 15.0.5129.1000| 3601488| 12-Jun-19| 06:50 \nsearchom.dll_0005| microsoft.sharepoint.search.dll| 15.0.5129.1000| 3601488| 12-Jun-19| 06:50 \nsrchomnt.dll_1| microsoft.sharepoint.search.native.dll| 15.0.5127.1000| 479320| 12-Jun-19| 06:50 \nwsrchps.dll| microsoft.sharepoint.search.powershell.dll| 15.0.4937.1000| 31520| 12-Jun-19| 06:50 \ncontrol_defaultresult.js| control_searchresults.js| | 32178| 12-Jun-19| 06:50 \nfilter_refinement.js| filter_default.js| | 21014| 12-Jun-19| 06:50 \nfilter_multirefinement.js| filter_multivalue.js| | 6263| 12-Jun-19| 06:50 \ngroup_content.js| group_content.js| | 2159| 12-Jun-19| 06:50 \ngroup_defaultgroup.js| group_default.js| | 6616| 12-Jun-19| 06:50 \nhoverpanel_commonactions.js| item_commonhoverpanel_actions.js| | 12766| 12-Jun-19| 06:50 \nhoverpanel_commonbody.js| item_commonhoverpanel_body.js| | 7771| 12-Jun-19| 06:50 \nhoverpanel_community.js| item_community_hoverpanel.js| | 11080| 12-Jun-19| 06:50 \nhoverpanel_default.js| item_default_hoverpanel.js| | 4222| 12-Jun-19| 06:50 \nhoverpanel_microblog.js| item_microblog_hoverpanel.js| | 17457| 12-Jun-19| 06:50 \nhoverpanel_site.js| item_site_hoverpanel.js| | 7582| 12-Jun-19| 06:50 \nhoverpanel_webpage.js| item_webpage_hoverpanel.js| | 6608| 12-Jun-19| 06:50 \nitem_commonbody.js| item_commonitem_body.js| | 8742| 12-Jun-19| 06:50 \nitem_communityportal.js| item_communityportal.js| | 9225| 12-Jun-19| 06:50 \nitem_microblog.js| item_microblog.js| | 17108| 12-Jun-19| 06:50 \nitem_pdf.js| item_pdf.js| | 4102| 12-Jun-19| 06:50 \nitem_people.js| item_person.js| | 24413| 12-Jun-19| 06:50 \nitem_peopleintent.js| item_person_compacthorizontal.js| | 27705| 12-Jun-19| 06:50 \nitem_site.js| item_site.js| | 4544| 12-Jun-19| 06:50 \nitem_webpage.js| item_webpage.js| | 3827| 12-Jun-19| 06:50 \nitem_word.js| item_word.js| | 4157| 12-Jun-19| 06:50 \nsearch.web.parts.feature.xml| feature.xml| | 5405| 12-Jun-19| 06:50 \nsearch.web.parts.dwpfiles.xml| webpartdwpfiles.xml| | 68278| 12-Jun-19| 06:50 \nwss.searchpowershell.types.ps1xml| wsssearchpowershell.types.ps1xml| | 10901| 12-Jun-19| 06:50 \nwss.intl.dll| microsoft.sharepoint.search.intl.dll| 15.0.4937.1000| 570184| 12-Jun-19| 06:50 \nsetup.exe| setup.exe| 15.0.5119.1000| 1087056| 12-Jun-19| 06:49 \nsvrsetup.exe| setup.exe| 15.0.5119.1000| 1087056| 12-Jun-19| 06:49 \nwsssetup.dll| wsssetup.dll| 15.0.5119.1000| 10413352| 12-Jun-19| 06:50 \ndevftr.xml| feature.xml| | 1225| 12-Jun-19| 06:50 \nappdev.dll| microsoft.sharepoint.appdevelopment.dll| 15.0.5027.1000| 71384| 12-Jun-19| 06:50 \nstsapa.dll| microsoft.sharepoint.applicationpages.administration.dll| 15.0.5085.1000| 659224| 12-Jun-19| 06:50 \nwssadmop.dll_0001| microsoft.sharepoint.administrationoperation.dll| 15.0.4987.1000| 1046352| 12-Jun-19| 06:50 \nwssadmin.exe_0001| wssadmin.exe| 15.0.4420.1017| 17088| 12-Jun-19| 06:50 \nappmng.svc| appmng.svc| | 375| 12-Jun-19| 06:50 \nappmngclient.config| client.config| | 2159| 12-Jun-19| 06:50 \nappmngweb.config| web.config| | 2641| 12-Jun-19| 06:50 \nbgximg.png| bgximg.png| | 1770| 12-Jun-19| 06:50 \nbgyimg.png| bgyimg.png| | 68| 12-Jun-19| 06:50 \nclient.svc| client.svc| | 402| 12-Jun-19| 06:50 \nadmwcfg.xml| adminwebconfig.sts.xml| | 3530| 12-Jun-19| 06:50 \napppermissionprovider.bdcconnection.xml| apppermissionprovider.bdcconnection.xml| | 232| 12-Jun-19| 06:50 \napppermissionprovider.content.xml| apppermissionprovider.content.xml| | 706| 12-Jun-19| 06:50 \ncapabilitycheckers.sts.xml| capabilitycheckers.sts.xml| | 2789| 12-Jun-19| 06:50 \ndocexflt.xml| docextflt.xml| | 4439| 12-Jun-19| 06:50 \ndocparse.xml| docparse.xml| | 2293| 12-Jun-19| 06:50 \ngbwupgrade.xml| gbwupgrade.xml| | 4055| 12-Jun-19| 06:50 \ngbwupgradeb2b.xml| gbwupgradeb2b.xml| | 311| 12-Jun-19| 06:50 \nmdocview.xml| mdocview.xml| | 6975| 12-Jun-19| 06:50 \nmpsupgrade.xml| mpsupgrade.xml| | 15459| 12-Jun-19| 06:50 \nmpsupgradeb2b.xml| mpsupgradeb2b.xml| | 102| 12-Jun-19| 06:50 \nmredirection.xml| mredirection.xml| | 4660| 12-Jun-19| 06:50 \nproxylibrary.stsom.xml| proxylibrary.stsom.xml| | 217| 12-Jun-19| 06:50 \nrgnldflt.xml| rgnldflt.xml| | 81253| 12-Jun-19| 06:50 \ntaupgrade.xml| tenantadminupgrade.xml| | 437| 12-Jun-19| 06:50 \ntimezone.xml| timezone.xml| | 99866| 12-Jun-19| 06:50 \nwebconfig_identitymodel_add| webconfig.identitymodel.add.xml| | 7529| 12-Jun-19| 06:50 \nwebconfig_identitymodel_remove| webconfig.identitymodel.remove.xml| | 3122| 12-Jun-19| 06:50 \nwssupgrade.xml| wssupgrade.xml| | 9043| 12-Jun-19| 06:50 \nwssupgradeb2b.xml| wssupgradeb2b.xml| | 4719| 12-Jun-19| 06:50 \noleprsx.dll| oleparser.dll| 15.0.4454.1000| 31880| 12-Jun-19| 06:50 \nmicrosoft_sharepoint_dsp.dll| microsoft.sharepoint.dsp.dll| 15.0.4420.1017| 48248| 12-Jun-19| 06:50 \nmicrosoft_sharepoint_dsp_oledb.dll| microsoft.sharepoint.dsp.oledb.dll| 15.0.4420.1017| 112768| 12-Jun-19| 06:50 \nmicrosoft_sharepoint_dsp_soappt.dll| microsoft.sharepoint.dsp.soappt.dll| 15.0.4420.1017| 75912| 12-Jun-19| 06:50 \nmicrosoft_sharepoint_dsp_sts.dll| microsoft.sharepoint.dsp.sts.dll| 15.0.4420.1017| 93312| 12-Jun-19| 06:50 \nmicrosoft_sharepoint_dsp_xmlurl.dll| microsoft.sharepoint.dsp.xmlurl.dll| 15.0.4420.1017| 75912| 12-Jun-19| 06:50 \nschema.xml_accreq| schema.xml| | 21500| 12-Jun-19| 06:50 \naccreq.xml| accessrequests.xml| | 681| 12-Jun-19| 06:50 \nfeature.xml_accreq| feature.xml| | 497| 12-Jun-19| 06:50 \napplications.xml| applications.xml| | 8249| 12-Jun-19| 06:50 \napps.xml| apps.xml| | 3078| 12-Jun-19| 06:50 \nbackups.xml| backups.xml| | 4398| 12-Jun-19| 06:50 \nconfigurationwizards.xml| configurationwizards.xml| | 912| 12-Jun-19| 06:50 \ndefault.xml| default.xml| | 12609| 12-Jun-19| 06:50 \nfeature.xml_sts| feature.xml| | 1712| 12-Jun-19| 06:50 \ngenappsettings.xml| generalapplicationsettings.xml| | 1989| 12-Jun-19| 06:50 \nmonitoring.xml| monitoring.xml| | 3736| 12-Jun-19| 06:50 \no365configuration.xml| office365configuration.xml| | 405| 12-Jun-19| 06:50 \nquicklaunch.xml| quicklaunch.xml| | 555| 12-Jun-19| 06:50 \nsecurity.xml| security.xml| | 5954| 12-Jun-19| 06:50 \nsystemsettings.xml| systemsettings.xml| | 5280| 12-Jun-19| 06:50 \nupgradeandmigration.xml| upgradeandmigration.xml| | 1630| 12-Jun-19| 06:50 \nschema.xml_announce| schema.xml| | 26227| 12-Jun-19| 06:50 \nannounce.xml| announcements.xml| | 456| 12-Jun-19| 06:50 \nfeature.xml_announce| feature.xml| | 500| 12-Jun-19| 06:50 \napplockdown.xml| applockdown.xml| | 2321| 12-Jun-19| 06:50 \nfeature.xml_apploc| feature.xml| | 400| 12-Jun-19| 06:50 \nappreglinks.xml| appregistrationlinks.xml| | 793| 12-Jun-19| 06:50 \nfeature.xml_appreg| feature.xml| | 554| 12-Jun-19| 06:50 \nschema.xml_apprequestslist| schema.xml| | 10229| 12-Jun-19| 06:50 \napprequestscontenttypes.xml_apprequestslist| apprequestscontenttypes.xml| | 1748| 12-Jun-19| 06:50 \napprequestsfields.xml_apprequestslist| apprequestsfields.xml| | 5336| 12-Jun-19| 06:50 \napprequestslistinstance.xml_apprequestslist| apprequestslistinstance.xml| | 403| 12-Jun-19| 06:50 \napprequestslisttemplate.xml_apprequestslist| apprequestslisttemplate.xml| | 627| 12-Jun-19| 06:50 \nfeature.xml_apprequestslist| feature.xml| | 1516| 12-Jun-19| 06:50 \nautohostedlicensing_fields.xml_autohostedapplicensing| autohostedapplicensingfields.xml| | 771| 12-Jun-19| 06:50 \nfeature.xml_autohostedapplicensing| feature.xml| | 744| 12-Jun-19| 06:50 \nautohostedlicensing_controls.xml_autohostedapplicensing| resourcebar.xml| | 412| 12-Jun-19| 06:50 \nfeature.xml_autohostedapplicensingstapling| feature.xml| | 487| 12-Jun-19| 06:50 \nelements.xml_autohostedapplicensingstapling| staplingelements.xml| | 223| 12-Jun-19| 06:50 \nblog.dwp_admintools| blogadmin.dwp| | 468| 12-Jun-19| 06:50 \nblog.dwp_archives| blogarchives.dwp| | 462| 12-Jun-19| 06:50 \nblog.webpart_notifications| blognotifications.webpart| | 883| 12-Jun-19| 06:50 \nelements.xml_basicwebparts| elements.xml| | 1652| 12-Jun-19| 06:50 \nelements14.xml_basicwebparts| elements14.xml| | 629| 12-Jun-19| 06:50 \nelements15.xml_basicwebparts| elements15.xml| | 1407| 12-Jun-19| 06:50 \nfeature.xml_basicwebparts| feature.xml| | 3149| 12-Jun-19| 06:50 \ngettingstarted.webpart_basicwebparts| gettingstarted.webpart| | 834| 12-Jun-19| 06:50 \nmscontenteditor.dwp_basicwebparts| mscontenteditor.dwp| | 506| 12-Jun-19| 06:50 \nmsimage.dwp_basicwebparts| msimage.dwp| | 483| 12-Jun-19| 06:50 \nmsmembers.dwp_basicwebparts| msmembers.dwp| | 487| 12-Jun-19| 06:50 \nmspageviewer.dwp_basicwebparts| mspageviewer.dwp| | 498| 12-Jun-19| 06:50 \nmspiclibslideshow.webpart_basicwebparts| mspicturelibraryslideshow.webpart| | 733| 12-Jun-19| 06:50 \nmsscripteditor.webpart_basicwebparts| msscripteditor.webpart| | 739| 12-Jun-19| 06:50 \nmssimpleform.dwp_basicwebparts| mssimpleform.dwp| | 799| 12-Jun-19| 06:50 \nmsuserdocs.dwp_basicwebparts| msuserdocs.dwp| | 492| 12-Jun-19| 06:50 \nmsusertasks.dwp_basicwebparts| msusertasks.dwp| | 495| 12-Jun-19| 06:50 \nmsxml.dwp_basicwebparts| msxml.dwp| | 475| 12-Jun-19| 06:50 \nsilverlight.webpart_basicwebparts| silverlight.webpart| | 669| 12-Jun-19| 06:50 \ntimeline.webpart_basicwebparts| timeline.webpart| | 831| 12-Jun-19| 06:50 \nextsubsh_feature.xml| feature.xml| | 570| 12-Jun-19| 06:50 \nallcategories.asp_blog_categories| allcategories.aspx| | 2718| 12-Jun-19| 06:50 \neditcategory.asp_blog_categories| editcategory.aspx| | 4167| 12-Jun-19| 06:50 \nmycategories.asp_blog_categories| mycategories.aspx| | 2718| 12-Jun-19| 06:50 \nnewcategory.asp_blog_categories| newcategory.aspx| | 4197| 12-Jun-19| 06:50 \nschema.xml_blog_categories| schema.xml| | 18153| 12-Jun-19| 06:50 \nviewcategory.asp_blog_categories| viewcategory.aspx| | 4190| 12-Jun-19| 06:50 \nallcomments.asp_blog_comments| allcomments.aspx| | 2718| 12-Jun-19| 06:50 \nbyauthor.asp_blog_comments| byauthor.aspx| | 2718| 12-Jun-19| 06:50 \neditcomment.asp_blog_comments| editcomment.aspx| | 4167| 12-Jun-19| 06:50 \nmycomments.asp_blog_comments| mycomments.aspx| | 2718| 12-Jun-19| 06:50 \nnewcomment.asp_blog_comments| newcomment.aspx| | 4197| 12-Jun-19| 06:50 \nschema.xml_blog_comments| schema.xml| | 35968| 12-Jun-19| 06:50 \nviewcomment.asp_blog_comments| viewcomment.aspx| | 4190| 12-Jun-19| 06:50 \nallposts.asp_blog_posts| allposts.aspx| | 2718| 12-Jun-19| 06:50 \narchive.asp_blog_posts| archive.aspx| | 2718| 12-Jun-19| 06:50 \nbyauthor.asp_blog_posts| byauthor.aspx| | 2718| 12-Jun-19| 06:50 \nbycategory.asp_blog_posts| bycategory.aspx| | 2718| 12-Jun-19| 06:50 \ncalendar.asp_blog_posts| calendar.aspx| | 2718| 12-Jun-19| 06:50 \neditpost.asp_blog_posts| editpost.aspx| | 4167| 12-Jun-19| 06:50 \nmyposts.asp_blog_posts| myposts.aspx| | 2718| 12-Jun-19| 06:50 \nnewpost.asp_blog_posts| newpost.aspx| | 4197| 12-Jun-19| 06:50 \nschema.xml_blog_posts| schema.xml| | 81082| 12-Jun-19| 06:50 \nviewpost.asp_blog_posts| viewpost.aspx| | 4190| 12-Jun-19| 06:50 \nelements.xml_blog| elements.xml| | 1207| 12-Jun-19| 06:50 \nfeature.xml_blog| feature.xml| | 1326| 12-Jun-19| 06:50 \ncategory.asp_blogcon| category.aspx| | 2649| 12-Jun-19| 06:50 \ndate.asp_blog_blogcon| date.aspx| | 2643| 12-Jun-19| 06:50 \nelements.xml_blogcon| elements.xml| | 29090| 12-Jun-19| 06:50 \nfeature.xml_blogcon| feature.xml| | 517| 12-Jun-19| 06:50 \nmonthlyarchive.asp_blogcon| monthlyarchive.aspx| | 2737| 12-Jun-19| 06:50 \npost.asp_blogcon| post.aspx| | 3153| 12-Jun-19| 06:50 \nsummary.asp_blog_blogcon| summary.aspx| | 3200| 12-Jun-19| 06:50 \ndefault.asp_blog_bloghp| default.aspx| | 2682| 12-Jun-19| 06:50 \nelements.xml_bloghp| elements.xml| | 8483| 12-Jun-19| 06:50 \nfeature.xml_bloghp| feature.xml| | 501| 12-Jun-19| 06:50 \nschema.xml_calltrack| schema.xml| | 314515| 12-Jun-19| 06:50 \ncalltrack.xml| calltracklist.xml| | 5563| 12-Jun-19| 06:50 \nfeature.xml_calltrack| feature.xml| | 1178| 12-Jun-19| 06:50 \nschema.xml_circulation| schema.xml| | 313711| 12-Jun-19| 06:50 \ncirculation.xml| circulationlist.xml| | 6489| 12-Jun-19| 06:50 \nfeature.xml_circulation| feature.xml| | 1196| 12-Jun-19| 06:50 \nschema.xml_contacts| schema.xml| | 8715| 12-Jun-19| 06:50 \ncontacts.xml| contacts.xml| | 451| 12-Jun-19| 06:50 \nfeature.xml_contacts| feature.xml| | 480| 12-Jun-19| 06:50 \nsrcharea.xml| searcharea.xml| | 1279| 12-Jun-19| 06:50 \nfeature.xml_0004| feature.xml| | 527| 12-Jun-19| 06:50 \ncontenttypesettings.xml| contenttypesettings.xml| | 4678| 12-Jun-19| 06:50 \nfeature.xml_0010| feature.xml| | 537| 12-Jun-19| 06:50 \nschema.xml_corpcatalog| schema.xml| | 32074| 12-Jun-19| 06:50 \ncorporatecatalogcustomactions.xml_corpcatalog| corporatecatalogcustomactions.xml| | 8553| 12-Jun-19| 06:50 \ncorporatecatalogfields.xml_corpcatalog| corporatecatalogfields.xml| | 11303| 12-Jun-19| 06:50 \ncorporatecataloginstance.xml_corpcatalog| corporatecataloginstance.xml| | 422| 12-Jun-19| 06:50 \ncorporatecatalogtemplate.xml_corpcatalog| corporatecatalogtemplate.xml| | 665| 12-Jun-19| 06:50 \nfeature.xml_corpcatalog| feature.xml| | 2174| 12-Jun-19| 06:50 \nwebeventreceiver.xml_corpcatalog| webeventreceiver.xml| | 578| 12-Jun-19| 06:50 \nfeature.xml_corpgallerysettings| feature.xml| | 408| 12-Jun-19| 06:50 \nctypswss.xml| ctypeswss.xml| | 48192| 12-Jun-19| 06:50 \nctpswss2.xml| ctypeswss2.xml| | 26052| 12-Jun-19| 06:50 \nctpswss3.xml| ctypeswss3.xml| | 2093| 12-Jun-19| 06:50 \nfeature_0004.xml| feature.xml| | 3974| 12-Jun-19| 06:50 \nschema.xml_custom| schema.xml| | 3427| 12-Jun-19| 06:50 \ncustlist.xml| customlist.xml| | 442| 12-Jun-19| 06:50 \nfeature.xml_custom| feature.xml| | 479| 12-Jun-19| 06:50 \nschema.xml_dsl| schema.xml| | 4343| 12-Jun-19| 06:50 \ndsl.xml| datasourcelibrary.xml| | 512| 12-Jun-19| 06:50 \nfeature.xml_dsl| feature.xml| | 477| 12-Jun-19| 06:50 \nribbon.xml| ribbon.xml| | 4984| 12-Jun-19| 06:50 \nschema.xml_discuss| schema.xml| | 266868| 12-Jun-19| 06:50 \ndiscuss.xml| discussions.xml| | 1715| 12-Jun-19| 06:50 \nfeature.xml_discuss| feature.xml| | 1750| 12-Jun-19| 06:50 \neditdlg.htm_doclib| editdlg.htm| | 4892| 12-Jun-19| 06:50 \neditdlg.htm_ldoclib| editdlg.htm| | 4892| 12-Jun-19| 06:50 \neditdlg.htm_pubfeap| editdlg.htm| | 4892| 12-Jun-19| 06:50 \neditdlg.htm_pubresfeat| editdlg.htm| | 4892| 12-Jun-19| 06:50 \nreportcenterdoclibeditdlg_htm| editdlg.htm| | 4892| 12-Jun-19| 06:50 \nrleditdlg.htm| editdlg.htm| | 4892| 12-Jun-19| 06:50 \nfiledlg.htm_doclib| filedlg.htm| | 4754| 12-Jun-19| 06:50 \nfiledlg.htm_ldoclib| filedlg.htm| | 4754| 12-Jun-19| 06:50 \nfiledlg.htm_pubfeap| filedlg.htm| | 4754| 12-Jun-19| 06:50 \nfiledlg.htm_pubresfeat| filedlg.htm| | 4754| 12-Jun-19| 06:50 \nreportcenterdoclibfiledlg_htm| filedlg.htm| | 4754| 12-Jun-19| 06:50 \nrlfiledlg.htm_ldoclib| filedlg.htm| | 4754| 12-Jun-19| 06:50 \nrepair.aspx_doclib| repair.aspx| | 3259| 12-Jun-19| 06:50 \nrepair.aspx_ldoclib| repair.aspx| | 3259| 12-Jun-19| 06:50 \nrepair.aspx_pubfeap| repair.aspx| | 3259| 12-Jun-19| 06:50 \nrepair.aspx_pubresfeat| repair.aspx| | 3259| 12-Jun-19| 06:50 \nreportcenterdoclibrepair_aspx| repair.aspx| | 3259| 12-Jun-19| 06:50 \nreportcenterdoclibschema_xml| schema.xml| | 31199| 12-Jun-19| 06:50 \nschema.xml_doclib| schema.xml| | 31199| 12-Jun-19| 06:50 \nschema.xml_pubfeap| schema.xml| | 31199| 12-Jun-19| 06:50 \nreportcenterdoclibupload_aspx| upload.aspx| | 5911| 12-Jun-19| 06:50 \nrlupload.aspx| upload.aspx| | 5911| 12-Jun-19| 06:50 \nupload.aspx_doclib| upload.aspx| | 5911| 12-Jun-19| 06:50 \nupload.aspx_ldoclib| upload.aspx| | 5911| 12-Jun-19| 06:50 \nupload.aspx_pubfeap| upload.aspx| | 5911| 12-Jun-19| 06:50 \nupload.aspx_pubresfeat| upload.aspx| | 5911| 12-Jun-19| 06:50 \ndoclib.xml| documentlibrary.xml| | 476| 12-Jun-19| 06:50 \nfeature.xml_doclib| feature.xml| | 499| 12-Jun-19| 06:50 \nelements.xml_downloadfromofficedotcom| elements.xml| | 114| 12-Jun-19| 06:50 \nfeature.xml_downloadfromofficedotcom| feature.xml| | 521| 12-Jun-19| 06:50 \nemltemplates.xml| emailtemplates.xml| | 2233| 12-Jun-19| 06:50 \nemltemplates.xml_14| emailtemplates.xml| | 2233| 12-Jun-19| 06:50 \nevalnoupg.xml| evalsitecreatewithnoupgrade.xml| | 1443| 12-Jun-19| 06:50 \nevalnoupg.xml_14| evalsitecreatewithnoupgrade.xml| | 1443| 12-Jun-19| 06:50 \nevalupg.xml| evalsitecreationwithupgrade.xml| | 1184| 12-Jun-19| 06:50 \nevalupg.xml_14| evalsitecreationwithupgrade.xml| | 1184| 12-Jun-19| 06:50 \nevaldelete.xml| evalsitedeleted.xml| | 440| 12-Jun-19| 06:50 \nevaldelete.xml_14| evalsitedeleted.xml| | 440| 12-Jun-19| 06:50 \nevalexp.xml| evalsitenearingexpiry.xml| | 1030| 12-Jun-19| 06:50 \nevalexp.xml_14| evalsitenearingexpiry.xml| | 1030| 12-Jun-19| 06:50 \nevalrequest.xml| evalsiterequested.xml| | 363| 12-Jun-19| 06:50 \nevalrequest.xml_14| evalsiterequested.xml| | 363| 12-Jun-19| 06:50 \nemltemplatefeat.xml| feature.xml| | 518| 12-Jun-19| 06:50 \nemltemplatefeat.xml_14| feature.xml| | 518| 12-Jun-19| 06:50 \nsiteupg.xml| siteupgraded.xml| | 922| 12-Jun-19| 06:50 \nsiteupg.xml_14| siteupgraded.xml| | 922| 12-Jun-19| 06:50 \nsiteupgfailed.xml| siteupgradefailed.xml| | 807| 12-Jun-19| 06:50 \nsiteupgfailed.xml_14| siteupgradefailed.xml| | 807| 12-Jun-19| 06:50 \nupgavail.xml| upgradeavailable.xml| | 1129| 12-Jun-19| 06:50 \nupgavail.xml_14| upgradeavailable.xml| | 1129| 12-Jun-19| 06:50 \nschema.xml_events| schema.xml| | 27131| 12-Jun-19| 06:50 \nevents.xml| events.xml| | 481| 12-Jun-19| 06:50 \nfeature.xml_events| feature.xml| | 975| 12-Jun-19| 06:50 \nschema.xml_external| schema.xml| | 3389| 12-Jun-19| 06:50 \nextlist.xml| externallist.xml| | 437| 12-Jun-19| 06:50 \nfeature.xml_external| feature.xml| | 485| 12-Jun-19| 06:50 \nextsubs_schema.xml| schema.xml| | 2775| 12-Jun-19| 06:50 \nextsubs.xml| extsubs.xml| | 470| 12-Jun-19| 06:50 \nextsubs_feature.xml| feature.xml| | 1216| 12-Jun-19| 06:50 \nextsubs_listinstance.xml| listinstance.xml| | 446| 12-Jun-19| 06:50 \nschema.xml_facility| schema.xml| | 5279| 12-Jun-19| 06:50 \nfacility.xml| facilitylist.xml| | 552| 12-Jun-19| 06:50 \nfeature.xml_facility| feature.xml| | 1064| 12-Jun-19| 06:50 \nschema.xml_fcgroups| schema.xml| | 5266| 12-Jun-19| 06:50 \nfcgroups.xml| fcgroupslist.xml| | 518| 12-Jun-19| 06:50 \nfeature.xml_fcgroups| feature.xml| | 546| 12-Jun-19| 06:50 \nfeature_0003.xml| feature.xml| | 1346| 12-Jun-19| 06:50 \nfldswss.xml| fieldswss.xml| | 222599| 12-Jun-19| 06:50 \nfldswss2.xml| fieldswss2.xml| | 469| 12-Jun-19| 06:50 \nfldswss3.xml| fieldswss3.xml| | 50780| 12-Jun-19| 06:50 \nfldswss4.xml| fieldswss4.xml| | 11512| 12-Jun-19| 06:50 \nschema.xml_gantt| schema.xml| | 15783| 12-Jun-19| 06:50 \ngantttl.xml| gantttaskslist.xml| | 496| 12-Jun-19| 06:50 \nfeature.xml_gantt| feature.xml| | 475| 12-Jun-19| 06:50 \nfeature_gbwprovision.xml| feature.xml| | 710| 12-Jun-19| 06:50 \nlistinstance_gbwprovision.xml| listinstance.xml| | 816| 12-Jun-19| 06:50 \nelements.xml_gbwwebparts| elements.xml| | 596| 12-Jun-19| 06:50 \nfeature.xml_gbwwebparts| feature.xml| | 346| 12-Jun-19| 06:50 \ntimecard.dwp_gbwwebparts| timecard.dwp| | 442| 12-Jun-19| 06:50 \nwhatsnew.dwp_gbwwebparts| whatsnew.dwp| | 448| 12-Jun-19| 06:50 \nwhereabouts.dwp_gbwwebparts| whereabouts.dwp| | 445| 12-Jun-19| 06:50 \nelements.xml| elements.xml| | 1584| 12-Jun-19| 06:50 \nfeature_gettingstarted.xml| feature.xml| | 957| 12-Jun-19| 06:50 \ngettingstarted.asx| gettingstarted.aspx| | 2904| 12-Jun-19| 06:50 \nelements.xml_gsappcatsite| elements.xml| | 483| 12-Jun-19| 06:50 \nfeature.xml_gsappcatsite| feature.xml| | 769| 12-Jun-19| 06:50 \ngettingstartedwithappcatalogsite.webpart_gsappcatsite| gettingstartedwithappcatalogsite.webpart| | 915| 12-Jun-19| 06:50 \nschema.xml_gridlist| schema.xml| | 2824| 12-Jun-19| 06:50 \ngridlist.xml| gridlist.xml| | 454| 12-Jun-19| 06:50 \nfeature.xml_gridlist| feature.xml| | 477| 12-Jun-19| 06:50 \nfeature_groupwork.xml| feature.xml| | 728| 12-Jun-19| 06:50 \nlistinstance_groupwork.xml| listinstance.xml| | 962| 12-Jun-19| 06:50 \nschema.xml_helplibrary| schema.xml| | 18584| 12-Jun-19| 06:50 \nhelplibrary.xml| helplibrary.xml| | 587| 12-Jun-19| 06:50 \nfeature.xml_helplibrary| feature.xml| | 566| 12-Jun-19| 06:50 \nhelpcontenttypes| helpcontenttypes.xml| | 3976| 12-Jun-19| 06:50 \nhelpsitecolumns| helpsitecolumns.xml| | 7052| 12-Jun-19| 06:50 \nschema.xml_hierarchy| schema.xml| | 20345| 12-Jun-19| 06:50 \nhierarchyl.xml| hierarchytaskslist.xml| | 1459| 12-Jun-19| 06:50 \nfeature.xml_hierarchy| feature.xml| | 3460| 12-Jun-19| 06:50 \nschema.xml_holiday| schema.xml| | 7813| 12-Jun-19| 06:50 \nholiday.xml| holidayslist.xml| | 541| 12-Jun-19| 06:50 \nfeature.xml_holiday| feature.xml| | 1048| 12-Jun-19| 06:50 \nfeature.xml_ifedependentapps| feature.xml| | 412| 12-Jun-19| 06:50 \nschema.xml_imedic| schema.xml| | 5726| 12-Jun-19| 06:50 \nimedic.xml| imediclist.xml| | 1655| 12-Jun-19| 06:50 \nfeature.xml_imedic| feature.xml| | 894| 12-Jun-19| 06:50 \nschema.xml_issues| schema.xml| | 9760| 12-Jun-19| 06:50 \nissues.xml| issues.xml| | 446| 12-Jun-19| 06:50 \nfeature.xml_issues| feature.xml| | 466| 12-Jun-19| 06:50 \nschema.xml_links| schema.xml| | 41072| 12-Jun-19| 06:50 \nlinks.xml| links.xml| | 441| 12-Jun-19| 06:50 \nfeature.xml_links| feature.xml| | 476| 12-Jun-19| 06:50 \nschema.xml_mainlo| schema.xml| | 2006| 12-Jun-19| 06:50 \nschema.xml_mainlo_v14| schema.xml| | 2006| 12-Jun-19| 06:50 \nfeature.xml_mainlo| feature.xml| | 706| 12-Jun-19| 06:50 \nfeature.xml_mainlo_v14| feature.xml| | 706| 12-Jun-19| 06:50 \nmaintenancelogsinstance.xml_mainlo| maintenancelogsinstance.xml| | 412| 12-Jun-19| 06:50 \nmaintenancelogsinstance.xml_mainlo_v14| maintenancelogsinstance.xml| | 412| 12-Jun-19| 06:50 \nmaintenancelogstemplate.xml_mainlo| maintenancelogstemplate.xml| | 728| 12-Jun-19| 06:50 \nmaintenancelogstemplate.xml_mainlo_v14| maintenancelogstemplate.xml| | 728| 12-Jun-19| 06:50 \nfeature.xml_mbrowserredirect| feature.xml| | 418| 12-Jun-19| 06:50 \nfeature.xml_mbrowserredirectstapling| feature.xml| | 437| 12-Jun-19| 06:50 \nfeature.xml_mbrowserredirectfeaturestp| featurestapling.xml| | 637| 12-Jun-19| 06:50 \nfeature.xml_mds| feature.xml| | 520| 12-Jun-19| 06:50 \nmriddflt.xml| default.aspx| | 1270| 12-Jun-19| 06:50 \nmridelms.xml| elements.xml| | 210| 12-Jun-19| 06:50 \nmridfeat.xml| feature.xml| | 461| 12-Jun-19| 06:50 \nelements.xml_mpswebparts| elements.xml| | 583| 12-Jun-19| 06:50 \nfeature.xml_mpswebparts| feature.xml| | 469| 12-Jun-19| 06:50 \nncwfl.xml| nocodeworkflowlibrary.xml| | 1118| 12-Jun-19| 06:50 \nschema.xml_nocodepublicwf| schema.xml| | 4515| 12-Jun-19| 06:50 \nschema.xml_nocodewf| schema.xml| | 4455| 12-Jun-19| 06:50 \nfeature.xml_nocodewf| feature.xml| | 493| 12-Jun-19| 06:50 \nschema.xml_oecatalog| schema.xml| | 24259| 12-Jun-19| 06:50 \nfeature.xml_oecatalog| feature.xml| | 1840| 12-Jun-19| 06:50 \noecatalogfields.xml_oecatalog| oecatalogfields.xml| | 7204| 12-Jun-19| 06:50 \noecataloginstance.xml_oecatalog| oecataloginstance.xml| | 436| 12-Jun-19| 06:50 \noecatalogtemplate.xml_oecatalog| oecatalogtemplate.xml| | 718| 12-Jun-19| 06:50 \nfeature.xml_openinclient| feature.xml| | 435| 12-Jun-19| 06:50 \npnsubr.xml| pnsubscriberreceivers.xml| | 516| 12-Jun-19| 06:50 \npnsubs.xml| pnsubscribers.xml| | 425| 12-Jun-19| 06:50 \nschema.xml_pnsubs| schema.xml| | 1204| 12-Jun-19| 06:50 \nfeature.xml_pnsubs| feature.xml| | 883| 12-Jun-19| 06:50 \nlistinstance.xml_pnsubs| listinstance.xml| | 446| 12-Jun-19| 06:50 \npiclib.xml| picturelibrary.xml| | 473| 12-Jun-19| 06:50 \nallitems.aspx_piclib| allitems.aspx| | 3916| 12-Jun-19| 06:50 \ndispform.aspx_piclib| dispform.aspx| | 4735| 12-Jun-19| 06:50 \neditform.aspx_piclib| editform.aspx| | 4393| 12-Jun-19| 06:50 \nschema.xml| schema.xml| | 43005| 12-Jun-19| 06:50 \nselected.aspx_piclib| selected.aspx| | 3916| 12-Jun-19| 06:50 \nslidshow.aspx_piclib| slidshow.aspx| | 4133| 12-Jun-19| 06:50 \nupload.aspx_piclib| upload.aspx| | 6294| 12-Jun-19| 06:50 \nwebfldr.aspx_piclib| webfldr.aspx| | 2521| 12-Jun-19| 06:50 \nfeature.xml_piclib| feature.xml| | 864| 12-Jun-19| 06:50 \npromotedlinks.xml| promotedlinks.xml| | 495| 12-Jun-19| 06:50 \nschema.xml_promotedlinks| schema.xml| | 8219| 12-Jun-19| 06:50 \nfeature.xml_promotedlinks| feature.xml| | 497| 12-Jun-19| 06:50 \nschedule.xml| schedulelist.xml| | 526| 12-Jun-19| 06:50 \nfeature.xml_schedule| feature.xml| | 546| 12-Jun-19| 06:50 \nschema.xml_schedule| schema.xml| | 23502| 12-Jun-19| 06:50 \nfeature.xml_sharewitheveryone| feature.xml| | 622| 12-Jun-19| 06:50 \nfeature.xml_sharewitheveryonestapling| feature.xml| | 449| 12-Jun-19| 06:50 \nfeature.xml_sharewitheveryonefeaturestp| featurestapling.xml| | 215| 12-Jun-19| 06:50 \nfeature.xml_siteassets| feature.xml| | 526| 12-Jun-19| 06:50 \nfeature.xml_sitehelp| feature.xml| | 804| 12-Jun-19| 06:50 \nfeature.xml_sitenotebook| feature.xml| | 703| 12-Jun-19| 06:50 \nfeature.xml_0002| feature.xml| | 516| 12-Jun-19| 06:50 \nsitesettings.xml| sitesettings.xml| | 21358| 12-Jun-19| 06:50 \nelements.xml_sitestat| elements.xml| | 334| 12-Jun-19| 06:50 \nelements14.xml_sitestat| elements.xml| | 334| 12-Jun-19| 06:50 \nfeature.xml_sitestat| feature.xml| | 397| 12-Jun-19| 06:50 \nfeature14.xml_sitestat| feature.xml| | 397| 12-Jun-19| 06:50 \nupgfeature.xml| feature.xml| | 528| 12-Jun-19| 06:50 \nupgfeature.xml_14| feature.xml| | 528| 12-Jun-19| 06:50 \nsiteupgrade.xml| siteupgradelinks.xml| | 970| 12-Jun-19| 06:50 \nsiteupgrade.xml_14| siteupgradelinks.xml| | 970| 12-Jun-19| 06:50 \nelements.xml_suitenav| elements.xml| | 478| 12-Jun-19| 06:50 \nfeature.xml_suitenav| feature.xml| | 366| 12-Jun-19| 06:50 \nsurveys.xml| surveys.xml| | 477| 12-Jun-19| 06:50 \nfeature.xml_surveys| feature.xml| | 478| 12-Jun-19| 06:50 \nschema.xml_surveys| schema.xml| | 40244| 12-Jun-19| 06:50 \ntasks.xml| tasks.xml| | 468| 12-Jun-19| 06:50 \nfeature.xml_tasks| feature.xml| | 476| 12-Jun-19| 06:50 \nschema.xml_tasks| schema.xml| | 17465| 12-Jun-19| 06:50 \nfeature_teamcollab.xml| feature.xml| | 3223| 12-Jun-19| 06:50 \ndefault.xml_tenantadminbdc| default.xml| | 347| 12-Jun-19| 06:50 \nfeature.xml_tenantadminbdc| feature.xml| | 514| 12-Jun-19| 06:50 \nfeature.xml_tenantadminbdcstapling| feature.xml| | 443| 12-Jun-19| 06:50 \nfeature.xml_tenantadminbdcfeaturestp| featurestapling.xml| | 222| 12-Jun-19| 06:50 \ndefault.xml_tenantadminlinks| default.xml| | 3573| 12-Jun-19| 06:50 \nfeature.xml_tenantadminlinks| feature.xml| | 517| 12-Jun-19| 06:50 \ntimecard.xml| timecardlist.xml| | 8045| 12-Jun-19| 06:50 \nfeature.xml_timecard| feature.xml| | 916| 12-Jun-19| 06:50 \nschema.xml_timecard| schema.xml| | 8517| 12-Jun-19| 06:50 \nfeature.xml_excelserveredit| feature.xml| | 749| 12-Jun-19| 06:50 \nfeature.xml_excelserveredit_14| feature.xml| | 749| 12-Jun-19| 06:50 \nfeature.xml_officewebapps| feature.xml| | 752| 12-Jun-19| 06:50 \nfeature.xml_officewebapps_14| feature.xml| | 752| 12-Jun-19| 06:50 \nfeature.xml_onenoteserverviewing| feature.xml| | 752| 12-Jun-19| 06:50 \nfeature.xml_onenoteserverviewing_14| feature.xml| | 752| 12-Jun-19| 06:50 \nfeature.xml_wordserverviewing| feature.xml| | 752| 12-Jun-19| 06:50 \nfeature.xml_wordserverviewing_14| feature.xml| | 752| 12-Jun-19| 06:50 \nwbpglib.xml| webpagelibrary.xml| | 496| 12-Jun-19| 06:50 \nfeature.xml_webpagelib| feature.xml| | 478| 12-Jun-19| 06:50 \nschema.xml_webpagelib| schema.xml| | 16443| 12-Jun-19| 06:50 \nupload.aspx_webpagelib| upload.aspx| | 5911| 12-Jun-19| 06:50 \nwhatsnew.xml| whatsnewlist.xml| | 518| 12-Jun-19| 06:50 \nfeature.xml_whatsnew| feature.xml| | 521| 12-Jun-19| 06:50 \nschema.xml_whatsnew| schema.xml| | 21487| 12-Jun-19| 06:50 \nwhereabouts.xml| whereaboutslist.xml| | 1704| 12-Jun-19| 06:50 \nfeature.xml_whereabouts| feature.xml| | 1067| 12-Jun-19| 06:50 \nschema.xml_whereabouts| schema.xml| | 149506| 12-Jun-19| 06:50 \nfeature.xml_wikipagehomepage| feature.xml| | 902| 12-Jun-19| 06:50 \nfeature.xml_wikiwelcome| feature.xml| | 594| 12-Jun-19| 06:50 \nworkflowhistory.xml| workflowhistory.xml| | 489| 12-Jun-19| 06:50 \nfeature.xml_wrkflhis| feature.xml| | 482| 12-Jun-19| 06:50 \nschema.xml_wrkflhis| schema.xml| | 8019| 12-Jun-19| 06:50 \nworkflowprocess.xml| workflowprocess.xml| | 496| 12-Jun-19| 06:50 \nfeature.xml_wrkflproc| feature.xml| | 531| 12-Jun-19| 06:50 \nschema.xml_wrkflprc| schema.xml| | 629| 12-Jun-19| 06:50 \nformlib.xml| xmlformlibrary.xml| | 477| 12-Jun-19| 06:50 \nfeature.xml_xmlform| feature.xml| | 472| 12-Jun-19| 06:50 \neditdlg.htm_xmlform| editdlg.htm| | 4892| 12-Jun-19| 06:50 \nfiledlg.htm_xmlform| filedlg.htm| | 4754| 12-Jun-19| 06:50 \nrepair.aspx_xmlform| repair.aspx| | 3272| 12-Jun-19| 06:50 \nschema.xml_xmlform| schema.xml| | 20593| 12-Jun-19| 06:50 \nupload.aspx_xmlform| upload.aspx| | 5911| 12-Jun-19| 06:50 \nfgimg.png| fgimg.png| | 11776| 12-Jun-19| 06:50 \nmicrosoft.sharepoint.health.dll| microsoft.sharepoint.health.dll| 15.0.4989.1000| 109896| 12-Jun-19| 06:50 \nmicrosoft.sharepoint.identitymodel.dll| microsoft.sharepoint.identitymodel.dll| 15.0.5153.1000| 261208| 12-Jun-19| 06:50 \nadmin.dll_0001| admin.dll| 15.0.4454.1000| 18528| 12-Jun-19| 06:50 \nauthor.dll_0001| author.dll| 15.0.4454.1000| 18528| 12-Jun-19| 06:50 \nshtml.dll_0001| shtml.dll| 15.0.4454.1000| 18544| 12-Jun-19| 06:50 \njsgridcluster.png| jsgridcluster.png| | 2003| 12-Jun-19| 06:50 \nmicrosoft.online.sharepoint.dedicated.tenantadmin.dll| microsoft.online.sharepoint.dedicated.tenantadmin.dll| 15.0.4605.1000| 48832| 12-Jun-19| 06:50 \nmicrosoft.online.sharepoint.dedicated.tenantadmin.serverstub.dll| microsoft.online.sharepoint.dedicated.tenantadmin.serverstub.dll| 15.0.4535.1000| 79608| 12-Jun-19| 06:50 \nmicrosoft.sharepoint.client.dll| microsoft.sharepoint.client.dll| 15.0.5127.1000| 505936| 12-Jun-19| 01:48 \nmicrosoft.sharepoint.client.dll_0001| microsoft.sharepoint.client.dll| 15.0.5127.1000| 505936| 12-Jun-19| 01:48 \ntaps_client.dll| microsoft.sharepoint.client.dll| 15.0.5127.1000| 505936| | \nmicrosoft.sharepoint.client.phone.dll| microsoft.sharepoint.client.phone.dll| 15.0.5127.1000| 441424| 12-Jun-19| 06:49 \nmicrosoft.sharepoint.client.phone.runtime.dll| microsoft.sharepoint.client.phone.runtime.dll| 15.0.4859.1000| 206616| 12-Jun-19| 06:49 \nmicrosoft.sharepoint.client.runtime.dll| microsoft.sharepoint.client.runtime.dll| 15.0.4859.1000| 298240| 12-Jun-19| 01:48 \nmicrosoft.sharepoint.client.runtime.dll_0001| microsoft.sharepoint.client.runtime.dll| 15.0.4859.1000| 298240| 12-Jun-19| 01:48 \ntaps_client.runtime.dll| microsoft.sharepoint.client.runtime.dll| 15.0.4859.1000| 298240| | \nmicrosoft.sharepoint.client.serverruntime.dll| microsoft.sharepoint.client.serverruntime.dll| 15.0.4905.1000| 630608| 12-Jun-19| 06:50 \nmicrosoft.sharepoint.client.serverruntime.dll_0001| microsoft.sharepoint.client.serverruntime.dll| 15.0.4905.1000| 630608| 12-Jun-19| 06:50 \nmicrosoft.sharepoint.client.silverlight.dll| microsoft.sharepoint.client.silverlight.dll| 15.0.5127.1000| 440400| 12-Jun-19| 01:48 \nmicrosoft.sharepoint.client.silverlight.runtime.dll| microsoft.sharepoint.client.silverlight.runtime.dll| 15.0.4859.1000| 197424| 12-Jun-19| 01:48 \nspmintl.dll| microsoft.sharepoint.linq.codegeneration.intl.dll| 15.0.4420.1017| 17032| 12-Jun-19| 06:50 \nspldtsvc.dll| microsoft.sharepoint.linq.dataservice.dll| 15.0.4633.1000| 42720| 12-Jun-19| 06:50 \nsplinq.dll| microsoft.sharepoint.linq.dll| 15.0.4843.1000| 376032| 12-Jun-19| 06:50 \nsplinqvs.dll| microsoft.sharepoint.linq.dll| 15.0.4843.1000| 376032| 12-Jun-19| 06:50 \nsplintl.dll| microsoft.sharepoint.linq.intl.dll| 15.0.4420.1017| 26784| 12-Jun-19| 06:50 \nmicrosoft.sharepoint.serverstub.dll| microsoft.sharepoint.serverstub.dll| 15.0.4987.1000| 1427768| 12-Jun-19| 06:50 \nspnativerequestmoduledll_0001| spnativerequestmodule.dll| | 42064| 12-Jun-19| 06:50 \noffprsx.dll| offparser.dll| 15.0.5119.1000| 1496144| 12-Jun-19| 06:50 \noisimg.dll| oisimg.dll| 15.0.5085.1000| 96848| 12-Jun-19| 06:50 \nstslib.dll_0001| microsoft.sharepoint.library.dll| 15.0.4971.1000| 184576| 12-Jun-19| 06:50 \nowssvr.dll_0001| owssvr.dll| 15.0.5153.1000| 6385744| 12-Jun-19| 06:50 \nsts11plc.config| policy.11.0.microsoft.sharepoint.config| | 590| 12-Jun-19| 06:50 \nsts11plc.dll| policy.11.0.microsoft.sharepoint.dll| 15.0.4420.1017| 12456| 12-Jun-19| 06:50 \nspsec11.config| policy.11.0.microsoft.sharepoint.security.config| | 599| 12-Jun-19| 06:50 \nspsec11.dll| policy.11.0.microsoft.sharepoint.security.dll| 15.0.4420.1017| 12496| 12-Jun-19| 06:50 \nsts12plc.config| policy.12.0.microsoft.sharepoint.config| | 590| 12-Jun-19| 06:50 \nsts12plc.dll| policy.12.0.microsoft.sharepoint.dll| 15.0.4420.1017| 12456| 12-Jun-19| 06:50 \nspsec12.config| policy.12.0.microsoft.sharepoint.security.config| | 599| 12-Jun-19| 06:50 \nspsec12.dll| policy.12.0.microsoft.sharepoint.security.dll| 15.0.4420.1017| 12456| 12-Jun-19| 06:50 \nwfa12plc.config| policy.12.0.microsoft.sharepoint.workflowactions.config| | 606| 12-Jun-19| 06:50 \nwfa12plc.dll| policy.12.0.microsoft.sharepoint.workflowactions.dll| 15.0.4420.1017| 12488| 12-Jun-19| 06:50 \nwfs12plc.config| policy.12.0.microsoft.sharepoint.workflows.config| | 600| 12-Jun-19| 06:50 \nwfs12plc.dll| policy.12.0.microsoft.sharepoint.workflows.dll| 15.0.4420.1017| 12496| 12-Jun-19| 06:50 \nbusinessdata14.config| policy.14.0.microsoft.businessdata.config| | 592| 12-Jun-19| 06:50 \nbusinessdata14.dll| policy.14.0.microsoft.businessdata.dll| 15.0.4420.1017| 12464| 12-Jun-19| 06:50 \nclt14plc.config| policy.14.0.microsoft.sharepoint.client.config| | 597| 12-Jun-19| 06:50 \nclt14plc.dll| policy.14.0.microsoft.sharepoint.client.dll| 15.0.4420.1017| 12472| 12-Jun-19| 06:50 \ncltrtm14.config| policy.14.0.microsoft.sharepoint.client.runtime.config| | 605| 12-Jun-19| 06:50 \ncltrtm14.dll| policy.14.0.microsoft.sharepoint.client.runtime.dll| 15.0.4420.1017| 12488| 12-Jun-19| 06:50 \ncltsvr14.config| policy.14.0.microsoft.sharepoint.client.serverruntime.config| | 611| 12-Jun-19| 06:50 \ncltsvr14.dll| policy.14.0.microsoft.sharepoint.client.serverruntime.dll| 15.0.4420.1017| 12496| 12-Jun-19| 06:50 \nsts14plc.config| policy.14.0.microsoft.sharepoint.config| | 590| 12-Jun-19| 06:50 \nsts14plc.dll| policy.14.0.microsoft.sharepoint.dll| 15.0.4420.1017| 12472| 12-Jun-19| 06:50 \nlinq14.config| policy.14.0.microsoft.sharepoint.linq.config| | 595| 12-Jun-19| 06:50 \nlinq14.dll| policy.14.0.microsoft.sharepoint.linq.dll| 15.0.4420.1017| 12464| 12-Jun-19| 06:50 \npowshl14.config| policy.14.0.microsoft.sharepoint.powershell.config| | 601| 12-Jun-19| 06:50 \npowshl14.dll| policy.14.0.microsoft.sharepoint.powershell.dll| 15.0.4420.1017| 12480| 12-Jun-19| 06:50 \nspsec14.config| policy.14.0.microsoft.sharepoint.security.config| | 599| 12-Jun-19| 06:50 \nspsec14.dll| policy.14.0.microsoft.sharepoint.security.dll| 15.0.4420.1017| 12456| 12-Jun-19| 06:50 \nwfa14plc.config| policy.14.0.microsoft.sharepoint.workflowactions.config| | 606| 12-Jun-19| 06:50 \nwfa14plc.dll| policy.14.0.microsoft.sharepoint.workflowactions.dll| 15.0.4420.1017| 12488| 12-Jun-19| 06:50 \nwfs14plc.config| policy.14.0.microsoft.sharepoint.workflows.config| | 600| 12-Jun-19| 06:50 \nwfs14plc.dll| policy.14.0.microsoft.sharepoint.workflows.dll| 15.0.4420.1017| 12496| 12-Jun-19| 06:50 \ncmdui14.config| policy.14.0.microsoft.web.commandui.config| | 593| 12-Jun-19| 06:50 \ncmdui14.dll| policy.14.0.microsoft.web.commandui.dll| 15.0.4420.1017| 12464| 12-Jun-19| 06:50 \nformat.ps1xml| sharepointpowershell.format.ps1xml| | 61362| 12-Jun-19| 06:50 \nmicrosoft.sharepoint.powershell.dll_0001| microsoft.sharepoint.powershell.dll| 15.0.4949.1000| 993024| 12-Jun-19| 06:50 \nmicrosoft.sharepoint.powershell.intl.dll| microsoft.sharepoint.powershell.intl.dll| 15.0.4863.1000| 95488| 12-Jun-19| 06:50 \npsconsole.psc1| psconsole.psc1| | 181| 12-Jun-19| 06:50 \nsharepoint.ps1| sharepoint.ps1| | 9838| 12-Jun-19| 06:50 \nspcmdletschema.xsd| spcmdletschema.xsd| | 1114| 12-Jun-19| 06:50 \nwsscmdlet.xml| wsscmdlet.xml| | 113235| 12-Jun-19| 06:50 \ntypes.ps1xml| sharepointpowershell.types.ps1xml| | 18000| 12-Jun-19| 06:50 \npscintl.dll| microsoft.sharepoint.setupconfiguration.intl.dll| 15.0.4881.1000| 2093824| 12-Jun-19| 06:50 \npsconfig.exe| psconfig.exe| 15.0.4939.1000| 564544| 12-Jun-19| 06:50 \npsconfig.exe.config| psconfig.exe.config| | 273| 12-Jun-19| 06:50 \npsconfigui.exe| psconfigui.exe| 15.0.4939.1000| 825664| 12-Jun-19| 06:50 \npsconfigui.exe.config| psconfigui.exe.config| | 273| 12-Jun-19| 06:50 \ncore_0.rsx| core.resx| | 490005| 12-Jun-19| 06:50 \nadmincfg.xml| adminconfig.xml| | 1288| 12-Jun-19| 06:50 \nbdcservice.xml| bdcservice.xml| | 632| 12-Jun-19| 06:50 \njoinfarm.xml| joinfarm.xml| | 648| 12-Jun-19| 06:50 \nsilverlight.js_script| silverlight.js| | 7950| 12-Jun-19| 06:50 \nsts_addgallery_ooprovider| addgallery.officeonlineprovider.dll| 15.0.4420.1017| 43144| 12-Jun-19| 06:50 \naddgallery.aspx_silverlight| addgallery.aspx| | 11755| 12-Jun-19| 06:50 \ndldsln16.png| dldsln16.png| | 912| 12-Jun-19| 06:50 \ndldsln32.png| dldsln32.png| | 2612| 12-Jun-19| 06:50 \nsts_addgallery_server| microsoft.sharepoint.addgallery.server.dll| 15.0.4508.1000| 115904| 12-Jun-19| 06:50 \nsp.datetimeutil.res_0.resx| sp.datetimeutil.res.resx| | 5825| 12-Jun-19| 06:50 \nsp.datetimeutil.res_0.resx_0.scriptx| sp.datetimeutil.res.resx.scriptx| | 255| 12-Jun-19| 06:50 \nsp.jsgrid.res_0.resx| sp.jsgrid.res.resx| | 16415| 12-Jun-19| 06:50 \nsp.jsgrid.res_0.resx_0.scriptx| sp.jsgrid.res.resx.scriptx| | 249| 12-Jun-19| 06:50 \nsp.res_0.resx| sp.res.resx| | 73515| 12-Jun-19| 06:50 \nspmetal.exe| spmetal.exe| 15.0.4420.1017| 140488| 12-Jun-19| 06:50 \nsts.spuchostservice.exe| spuchostservice.exe| 15.0.4525.1000| 118040| 12-Jun-19| 06:50 \nsts.spuchostservice.exe.config| spuchostservice.exe.config| | 644| 12-Jun-19| 06:50 \nsts.spucworkerprocess.exe| spucworkerprocess.exe| 15.0.4510.1000| 46856| 12-Jun-19| 06:50 \nsts.spucworkerprocess.exe.config| spucworkerprocess.exe.config| | 654| 12-Jun-19| 06:50 \nsts.spucworkerprocessproxy.exe| spucworkerprocessproxy.exe| 15.0.4420.1017| 115440| 12-Jun-19| 06:50 \nsts.spucworkerprocessproxy.exe.config| spucworkerprocessproxy.exe.config| | 644| 12-Jun-19| 06:50 \nspusercode.dll_0001| microsoft.sharepoint.usercode.dll| 15.0.4525.1000| 26816| 12-Jun-19| 06:50 \nadmsoap.dll| admsoap.dll| 15.0.4420.1017| 15496| 12-Jun-19| 06:50 \nadmin.amx| admin.asmx| | 86| 12-Jun-19| 06:50 \nadmdisco.asx| admindisco.aspx| | 1283| 12-Jun-19| 06:50 \nadmwsdl.asx| adminwsdl.aspx| | 9474| 12-Jun-19| 06:50 \nweb.cfg_0001| web.config| | 445| 12-Jun-19| 06:50 \nstsadm.exe| stsadm.exe| 15.0.4420.1017| 350392| 12-Jun-19| 06:50 \nstsadm.exe.config| stsadm.exe.config| | 272| 12-Jun-19| 06:50 \nstscfg.exe| stscfg.exe| 15.0.4420.1017| 14944| 12-Jun-19| 06:50 \nbecwebserviceclientconfig| client.config| | 1437| 12-Jun-19| 06:50 \nsecuritytokenappsvc| appsts.svc| | 452| 12-Jun-19| 06:50 \nappwrweb.cfg| appwpresweb.config| | 1210| 12-Jun-19| 06:50 \ncloudweb.cfg| cloudweb.config| | 64941| 12-Jun-19| 06:50 \nstsomdia.dll| microsoft.sharepoint.diagnostics.dll| 15.0.4420.1017| 18080| 12-Jun-19| 06:50 \nstsom.dll| microsoft.sharepoint.dll| 15.0.5153.1000| 26848856| 15-Jun-19| 05:55 \nstsom.dll_0001| microsoft.sharepoint.dll| 15.0.5153.1000| 26848856| 15-Jun-19| 05:55 \nxlsrv.ecs.stsom.dll| microsoft.sharepoint.dll| 15.0.5153.1000| 26848856| 15-Jun-19| 05:55 \nxlsrv.ecswatchdog.stsom.dll| microsoft.sharepoint.dll| 15.0.5153.1000| 26848856| 15-Jun-19| 05:55 \nxlsrv.stsom.dll| microsoft.sharepoint.dll| 15.0.5153.1000| 26848856| 15-Jun-19| 05:55 \nstsomdr.dll| microsoft.sharepoint.intl.dll| 15.0.4987.1000| 1267432| 12-Jun-19| 06:50 \nbdcservice.svc| bdcservice.svc| | 383| 12-Jun-19| 06:50 \nbdcwebclient.config| client.config| | 2125| 12-Jun-19| 06:50 \nbdcserviceweb.config| web.config| | 3156| 12-Jun-19| 06:50 \nsecuritytokenclientconfig| client.config| | 3448| 12-Jun-19| 06:50 \nsecuritytokenconfig| web.config| | 6235| 12-Jun-19| 06:50 \nsecuritytokensvc| securitytoken.svc| | 443| 12-Jun-19| 06:50 \nwintokcachesvc| windowstokencache.svc| | 395| 12-Jun-19| 06:50 \nsubscriptionsettingsclientconfig| client.config| | 2369| 12-Jun-19| 06:50 \nsubscriptionsettingsservicesvc| subscriptionsettings.svc| | 367| 12-Jun-19| 06:50 \nsubscriptionsettingsserviceconfig| web.config| | 2647| 12-Jun-19| 06:50 \ntopologyclientconfig| client.config| | 982| 12-Jun-19| 06:50 \ntopologyservicesvc| topology.svc| | 347| 12-Jun-19| 06:50 \ntopologyserviceconfig| web.config| | 1604| 12-Jun-19| 06:50 \nusercodeweb.cfg| web.config| | 1002| 12-Jun-19| 06:50 \nweb.cfg| web.config| | 64941| 12-Jun-19| 06:50 \nweb.cfg_0003| web.config| | 258| 12-Jun-19| 06:50 \nstsap.dll| microsoft.sharepoint.applicationpages.dll| 15.0.5119.1000| 1487952| 12-Jun-19| 06:50 \nstsomsec.dll| microsoft.sharepoint.security.dll| 15.0.4420.1017| 16512| 12-Jun-19| 01:48 \nstsomsec.dll_0001| microsoft.sharepoint.security.dll| 15.0.4420.1017| 16512| 12-Jun-19| 01:48 \nxlsrv.spsec.dll| microsoft.sharepoint.security.dll| 15.0.4420.1017| 16512| 12-Jun-19| 01:48 \nsppimps.xml| sharepointpermission.impersonate.xml| | 207| 12-Jun-19| 06:50 \nsppom.xml| sharepointpermission.objectmodel.xml| | 207| 12-Jun-19| 06:50 \nsppusog.xml| sharepointpermission.unsafesaveonget.xml| | 211| 12-Jun-19| 06:50 \nwssmedtr.cfg| wss_mediumtrust.config| | 13782| 12-Jun-19| 06:50 \nwssmintr.cfg| wss_minimaltrust.config| | 9149| 12-Jun-19| 06:50 \nusercode.cfg| wss_usercode.config| | 5855| 12-Jun-19| 06:50 \nsub.amx| alerts.asmx| | 88| 12-Jun-19| 06:50 \nsubdisco.asx| alertsdisco.aspx| | 1313| 12-Jun-19| 06:50 \nsubwsdl.asx| alertswsdl.aspx| | 8824| 12-Jun-19| 06:50 \nauth.amx| authentication.asmx| | 96| 12-Jun-19| 06:50 \nautdisco.asx| authenticationdisco.aspx| | 1301| 12-Jun-19| 06:50 \nautwsdl.asx| authenticationwsdl.aspx| | 5968| 12-Jun-19| 06:50 \nbdcadminservice.svc| bdcadminservice.svc| | 332| 12-Jun-19| 06:50 \nbdcexecutionservice.svc| bdcremoteexecutionservice.svc| | 197| 12-Jun-19| 06:50 \nbdcresolverpickerservice.svc| bdcresolverpickerservice.svc| | 402| 12-Jun-19| 06:50 \ncellstorage.https.svc| cellstorage.https.svc| | 205| 12-Jun-19| 06:50 \ncellstorage.svc| cellstorage.svc| | 200| 12-Jun-19| 06:50 \ncopy.amx| copy.asmx| | 86| 12-Jun-19| 06:50 \ncopdisco.asx| copydisco.aspx| | 1281| 12-Jun-19| 06:50 \ncopwsdl.asx| copywsdl.aspx| | 11267| 12-Jun-19| 06:50 \ndiagnostics.amx| diagnostics.asmx| | 103| 12-Jun-19| 06:50 \ndiagdata.svc| diagnosticsdata.svc| | 391| 12-Jun-19| 06:50 \ndiagnosticsdisco.asx| diagnosticsdisco.aspx| | 1329| 12-Jun-19| 06:50 \ndiagnosticswsdl.asx| diagnosticswsdl.aspx| | 4677| 12-Jun-19| 06:50 \ndocumentsharing.svc| documentsharing.svc| | 331| 12-Jun-19| 06:50 \ndspsts.amx| dspsts.asmx| | 179| 12-Jun-19| 06:50 \ndspstsdi.asx_0001| dspstsdisco.aspx| | 1289| 12-Jun-19| 06:50 \ndspstsws.asx_0001| dspstswsdl.aspx| | 10966| 12-Jun-19| 06:50 \ndws.amx| dws.asmx| | 85| 12-Jun-19| 06:50 \ndwsdisco.asx| dwsdisco.aspx| | 1287| 12-Jun-19| 06:50 \ndwswsdl.asx| dwswsdl.aspx| | 20223| 12-Jun-19| 06:50 \nexcelrest.asx| excelrest.aspx| | 202| 12-Jun-19| 06:50 \nexportwp.asx| exportwp.aspx| | 498| 12-Jun-19| 06:50 \nexpurlwp.asx| expurlwp.aspx| | 243| 12-Jun-19| 06:50 \nforms.amx| forms.asmx| | 87| 12-Jun-19| 06:50 \nfordisco.asx| formsdisco.aspx| | 1283| 12-Jun-19| 06:50 \nforwsdl.asx| formswsdl.aspx| | 5644| 12-Jun-19| 06:50 \nimaging.amx| imaging.asmx| | 89| 12-Jun-19| 06:50 \nimadisco.asx| imagingdisco.aspx| | 1295| 12-Jun-19| 06:50 \nimawsdl.asx| imagingwsdl.aspx| | 24227| 12-Jun-19| 06:50 \nlistdata.svc| listdata.svc| | 392| 12-Jun-19| 06:50 \nlists.amx| lists.asmx| | 87| 12-Jun-19| 06:50 \nlisdisco.asx| listsdisco.aspx| | 1283| 12-Jun-19| 06:50 \nliswsdl.asx| listswsdl.aspx| | 73094| 12-Jun-19| 06:50 \nmeetings.amx| meetings.asmx| | 90| 12-Jun-19| 06:50 \nmeedisco.asx| meetingsdisco.aspx| | 1307| 12-Jun-19| 06:50 \nmeewsdl.asx| meetingswsdl.aspx| | 26921| 12-Jun-19| 06:50 \nonenote.ashx| onenote.ashx| | 89| 12-Jun-19| 06:50 \npeople.amx| people.asmx| | 88| 12-Jun-19| 06:50 \nppldisco.asx| peopledisco.aspx| | 1285| 12-Jun-19| 06:50 \npplwsdl.asx| peoplewsdl.aspx| | 9093| 12-Jun-19| 06:50 \nperms.amx| permissions.asmx| | 94| 12-Jun-19| 06:50 \nperdisco.asx| permissionsdisco.aspx| | 1315| 12-Jun-19| 06:50 \nperwsdl.asx| permissionswsdl.aspx| | 13698| 12-Jun-19| 06:50 \nsharedaccess.amx| sharedaccess.asmx| | 94| 12-Jun-19| 06:50 \nsharedaccessdisco.asx| sharedaccessdisco.aspx| | 1297| 12-Jun-19| 06:50 \nsharedaccesswsdl.asx| sharedaccesswsdl.aspx| | 4036| 12-Jun-19| 06:50 \nsharepointemailws.amx| sharepointemailws.asmx| | 98| 12-Jun-19| 06:50 \nsharepointemailwsdisco.asx| sharepointemailwsdisco.aspx| | 1349| 12-Jun-19| 06:50 \nsharepointemailwswsdl.asx| sharepointemailwswsdl.aspx| | 25799| 12-Jun-19| 06:50 \nsitedata.amx| sitedata.asmx| | 90| 12-Jun-19| 06:50 \nsdadisco.asx| sitedatadisco.aspx| | 1289| 12-Jun-19| 06:50 \nsdawsdl.asx| sitedatawsdl.aspx| | 36711| 12-Jun-19| 06:50 \nsites.amx| sites.asmx| | 87| 12-Jun-19| 06:50 \nsitdisco.asx| sitesdisco.aspx| | 1283| 12-Jun-19| 06:50 \nsitwsdl.asx| siteswsdl.aspx| | 22976| 12-Jun-19| 06:50 \nspclaimproviderwebservice.https.svc| spclaimproviderwebservice.https.svc| | 115| 12-Jun-19| 06:50 \nspclaimproviderwebservice.svc| spclaimproviderwebservice.svc| | 110| 12-Jun-19| 06:50 \nspdisco.asx| spdisco.aspx| | 11428| 12-Jun-19| 06:50 \nspsearchdisco.asx| spsearchdisco.aspx| | 1319| 12-Jun-19| 06:50 \nspsearchwsdl.asx| spsearchwsdl.aspx| | 8629| 12-Jun-19| 06:50 \nspsecuritytokenservice.svc| spsecuritytokenservice.svc| | 476| 12-Jun-19| 06:50 \nweb.config_sts| web.config| | 4845| 12-Jun-19| 06:50 \nusergrp.amx| usergroup.asmx| | 92| 12-Jun-19| 06:50 \nusedisco.asx| usergroupdisco.aspx| | 1311| 12-Jun-19| 06:50 \nusewsdl.asx| usergroupwsdl.aspx| | 82880| 12-Jun-19| 06:50 \nversions.amx| versions.asmx| | 90| 12-Jun-19| 06:50 \nverdisco.asx| versionsdisco.aspx| | 1289| 12-Jun-19| 06:50 \nverwsdl.asx| versionswsdl.aspx| | 9474| 12-Jun-19| 06:50 \nviews.amx| views.asmx| | 87| 12-Jun-19| 06:50 \nviedisco.asx| viewsdisco.aspx| | 1283| 12-Jun-19| 06:50 \nviewsdl.asx| viewswsdl.aspx| | 25520| 12-Jun-19| 06:50 \nweb.cfg_0010| web.config| | 13944| 12-Jun-19| 06:50 \nwppages.amx| webpartpages.asmx| | 186| 12-Jun-19| 06:50 \nwppdisco.asx| webpartpagesdisco.aspx| | 1315| 12-Jun-19| 06:50 \nwppwsdl.asx| webpartpageswsdl.aspx| | 56408| 12-Jun-19| 06:50 \nwebs.amx| webs.asmx| | 86| 12-Jun-19| 06:50 \nwebdisco.asx| websdisco.aspx| | 1281| 12-Jun-19| 06:50 \nwebwsdl.asx| webswsdl.aspx| | 41302| 12-Jun-19| 06:50 \nwopi.ashx| wopi.ashx| | 86| 12-Jun-19| 06:50 \nwsdisco.asx| wsdisco.aspx| | 1806| 12-Jun-19| 06:50 \nwswsdl.asx| wswsdl.aspx| | 1904| 12-Jun-19| 06:50 \nstssoap.dll| stssoap.dll| 15.0.4981.1000| 553704| 12-Jun-19| 06:50 \nsubsetproxy.dll_0001| microsoft.sharepoint.subsetproxy.dll| 15.0.5085.1000| 848144| 12-Jun-19| 06:50 \nsubsetshim.dll_0001| microsoft.sharepoint.dll| 15.900.5085.1000| 2139416| 12-Jun-19| 06:50 \nalerttmp.xml| alerttemplates.xml| | 458234| 12-Jun-19| 06:50 \nalerttms.xml| alerttemplates_sms.xml| | 51863| 12-Jun-19| 06:50 \ndefault.aspx_app| default.aspx| | 1168| 12-Jun-19| 06:50 \nonet.xml_app| onet.xml| | 4911| 12-Jun-19| 06:50 \ndefault.aspx_appcatalog| default.aspx| | 4026| 12-Jun-19| 06:50 \nonet.xml_appcatalog| onet.xml| | 6262| 12-Jun-19| 06:50 \napphostwebfeatures.xsd| apphostwebfeatures.xsd| | 17579| 12-Jun-19| 06:50 \nappmanifest.xsd| appmanifest.xsd| | 20392| 12-Jun-19| 06:50 \napppartconfig.xsd| apppartconfig.xsd| | 2826| 12-Jun-19| 06:50 \nappsolution.xsd| appsolution.xsd| | 101258| 12-Jun-19| 06:50 \nblog.xsl| blog.xsl| | 37369| 12-Jun-19| 06:50 \nonet.xml_blog| onet.xml| | 6549| 12-Jun-19| 06:50 \ncamlqry.xsd| camlquery.xsd| | 10890| 12-Jun-19| 06:50 \ncamlview.xsd| camlview.xsd| | 19014| 12-Jun-19| 06:50 \ncpchkers.xsd| capabilitycheckers.xsd| | 1924| 12-Jun-19| 06:50 \nschema.xml_0010| schema.xml| | 16975| 12-Jun-19| 06:50 \ndmslstallitems_aspx| allitems.aspx| | 2731| 12-Jun-19| 06:50 \ndmslstcreatedls_aspx| createdls.aspx| | 2731| 12-Jun-19| 06:50 \ndmslstdeletedls_aspx| deletedls.aspx| | 2731| 12-Jun-19| 06:50 \ndmslstdispform_aspx| dispform.aspx| | 4190| 12-Jun-19| 06:50 \ndmslsteditform_aspx| editform.aspx| | 4167| 12-Jun-19| 06:50 \ndmslstmodifydls_aspx| modifydls.aspx| | 2731| 12-Jun-19| 06:50 \ndmslstnewform_aspx| newform.aspx| | 4197| 12-Jun-19| 06:50 \ndmslstschema_xml| schema.xml| | 22840| 12-Jun-19| 06:50 \ntopology.dwp| topologyview.dwp| | 495| 12-Jun-19| 06:50 \nschema.xml_1221| schema.xml| | 9478| 12-Jun-19| 06:50 \nschema.xml_1220| schema.xml| | 7583| 12-Jun-19| 06:50 \napplications.asx_0014| applications.aspx| | 3724| 12-Jun-19| 06:50 \napps.asx_0014| apps.aspx| | 3708| 12-Jun-19| 06:50 \nbackups.asx_0014| backups.aspx| | 3714| 12-Jun-19| 06:50 \nconfigurationwizards.asx_0014| configurationwizards.aspx| | 3740| 12-Jun-19| 06:50 \ndefault.asx_0014| default.aspx| | 5230| 12-Jun-19| 06:50 \ngenappsettings.asx_0014| generalapplicationsettings.aspx| | 3753| 12-Jun-19| 06:50 \nmonitoring.asx_0014| monitoring.aspx| | 3720| 12-Jun-19| 06:50 \no365config.asx_0015| office365configuration.aspx| | 3725| 12-Jun-19| 06:50 \nsecurity.asx_0014| security.aspx| | 3716| 12-Jun-19| 06:50 \nsysset.asx_0014| systemsettings.aspx| | 3728| 12-Jun-19| 06:50 \nupgandmig.asx_0014| upgradeandmigration.aspx| | 3738| 12-Jun-19| 06:50 \nonet.xml_0006| onet.xml| | 10552| 12-Jun-19| 06:50 \ncoredefs.xsd| coredefinitions.xsd| | 3308| 12-Jun-19| 06:50 \ndeplset.xsd| deploymentexportsettings.xsd| | 4494| 12-Jun-19| 06:50 \ndepllook.xsd| deploymentlookuplistmap.xsd| | 1632| 12-Jun-19| 06:50 \ndepl.xsd| deploymentmanifest.xsd| | 79362| 12-Jun-19| 06:50 \ndeplreq.xsd| deploymentrequirements.xsd| | 1262| 12-Jun-19| 06:50 \ndeplroot.xsd| deploymentrootobjectmap.xsd| | 1642| 12-Jun-19| 06:50 \ndeplsys.xsd| deploymentsystemdata.xsd| | 3065| 12-Jun-19| 06:50 \ndepluser.xsd| deploymentusergroupmap.xsd| | 3386| 12-Jun-19| 06:50 \ndeplform.xsd| deploymentviewformslist.xsd| | 877| 12-Jun-19| 06:50 \ndip.css| dip.css| | 1781| 12-Jun-19| 06:50 \ndip.css_14| dip.css| | 1781| 12-Jun-19| 06:50 \ndip.html| dip.html| | 4328| 12-Jun-19| 06:50 \ndip.html_14| dip.html| | 4328| 12-Jun-19| 06:50 \ndip.js| dip.js| | 63039| 12-Jun-19| 06:50 \ndip.js_14| dip.js| | 63039| 12-Jun-19| 06:50 \nmessagebanner.js| messagebanner.js| | 4968| 12-Jun-19| 06:50 \nmessagebanner.js_14| messagebanner.js| | 4968| 12-Jun-19| 06:50 \ndocicon.xml| docicon.xml| | 16363| 12-Jun-19| 06:50 \nwkpstd.asx_wiki| wkpstd.aspx| | 3356| 12-Jun-19| 06:50 \nfldtypes.xml| fldtypes.xml| | 256018| 12-Jun-19| 06:50 \nfldtypes.xsl| fldtypes.xsl| | 133234| 12-Jun-19| 06:50 \nftacpl.xml| fldtypes_accessrequestspermissionlevel.xml| | 753| 12-Jun-19| 06:50 \nfluidapp.xsd| fluidapplicationsettings.xsd| | 2721| 12-Jun-19| 06:50 \nformxml.xsl| formxml.xsl| | 20914| 12-Jun-19| 06:50 \ngbwdef.asc| gbwdefaulttemplates.ascx| | 57071| 12-Jun-19| 06:50 \ngbwmdef.asc| gbwmobiledefaulttemplates.ascx| | 13722| 12-Jun-19| 06:50 \ndispsr.asx_mobile| dispsr.aspx| | 2702| 12-Jun-19| 06:50 \neditsr.asx_mobile| editsr.aspx| | 2574| 12-Jun-19| 06:50 \nnewsr.asx_mobile| newsr.aspx| | 2570| 12-Jun-19| 06:50 \nviewdaily.asx_mobile| viewdaily.aspx| | 4994| 12-Jun-19| 06:50 \nwaview.asx_mobile| waview.aspx| | 2986| 12-Jun-19| 06:50 \ndefault.aspx_gbw| default.aspx| | 3458| 12-Jun-19| 06:50 \nonet.xml_gbw| onet.xml| | 10911| 12-Jun-19| 06:50 \nschema.xml_appdatalib| schema.xml| | 314| 12-Jun-19| 06:50 \ndefault.spc| default.spcolor| | 5243| 12-Jun-19| 06:50 \npalette001.spcolor| palette001.spcolor| | 5243| 12-Jun-19| 06:50 \npalette002.spcolor| palette002.spcolor| | 5251| 12-Jun-19| 06:50 \npalette003.spcolor| palette003.spcolor| | 5247| 12-Jun-19| 06:50 \npalette004.spcolor| palette004.spcolor| | 5246| 12-Jun-19| 06:50 \npalette005.spcolor| palette005.spcolor| | 5247| 12-Jun-19| 06:50 \npalette006.spcolor| palette006.spcolor| | 5249| 12-Jun-19| 06:50 \npalette007.spcolor| palette007.spcolor| | 5251| 12-Jun-19| 06:50 \npalette008.spcolor| palette008.spcolor| | 5251| 12-Jun-19| 06:50 \npalette009.spcolor| palette009.spcolor| | 5248| 12-Jun-19| 06:50 \npalette010.spcolor| palette010.spcolor| | 5250| 12-Jun-19| 06:50 \npalette011.spcolor| palette011.spcolor| | 5248| 12-Jun-19| 06:50 \npalette012.spcolor| palette012.spcolor| | 5243| 12-Jun-19| 06:50 \npalette013.spcolor| palette013.spcolor| | 5243| 12-Jun-19| 06:50 \npalette014.spcolor| palette014.spcolor| | 5243| 12-Jun-19| 06:50 \npalette015.spcolor| palette015.spcolor| | 5243| 12-Jun-19| 06:50 \npalette016.spcolor| palette016.spcolor| | 5243| 12-Jun-19| 06:50 \npalette017.spcolor| palette017.spcolor| | 5243| 12-Jun-19| 06:50 \npalette018.spcolor| palette018.spcolor| | 5243| 12-Jun-19| 06:50 \npalette019.spcolor| palette019.spcolor| | 5243| 12-Jun-19| 06:50 \npalette020.spcolor| palette020.spcolor| | 5243| 12-Jun-19| 06:50 \npalette021.spcolor| palette021.spcolor| | 5243| 12-Jun-19| 06:50 \npalette022.spcolor| palette022.spcolor| | 5246| 12-Jun-19| 06:50 \npalette023.spcolor| palette023.spcolor| | 5246| 12-Jun-19| 06:50 \npalette024.spcolor| palette024.spcolor| | 5246| 12-Jun-19| 06:50 \npalette025.spcolor| palette025.spcolor| | 5246| 12-Jun-19| 06:50 \npalette026.spcolor| palette026.spcolor| | 5246| 12-Jun-19| 06:50 \npalette027.spcolor| palette027.spcolor| | 5246| 12-Jun-19| 06:50 \npalette028.spcolor| palette028.spcolor| | 5246| 12-Jun-19| 06:50 \npalette029.spcolor| palette029.spcolor| | 5246| 12-Jun-19| 06:50 \npalette030.spcolor| palette030.spcolor| | 5246| 12-Jun-19| 06:50 \npalette031.spcolor| palette031.spcolor| | 5246| 12-Jun-19| 06:50 \npalette032.spcolor| palette032.spcolor| | 5245| 12-Jun-19| 06:50 \npalette1.spcolor| palette1.spcolor| | 3110| 12-Jun-19| 06:50 \npalette2.spcolor| palette2.spcolor| | 3121| 12-Jun-19| 06:50 \npalette3.spcolor| palette3.spcolor| | 3122| 12-Jun-19| 06:50 \npalette4.spcolor| palette4.spcolor| | 3121| 12-Jun-19| 06:50 \npalette5.spcolor| palette5.spcolor| | 3116| 12-Jun-19| 06:50 \npalette6.spcolor| palette6.spcolor| | 3118| 12-Jun-19| 06:50 \nschema.xml_designlib| schema.xml| | 4033| 12-Jun-19| 06:50 \nfnt001.spfont| fontscheme001.spfont| | 15354| 12-Jun-19| 06:50 \nfnt002.spfont| fontscheme002.spfont| | 13545| 12-Jun-19| 06:50 \nfnt003.spfont| fontscheme003.spfont| | 15461| 12-Jun-19| 06:50 \nfnt004.spfont| fontscheme004.spfont| | 15884| 12-Jun-19| 06:50 \nfnt005.spfont| fontscheme005.spfont| | 16065| 12-Jun-19| 06:50 \nfnt006.spfont| fontscheme006.spfont| | 14209| 12-Jun-19| 06:50 \nfnt007.spfont| fontscheme007.spfont| | 15880| 12-Jun-19| 06:50 \ndefault.spf| default.spfont| | 13976| 12-Jun-19| 06:50 \nsharepoint.spfont| sharepointpersonality.spfont| | 13976| 12-Jun-19| 06:50 \nschema.xml_listtemp| schema.xml| | 80036| 12-Jun-19| 06:50 \nupload.asx_listtemp| upload.aspx| | 6141| 12-Jun-19| 06:50 \napp.mas_mplib| app.master| | 19062| 12-Jun-19| 06:50 \ndefault.mas| default.master| | 26292| 12-Jun-19| 06:50 \ndefault.mas_mplib| default.master| | 26292| 12-Jun-19| 06:50 \nlv3.mas| layoutsv3.master| | 13587| 12-Jun-19| 06:50 \nminimal.mas| minimal.master| | 8825| 12-Jun-19| 06:50 \nminimal.mas_mplib| minimal.master| | 8825| 12-Jun-19| 06:50 \nmwsdef.mas_mplib| mwsdefault.master| | 26950| 12-Jun-19| 06:50 \nmwsv15.mas_mplib| mwsdefaultv15.master| | 30580| 12-Jun-19| 06:50 \nmwsv4.mas_mplib| mwsdefaultv4.master| | 27509| 12-Jun-19| 06:50 \noslo.mas_mplib| oslo.master| | 29416| 12-Jun-19| 06:50 \noslo.prev| oslo.preview| | 10159| 12-Jun-19| 06:50 \nschema.xml_mplib| schema.xml| | 84417| 12-Jun-19| 06:50 \nseattle.mas| seattle.master| | 29925| 12-Jun-19| 06:50 \nseattle.mas_mplib| seattle.master| | 29925| 12-Jun-19| 06:50 \nseattle.prev| seattle.preview| | 10725| 12-Jun-19| 06:50 \nupload.asp_mplib| upload.aspx| | 5911| 12-Jun-19| 06:50 \nv4.mas| v4.master| | 26916| 12-Jun-19| 06:50 \nv4.mas_mplib| v4.master| | 26916| 12-Jun-19| 06:50 \nactivate.asx_solutionslib| activate.aspx| | 3861| 12-Jun-19| 06:50 \nschema.xml_solutionslib| schema.xml| | 83463| 12-Jun-19| 06:50 \nupload.asx_solutionslib| upload.aspx| | 5914| 12-Jun-19| 06:50 \nviewpage.asx_solutionslib| viewpage.aspx| | 2718| 12-Jun-19| 06:50 \nschema.xml_themeslib| schema.xml| | 1849| 12-Jun-19| 06:50 \nschema.xml_users| schema.xml| | 392079| 12-Jun-19| 06:50 \neditdlg.htm_webtemp| editdlg.htm| | 4892| 12-Jun-19| 06:50 \nschema.xml_webtemp| schema.xml| | 166908| 12-Jun-19| 06:50 \nupload.asx_webtemp| upload.aspx| | 6141| 12-Jun-19| 06:50 \nschema.xml_wplib| schema.xml| | 92345| 12-Jun-19| 06:50 \nupload.asx_wplib| upload.aspx| | 5914| 12-Jun-19| 06:50 \ncmdui.xml_global| cmdui.xml| | 631119| 12-Jun-19| 06:50 \nonet.xml_global| onet.xml| | 313439| 12-Jun-19| 06:50 \nstdview.xml_global| stdview.xml| | 54852| 12-Jun-19| 06:50 \nvwstyles.xml_global| vwstyles.xml| | 422824| 12-Jun-19| 06:50 \ngroupbd.xsl| groupboard.xsl| | 14233| 12-Jun-19| 06:50 \nhtrinfo.xml_0001| htmltransinfo.xml| | 5136| 12-Jun-19| 06:50 \ndefault.asx_forms| default.aspx| | 2788| 12-Jun-19| 06:50 \nweb.cfg_forms| web.config| | 216| 12-Jun-19| 06:50 \ndefault.asx_multilogin| default.aspx| | 2284| 12-Jun-19| 06:50 \nweb.cfg_multilogin| web.config| | 216| 12-Jun-19| 06:50 \ndefault.asx_trust| default.aspx| | 530| 12-Jun-19| 06:50 \nweb.cfg_trust| web.config| | 2190| 12-Jun-19| 06:50 \ndefault.asx_windows| default.aspx| | 522| 12-Jun-19| 06:50 \nweb.cfg_windows| web.config| | 214| 12-Jun-19| 06:50 \ninternal.xsl| internal.xsl| | 11095| 12-Jun-19| 06:50 \naccreqctl.debug.js| accessrequestscontrol.debug.js| | 18870| 12-Jun-19| 06:50 \naccreqctl.js| accessrequestscontrol.js| | 10674| 12-Jun-19| 06:50 \naccreqctl.xml| accessrequestscontrol.xml| | 103| 12-Jun-19| 06:50 \naccreqviewtmpl.debug.js| accessrequestsviewtemplate.debug.js| | 28650| 12-Jun-19| 06:50 \naccreqviewtmpl.js| accessrequestsviewtemplate.js| | 11376| 12-Jun-19| 06:50 \naccreqviewtmpl.xml| accessrequestsviewtemplate.xml| | 108| 12-Jun-19| 06:50 \nappcatalogfieldtemplate.debug.js| appcatalogfieldtemplate.debug.js| | 9040| 12-Jun-19| 06:50 \nappcatalogfieldtemplate.js| appcatalogfieldtemplate.js| | 3342| 12-Jun-19| 06:50 \nappdeveloperdash.debug.js| appdeveloperdash.debug.js| | 22542| 12-Jun-19| 06:50 \nappdeveloperdash.js| appdeveloperdash.js| | 11197| 12-Jun-19| 06:50 \naddb.xml| appdeveloperdash.xml| | 158| 12-Jun-19| 06:50 \nautofill.debug.js| autofill.debug.js| | 18404| 12-Jun-19| 06:50 \nautofill.js| autofill.js| | 10322| 12-Jun-19| 06:50 \nautohostedlicensingtemplates.debug.js| autohostedlicensingtemplates.debug.js| | 20576| 12-Jun-19| 06:50 \nautohostedlicensingtemplates.js| autohostedlicensingtemplates.js| | 8623| 12-Jun-19| 06:50 \nautohostedlicensingtemplates.xml| autohostedlicensingtemplates.xml| | 110| 12-Jun-19| 06:50 \nbform.debug.js| bform.debug.js| | 459758| 12-Jun-19| 06:50 \nbform.js| bform.js| | 258656| 12-Jun-19| 06:50 \nbform.xml| bform.xml| | 87| 12-Jun-19| 06:50 \nblank.debug.js| blank.debug.js| | 164| 12-Jun-19| 06:50 \nblank.js| blank.js| | 119| 12-Jun-19| 06:50 \ncallout.debug.js| callout.debug.js| | 84762| 12-Jun-19| 06:50 \ncallout.js| callout.js| | 26526| 12-Jun-19| 06:50 \ncallout.xml| callout.xml| | 155| 12-Jun-19| 06:50 \nchoicebuttonfieldtemplate.debug.js| choicebuttonfieldtemplate.debug.js| | 5782| 12-Jun-19| 06:50 \nchoicebuttonfieldtemplate.js| choicebuttonfieldtemplate.js| | 2388| 12-Jun-19| 06:50 \ncbft.xml| choicebuttonfieldtemplate.xml| | 97| 12-Jun-19| 06:50 \nclientforms.debug.js| clientforms.debug.js| | 153736| 12-Jun-19| 06:50 \nclientforms.js| clientforms.js| | 77613| 12-Jun-19| 06:50 \nclientforms.xml| clientforms.xml| | 145| 12-Jun-19| 06:50 \nclientpeoplepicker.debug.js| clientpeoplepicker.debug.js| | 77565| 12-Jun-19| 06:50 \nclientpeoplepicker.js| clientpeoplepicker.js| | 41210| 12-Jun-19| 06:50 \nclientrenderer.debug.js| clientrenderer.debug.js| | 23510| 12-Jun-19| 06:50 \nclientrenderer.js| clientrenderer.js| | 9805| 12-Jun-19| 06:50 \nclienttemplates.debug.js| clienttemplates.debug.js| | 294375| 12-Jun-19| 06:50 \nclienttemplates.js| clienttemplates.js| | 150416| 12-Jun-19| 06:50 \nclienttemplates.xml| clienttemplates.xml| | 101| 12-Jun-19| 06:50 \ncommonvalidation.debug.js| commonvalidation.debug.js| | 5376| 12-Jun-19| 06:50 \ncomval.js| commonvalidation.js| | 3369| 12-Jun-19| 06:50 \ncommonvalidation.xml| commonvalidation.xml| | 98| 12-Jun-19| 06:50 \ncore.debug.js| core.debug.js| | 636461| 12-Jun-19| 06:50 \ncore.js_0001| core.js| | 331668| 12-Jun-19| 06:50 \ncore.xml| core.xml| | 86| 12-Jun-19| 06:50 \ndatepicker.debug.js| datepicker.debug.js| | 48715| 12-Jun-19| 06:50 \ndatepick.js| datepicker.js| | 27099| 12-Jun-19| 06:50 \ndatepicker.xml| datepicker.xml| | 92| 12-Jun-19| 06:50 \ndesigngallery.debug.js| designgallery.debug.js| | 46223| 12-Jun-19| 06:50 \ndesigngallery.js| designgallery.js| | 28550| 12-Jun-19| 06:50 \ndesigngallery.xml| designgallery.xml| | 95| 12-Jun-19| 06:50 \ndevdash.debug.js| devdash.debug.js| | 86004| 12-Jun-19| 06:50 \ndevdash.js| devdash.js| | 36366| 12-Jun-19| 06:50 \ndragdrop.debug.js| dragdrop.debug.js| | 160299| 12-Jun-19| 06:50 \ndragdrop.js| dragdrop.js| | 85346| 12-Jun-19| 06:50 \ndragdrop.xml| dragdrop.xml| | 90| 12-Jun-19| 06:50 \nentityeditor.debug.js| entityeditor.debug.js| | 73212| 12-Jun-19| 06:50 \nentityeditor.js| entityeditor.js| | 38537| 12-Jun-19| 06:50 \nfilepreview.debug.js| filepreview.debug.js| | 18731| 12-Jun-19| 06:50 \nfilepreview.js| filepreview.js| | 10123| 12-Jun-19| 06:50 \nfilepreview.xml| filepreview.xml| | 91| 12-Jun-19| 06:50 \nfoldhyperlink.debug.js| foldhyperlink.debug.js| | 3360| 12-Jun-19| 06:50 \nfoldhyperlink.js| foldhyperlink.js| | 1544| 12-Jun-19| 06:50 \nform.debug.js| form.debug.js| | 240967| 12-Jun-19| 06:50 \nform.js| form.js| | 128992| 12-Jun-19| 06:50 \nform.xml| form.xml| | 86| 12-Jun-19| 06:50 \nganttscript.debug.js| ganttscript.debug.js| | 8826| 12-Jun-19| 06:50 \nganttscr.js| ganttscript.js| | 4787| 12-Jun-19| 06:50 \ngeolocationfieldtemplate.debug.js| geolocationfieldtemplate.debug.js| | 40185| 12-Jun-19| 06:50 \ngeolocationfieldtemplate.js| geolocationfieldtemplate.js| | 14886| 12-Jun-19| 06:50 \nglft.xml| geolocationfieldtemplate.xml| | 88| 12-Jun-19| 06:50 \ngroupboard.debug.js| groupboard.debug.js| | 15630| 12-Jun-19| 06:50 \ngroupboard.js| groupboard.js| | 9088| 12-Jun-19| 06:50 \ngroupboard.xml| groupboard.xml| | 92| 12-Jun-19| 06:50 \ngroupeditempicker.debug.js| groupeditempicker.debug.js| | 20302| 12-Jun-19| 06:50 \ngip.js| groupeditempicker.js| | 11630| 12-Jun-19| 06:50 \nhierarchytaskslist.debug.js| hierarchytaskslist.debug.js| | 59315| 12-Jun-19| 06:50 \nhierarchytaskslist.js| hierarchytaskslist.js| | 19494| 12-Jun-19| 06:50 \nhierarchytaskslist.xml| hierarchytaskslist.xml| | 57| 12-Jun-19| 06:50 \nimglib.debug.js| imglib.debug.js| | 85024| 12-Jun-19| 06:50 \nimglib.js| imglib.js| | 50445| 12-Jun-19| 06:50 \nimglib.xml| imglib.xml| | 88| 12-Jun-19| 06:50 \ninit.debug.js| init.debug.js| | 303096| 12-Jun-19| 06:50 \ninit.js_0001| init.js| | 161297| 12-Jun-19| 06:50 \ninplview.debug.js| inplview.debug.js| | 136957| 12-Jun-19| 06:50 \ninplview.js| inplview.js| | 69236| 12-Jun-19| 06:50 \ninplview.xml| inplview.xml| | 158| 12-Jun-19| 06:50 \njsgrid.debug.js| jsgrid.debug.js| | 1164592| 12-Jun-19| 06:50 \njsgrid.gantt.debug.js| jsgrid.gantt.debug.js| | 109470| 12-Jun-19| 06:50 \njsgrid.gantt.js| jsgrid.gantt.js| | 41962| 12-Jun-19| 06:50 \njsgrid.gantt.xml| jsgrid.gantt.xml| | 84| 12-Jun-19| 06:50 \njsgrid.js| jsgrid.js| | 436852| 12-Jun-19| 06:50 \njsgrid.xml| jsgrid.xml| | 60| 12-Jun-19| 06:50 \nlanguagepickercontrol.js| languagepickercontrol.js| | 11175| 12-Jun-19| 06:50 \nmapviewtemplate.debug.js| mapviewtemplate.debug.js| | 37816| 12-Jun-19| 06:50 \nmapviewtemplate.js| mapviewtemplate.js| | 15210| 12-Jun-19| 06:50 \nmapvt.xml| mapviewtemplate.xml| | 106| 12-Jun-19| 06:50 \nmenu.debug.js| menu.debug.js| | 101574| 12-Jun-19| 06:50 \nmenu.htc| menu.htc| | 21872| 12-Jun-19| 06:50 \nmenu.js_0001| menu.js| | 51332| 12-Jun-19| 06:50 \nmenubar.htc| menubar.htc| | 13961| 12-Jun-19| 06:50 \nmquery.debug.js| mquery.debug.js| | 59856| 12-Jun-19| 06:50 \nmquery.js| mquery.js| | 22239| 12-Jun-19| 06:50 \nmquery.xml| mquery.xml| | 89| 12-Jun-19| 06:50 \noffline.debug.js| offline.debug.js| | 7585| 12-Jun-19| 06:50 \noffline.js| offline.js| | 3595| 12-Jun-19| 06:50 \nows.debug.js| ows.debug.js| | 510986| 12-Jun-19| 06:50 \nows.js| ows.js| | 265277| 12-Jun-19| 06:50 \nows.xml| ows.xml| | 85| 12-Jun-19| 06:50 \nowsbrows.debug.js| owsbrows.debug.js| | 9579| 12-Jun-19| 06:50 \nowsbrows.js| owsbrows.js| | 6113| 12-Jun-19| 06:50 \npickerhierarchycontrol.js| pickerhierarchycontrol.js| | 85910| 12-Jun-19| 06:50 \npivotcontrol.debug.js| pivotcontrol.debug.js| | 16089| 12-Jun-19| 06:50 \npivotcontrol.js| pivotcontrol.js| | 8700| 12-Jun-19| 06:50 \nquicklaunch.debug.js| quicklaunch.debug.js| | 130124| 12-Jun-19| 06:50 \nquicklaunch.js| quicklaunch.js| | 69543| 12-Jun-19| 06:50 \nquicklaunch.js.xml| quicklaunch.xml| | 120| 12-Jun-19| 06:50 \nradiobuttonwithchildren.js| radiobuttonwithchildren.js| | 3208| 12-Jun-19| 06:50 \nroamingapps.debug.js| roamingapps.debug.js| | 46291| 12-Jun-19| 06:50 \nroamingapps.js| roamingapps.js| | 19190| 12-Jun-19| 06:50 \nroamingapp.xml| roamingapps.xml| | 93| 12-Jun-19| 06:50 \nsharing.debug.js| sharing.debug.js| | 71639| 12-Jun-19| 06:50 \nsharing.js| sharing.js| | 27124| 12-Jun-19| 06:50 \nsharing.xml| sharing.xml| | 171| 12-Jun-19| 06:50 \nsiteupgrade.debug.js| siteupgrade.debug.js| | 1135| 12-Jun-19| 06:50 \nsiteupgrade.debug.js_14| siteupgrade.debug.js| | 1135| 12-Jun-19| 06:50 \nsiteupgrade.js| siteupgrade.js| | 808| 12-Jun-19| 06:50 \nsiteupgrade.js_14| siteupgrade.js| | 808| 12-Jun-19| 06:50 \nsp.core.debug.js| sp.core.debug.js| | 73924| 12-Jun-19| 06:50 \nsp.core.js| sp.core.js| | 40446| 12-Jun-19| 06:50 \nsp.core.xml| sp.core.xml| | 150| 12-Jun-19| 06:50 \nsp.datetimeutil.debug.js| sp.datetimeutil.debug.js| | 115909| 12-Jun-19| 06:50 \nsp.datetimeutil.debug.js.x64| sp.datetimeutil.debug.js| | 115909| 12-Jun-19| 06:50 \nsp.datetimeutil.js| sp.datetimeutil.js| | 69042| 12-Jun-19| 06:50 \nsp.datetimeutil.js.x64| sp.datetimeutil.js| | 69042| 12-Jun-19| 06:50 \nsp.datetimeutil.xml| sp.datetimeutil.xml| | 69| 12-Jun-19| 06:50 \nsp.debug.js| sp.debug.js| | 1003664| 12-Jun-19| 06:50 \nsp.debug.js.x64| sp.debug.js| | 1003664| 12-Jun-19| 06:50 \nsp.exp.debug.js| sp.exp.debug.js| | 40770| 12-Jun-19| 06:50 \nsp.exp.js| sp.exp.js| | 24528| 12-Jun-19| 06:50 \nsp.exp.xml| sp.exp.xml| | 48| 12-Jun-19| 06:50 \nsp.init.debug.js| sp.init.debug.js| | 55563| 12-Jun-19| 06:50 \nsp.init.js| sp.init.js| | 32205| 12-Jun-19| 06:50 \nsp.js| sp.js| | 625904| 12-Jun-19| 06:50 \nsp.js.x64| sp.js| | 625904| 12-Jun-19| 06:50 \nspmap.debug.js| sp.map.debug.js| | 15227| 12-Jun-19| 06:50 \nspmap.js| sp.map.js| | 8235| 12-Jun-19| 06:50 \nspmap.xml| sp.map.xml| | 65| 12-Jun-19| 06:50 \nsp.requestexecutor.debug.js| sp.requestexecutor.debug.js| | 81201| 12-Jun-19| 06:50 \nsp.requestexecutor.debug.js.x64| sp.requestexecutor.debug.js| | 81201| 12-Jun-19| 06:50 \nsp.requestexecutor.js| sp.requestexecutor.js| | 51540| 12-Jun-19| 06:50 \nsp.requestexecutor.js.x64| sp.requestexecutor.js| | 51540| 12-Jun-19| 06:50 \nsp.requestexecutor.xml| sp.requestexecutor.xml| | 46| 12-Jun-19| 06:50 \nsp.ribbon.debug.js| sp.ribbon.debug.js| | 363159| 12-Jun-19| 06:50 \nsp.ribbon.js| sp.ribbon.js| | 224039| 12-Jun-19| 06:50 \nsp.ribbon.xml| sp.ribbon.xml| | 321| 12-Jun-19| 06:50 \nsp.runtime.debug.js| sp.runtime.debug.js| | 185617| 12-Jun-19| 06:50 \nsp.runtime.debug.js.x64| sp.runtime.debug.js| | 185617| 12-Jun-19| 06:50 \nsp.runtime.js| sp.runtime.js| | 111493| 12-Jun-19| 06:50 \nsp.runtime.js.x64| sp.runtime.js| | 111493| 12-Jun-19| 06:50 \nsp.runtime.xml| sp.runtime.xml| | 46| 12-Jun-19| 06:50 \nsp.storefront.debug.js| sp.storefront.debug.js| | 422688| 12-Jun-19| 06:50 \nsp.storefront.js| sp.storefront.js| | 294435| 12-Jun-19| 06:50 \nsp.storefront.xml| sp.storefront.xml| | 346| 12-Jun-19| 06:50 \nsp.ui.admin.debug.js| sp.ui.admin.debug.js| | 18342| 12-Jun-19| 06:50 \nsp.ui.admin.js| sp.ui.admin.js| | 11378| 12-Jun-19| 06:50 \nsp.ui.allapps.debug.js| sp.ui.allapps.debug.js| | 42395| 12-Jun-19| 06:50 \nsp.ui.allapps.js| sp.ui.allapps.js| | 26257| 12-Jun-19| 06:50 \nsp.ui.applicationpages.calendar.debug.js| sp.ui.applicationpages.calendar.debug.js| | 277389| 12-Jun-19| 06:50 \nsp.ui.applicationpages.calendar.js| sp.ui.applicationpages.calendar.js| | 144873| 12-Jun-19| 06:50 \nsp.ui.applicationpages.calendar.xml| sp.ui.applicationpages.calendar.xml| | 225| 12-Jun-19| 06:50 \nsp.ui.applicationpages.debug.js| sp.ui.applicationpages.debug.js| | 10163| 12-Jun-19| 06:50 \nsp.ui.applicationpages.js| sp.ui.applicationpages.js| | 6953| 12-Jun-19| 06:50 \nsp.ui.applicationpages.xml| sp.ui.applicationpages.xml| | 213| 12-Jun-19| 06:50 \nsp.ui.bdcadminpages.debug.js| sp.ui.bdcadminpages.debug.js| | 16063| 12-Jun-19| 06:50 \nsp.ui.bdcadminpages.js| sp.ui.bdcadminpages.js| | 11315| 12-Jun-19| 06:50 \nspblogd.js| sp.ui.blogs.debug.js| | 50644| 12-Jun-19| 06:50 \nspblog.js| sp.ui.blogs.js| | 31017| 12-Jun-19| 06:50 \nsp.ui.blogs.xml| sp.ui.blogs.xml| | 94| 12-Jun-19| 06:50 \nsp.ui.combobox.debug.js| sp.ui.combobox.debug.js| | 99428| 12-Jun-19| 06:50 \nsp.ui.combobox.js| sp.ui.combobox.js| | 52107| 12-Jun-19| 06:50 \nsp.ui.combobox.xml| sp.ui.combobox.xml| | 54| 12-Jun-19| 06:50 \nsp.ui.controls.debug.js| sp.ui.controls.debug.js| | 55987| 12-Jun-19| 06:50 \nsp.ui.controls.js| sp.ui.controls.js| | 38359| 12-Jun-19| 06:50 \nsp.ui.dialog.debug.js| sp.ui.dialog.debug.js| | 69292| 12-Jun-19| 06:50 \nsp.ui.dialog.js| sp.ui.dialog.js| | 40375| 12-Jun-19| 06:50 \nsp.ui.dialog.xml| sp.ui.dialog.xml| | 90| 12-Jun-19| 06:50 \nspdiscd.js| sp.ui.discussions.debug.js| | 136506| 12-Jun-19| 06:50 \nspdisc.js| sp.ui.discussions.js| | 82216| 12-Jun-19| 06:50 \nsp.ui.discussions.xml| sp.ui.discussions.xml| | 94| 12-Jun-19| 06:50 \nspimgcd.js| sp.ui.imagecrop.debug.js| | 27973| 12-Jun-19| 06:50 \nspimgc.js| sp.ui.imagecrop.js| | 27973| 12-Jun-19| 06:50 \nspui_rid.js| sp.ui.relateditems.debug.js| | 28006| 12-Jun-19| 06:50 \nspui_ri.js| sp.ui.relateditems.js| | 17626| 12-Jun-19| 06:50 \nsp.ui.ri.xml| sp.ui.relateditems.xml| | 114| 12-Jun-19| 06:50 \nsp.ui.rte.debug.js| sp.ui.rte.debug.js| | 1011981| 12-Jun-19| 06:50 \nsp.ui.rte.js| sp.ui.rte.js| | 584358| 12-Jun-19| 06:50 \nsp.ui.rte.xml| sp.ui.rte.xml| | 74| 12-Jun-19| 06:50 \nsp.ui.tileview.debug.js| sp.ui.tileview.debug.js| | 65203| 12-Jun-19| 06:50 \nsp.ui.tileview.js| sp.ui.tileview.js| | 40240| 12-Jun-19| 06:50 \nsp.ui.tileview.xml| sp.ui.tileview.xml| | 129| 12-Jun-19| 06:50 \nspui_tld.js| sp.ui.timeline.debug.js| | 434522| 12-Jun-19| 06:50 \nspui_tl.js| sp.ui.timeline.js| | 240067| 12-Jun-19| 06:50 \nspstl.xml| sp.ui.timeline.xml| | 111| 12-Jun-19| 06:50 \nsp.xml| sp.xml| | 106| 12-Jun-19| 06:50 \nspgantt.debug.js| spgantt.debug.js| | 183484| 12-Jun-19| 06:50 \nspgantt.js| spgantt.js| | 66168| 12-Jun-19| 06:50 \nspgantt.xml| spgantt.xml| | 159| 12-Jun-19| 06:50 \nspgridview.debug.js| spgridview.debug.js| | 7321| 12-Jun-19| 06:50 \nspgridvw.js| spgridview.js| | 4593| 12-Jun-19| 06:50 \nspgridview.xml| spgridview.xml| | 92| 12-Jun-19| 06:50 \nstart.debug.js| start.debug.js| | 174744| 12-Jun-19| 06:50 \nstart.js| start.js| | 95780| 12-Jun-19| 06:50 \nstrings.xml| strings.xml| | 140| 12-Jun-19| 06:50 \nsuitelinks.debug.js| suitelinks.debug.js| | 32558| 12-Jun-19| 06:50 \nsuitelnk.js| suitelinks.js| | 13795| 12-Jun-19| 06:50 \nsuitelinks.xml| suitelinks.xml| | 134| 12-Jun-19| 06:50 \nsuitenav.js| suitenav.js| | 34319| 12-Jun-19| 06:50 \ntimecard.debug.js| timecard.debug.js| | 36906| 12-Jun-19| 06:50 \ntimecard.js| timecard.js| | 20888| 12-Jun-19| 06:50 \nwpadder.debug.js| wpadder.debug.js| | 49561| 12-Jun-19| 06:50 \nwpadder.js| wpadder.js| | 31016| 12-Jun-19| 06:50 \nwpcm.debug.js| wpcm.debug.js| | 6894| 12-Jun-19| 06:50 \nwpcm.js| wpcm.js| | 3509| 12-Jun-19| 06:50 \nmain.xsl| main.xsl| | 5653| 12-Jun-19| 06:50 \nallitems.asx_0086| allitems.aspx| | 2463| 12-Jun-19| 06:50 \ndispform.asx_0071| dispform.aspx| | 4190| 12-Jun-19| 06:50 \neditform.asx_0071| editform.aspx| | 4167| 12-Jun-19| 06:50 \nmyitems.asx_0008| myitems.aspx| | 2718| 12-Jun-19| 06:50 \nnewform.asx_0055| newform.aspx| | 4197| 12-Jun-19| 06:50 \nschema.xml_0012| schema.xml| | 253482| 12-Jun-19| 06:50 \nallitems.asx_0089| allitems.aspx| | 2463| 12-Jun-19| 06:50 \ndispform.asx_0083| dispform.aspx| | 4190| 12-Jun-19| 06:50 \neditform.asx_0083| editform.aspx| | 4167| 12-Jun-19| 06:50 \nmyitems.asx_0009| myitems.aspx| | 2718| 12-Jun-19| 06:50 \nnewform.asx_0062| newform.aspx| | 4197| 12-Jun-19| 06:50 \nschema.xml_0027| schema.xml| | 245825| 12-Jun-19| 06:50 \nmtgredir.asx_0001| mtgredir.aspx| | 1436| 12-Jun-19| 06:50 \nnewmws.asx| newmws.aspx| | 18858| 12-Jun-19| 06:50 \nmovetodt.asx| movetodt.aspx| | 3075| 12-Jun-19| 06:50 \nschema.xml_0079| schema.xml| | 79705| 12-Jun-19| 06:50 \nallitems.asx_0088| allitems.aspx| | 2463| 12-Jun-19| 06:50 \ndispform.asx_0082| dispform.aspx| | 4190| 12-Jun-19| 06:50 \neditform.asx_0082| editform.aspx| | 4167| 12-Jun-19| 06:50 \nnewform.asx_0061| newform.aspx| | 4197| 12-Jun-19| 06:50 \nschema.xml_0026| schema.xml| | 127795| 12-Jun-19| 06:50 \nallitems.asx_0087| allitems.aspx| | 2463| 12-Jun-19| 06:50 \ndispform.asx_0072| dispform.aspx| | 4190| 12-Jun-19| 06:50 \neditform.asx_0072| editform.aspx| | 4167| 12-Jun-19| 06:50 \nmanagea.asx| managea.aspx| | 2718| 12-Jun-19| 06:50 \nnewform.asx_0056| newform.aspx| | 5954| 12-Jun-19| 06:50 \nschema.xml_0021| schema.xml| | 255145| 12-Jun-19| 06:50 \ndefault.aspx_mps| default.aspx| | 4102| 12-Jun-19| 06:50 \nspstd1.asx_0004| spstd1.aspx| | 4134| 12-Jun-19| 06:50 \nallitems.asx_0032| allitems.aspx| | 2463| 12-Jun-19| 06:50 \ndispform.asx_0038| dispform.aspx| | 4190| 12-Jun-19| 06:50 \neditform.asx_0040| editform.aspx| | 4167| 12-Jun-19| 06:50 \nnewform.asx_0021| newform.aspx| | 4197| 12-Jun-19| 06:50 \nschema.xml_0039| schema.xml| | 42852| 12-Jun-19| 06:50 \nallitems.asx_0090| allitems.aspx| | 2463| 12-Jun-19| 06:50 \ndispform.asx_0084| dispform.aspx| | 4190| 12-Jun-19| 06:50 \neditform.asx_0084| editform.aspx| | 4167| 12-Jun-19| 06:50 \nmyitems.asx_0001| myitems.aspx| | 2718| 12-Jun-19| 06:50 \nnewform.asx_0063| newform.aspx| | 4197| 12-Jun-19| 06:50 \nschema.xml_0028| schema.xml| | 245557| 12-Jun-19| 06:50 \nschema.xml_0033| schema.xml| | 51432| 12-Jun-19| 06:50 \nonet.xml_mps| onet.xml| | 20985| 12-Jun-19| 06:50 \nnotif.clbk.typ.xml| notificationcallbacktypes.xml| | 1267| 12-Jun-19| 06:50 \nform.asp_pages_form| form.aspx| | 4065| 12-Jun-19| 06:50 \nview.asp_pages_viewpage| viewpage.aspx| | 2718| 12-Jun-19| 06:50 \nview.asp_pages_webfldr| webfldr.aspx| | 2521| 12-Jun-19| 06:50 \nresxscriptx.xsd| resxscriptx.xsd| | 1229| 12-Jun-19| 06:50 \nsvrfiles.xml| serverfiles.xml| | 213| 12-Jun-19| 06:50 \nshrulee.xsd| sitehealthruleregistrationerror.xsd| | 1909| 12-Jun-19| 06:50 \nshrulew.xsd| sitehealthruleregistrationwarning.xsd| | 1911| 12-Jun-19| 06:50 \nsitehcwss.xml| sitehealthwssrules.xml| | 1010| 12-Jun-19| 06:50 \nsitehcwss.xml_14| sitehealthwssrules.xml| | 1010| 12-Jun-19| 06:50 \nspkvp.xsd| spkeyvaluepairs.xsd| | 1727| 12-Jun-19| 06:50 \nspmtlprm.xsd| spmetalparameters.xsd| | 3857| 12-Jun-19| 06:50 \nappmng.sql| appmng.sql| | 289219| 12-Jun-19| 06:50 \nappmngup.sql| appmngup.sql| | 282966| 12-Jun-19| 06:50 \nbdc.sql| bdc.sql| | 558446| 12-Jun-19| 06:50 \nconfigdb.sql| configdb.sql| | 189484| 12-Jun-19| 06:50 \nconfigup.sql| configup.sql| | 48486| 12-Jun-19| 06:50 \ncfgupddl.sql| configupddl.sql| | 131| 12-Jun-19| 06:50 \nusgdiag.sql| diagnostics.sql| | 19977| 12-Jun-19| 06:50 \nsigcfg.cer| sigconfigdb.cer| | 689| 12-Jun-19| 06:50 \nsigcfg.dll| sigconfigdb.dll| | 8832| 12-Jun-19| 06:50 \nsigstore.cer| sigstore.cer| | 689| 12-Jun-19| 06:50 \nsigstore.dll| sigstore.dll| | 8816| 12-Jun-19| 06:50 \nstore.sql| store.sql| | 6504340| 12-Jun-19| 06:50 \nstoreup.sql| storeup.sql| | 512275| 12-Jun-19| 06:50 \nstoupddl.sql| storeupddl.sql| | 131| 12-Jun-19| 06:50 \nsubscr.sql| subscriptionsettings.sql| | 33788| 12-Jun-19| 06:50 \nusagedb.sql| usagedb.sql| | 81583| 12-Jun-19| 06:50 \nusgdbup.sql| usgdbup.sql| | 81392| 12-Jun-19| 06:50 \naddbact.asx| addbdcaction.aspx| | 13019| 12-Jun-19| 06:50 \naddbapp.asx| addbdcapplication.aspx| | 9266| 12-Jun-19| 06:50 \naddiurl.asx| addincomingurl.aspx| | 4473| 12-Jun-19| 06:50 \nadmin.smp| admin.sitemap| | 15577| 12-Jun-19| 06:50 \nadmcfgc.asx| adminconfigceip.aspx| | 7764| 12-Jun-19| 06:50 \nadmcfgi.asx| adminconfigintro.aspx| | 8689| 12-Jun-19| 06:50 \nadmcfgr.asx| adminconfigresults.aspx| | 5038| 12-Jun-19| 06:50 \nadmcfgs.asx| adminconfigservices.aspx| | 9937| 12-Jun-19| 06:50 \nadmcfgsr.asx| adminconfigservicesresults.aspx| | 4998| 12-Jun-19| 06:50 \nadminweb.cfg| adminweb.config| | 899| 12-Jun-19| 06:50 \nallappprincipals.asx| allappprincipals.aspx| | 6808| 12-Jun-19| 06:50 \nalturls.asx| alternateurlcollections.aspx| | 7122| 12-Jun-19| 06:50 \nappassoc.asx| applicationassociations.aspx| | 5259| 12-Jun-19| 06:50 \nappasdlg.asx| applicationassociationsdialog.aspx| | 3519| 12-Jun-19| 06:50 \nappcreat.asx| applicationcreated.aspx| | 4106| 12-Jun-19| 06:50 \nauthen.asx| authentication.aspx| | 13828| 12-Jun-19| 06:50 \nauthprov.asx| authenticationproviders.aspx| | 4939| 12-Jun-19| 06:50 \navadmin.asx| avadmin.aspx| | 9653| 12-Jun-19| 06:50 \nbackup.asx| backup.aspx| | 15389| 12-Jun-19| 06:50 \nbackhis.asx| backuphistory.aspx| | 20577| 12-Jun-19| 06:50 \nbackset.asx| backupsettings.aspx| | 8689| 12-Jun-19| 06:50 \nbackupst.asx| backupstatus.aspx| | 10643| 12-Jun-19| 06:50 \nbdcapps.asx| bdcapplications.aspx| | 14415| 12-Jun-19| 06:50 \nbdclobs.asx| bdclobsettings.aspx| | 7037| 12-Jun-19| 06:50 \nblkftyp.asx| blockedfiletype.aspx| | 4045| 12-Jun-19| 06:50 \ncaaapplm.asx| ca_allapplicensesmanagement.aspx| | 8267| 12-Jun-19| 06:50 \ncasapplm.asx| ca_specificapplicensemanagement.aspx| | 29344| 12-Jun-19| 06:50 \ncntdbadm.asx| cntdbadm.aspx| | 6042| 12-Jun-19| 06:50 \nconfgssc.asx| configssc.aspx| | 22074| 12-Jun-19| 06:50 \nconfgapp.asx| configureappsettings.aspx| | 7246| 12-Jun-19| 06:50 \ncreatecorpcatalog.asx| createcorporatecatalog.aspx| | 18174| 12-Jun-19| 06:50 \ncreatexu.asx| createexternalurl.aspx| | 4182| 12-Jun-19| 06:50 \ncreatsit.asx| createsite.aspx| | 17064| 12-Jun-19| 06:50 \ndbstats.asx| databasestatus.aspx| | 5023| 12-Jun-19| 06:50 \ndeacfadm.asx| deactivatefeature.aspx| | 3184| 12-Jun-19| 06:50 \ndftcntdb.asx| defaultcontentdb.aspx| | 6455| 12-Jun-19| 06:50 \ndelstcfg.asx| deletesiteconfig.aspx| | 12279| 12-Jun-19| 06:50 \ndelapp.asx| deletewebapplication.aspx| | 6619| 12-Jun-19| 06:50 \ndelsite.asx| delsite.aspx| | 7267| 12-Jun-19| 06:50 \ndplysoln.asx| deploysolution.aspx| | 10122| 12-Jun-19| 06:50 \ndmscmd.aspx| dmscmd.aspx| | 5593| 12-Jun-19| 06:50 \ndtcusta.asx| doctrancustomizeadmin.aspx| | 7789| 12-Jun-19| 06:50 \ndoctrana.asx| doctransadmin.aspx| | 7797| 12-Jun-19| 06:50 \ndspset.asx| dspsettings.aspx| | 14863| 12-Jun-19| 06:50 \neditacct.asx| editaccount.aspx| | 18305| 12-Jun-19| 06:50 \neditbact.asx| editbdcaction.aspx| | 12661| 12-Jun-19| 06:50 \neditiurl.asx| editincomingurl.aspx| | 4683| 12-Jun-19| 06:50 \neditourl.asx| editoutboundurls.aspx| | 7201| 12-Jun-19| 06:50 \nexpbapp.asx| exportbdcapplication.aspx| | 8043| 12-Jun-19| 06:50 \nextendvs.asx| extendvs.aspx| | 7113| 12-Jun-19| 06:50 \nextvsopt.asx| extendvsoption.aspx| | 5077| 12-Jun-19| 06:50 \nextwebfm.asx| extendwebfarm.aspx| | 5418| 12-Jun-19| 06:50 \nfarmjoin.asx| farmconfigjoinintro.aspx| | 8354| 12-Jun-19| 06:50 \nfarmcred.asx| farmcredentialmanagement.aspx| | 7541| 12-Jun-19| 06:50 \nfarmsvrs.asx| farmservers.aspx| | 4910| 12-Jun-19| 06:50 \ngemlcnfg.asx| globalemailconfig.aspx| | 8560| 12-Jun-19| 06:50 \ngmobcnfg.asx| globalxmsconfig.aspx| | 8407| 12-Jun-19| 06:50 \nhealrepo.asx| healthreport.aspx| | 6265| 12-Jun-19| 06:50 \nhtadmin.asx| htmltransadmin.aspx| | 10141| 12-Jun-19| 06:50 \nincemail.asx| incomingemail.aspx| | 22300| 12-Jun-19| 06:50 \nirmadmin.asx| irmadmin.aspx| | 8837| 12-Jun-19| 06:50 \njobedit.asx| jobedit.aspx| | 8303| 12-Jun-19| 06:50 \nlogusage.asx| logusage.aspx| | 14424| 12-Jun-19| 06:50 \nlropsta.asx| lroperationstatus.aspx| | 4915| 12-Jun-19| 06:50 \nmgbdcper.asx| managebdcpermissions.aspx| | 5485| 12-Jun-19| 06:50 \nmgbdcapp.asx| managebdcserviceapp.aspx| | 6684| 12-Jun-19| 06:50 \nmgappinf.asx| managebdcserviceappstateinfo.aspx| | 4613| 12-Jun-19| 06:50 \nmngcorpcatalog.asx| managecorporatecatalog.aspx| | 9289| 12-Jun-19| 06:50 \nmngaccts.asx| managedaccounts.aspx| | 5952| 12-Jun-19| 06:50 \nmngffeat.asx| managefarmfeatures.aspx| | 3273| 12-Jun-19| 06:50 \nmktplset.asx| managemarketplacesettings.aspx| | 7972| 12-Jun-19| 06:50 \nmngqtmpl.asx| managequotatemplate.aspx| | 18002| 12-Jun-19| 06:50 \nmngsftru.asx| manageservicefarmtrust.aspx| | 4743| 12-Jun-19| 06:50 \nmngtrust.asx| managetrust.aspx| | 6911| 12-Jun-19| 06:50 \nmngwfeat.asx| managewebappfeatures.aspx| | 4334| 12-Jun-19| 06:50 \nmetrics.asx| metrics.aspx| | 15273| 12-Jun-19| 06:50 \nadmin.mas| admin.master| | 29828| 12-Jun-19| 06:50 \nappascvw.asc| applicationassociationsview.ascx| | 4379| 12-Jun-19| 06:50 \napppool.asc| applicationpoolsection.ascx| | 8668| 12-Jun-19| 06:50 \nbsqmopt.asc| browserceipsection.ascx| | 2776| 12-Jun-19| 06:50 \ncerstsec.asc| certificatesettingsection.ascx| | 10758| 12-Jun-19| 06:50 \ncntdbsec.asc| contentdatabasesection.ascx| | 7964| 12-Jun-19| 06:50 \nidprosec.asc| identityprovidersettingsection.ascx| | 16007| 12-Jun-19| 06:50 \niiswsapp.asc| iiswebserviceapplicationpoolsection.ascx| | 8772| 12-Jun-19| 06:50 \niiswbste.asc| iiswebsitesection.ascx| | 14964| 12-Jun-19| 06:50 \npopup.mas| popup.master| | 3088| 12-Jun-19| 06:50 \nproxysel.asx| proxyselectionsection.ascx| | 5393| 12-Jun-19| 06:50 \nregacctl.asc| registeraccountcontrol.ascx| | 10073| 12-Jun-19| 06:50 \nrunjobs.asc| runningtimerjobs.ascx| | 4696| 12-Jun-19| 06:50 \nschedjob.asc| scheduledtimerjobs.ascx| | 3583| 12-Jun-19| 06:50 \ntjobhist.asc| timerjobhistory.ascx| | 5114| 12-Jun-19| 06:50 \ntopology.asc| topologyview.ascx| | 4091| 12-Jun-19| 06:50 \ntstgesec.asc| trustgeneralsettingsection.ascx| | 3656| 12-Jun-19| 06:50 \nnewappmngsvcapp.asx| newappmngserviceapp.aspx| | 6664| 12-Jun-19| 06:50 \nnewcntdb.asx| newcntdb.aspx| | 7208| 12-Jun-19| 06:50 \nofadmin.asx| officialfileadmin.aspx| | 13569| 12-Jun-19| 06:50 \noldcntdb.asx| oldcntdb.aspx| | 13658| 12-Jun-19| 06:50 \nowners.asx| owners.aspx| | 5602| 12-Jun-19| 06:50 \npwdset.asx| passwordsettings.aspx| | 8443| 12-Jun-19| 06:50 \npatchstt.asx| patchstatus.aspx| | 7284| 12-Jun-19| 06:50 \npolc.asx| policy.aspx| | 14387| 12-Jun-19| 06:50 \npolcanon.asx| policyanon.aspx| | 7109| 12-Jun-19| 06:50 \npolcrl.asx| policyrole.aspx| | 116092| 12-Jun-19| 06:50 \npolcrle.asx| policyroleedit.aspx| | 116100| 12-Jun-19| 06:50 \npolcrls.asx| policyroles.aspx| | 10688| 12-Jun-19| 06:50 \npolcusr.asx| policyuser.aspx| | 10142| 12-Jun-19| 06:50 \npolcusre.asx| policyuseredit.aspx| | 12411| 12-Jun-19| 06:50 \nprivacy.asx| privacy.aspx| | 8269| 12-Jun-19| 06:50 \nregacct.asx| registeraccount.aspx| | 4058| 12-Jun-19| 06:50 \nremacct.asx| removeaccount.aspx| | 8676| 12-Jun-19| 06:50 \nreqfeata.asx| reqfeatures.aspx| | 2625| 12-Jun-19| 06:50 \nrestore.asx| restore.aspx| | 16105| 12-Jun-19| 06:50 \nrestore3.asx| restorestep3.aspx| | 22878| 12-Jun-19| 06:50 \nrtctsoln.asx| retractsolution.aspx| | 7381| 12-Jun-19| 06:50 \nschedjob.asx| scheduledtimerjobs.aspx| | 7063| 12-Jun-19| 06:50 \nscprefix.asx_0001| scprefix.aspx| | 11391| 12-Jun-19| 06:50 \nslctauc.asx| selectalternateurlcollection.aspx| | 5141| 12-Jun-19| 06:50 \nslctapp.asx| selectapplication.aspx| | 6801| 12-Jun-19| 06:50 \nslctcfaz.asx| selectcrossfirewallaccesszone.aspx| | 5398| 12-Jun-19| 06:50 \nslctjob.asx| selectjobdefinition.aspx| | 5358| 12-Jun-19| 06:50 \nslctlist.asx| selectlist.aspx| | 8606| 12-Jun-19| 06:50 \nslctserv.asx| selectserver.aspx| | 4908| 12-Jun-19| 06:50 \nslctsvc.asx| selectservice.aspx| | 4982| 12-Jun-19| 06:50 \nslctsite.asx| selectsite.aspx| | 9385| 12-Jun-19| 06:50 \nslctweb.asx| selectweb.aspx| | 8459| 12-Jun-19| 06:50 \nslctwapp.asx| selectwebapplication.aspx| | 5356| 12-Jun-19| 06:50 \nserver.asx| server.aspx| | 9131| 12-Jun-19| 06:50 \nsvcappcn.asx| serviceapplicationconnect.aspx| | 4890| 12-Jun-19| 06:50 \nsvcappcd.asx| serviceapplicationconnectiondetails.aspx| | 4334| 12-Jun-19| 06:50 \nsvcappcp.asx| serviceapplicationconnectpopup.aspx| | 2991| 12-Jun-19| 06:50 \nsvcappdl.asx| serviceapplicationdelete.aspx| | 4443| 12-Jun-19| 06:50 \nsvcapppe.asx| serviceapplicationpermissions.aspx| | 4034| 12-Jun-19| 06:50 \nsvcapppb.asx| serviceapplicationpublish.aspx| | 10169| 12-Jun-19| 06:50 \nsvcapp.asx| serviceapplications.aspx| | 4101| 12-Jun-19| 06:50 \nsvcjdefs.asx| servicejobdefinitions.aspx| | 8692| 12-Jun-19| 06:50 \nsvcrjobs.asx| servicerunningjobs.aspx| | 7059| 12-Jun-19| 06:50 \nspdadmin.asx| sharepointdesigneradmin.aspx| | 6974| 12-Jun-19| 06:50 \nsiteex.asx| siteandlistexport.aspx| | 12299| 12-Jun-19| 06:50 \nsitebaks.asx| sitebackuporexportstatus.aspx| | 10242| 12-Jun-19| 06:50 \nsitecbac.asx| sitecollectionbackup.aspx| | 10522| 12-Jun-19| 06:50 \nsitecoll.asx| sitecollections.aspx| | 9189| 12-Jun-19| 06:50 \nsitcrted.asx| sitecreated.aspx| | 3632| 12-Jun-19| 06:50 \nsitequot.asx| sitequota.aspx| | 24323| 12-Jun-19| 06:50 \nsolns.asx| solutions.aspx| | 4786| 12-Jun-19| 06:50 \nsolnsts.asx| solutionstatus.aspx| | 10835| 12-Jun-19| 06:50 \nsolvmgr.asx| solutionvalidatormanager.aspx| | 10912| 12-Jun-19| 06:50 \nspadmin.rsx| spadmin.resx| | 359721| 12-Jun-19| 06:50 \nspscrstg.asx_0002| spsecuritysettings.aspx| | 7491| 12-Jun-19| 06:50 \nstbackup.asx| startbackup.aspx| | 14510| 12-Jun-19| 06:50 \nsuccessp.asx| successpopup.aspx| | 3735| 12-Jun-19| 06:50 \ntimer.asx| timer.aspx| | 8984| 12-Jun-19| 06:50 \ntjobhist.asx| timerjobhistory.aspx| | 8860| 12-Jun-19| 06:50 \nunatcdbb.asx| unattacheddbbrowse.aspx| | 6276| 12-Jun-19| 06:50 \nunatcdb.asx| unattacheddbselect.aspx| | 6082| 12-Jun-19| 06:50 \nunxtndvs.asx| unextendvs.aspx| | 5541| 12-Jun-19| 06:50 \nupgrstat.asx| upgradestatus.aspx| | 11239| 12-Jun-19| 06:50 \nuser_solution.asx| usersolutions.aspx| | 9435| 12-Jun-19| 06:50 \nviewbapp.asx| viewbdcapplication.aspx| | 17212| 12-Jun-19| 06:50 \nviewbent.asx| viewbdcentity.aspx| | 17275| 12-Jun-19| 06:50 \nvwblobi.asx| viewbdclobsysteminstances.aspx| | 10960| 12-Jun-19| 06:50 \nvwblobs.asx| viewbdclobsystems.aspx| | 14303| 12-Jun-19| 06:50 \nvsemail.asx| vsemail.aspx| | 8991| 12-Jun-19| 06:50 \nvsgenset.asx| vsgeneralsettings.aspx| | 52139| 12-Jun-19| 06:50 \nvsmask.asx| vsmask.aspx| | 65273| 12-Jun-19| 06:50 \nvsxms.asx| vsxms.aspx| | 8803| 12-Jun-19| 06:50 \nweblist.asx| webapplicationlist.aspx| | 5468| 12-Jun-19| 06:50 \nwebapps.asx| webapplications.aspx| | 5350| 12-Jun-19| 06:50 \nwfadmin.asx| workflowadmin.aspx| | 6741| 12-Jun-19| 06:50 \nwftimer.asx| workflowtimer.aspx| | 5101| 12-Jun-19| 06:50 \nacrqdlg.asc| accessrequestsdialog.ascx| | 3059| 12-Jun-19| 06:50 \narplfc.asc| accessrequestspermissionlevelfieldcontrol.ascx| | 1145| 12-Jun-19| 06:50 \nacctpick.asc| accountpickerandlink.ascx| | 2347| 12-Jun-19| 06:50 \nacledito.asc| acleditor.ascx| | 9596| 12-Jun-19| 06:50 \nactnbar.asc_0002| actionbar.ascx| | 2464| 12-Jun-19| 06:50 \nbdcfindc.asc| bdcfinderconfigurator.ascx| | 3309| 12-Jun-19| 06:50 \nbdflded.asc| businessdatafieldeditor.ascx| | 4216| 12-Jun-19| 06:50 \ndefformt.asc| defaulttemplates.ascx| | 178739| 12-Jun-19| 06:50 \ndemocon.asc| designmodeconsole.ascx| | 2329| 12-Jun-19| 06:50 \ndispprev.asc| displaypreview.ascx| | 5491| 12-Jun-19| 06:50 \neditprev.asc| editpreview.ascx| | 6219| 12-Jun-19| 06:50 \nfeatact.asc| featureactivator.ascx| | 2403| 12-Jun-19| 06:50 \nfeatacti.asc| featureactivatoritem.ascx| | 2209| 12-Jun-19| 06:50 \nfeatdep.asc| featuredependees.ascx| | 2172| 12-Jun-19| 06:50 \nflhylk.asc| foldhyperlink.ascx| | 1034| 12-Jun-19| 06:50 \nhptnb.asc| helppagetopnavbar.ascx| | 12286| 12-Jun-19| 06:50 \nlanguagepicker.ascx| languagepicker.ascx| | 5536| 12-Jun-19| 06:50 \nleftnav.asc| leftnavigation.ascx| | 895| 12-Jun-19| 06:50 \nlinksect.asc_0002| linksection.ascx| | 2737| 12-Jun-19| 06:50 \nlkseclv1.asc_0002| linksectionlevel1.ascx| | 1429| 12-Jun-19| 06:50 \nlkseclv2.asc_0002| linksectionlevel2.ascx| | 1317| 12-Jun-19| 06:50 \nlinktabl.asc_0002| linkstable.ascx| | 1282| 12-Jun-19| 06:50 \nmodeftst.asc| mobiledefaultstylesheets.ascx| | 1315| 12-Jun-19| 06:50 \nmodeftmp.asc| mobiledefaulttemplates.ascx| | 67472| 12-Jun-19| 06:50 \nmorecolorspicker.ascx| morecolorspicker.ascx| | 2163| 12-Jun-19| 06:50 \nmuiselec.asc| muiselector.ascx| | 1050| 12-Jun-19| 06:50 \nmuisetng.asc| muisettings.ascx| | 4724| 12-Jun-19| 06:50 \nnavitem.asc| navitem.ascx| | 99| 12-Jun-19| 06:50 \nnewprev.asc| newpreview.ascx| | 5243| 12-Jun-19| 06:50 \nschdpckr.asc| schedulepicker.ascx| | 28102| 12-Jun-19| 06:50 \ntoolbar.asc_0002| toolbar.ascx| | 1588| 12-Jun-19| 06:50 \ntbbutton.asc_0002| toolbarbutton.ascx| | 1301| 12-Jun-19| 06:50 \nviewhdr.asc_0002| viewheader.ascx| | 1527| 12-Jun-19| 06:50 \nwelcome.asc_0002| welcome.ascx| | 3508| 12-Jun-19| 06:50 \naccdny.asx| accessdenied.aspx| | 2154| 12-Jun-19| 06:50 \naccreq.asx| accessrequests.aspx| | 1078| 12-Jun-19| 06:50 \naclinv.asx| aclinv.aspx| | 26945| 12-Jun-19| 06:50 \nactredir.asx| actionredirect.aspx| | 896| 12-Jun-19| 06:50 \naddanapp.asx| addanapp.aspx| | 3652| 12-Jun-19| 06:50 \naddcttl.asx| addcontenttypetolist.aspx| | 7512| 12-Jun-19| 06:50 \naddfft.asx| addfieldfromtemplate.aspx| | 9800| 12-Jun-19| 06:50 \naddrole.asx| addrole.aspx| | 68566| 12-Jun-19| 06:50 \narecycle.asx| adminrecyclebin.aspx| | 21099| 12-Jun-19| 06:50 \nadvsetng.asx_0001| advsetng.aspx| | 31465| 12-Jun-19| 06:50 \naggcustze.asx| aggregationcustomize.aspx| | 13046| 12-Jun-19| 06:50 \naggsetngs.asx| aggregationsettings.aspx| | 8162| 12-Jun-19| 06:50 \nappliaap.asx| allapplicensesmanagement.aspx| | 8143| 12-Jun-19| 06:50 \nalphaimage.htc| alphaimage.htc| | 253| 12-Jun-19| 06:50 \nappcatalogimage.asx| appcatalogimage.ashx| | 213| 12-Jun-19| 06:50 \nappicon.asx| appicons.ashx| | 205| 12-Jun-19| 06:50 \nappinv.asx| appinv.aspx| | 11660| 12-Jun-19| 06:50 \nappprincipals.asx| appprincipals.aspx| | 5678| 12-Jun-19| 06:50 \nappredirect.asx| appredirect.aspx| | 5250| 12-Jun-19| 06:50 \nappregnew.asx| appregnew.aspx| | 11198| 12-Jun-19| 06:50 \napprequest.aspx| apprequest.aspx| | 6876| 12-Jun-19| 06:50 \napprove.asx| approve.aspx| | 8991| 12-Jun-19| 06:50 \nappsrcrd.asx| appsourceredirect.aspx| | 3061| 12-Jun-19| 06:50 \nappwebproxy.asx| appwebproxy.aspx| | 2059| 12-Jun-19| 06:50 \naspxform.asx| aspxform.aspx| | 5396| 12-Jun-19| 06:50 \nassogrps.asx| associatedgroups.aspx| | 4795| 12-Jun-19| 06:50 \natchfile.asx| attachfile.aspx| | 6541| 12-Jun-19| 06:50 \nauthentc.asx| authenticate.aspx| | 1068| 12-Jun-19| 06:50 \navreport.asx| avreport.aspx| | 11898| 12-Jun-19| 06:50 \nblank.htm| blank.htm| | 229| 12-Jun-19| 06:50 \nbpcf.asx| bpcf.aspx| | 14883| 12-Jun-19| 06:50 \nbdsync.asx| businessdatasynchronizer.aspx| | 3836| 12-Jun-19| 06:50 \ncalsvc.asx| calendarservice.ashx| | 205| 12-Jun-19| 06:50 \nctmark.asx| calltrackmark.aspx| | 211| 12-Jun-19| 06:50 \nchgctos.asx| changecontenttypeoptionalsettings.aspx| | 8550| 12-Jun-19| 06:50 \nchgcto.asx| changecontenttypeorder.aspx| | 7816| 12-Jun-19| 06:50 \nchgford.asx| changefieldorder.aspx| | 7536| 12-Jun-19| 06:50 \ncheckin.asx| checkin.aspx| | 16116| 12-Jun-19| 06:50 \nchkperm.asx| chkperm.aspx| | 10498| 12-Jun-19| 06:50 \nclcnfm.asx| circulationconfirm.aspx| | 216| 12-Jun-19| 06:50 \nclose.asx| closeconnection.aspx| | 1866| 12-Jun-19| 06:50 \ncmdui.asx| commandui.ashx| | 203| 12-Jun-19| 06:50 \nconfirm.asx| confirmation.aspx| | 1211| 12-Jun-19| 06:50 \ncfmupg.asx| confirmsiteupgrade.aspx| | 3715| 12-Jun-19| 06:50 \ncfmupg.asx_14| confirmsiteupgrade.aspx| | 3712| 12-Jun-19| 06:50 \nconngps.asx| conngps.aspx| | 8490| 12-Jun-19| 06:50 \ncontpick.asx| containerpicker.aspx| | 443| 12-Jun-19| 06:50 \ncopy.asx| copy.aspx| | 15509| 12-Jun-19| 06:50 \ncopyres.asx| copyresults.aspx| | 10337| 12-Jun-19| 06:50 \ncopyrole.asx| copyrole.aspx| | 68509| 12-Jun-19| 06:50 \ncopyutil.asx| copyutil.aspx| | 2333| 12-Jun-19| 06:50 \ncreate.asx| create.aspx| | 33731| 12-Jun-19| 06:50 \ncrtadact.asx| createadaccount.aspx| | 7233| 12-Jun-19| 06:50 \ncrlstpkr.asx| createlistpickerpage.aspx| | 4809| 12-Jun-19| 06:50 \ncreatenewdoc.asx| createnewdocument.aspx| | 5021| 12-Jun-19| 06:50 \ncreatenewdoc.asx_14| createnewdocument.aspx| | 5021| 12-Jun-19| 06:50 \ncreatews.asx| createws.aspx| | 5078| 12-Jun-19| 06:50 \nctypedit.asx| ctypedit.aspx| | 10808| 12-Jun-19| 06:50 \nctypenew.asx| ctypenew.aspx| | 11913| 12-Jun-19| 06:50 \ndeacfeat.asx| deactivatefeature.aspx| | 4424| 12-Jun-19| 06:50 \ndefcss.asx| defaultcss.ashx| | 193| 12-Jun-19| 06:50 \ndefloc.asx| definelocation.aspx| | 4002| 12-Jun-19| 06:50 \ndeletemu.asx| deletemu.aspx| | 188| 12-Jun-19| 06:50 \ndelweb.asx| deleteweb.aspx| | 8062| 12-Jun-19| 06:50 \ndeptsapp.asx| deploytsapp.aspx| | 15800| 12-Jun-19| 06:50 \ndesnbld.asx| designbuilder.aspx| | 6683| 12-Jun-19| 06:50 \ndesndat.asx| designdata.ashx| | 208| 12-Jun-19| 06:50 \ndesngal.asx| designgallery.aspx| | 3475| 12-Jun-19| 06:50 \ndesnprv.asx| designpreview.aspx| | 5615| 12-Jun-19| 06:50 \ndevdash.asx| devdash.aspx| | 2357| 12-Jun-19| 06:50 \ndiscbar.asx| discbar.aspx| | 2448| 12-Jun-19| 06:50 \ndladvopt.asx| dladvopt.aspx| | 19446| 12-Jun-19| 06:50 \ndoctran.asx| doctrans.aspx| | 11465| 12-Jun-19| 06:50 \ndownload.asx| download.aspx| | 155| 12-Jun-19| 06:50 \ndextdata.asx| downloadexternaldata.aspx| | 870| 12-Jun-19| 06:50 \ndws.asx| dws.aspx| | 4368| 12-Jun-19| 06:50 \neditcopy.asx| editcopyinformation.aspx| | 12731| 12-Jun-19| 06:50 \neditgrp.asx| editgrp.aspx| | 19005| 12-Jun-19| 06:50 \neditidx.asx| editindex.aspx| | 7133| 12-Jun-19| 06:50 \neditnav.asx| editnav.aspx| | 6298| 12-Jun-19| 06:50 \neditprms.asx| editprms.aspx| | 5371| 12-Jun-19| 06:50 \neditrole.asx| editrole.aspx| | 69296| 12-Jun-19| 06:50 \nemaildet.asx| emaildetails.aspx| | 5368| 12-Jun-19| 06:50 \nemailset.asx| emailsettings.aspx| | 25980| 12-Jun-19| 06:50 \nerror.asx| error.aspx| | 5011| 12-Jun-19| 06:50 \nevalupg.asx| evaluatesiteupgrade.aspx| | 5395| 12-Jun-19| 06:50 \nevalupg.asx_14| evaluatesiteupgrade.aspx| | 5386| 12-Jun-19| 06:50 \nexporttr.asx| exporttranslations.aspx| | 7907| 12-Jun-19| 06:50 \nfilesred.xml| filestoredirect.sts.xml| | 3378| 12-Jun-19| 06:50 \nfilter.asx| filter.aspx| | 1679| 12-Jun-19| 06:50 \nfldedit.asx| fldedit.aspx| | 208271| 12-Jun-19| 06:50 \nfldedtex.asx| fldeditex.aspx| | 24858| 12-Jun-19| 06:50 \nfldnew.asx| fldnew.aspx| | 203182| 12-Jun-19| 06:50 \nfldnewex.asx| fldnewex.aspx| | 25047| 12-Jun-19| 06:50 \nfldpick.asx| fldpick.aspx| | 9869| 12-Jun-19| 06:50 \nformedt.asx| formedt.aspx| | 21543| 12-Jun-19| 06:50 \ngear.asx| gear.aspx| | 3255| 12-Jun-19| 06:50 \ngbredir.asx| groupboardredirect.aspx| | 216| 12-Jun-19| 06:50 \ngroups.asx| groups.aspx| | 9600| 12-Jun-19| 06:50 \nguestaccess.asx| guestaccess.aspx| | 158| 12-Jun-19| 06:50 \nhelp.asx| help.aspx| | 6803| 12-Jun-19| 06:50 \nhelpcont.asx| helpcontent.aspx| | 690| 12-Jun-19| 06:50 \nhelpsrch.asx| helpsearch.aspx| | 1473| 12-Jun-19| 06:50 \nhelpstg.asx| helpsettings.aspx| | 6298| 12-Jun-19| 06:50 \ntsksvc.asx| hierarchytasksservice.ashx| | 211| 12-Jun-19| 06:50 \nhtmledit.asx| htmledit.aspx| | 13128| 12-Jun-19| 06:50 \nhtmlfieldsecurity.asx| htmlfieldsecurity.aspx| | 12545| 12-Jun-19| 06:50 \nhtmltran.asx| htmltranslate.aspx| | 862| 12-Jun-19| 06:50 \nhtredir.asx| htmltrredir.aspx| | 6388| 12-Jun-19| 06:50 \nhtverify.asx| htmltrverify.aspx| | 6674| 12-Jun-19| 06:50 \niframe.asx| iframe.aspx| | 2029| 12-Jun-19| 06:50 \nimporttr.asx| importtranslations.aspx| | 5800| 12-Jun-19| 06:50 \nindxcol2.asx| indexedcolumns.aspx| | 5424| 12-Jun-19| 06:50 \nindxcol.asx| indxcol.aspx| | 10385| 12-Jun-19| 06:50 \ninfopage.asx| infopage.aspx| | 3782| 12-Jun-19| 06:50 \ninplview.asx| inplview.aspx| | 2378| 12-Jun-19| 06:50 \ninstpapp.asx| installprojapp.aspx| | 5946| 12-Jun-19| 06:50 \nirm.asx| irm.aspx| | 23151| 12-Jun-19| 06:50 \nirmrept.asx| irmrept.aspx| | 8437| 12-Jun-19| 06:50 \nitemrwfassoc.aspx| itemrwfassoc.aspx| | 52428| 12-Jun-19| 06:50 \njsonmetadata.asx| jsonmetadata.ashx| | 203| 12-Jun-19| 06:50 \nlayouts.smp| layouts.sitemap| | 24335| 12-Jun-19| 06:50 \nlropst.asx| layoutslroperationstatus.aspx| | 5004| 12-Jun-19| 06:50 \nlayotweb.cfg| layoutsweb.config| | 2064| 12-Jun-19| 06:50 \nlistedit.asx| listedit.aspx| | 47609| 12-Jun-19| 06:50 \nlistfeed.asx| listfeed.aspx| | 155| 12-Jun-19| 06:50 \nlistform.asx| listform.aspx| | 871| 12-Jun-19| 06:50 \nlstgenst.asx| listgeneralsettings.aspx| | 11979| 12-Jun-19| 06:50 \nlistsynd.asx| listsyndication.aspx| | 25282| 12-Jun-19| 06:50 \nlogin.asx| login.aspx| | 2598| 12-Jun-19| 06:50 \nlstsetng.asx| lstsetng.aspx| | 62369| 12-Jun-19| 06:50 \nmngcof.asx| managecheckedoutfiles.aspx| | 11768| 12-Jun-19| 06:50 \nmngct.asx| managecontenttype.aspx| | 9523| 12-Jun-19| 06:50 \nmngf.asx| managecontenttypefield.aspx| | 9277| 12-Jun-19| 06:50 \nmngcops.asx| managecopies.aspx| | 13582| 12-Jun-19| 06:50 \nmngfeat.asx| managefeatures.aspx| | 4571| 12-Jun-19| 06:50 \nmcontent.asx| mcontent.aspx| | 4742| 12-Jun-19| 06:50 \nmetablog.asx| metaweblog.aspx| | 172| 12-Jun-19| 06:50 \nmngctype.asx| mngctype.aspx| | 5738| 12-Jun-19| 06:50 \nmngfield.asx| mngfield.aspx| | 5836| 12-Jun-19| 06:50 \nmngstadm.asx| mngsiteadmin.aspx| | 5456| 12-Jun-19| 06:50 \nmngsubwb.asx| mngsubwebs.aspx| | 11725| 12-Jun-19| 06:50 \nbloghome.asx_mobile| bloghome.aspx| | 3210| 12-Jun-19| 06:50 \ndefault.asx_mobile| default.aspx| | 1513| 12-Jun-19| 06:50 \ndelete.asx_mobile| delete.aspx| | 2298| 12-Jun-19| 06:50 \ndispform.asx_mobile| dispform.aspx| | 2428| 12-Jun-19| 06:50 \ndisppost.asx_mobile| disppost.aspx| | 3234| 12-Jun-19| 06:50 \neditform.asx_mobile| editform.aspx| | 4798| 12-Jun-19| 06:50 \ndenied.asx_mobile| mbldenied.aspx| | 1619| 12-Jun-19| 06:50 \nerror.asx_mobile| mblerror.aspx| | 2172| 12-Jun-19| 06:50 \nmbllists.asx_mobile| mbllists.aspx| | 2645| 12-Jun-19| 06:50 \nmbllogin.asx_mobile| mbllogin.aspx| | 5361| 12-Jun-19| 06:50 \nmblogout.asx_mobile| mbllogout.aspx| | 5003| 12-Jun-19| 06:50 \nmltlogin.asx_mobile| mblmultilogin.aspx| | 4957| 12-Jun-19| 06:50 \nmblwiki.asx_mobile| mblwiki.aspx| | 3598| 12-Jun-19| 06:50 \nmblwp.asx_mobile| mblwp.aspx| | 3603| 12-Jun-19| 06:50 \nmblwpdtl.asx_mobile| mblwpdetail.aspx| | 2567| 12-Jun-19| 06:50 \nnewcmt.asx_mobile| newcomment.aspx| | 2762| 12-Jun-19| 06:50 \nnewform.asx_mobile| newform.aspx| | 4796| 12-Jun-19| 06:50 \nnewpost.asx_mobile| newpost.aspx| | 2777| 12-Jun-19| 06:50 \nupload.asx_mobile| upload.aspx| | 3491| 12-Jun-19| 06:50 \nview.asx_mobile| view.aspx| | 2424| 12-Jun-19| 06:50 \nviewcmt.asx_mobile| viewcomment.aspx| | 3223| 12-Jun-19| 06:50 \nviewfilter.asx_mobile| viewfilter.aspx| | 3747| 12-Jun-19| 06:50 \nweb.cfg_mobile| web.config| | 10909| 12-Jun-19| 06:50 \nmorecols.asx| morecolors.aspx| | 4163| 12-Jun-19| 06:50 \napp.mas| application.master| | 13756| 12-Jun-19| 06:50 \nappv4.mas| applicationv4.master| | 20553| 12-Jun-19| 06:50 \nbutsec.asc_0001| buttonsection.ascx| | 3836| 12-Jun-19| 06:50 \ndialog.mas| dialog.master| | 12646| 12-Jun-19| 06:50 \nerrv15.mas| errorv15.master| | 3482| 12-Jun-19| 06:50 \nifcont.asc_0001| inputformcontrol.ascx| | 2568| 12-Jun-19| 06:50 \nifsect.asc_0001| inputformsection.ascx| | 5204| 12-Jun-19| 06:50 \nlayouts.mas| layouts.master| | 13244| 12-Jun-19| 06:50 \nlkfldedt.asc_0001| lookupfieldeditor.ascx| | 10383| 12-Jun-19| 06:50 \nlkreledt.asc_0001| lookuprelationshipseditor.ascx| | 7752| 12-Jun-19| 06:50 \npickerdialog.mas| pickerdialog.master| | 8912| 12-Jun-19| 06:50 \nrtedlg.mas| rtedialog.master| | 3199| 12-Jun-19| 06:50 \nsimple.mas| simple.master| | 10243| 12-Jun-19| 06:50 \nsimpv4.mas| simplev4.master| | 6530| 12-Jun-19| 06:50 \ntmpctl.asc_0001| templatepickercontrol.ascx| | 3264| 12-Jun-19| 06:50 \ntopnavbr.asc_0001| topnavbar.ascx| | 6462| 12-Jun-19| 06:50 \nurfldedt.asc_0001| userfieldeditor.ascx| | 6555| 12-Jun-19| 06:50 \nmuisetng.asx| muisetng.aspx| | 3521| 12-Jun-19| 06:50 \nmwpstg.asx| mwpsettings.aspx| | 14042| 12-Jun-19| 06:50 \nmyprmns.asx| mypermissions.aspx| | 5239| 12-Jun-19| 06:50 \nmysubs.asx| mysubs.aspx| | 13142| 12-Jun-19| 06:50 \nnavopt.asx| navoptions.aspx| | 7337| 12-Jun-19| 06:50 \nnew.asx| new.aspx| | 61372| 12-Jun-19| 06:50 \nnewdwp.asx| newdwp.aspx| | 6557| 12-Jun-19| 06:50 \nnewgrp.asx| newgrp.aspx| | 19741| 12-Jun-19| 06:50 \nnewlink.asx| newlink.aspx| | 9284| 12-Jun-19| 06:50 \nnewnav.asx| newnav.aspx| | 6130| 12-Jun-19| 06:50 \nnewsbweb.asx| newsbweb.aspx| | 18686| 12-Jun-19| 06:50 \nnewslwp.asx| newslwp.aspx| | 10513| 12-Jun-19| 06:50 \noauthauthorize.asx| oauthauthorize.aspx| | 11676| 12-Jun-19| 06:50 \npassword.asx| password.aspx| | 8483| 12-Jun-19| 06:50 \npeople.asx| people.aspx| | 22688| 12-Jun-19| 06:50 \npermstup.asx| permsetup.aspx| | 18411| 12-Jun-19| 06:50 \npicker.asx| picker.aspx| | 7885| 12-Jun-19| 06:50 \nportal.asx| portal.aspx| | 9896| 12-Jun-19| 06:50 \nportalvw.asx_0001| portalview.aspx| | 2248| 12-Jun-19| 06:50 \nprjsetng.asx| prjsetng.aspx| | 16270| 12-Jun-19| 06:50 \nprfredir.asx| profileredirect.aspx| | 1605| 12-Jun-19| 06:50 \npubback.asx| publishback.aspx| | 4934| 12-Jun-19| 06:50 \nqlreord.asx| qlreord.aspx| | 10886| 12-Jun-19| 06:50 \nqstedit.asx| qstedit.aspx| | 217711| 12-Jun-19| 06:50 \nqstnew.asx| qstnew.aspx| | 199982| 12-Jun-19| 06:50 \nquiklnch.asx| quiklnch.aspx| | 8030| 12-Jun-19| 06:50 \nrcxform.asx| rcxform.aspx| | 6023| 12-Jun-19| 06:50 \nrecycle.asx| recyclebin.aspx| | 16593| 12-Jun-19| 06:50 \nredirect.asx_0001| redirect.aspx| | 1394| 12-Jun-19| 06:50 \nreghost.asx| reghost.aspx| | 7879| 12-Jun-19| 06:50 \nrgnlstng.asx| regionalsetng.aspx| | 21661| 12-Jun-19| 06:50 \nrndlstd.asx| reindexlistdialog.aspx| | 1762| 12-Jun-19| 06:50 \nrixsite.asx| reindexsitedialog.aspx| | 1771| 12-Jun-19| 06:50 \nrenamepg.asx| renamepagedialog.aspx| | 3946| 12-Jun-19| 06:50 \nreorder.asx| reorder.aspx| | 11743| 12-Jun-19| 06:50 \nreqacc.asx| reqacc.aspx| | 4357| 12-Jun-19| 06:50 \nreqfeat.asx| reqfeatures.aspx| | 3860| 12-Jun-19| 06:50 \nreqgroup.asx| reqgroup.aspx| | 6562| 12-Jun-19| 06:50 \nreqgrpcf.asx| reqgroupconfirm.aspx| | 6425| 12-Jun-19| 06:50 \nrqstapp.asx| requestanapp.aspx| | 7673| 12-Jun-19| 06:50 \nrfcxform.asx| rfcxform.aspx| | 6160| 12-Jun-19| 06:50 \nrfpxform.asx| rfpxform.aspx| | 6497| 12-Jun-19| 06:50 \nroamapp.asx| roamingapps.aspx| | 4614| 12-Jun-19| 06:50 \nrole.asx| role.aspx| | 11001| 12-Jun-19| 06:50 \nrssxslt.asx| rssxslt.aspx| | 3480| 12-Jun-19| 06:50 \nrtedlg.asx| rtedialog.aspx| | 10212| 12-Jun-19| 06:50 \nrteuplod.asx| rteuploaddialog.aspx| | 8044| 12-Jun-19| 06:50 \nsaveconflict.asx| saveconflict.aspx| | 5198| 12-Jun-19| 06:50 \nsavetmpl.asx| savetmpl.aspx| | 17496| 12-Jun-19| 06:50 \nscriptresx.asx| scriptresx.ashx| | 200| 12-Jun-19| 06:50 \nscsignup.asx| scsignup.aspx| | 11428| 12-Jun-19| 06:50 \nsrchrslt.asx| searchresults.aspx| | 5674| 12-Jun-19| 06:50 \nselfservicecreate.asx| selfservicecreate.aspx| | 12745| 12-Jun-19| 06:50 \nsetanon.asx| setanon.aspx| | 12399| 12-Jun-19| 06:50 \nsetrqacc.asx| setrqacc.aspx| | 7631| 12-Jun-19| 06:50 \nsettings.asx| settings.aspx| | 3673| 12-Jun-19| 06:50 \nsetwa.asx| setwhereabouts.aspx| | 212| 12-Jun-19| 06:50 \nsharedwf.asx| sharedwfform.aspx| | 5297| 12-Jun-19| 06:50 \nspdstngs.asx| sharepointdesignersettings.aspx| | 6769| 12-Jun-19| 06:50 \nsignout.asx| signout.aspx| | 1509| 12-Jun-19| 06:50 \nsitehc.asx| sitehealthcheck.aspx| | 3918| 12-Jun-19| 06:50 \nsitehcr.asx| sitehealthcheckresults.aspx| | 4054| 12-Jun-19| 06:50 \nsitehcr.asx_14| sitehealthcheckresults.aspx| | 4054| 12-Jun-19| 06:50 \nsitehc.asx_14| sitehealthcheck.aspx| | 3915| 12-Jun-19| 06:50 \nsiterss.asx| siterss.aspx| | 10595| 12-Jun-19| 06:50 \nsitesubs.asx| sitesubs.aspx| | 13639| 12-Jun-19| 06:50 \nstupgrad.asx| siteupgrade.aspx| | 5373| 12-Jun-19| 06:50 \nstupgsts.asx| siteupgradestatus.aspx| | 8418| 12-Jun-19| 06:50 \nstupgsts.asx_14| siteupgradestatus.aspx| | 8418| 12-Jun-19| 06:50 \nstupgrad.asx_14| siteupgrade.aspx| | 5416| 12-Jun-19| 06:50 \nspcf.asx| spcf.aspx| | 19428| 12-Jun-19| 06:50 \nspcontnt.asx| spcontnt.aspx| | 12854| 12-Jun-19| 06:50 \napplisap.asx| specificapplicensemanagement.aspx| | 29238| 12-Jun-19| 06:50 \nsrchvis.asx| srchvis.aspx| | 10067| 12-Jun-19| 06:50 \nstart.asx| start.aspx| | 1048| 12-Jun-19| 06:50 \nstorefront.asx| storefront.aspx| | 4349| 12-Jun-19| 06:50 \nstorman.asx| storman.aspx| | 10595| 12-Jun-19| 06:50 \ncorefxup.css| corefixup.css| | 469| 12-Jun-19| 06:50 \ndlgframe.css| dlgframe.css| | 2528| 12-Jun-19| 06:50 \njsgrid.css| jsgrid.css| | 27207| 12-Jun-19| 06:50 \njsgrid.csst| jsgrid.css| | 27207| 12-Jun-19| 06:50 \nsubchoos.asx| subchoos.aspx| | 10435| 12-Jun-19| 06:50 \nsubedit.asx| subedit.aspx| | 14784| 12-Jun-19| 06:50 \nsrepair.asx| submitrepair.aspx| | 156| 12-Jun-19| 06:50 \nsubnew.asx| subnew.aspx| | 15223| 12-Jun-19| 06:50 \nsuccess.asx| success.aspx| | 3172| 12-Jun-19| 06:50 \nsurvedit.asx| survedit.aspx| | 37673| 12-Jun-19| 06:50 \ntmptpick.asx| templatepick.aspx| | 5272| 12-Jun-19| 06:50 \ntenappin.asx| tenantappinfo.ashx| | 207| 12-Jun-19| 06:50 \nthemeweb.asx| themeweb.aspx| | 1339| 12-Jun-19| 06:50 \ntcsetng.asx| timecardsettings.aspx| | 15814| 12-Jun-19| 06:50 \ntnreord.asx| tnreord.aspx| | 8361| 12-Jun-19| 06:50 \ntoolpane.asx| toolpane.aspx| | 2370| 12-Jun-19| 06:50 \ntopnav.asx| topnav.aspx| | 7717| 12-Jun-19| 06:50 \nuniqperm.asx| uniqperm.aspx| | 9818| 12-Jun-19| 06:50 \nupdcops.asx| updatecopies.aspx| | 12032| 12-Jun-19| 06:50 \nupload.asx| upload.aspx| | 13234| 12-Jun-19| 06:50 \nusage.asx| usage.aspx| | 7871| 12-Jun-19| 06:50 \nusagedtl.asx| usagedetails.aspx| | 6089| 12-Jun-19| 06:50 \nuseconf.asx| useconfirmation.aspx| | 3520| 12-Jun-19| 06:50 \nuser.asx| user.aspx| | 27691| 12-Jun-19| 06:50 \nuserdisp.asx| userdisp.aspx| | 4299| 12-Jun-19| 06:50 \nuseredit.asx| useredit.aspx| | 4175| 12-Jun-19| 06:50 \nuserserr.asx| usersettingserror.aspx| | 1848| 12-Jun-19| 06:50 \nversions.asx| versions.aspx| | 35361| 12-Jun-19| 06:50 \nviewedit.asx| viewedit.aspx| | 220325| 12-Jun-19| 06:50 \nvwgrpprm.asx| viewgrouppermissions.aspx| | 5199| 12-Jun-19| 06:50 \nviewlsts.asx| viewlsts.aspx| | 33824| 12-Jun-19| 06:50 \nviewnew.asx| viewnew.aspx| | 218013| 12-Jun-19| 06:50 \nviewtype.asx| viewtype.aspx| | 26314| 12-Jun-19| 06:50 \nvldsetng.asx| vldsetng.aspx| | 8912| 12-Jun-19| 06:50 \nvsmenu.asx| vsmenu.aspx| | 2059| 12-Jun-19| 06:50 \nvsubwebs.asx| vsubwebs.aspx| | 6028| 12-Jun-19| 06:50 \nwebdeltd.asx| webdeleted.aspx| | 1500| 12-Jun-19| 06:50 \nwppicker.asx| webpartgallerypickerpage.aspx| | 7202| 12-Jun-19| 06:50 \nwopiframe.asx| wopiframe.aspx| | 1968| 12-Jun-19| 06:50 \nwopiframe.asx_14| wopiframe.aspx| | 1968| 12-Jun-19| 06:50 \nwopiframe2.asx| wopiframe2.aspx| | 1957| 12-Jun-19| 06:50 \nwopiframe2.asx_14| wopiframe2.aspx| | 1957| 12-Jun-19| 06:50 \nworkspce.asx| workspce.aspx| | 8290| 12-Jun-19| 06:50 \nwpeula.asx| wpeula.aspx| | 5740| 12-Jun-19| 06:50 \nwpprevw.asx| wpprevw.aspx| | 4943| 12-Jun-19| 06:50 \nwpribbon.asx| wpribbon.aspx| | 761| 12-Jun-19| 06:50 \nwsauplod.asx| wsaupload.ashx| | 198| 12-Jun-19| 06:50 \nwss.rsx| wss.resx| | 723698| 12-Jun-19| 06:50 \nproxy.asx| wssproxy.aspx| | 1448| 12-Jun-19| 06:50 \nzoombldr.asx| zoombldr.aspx| | 12801| 12-Jun-19| 06:50 \nbdrdflt.aspx| default.aspx| | 4026| 12-Jun-19| 06:50 \ndefault.aspx_sts| default.aspx| | 4026| 12-Jun-19| 06:50 \ndefault.aspx_dws| defaultdws.aspx| | 4376| 12-Jun-19| 06:50 \nonet.xml_wss| onet.xml| | 12257| 12-Jun-19| 06:50 \nthemedforegroundimages.css| themedforegroundimages.css| | 28675| 12-Jun-19| 06:50 \ntaddconn.aspx_tenantadmin| ta_addappconnection.aspx| | 11735| 12-Jun-19| 06:50 \ntbdcadac.aspx_tenantadmin| ta_addbdcaction.aspx| | 12621| 12-Jun-19| 06:50 \ntbdcadap.aspx_tenantadmin| ta_addbdcapplication.aspx| | 8942| 12-Jun-19| 06:50 \nappliaap.aspx_tenantadmin| ta_allapplicensesmanagement.aspx| | 8178| 12-Jun-19| 06:50 \nappprincipals.aspx_tenantadmin| ta_allappprincipals.aspx| | 6769| 12-Jun-19| 06:50 \ntbcshome.aspx_tenantadmin| ta_bcshome.aspx| | 4633| 12-Jun-19| 06:50 \ntbdcapps.aspx_tenantadmin| ta_bdcapplications.aspx| | 13499| 12-Jun-19| 06:50 \ntbdclobsettings.aspx_tenantadmin| ta_bdclobsettings.aspx| | 6798| 12-Jun-19| 06:50 \ncreatecc.aspx_tenantadmin| ta_createcorporatecatalog.aspx| | 12183| 12-Jun-19| 06:50 \nnewsitec.aspx_tenantadmin| ta_createsitecollection.aspx| | 11081| 12-Jun-19| 06:50 \nnewconfi.aspx_tenantadmin| ta_createsitecollectionconfirmation.aspx| | 3028| 12-Jun-19| 06:50 \ndelsitec.aspx_tenantadmin| ta_deletesitecollectiondialog.aspx| | 3562| 12-Jun-19| 06:50 \ntbdcedac.aspx_tenantadmin| ta_editbdcaction.aspx| | 12268| 12-Jun-19| 06:50 \ntbdcexap.aspx_tenantadmin| ta_exportbdcapplication.aspx| | 7749| 12-Jun-19| 06:50 \ntlropsta.aspx_tenantadmin| ta_lroperationstatus.aspx| | 3645| 12-Jun-19| 06:50 \ntconmeta.aspx_tenantadmin| ta_manageappconnectionmetadata.aspx| | 8491| 12-Jun-19| 06:50 \ntconnsec.aspx_tenantadmin| ta_manageappconnectionsecurity.aspx| | 4495| 12-Jun-19| 06:50 \ntbdcperm.aspx_tenantadmin| ta_managebdcpermissions.aspx| | 4069| 12-Jun-19| 06:50 \ncorpcat.aspx_tenantadmin| ta_managecorporatecatalog.aspx| | 6403| 12-Jun-19| 06:50 \nmktplset.aspx_tenantadmin| ta_managemarketplacesettings.aspx| | 6296| 12-Jun-19| 06:50 \nofadmin.aspx_tenantadmin| ta_officialfileadmin.aspx| | 11323| 12-Jun-19| 06:50 \nsitecdq.aspx_tenantadmin| ta_sitecollectiondiskquotadialog.aspx| | 10735| 12-Jun-19| 06:50 \nsitecown.aspx_tenantadmin| ta_sitecollectionownersdialog.aspx| | 5705| 12-Jun-19| 06:50 \nsitecper.aspx_tenantadmin| ta_sitecollectionpermissionsdialog.aspx| | 2637| 12-Jun-19| 06:50 \nsitecrep.aspx_tenantadmin| ta_sitecollectionreportsdialog.aspx| | 2637| 12-Jun-19| 06:50 \nsitecoll.aspx_tenantadmin| ta_sitecollections.aspx| | 9478| 12-Jun-19| 06:50 \napplisap.aspx_tenantadmin| ta_specificapplicensemanagement.aspx| | 27508| 12-Jun-19| 06:50 \ntviewcon.aspx_tenantadmin| ta_viewappconnections.aspx| | 8814| 12-Jun-19| 06:50 \ntbdcvwap.aspx_tenantadmin| ta_viewbdcapplication.aspx| | 16234| 12-Jun-19| 06:50 \ntbdcvwen.aspx_tenantadmin| ta_viewbdcentity.aspx| | 16454| 12-Jun-19| 06:50 \ntbdcvwli.aspx_tenantadmin| ta_viewbdclobsysteminstances.aspx| | 10289| 12-Jun-19| 06:50 \ntbdcvwlb.aspx_tenantadmin| ta_viewbdclobsystems.aspx| | 13386| 12-Jun-19| 06:50 \nvsitecp.aspx_tenantadmin| ta_viewsitecollectionpropertiesdialog.aspx| | 6189| 12-Jun-19| 06:50 \ndefault.aspx_tenantadmin| default.aspx| | 3882| 12-Jun-19| 06:50 \nonet.xml_tenantadmin| onet.xml| | 5726| 12-Jun-19| 06:50 \nthread.xsl| thread.xsl| | 34542| 12-Jun-19| 06:50 \nusercode.xsd| usercode.xsd| | 4293| 12-Jun-19| 06:50 \nvalidapp.xml| validappendpoints.xml| | 15837| 12-Jun-19| 06:50 \nvwstyles.xsl| vwstyles.xsl| | 130800| 12-Jun-19| 06:50 \nwefman.xsd| wefextensionmanifestschema.xsd| | 51975| 12-Jun-19| 06:50 \nwefma1_1.xsd| wefextensionmanifestschema1_1.xsd| | 57288| 12-Jun-19| 06:50 \nbacklink.aspx_webpagelib| backlinks.aspx| | 4069| 12-Jun-19| 06:50 \ncrtv4pgs.asx| createv4pageslib.aspx| | 3584| 12-Jun-19| 06:50 \ncreatweb.asx| createwebpage.aspx| | 10792| 12-Jun-19| 06:50 \nrecentwp.asx| recentwikipages.aspx| | 3790| 12-Jun-19| 06:50 \nversdiff.aspx_webpagelib| versiondiff.aspx| | 5692| 12-Jun-19| 06:50 \nwikiredr.aspx| wikiredirect.aspx| | 1123| 12-Jun-19| 06:50 \nonet.xml_wiki| onet.xml| | 8372| 12-Jun-19| 06:50 \nwfaction.xsd| workflowactions.xsd| | 14033| 12-Jun-19| 06:50 \nwss.xsd| wss.xsd| | 112463| 12-Jun-19| 06:50 \nbase.xml| base.xml| | 21747| 12-Jun-19| 06:50 \nsts.xml| sts.xml| | 14413| 12-Jun-19| 06:50 \nwssadmin.xml| wssadmin.xml| | 9317| 12-Jun-19| 06:50 \nresqmax.xml_0001| resourcequotamaximum.xml| | 565| 12-Jun-19| 06:50 \nresqwarn.xml_0001| resourcequotawarning.xml| | 563| 12-Jun-19| 06:50 \nowstimer.exe_0001| owstimer.exe| 15.0.4971.1000| 80608| 12-Jun-19| 06:50 \nowstimer.exe.config| owstimer.exe.config| | 481| 12-Jun-19| 06:50 \ntraceman.exe| wsstracing.exe| 15.0.4569.1501| 115904| 12-Jun-19| 06:49 \nspwriter.exe_0001| spwriter.exe| 15.0.4971.1000| 50944| 12-Jun-19| 06:50 \nstswel.dll| stswel.dll| 15.0.5153.1000| 3918416| 12-Jun-19| 06:50 \nstswfacb.dll| microsoft.sharepoint.workflowactions.dll| 15.0.4857.1000| 318728| 12-Jun-19| 06:50 \nstswfact.dll| microsoft.sharepoint.workflowactions.dll| 15.0.4857.1000| 318728| 12-Jun-19| 06:50 \nstswfaci.dll| microsoft.sharepoint.workflowactions.intl.dll| 15.0.4420.1017| 23200| 12-Jun-19| 06:50 \nisswfresources.resx| resources.resx| | 2072| 12-Jun-19| 06:50 \nisswffeature.xml| feature.xml| | 465| 12-Jun-19| 06:50 \nissuetracking.xml| issuetracking.xml| | 749| 12-Jun-19| 06:50 \nsts.workflows.dll| microsoft.sharepoint.workflows.dll| 15.0.4507.1000| 63168| 12-Jun-19| 06:50 \nworkflows_intl.dll| microsoft.sharepoint.workflows.intl.dll| 15.0.4420.1017| 13448| 12-Jun-19| 06:50 \nie50up.debug.js| ie50up.debug.js| | 152255| 12-Jun-19| 06:50 \nie50up.js| ie50up.js| | 80551| 12-Jun-19| 06:50 \nie50up.xml| ie50up.xml| | 65| 12-Jun-19| 06:50 \nie55up.debug.js| ie55up.debug.js| | 151449| 12-Jun-19| 06:50 \nie55up.js| ie55up.js| | 80012| 12-Jun-19| 06:50 \nie55up.xml| ie55up.xml| | 65| 12-Jun-19| 06:50 \nnon_ie.debug.js| non_ie.debug.js| | 101533| 12-Jun-19| 06:50 \nnon_ie.js| non_ie.js| | 59623| 12-Jun-19| 06:50 \nnon_ie.xml| non_ie.xml| | 65| 12-Jun-19| 06:50 \nbpstd.debug.js| bpstd.debug.js| | 7637| 12-Jun-19| 06:50 \nbpstd.js| bpstd.js| | 4356| 12-Jun-19| 06:50 \nbpstd.xml| bpstd.xml| | 65| 12-Jun-19| 06:50 \nctp.debug.js| ctp.debug.js| | 7406| 12-Jun-19| 06:50 \nctp.js| ctp.js| | 3934| 12-Jun-19| 06:50 \nctp.xml| ctp.xml| | 65| 12-Jun-19| 06:50 \ncvtp.debug.js| cvtp.debug.js| | 4529| 12-Jun-19| 06:50 \ncvtp.js| cvtp.js| | 2412| 12-Jun-19| 06:50 \ncvtp.xml| cvtp.xml| | 65| 12-Jun-19| 06:50 \nitp.debug.js| itp.debug.js| | 12586| 12-Jun-19| 06:50 \nitp.js| itp.js| | 9525| 12-Jun-19| 06:50 \nitp.xml| itp.xml| | 65| 12-Jun-19| 06:50 \nxtp.debug.js| xtp.debug.js| | 2979| 12-Jun-19| 06:50 \nxtp.js| xtp.js| | 1491| 12-Jun-19| 06:50 \nsts_sandbox.dll| microsoft.sharepoint.sandbox.dll| 15.0.5151.1000| 187176| 12-Jun-19| 06:50 \naddrbook.gif| addressbook.gif| | 908| 11-Jun-19| 10:11 \ncalview.gif| calview.gif| | 1615| 11-Jun-19| 10:11 \nchecknames.gif| checknames.gif| | 908| 11-Jun-19| 10:11 \nganttvw.gif| ganttview.gif| | 1625| 11-Jun-19| 10:11 \ngrid.gif| grid.gif| | 1610| 11-Jun-19| 10:11 \nicaccdb.gif| icaccdb.gif| | 231| 11-Jun-19| 10:10 \nicaccde.gif| icaccde.gif| | 222| 11-Jun-19| 10:11 \nicbmp.gif| icbmp.gif| | 355| 11-Jun-19| 10:10 \nicdoc.gif| icdoc.gif| | 231| 11-Jun-19| 10:10 \nicdocm.gif| icdocm.gif| | 236| 11-Jun-19| 10:11 \nicdocset.gif| icdocset.gif| | 221| 11-Jun-19| 10:10 \nicdocx.gif| icdocx.gif| | 224| 11-Jun-19| 10:11 \nicdot.gif| icdot.gif| | 223| 11-Jun-19| 10:10 \nicdotm.gif| icdotm.gif| | 235| 11-Jun-19| 10:11 \nicdotx.gif| icdotx.gif| | 221| 11-Jun-19| 10:11 \nicgif.gif| icgif.gif| | 220| 11-Jun-19| 10:10 \nichtmdoc.gif| ichtmdoc.gif| | 229| 11-Jun-19| 10:10 \nichtmppt.gif| ichtmppt.gif| | 227| 11-Jun-19| 10:10 \nichtmpub.gif| ichtmpub.gif| | 227| 11-Jun-19| 10:10 \nichtmxls.gif| ichtmxls.gif| | 239| 11-Jun-19| 10:10 \nicinfopathgeneric.gif| icinfopathgeneric.gif| | 216| 11-Jun-19| 10:11 \nicjfif.gif| icjfif.gif| | 214| 11-Jun-19| 10:10 \nicjpe.gif| icjpe.gif| | 214| 11-Jun-19| 10:10 \nicjpeg.gif| icjpeg.gif| | 214| 11-Jun-19| 10:10 \nicjpg.gif| icjpg.gif| | 214| 11-Jun-19| 10:10 \nicmhtpub.gif| icmhtpub.gif| | 225| 11-Jun-19| 10:11 \nicmpd.gif| icmpd.gif| | 218| 11-Jun-19| 10:10 \nicmpp.gif| icmpp.gif| | 222| 11-Jun-19| 10:10 \nicmpt.gif| icmpt.gif| | 221| 11-Jun-19| 10:10 \nicodp.gif| icodp.gif| | 354| 11-Jun-19| 10:11 \nicods.gif| icods.gif| | 369| 11-Jun-19| 10:11 \nicodt.gif| icodt.gif| | 358| 11-Jun-19| 10:11 \nicone.gif| icone.gif| | 215| 11-Jun-19| 10:10 \niconp.gif| iconp.gif| | 223| 11-Jun-19| 10:11 \nicont.gif| icont.gif| | 216| 11-Jun-19| 10:11 \nicpng.gif| icpng.gif| | 349| 11-Jun-19| 10:10 \nicpot.gif| icpot.gif| | 164| 11-Jun-19| 10:10 \nicpotm.gif| icpotm.gif| | 233| 11-Jun-19| 10:11 \nicpotx.gif| icpotx.gif| | 220| 11-Jun-19| 10:11 \nicppt.gif| icppt.gif| | 168| 11-Jun-19| 10:10 \nicpptm.gif| icpptm.gif| | 236| 11-Jun-19| 10:11 \nicpptx.gif| icpptx.gif| | 222| 11-Jun-19| 10:11 \nicpub.gif| icpub.gif| | 221| 11-Jun-19| 10:10 \nictif.gif| ictif.gif| | 355| 11-Jun-19| 10:10 \nictiff.gif| ictiff.gif| | 355| 11-Jun-19| 10:10 \nicvdw.gif| icvdw.gif| | 219| 11-Jun-19| 10:10 \nicvdx.gif| icvdx.gif| | 231| 11-Jun-19| 10:10 \nicvidset.gif| icvidset.gif| | 92| 11-Jun-19| 10:10 \nicvisiogeneric.gif| icvisiogeneric.gif| | 231| 11-Jun-19| 10:11 \nicvsd.gif| icvsd.gif| | 231| 11-Jun-19| 10:10 \nicvsdm.gif| icvsdm.gif| | 231| 11-Jun-19| 10:10 \nicvsdx.gif| icvsdx.gif| | 231| 11-Jun-19| 10:10 \nicvsl.gif| icvsl.gif| | 211| 11-Jun-19| 10:10 \nicvss.gif| icvss.gif| | 163| 11-Jun-19| 10:10 \nicvssm.gif| icvssm.gif| | 163| 11-Jun-19| 10:10 \nicvssx.gif| icvssx.gif| | 163| 11-Jun-19| 10:10 \nicvst.gif| icvst.gif| | 228| 11-Jun-19| 10:10 \nicvstm.gif| icvstm.gif| | 228| 11-Jun-19| 10:10 \nicvstx.gif| icvstx.gif| | 228| 11-Jun-19| 10:10 \nicvsx.gif| icvsx.gif| | 163| 11-Jun-19| 10:10 \nicvtx.gif| icvtx.gif| | 228| 11-Jun-19| 10:10 \nicxddoc.gif| icxddoc.gif| | 220| 11-Jun-19| 10:10 \nicxls.gif| icxls.gif| | 236| 11-Jun-19| 10:10 \nicxlsb.gif| icxlsb.gif| | 237| 11-Jun-19| 10:11 \nicxlsm.gif| icxlsm.gif| | 352| 11-Jun-19| 10:11 \nicxlsx.gif| icxlsx.gif| | 236| 11-Jun-19| 10:11 \nicxlt.gif| icxlt.gif| | 229| 11-Jun-19| 10:10 \nicxltm.gif| icxltm.gif| | 352| 11-Jun-19| 10:11 \nicxltx.gif| icxltx.gif| | 231| 11-Jun-19| 10:11 \nicxsn.gif| icxsn.gif| | 214| 11-Jun-19| 10:11 \nlg_accdb.gif| lg_icaccdb.gif| | 471| 11-Jun-19| 10:11 \nlg_accdb.png| lg_icaccdb.png| | 1634| 11-Jun-19| 10:11 \nlg_accde.gif| lg_icaccde.gif| | 479| 11-Jun-19| 10:11 \nlg_bmp.gif| lg_icbmp.gif| | 604| 11-Jun-19| 10:11 \nlg_gif.gif| lg_icgif.gif| | 501| 11-Jun-19| 10:11 \nlg_htdoc.gif| lg_ichtmdoc.gif| | 510| 11-Jun-19| 10:11 \nlg_htppt.gif| lg_ichtmppt.gif| | 484| 11-Jun-19| 10:11 \nlg_htpub.gif| lg_ichtmpub.gif| | 482| 11-Jun-19| 10:11 \nlg_htxls.gif| lg_ichtmxls.gif| | 504| 11-Jun-19| 10:11 \nlg_jfif.gif| lg_icjfif.gif| | 433| 11-Jun-19| 10:11 \nlg_jpe.gif| lg_icjpe.gif| | 433| 11-Jun-19| 10:11 \nlg_jpeg.gif| lg_icjpeg.gif| | 433| 11-Jun-19| 10:11 \nlg_jpg.gif| lg_icjpg.gif| | 433| 11-Jun-19| 10:11 \nlg_mpd.gif| lg_icmpd.gif| | 355| 11-Jun-19| 10:11 \nlg_mpp.gif| lg_icmpp.gif| | 363| 11-Jun-19| 10:11 \nlg_mpt.gif| lg_icmpt.gif| | 356| 11-Jun-19| 10:11 \nlg_png.gif| lg_icpng.gif| | 600| 11-Jun-19| 10:11 \nlg_pub.gif| lg_icpub.gif| | 462| 11-Jun-19| 10:11 \nlg_rtf.gif| lg_icrtf.gif| | 481| 11-Jun-19| 10:11 \nlg_tif.gif| lg_ictif.gif| | 604| 11-Jun-19| 10:11 \nlg_tiff.gif| lg_ictiff.gif| | 604| 11-Jun-19| 10:11 \nlg_vdx.gif| lg_icvdx.gif| | 540| 11-Jun-19| 10:11 \nlg_vsd.gif| lg_icvsd.gif| | 540| 11-Jun-19| 10:11 \nlg_vsl.gif| lg_icvsl.gif| | 482| 11-Jun-19| 10:11 \nlg_vss.gif| lg_icvss.gif| | 468| 11-Jun-19| 10:11 \nlg_vst.gif| lg_icvst.gif| | 502| 11-Jun-19| 10:11 \nlg_vstx.gif| lg_icvstx.gif| | 502| 11-Jun-19| 10:11 \nlg_vsx.gif| lg_icvsx.gif| | 468| 11-Jun-19| 10:11 \nlg_vtx.gif| lg_icvtx.gif| | 502| 11-Jun-19| 10:11 \nlg_xddo.gif| lg_icxddoc.gif| | 337| 11-Jun-19| 10:11 \nlg_xsn.gif| lg_icxsn.gif| | 323| 11-Jun-19| 10:11 \nopenfold.gif| openfold.gif| | 142| 11-Jun-19| 10:11 \nituser.gif| ituser.gif| | 1595| 12-Jun-19| 06:50 \nblueprintmtpro.eot| blueprintmtpro.eot| | 24734| 11-Jun-19| 10:11 \nblueprintmtpro.svg| blueprintmtpro.svg| | 105256| 11-Jun-19| 10:11 \nblueprintmtpro.ttf| blueprintmtpro.ttf| | 49468| 11-Jun-19| 10:11 \nblueprintmtpro.woff| blueprintmtpro.woff| | 31724| 11-Jun-19| 10:11 \nblueprintmtprolarge.png| blueprintmtprolarge.png| | 1563| 11-Jun-19| 10:11 \nblueprintmtprosmall.png| blueprintmtprosmall.png| | 1326| 11-Jun-19| 10:11 \ncalibri.eot| calibri.eot| | 167788| 11-Jun-19| 10:11 \ncalibri.svg| calibri.svg| | 365292| 11-Jun-19| 10:11 \ncalibri.ttf| calibri.ttf| | 350124| 11-Jun-19| 10:11 \ncalibri.woff| calibri.woff| | 184156| 11-Jun-19| 10:11 \ncalibrilarge.png| calibrilarge.png| | 1318| 11-Jun-19| 10:11 \ncalibrismall.png| calibrismall.png| | 1170| 11-Jun-19| 10:11 \ncenturygothic.eot| centurygothic.eot| | 60600| 11-Jun-19| 10:11 \ncenturygothic.svg| centurygothic.svg| | 165961| 11-Jun-19| 10:11 \ncenturygothic.ttf| centurygothic.ttf| | 124584| 11-Jun-19| 10:11 \ncenturygothic.woff| centurygothic.woff| | 79732| 11-Jun-19| 10:11 \ncenturygothiclarge.png| centurygothiclarge.png| | 1589| 11-Jun-19| 10:11 \ncenturygothicsmall.png| centurygothicsmall.png| | 1351| 11-Jun-19| 10:11 \ncorbel.eot| corbel.eot| | 96453| 11-Jun-19| 10:11 \ncorbel.svg| corbel.svg| | 185947| 11-Jun-19| 10:11 \ncorbel.ttf| corbel.ttf| | 200316| 11-Jun-19| 10:11 \ncorbel.woff| corbel.woff| | 106184| 11-Jun-19| 10:11 \ncorbellarge.png| corbellarge.png| | 1351| 11-Jun-19| 10:11 \ncorbelsmall.png| corbelsmall.png| | 1171| 11-Jun-19| 10:11 \nimpact.eot| impact.eot| | 56550| 11-Jun-19| 10:11 \nimpact.svg| impact.svg| | 162607| 11-Jun-19| 10:11 \nimpact.ttf| impact.ttf| | 129012| 11-Jun-19| 10:11 \nimpact.woff| impact.woff| | 76992| 11-Jun-19| 10:11 \nimpactlarge.png| impactlarge.png| | 1304| 11-Jun-19| 10:11 \nimpactsmall.png| impactsmall.png| | 1150| 11-Jun-19| 10:11 \nshellicons.eot| shellicons.eot| | 47960| 12-Jun-19| 06:50 \nshellicons.svg| shellicons.svg| | 57730| 12-Jun-19| 06:50 \nshellicons.ttf| shellicons.ttf| | 47768| 12-Jun-19| 06:50 \nshellicons.woff| shellicons.woff| | 26452| 12-Jun-19| 06:50 \ntypewriterelite.eot| typewriterelite.eot| | 27328| 11-Jun-19| 10:11 \ntypewriterelite.svg| typewriterelite.svg| | 77944| 11-Jun-19| 10:11 \ntypewriterelite.ttf| typewriterelite.ttf| | 51708| 11-Jun-19| 10:11 \ntypewriterelite.woff| typewriterelite.woff| | 30976| 11-Jun-19| 10:11 \ntypewriterelitelarge.png| typewriterelitelarge.png| | 1548| 11-Jun-19| 10:11 \ntypewriterelitesmall.png| typewriterelitesmall.png| | 1296| 11-Jun-19| 10:11 \nhelp.xml| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1025| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1026| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1029| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1030| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1032| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1033| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1035| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1037| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1038| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1043| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1044| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1045| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1048| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1050| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1051| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1053| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1054| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1055| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1057| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1058| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1060| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1061| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1062| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1063| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1066| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1081| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1086| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_1087| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_2070| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nwsshelp.xml_2074| microsoft.sharepoint.powershell.dll-help.xml| | 3657496| 12-Jun-19| 06:50 \nicvsdm.gif_14| icvsdm.gif| | 1290| 12-Jun-19| 06:50 \nicvsdx.gif_14| icvsdx.gif| | 1288| 12-Jun-19| 06:50 \nlg_icvsdm.gif_14| lg_icvsdm.gif| | 577| 12-Jun-19| 06:50 \nlg_icvsdx.gif_14| lg_icvsdx.gif| | 540| 12-Jun-19| 06:50 \npickerhierarchycontrol.js_14| pickerhierarchycontrol.js| | 126114| 12-Jun-19| 06:50 \nfldswss3.xml_14| fieldswss3.xml| | 50728| 12-Jun-19| 06:50 \ndispform.aspx_piclib_14| dispform.aspx| | 14311| 12-Jun-19| 06:50 \nmicrosoft.sharepoint.client.silverlight.dll_14| microsoft.sharepoint.client.silverlight.dll| 14.0.7006.1000| 273016| 12-Jun-19| 06:50 \nmicrosoft.sharepoint.client.silverlight.runtime.dll_14| microsoft.sharepoint.client.silverlight.runtime.dll| 14.0.7007.1000| 146040| 12-Jun-19| 06:50 \nblog.xsl_14| blog.xsl| | 40342| 12-Jun-19| 06:50 \nviewcategory.asp_blog_categories_14| viewcategory.aspx| | 13786| 12-Jun-19| 06:50 \nschema.xml_blog_comments_14| schema.xml| | 39634| 12-Jun-19| 06:50 \nviewcomment.asp_blog_comments_14| viewcomment.aspx| | 13786| 12-Jun-19| 06:50 \nviewpost.asp_blog_posts_14| viewpost.aspx| | 13786| 12-Jun-19| 06:50 \ndmslstdispform_aspx_14| dispform.aspx| | 13786| 12-Jun-19| 06:50 \ndepl.xsd_14| deploymentmanifest.xsd| | 74297| 12-Jun-19| 06:50 \ndocicon.xml_14| docicon.xml| | 14475| 12-Jun-19| 06:50 \nfldtypes.xsl_14| fldtypes.xsl| | 128231| 12-Jun-19| 06:50 \ndatepicker.debug.js_14| datepicker.debug.js| | 30848| 12-Jun-19| 06:50 \ndatepick.js_14| datepicker.js| | 20413| 12-Jun-19| 06:50 \nentityeditor.debug.js_14| entityeditor.debug.js| | 59260| 12-Jun-19| 06:50 \nentityeditor.js_14| entityeditor.js| | 38002| 12-Jun-19| 06:50 \ninplview.debug.js_14| inplview.debug.js| | 57512| 12-Jun-19| 06:50 \ninplview.js_14| inplview.js| | 39415| 12-Jun-19| 06:50 \njsgrid.debug.js_14| jsgrid.debug.js| | 785068| 12-Jun-19| 06:50 \njsgrid.js_14| jsgrid.js| | 400019| 12-Jun-19| 06:50 \nsp.debug.js_14| sp.debug.js| | 575930| 12-Jun-19| 06:50 \nsp.js_14| sp.js| | 390757| 12-Jun-19| 06:50 \nsp.ribbon.debug.js_14| sp.ribbon.debug.js| | 325227| 12-Jun-19| 06:50 \nsp.runtime.debug.js_14| sp.runtime.debug.js| | 110347| 12-Jun-19| 06:50 \nsp.runtime.js_14| sp.runtime.js| | 68791| 12-Jun-19| 06:50 \nsp.ui.rte.debug.js_14| sp.ui.rte.debug.js| | 594574| 12-Jun-19| 06:50 \nsp.ui.rte.js_14| sp.ui.rte.js| | 365926| 12-Jun-19| 06:50 \nspgantt.debug.js_14| spgantt.debug.js| | 39173| 12-Jun-19| 06:50 \nspgantt.js_14| spgantt.js| | 19338| 12-Jun-19| 06:50 \ndispform.asx_0071_14| dispform.aspx| | 13786| 12-Jun-19| 06:50 \ndispform.asx_0083_14| dispform.aspx| | 13786| 12-Jun-19| 06:50 \ndispform.asx_0082_14| dispform.aspx| | 13786| 12-Jun-19| 06:50 \ndispform.asx_0072_14| dispform.aspx| | 13786| 12-Jun-19| 06:50 \ndispform.asx_0038_14| dispform.aspx| | 13786| 12-Jun-19| 06:50 \ndispform.asx_0084_14| dispform.aspx| | 13786| 12-Jun-19| 06:50 \ndefformt.asc_14| defaulttemplates.ascx| | 170271| 12-Jun-19| 06:50 \nactredir.asx_14| actionredirect.aspx| | 896| 12-Jun-19| 06:50 \naggsetngs.asx_14| aggregationsettings.aspx| | 8163| 12-Jun-19| 06:50 \nctmark.asx_14| calltrackmark.aspx| | 211| 12-Jun-19| 06:50 \nclcnfm.asx_14| circulationconfirm.aspx| | 216| 12-Jun-19| 06:50 \ncreate.asx_14| create.aspx| | 33257| 12-Jun-19| 06:50 \ndeacfeat.asx_14| deactivatefeature.aspx| | 4240| 12-Jun-19| 06:50 \ndeletemu.asx_14| deletemu.aspx| | 188| 12-Jun-19| 06:50 \nfilter.asx_14| filter.aspx| | 1793| 12-Jun-19| 06:50 \ngbredir.asx_14| groupboardredirect.aspx| | 216| 12-Jun-19| 06:50 \niframe.asx_14| iframe.aspx| | 1494| 12-Jun-19| 06:50 \nlistedit.asx_14| listedit.aspx| | 46078| 12-Jun-19| 06:50 \nmngct.asx_14| managecontenttype.aspx| | 10409| 12-Jun-19| 06:50 \nmngfeat.asx_14| managefeatures.aspx| | 4911| 12-Jun-19| 06:50 \nmngsubwb.asx_14| mngsubwebs.aspx| | 12291| 12-Jun-19| 06:50 \ndefault.asx_mobile_14| default.aspx| | 1513| 12-Jun-19| 06:50 \nmbllogin.asx_mobile_14| mbllogin.aspx| | 5337| 12-Jun-19| 06:50 \nmblwiki.asx_mobile_14| mblwiki.aspx| | 3598| 12-Jun-19| 06:50 \nmblwp.asx_mobile_14| mblwp.aspx| | 3603| 12-Jun-19| 06:50 \npickerdialog.mas_14| pickerdialog.master| | 8739| 12-Jun-19| 06:50 \nrtedlg.mas_14| rtedialog.master| | 3153| 12-Jun-19| 06:50 \npicker.asx_14| picker.aspx| | 8613| 12-Jun-19| 06:50 \npckrrst.asx_14| pickerresult.aspx| | 3| 12-Jun-19| 06:50 \nprjsetng.asx_14| prjsetng.aspx| | 16037| 12-Jun-19| 06:50 \nreqfeat.asx_14| reqfeatures.aspx| | 3750| 12-Jun-19| 06:50 \nsrchrslt.asx_14| searchresults.aspx| | 6013| 12-Jun-19| 06:50 \nsettings.asx_14| settings.aspx| | 9565| 12-Jun-19| 06:50 \nsetwa.asx_14| setwhereabouts.aspx| | 212| 12-Jun-19| 06:50 \nsurvedit.asx_14| survedit.aspx| | 36103| 12-Jun-19| 06:50 \nvwgrpprm.asx_14| viewgrouppermissions.aspx| | 5046| 12-Jun-19| 06:50 \nviewlsts.asx_14| viewlsts.aspx| | 16520| 12-Jun-19| 06:50 \nvwstyles.xsl_14| vwstyles.xsl| | 121144| 12-Jun-19| 06:50 \ncui.debug.js| cui.debug.js| | 646903| 12-Jun-19| 06:50 \ncui.js| cui.js| | 362624| 12-Jun-19| 06:50 \nmicrosoft.web.commandui.dll| microsoft.web.commandui.dll| 15.0.5085.1000| 134976| 15-Jun-19| 05:55 \nmicrosoft.web.commandui.dll_0001| microsoft.web.commandui.dll| 15.0.5085.1000| 134976| 15-Jun-19| 05:55 \nxlsrv.commandui.dll| microsoft.web.commandui.dll| 15.0.5085.1000| 134976| 15-Jun-19| 05:55 \n \nHow to get help and support for this security updateHelp for installing updates: [Protect yourself online](<https://www.microsoft.com/safety/pc-security/updates.aspx>) \n \nHelp for protecting your Windows-based computer from viruses and malware: [Microsoft Security](<http://support.microsoft.com/contactus/cu_sc_virsec_master>) \n \nLocal support according to your country: [International Support](<https://www.microsoft.com/en-us/locale.aspx>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-07-09T07:00:00", "type": "mskb", "title": "Description of the security update for SharePoint Foundation 2013: July 9, 2019", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1006"], "modified": "2019-07-09T07:00:00", "id": "KB4475527", "href": "https://support.microsoft.com/en-us/help/4475527", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-23T19:13:41", "description": "None\n## Summary\n\nThis security update resolves an Authentication Bypass vulnerability that allows SAML tokens to be signed by using arbitrary symmetric keys in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF). To learn more about the vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2019-1006](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1006>) and [Microsoft Common Vulnerabilities and Exposures CVE-2019-1134](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1134>). \n \n**Note** To apply this security update, you must have the release version of Microsoft SharePoint Server 2019 installed on the computer.\n\n## Improvements and fixes\n\nThis security update contains improvements and fixes for the following nonsecurity issues:\n\n * Adds support for the new Japanese era name to the Chinese word breaker to make sure that the name will be broken correctly.\n * Adds the **ProjectIdMinDigit**, **ProjectIdSeed**, **ProjectIdPostfix** and **ProjectIdPrefix** properties in the [EnterpriseProjectTypeCreationInformation class](<https://docs.microsoft.com/en-us/previous-versions/office/dn569727\\(v%3Doffice.15\\)>). You can now use these properties to update the Project Identifier information of an enterprise project type (EPT) through the client-side object model (CSOM).\n * Adds the **ProjectQueue****PublishSummary** method for the **[ProjectCollection](<https://docs.microsoft.com/en-us/previous-versions/office/project-class/jj234309\\(v=office.15\\)>)** class in the client-side object model (CSOM) so that project-level fields on a project can be published independently from the entire project. For example, if you use a workflow in your project creation process, you can use this new method to publish the stage summaries.\n * Reduces the severity of certain upgrade sequence messages from WARNING to INFO. These messages indicate that the upgrade action doesn't have to make any changes because its database extension is not currently enabled in the database. For example, upgrade messages such as the following will no longer be labeled as warnings:\"Ignoring upgrade sequence: Microsoft.SharePoint.BusinessData.Upgrade.BdcDatabaseExtensionUpgradeSequence because related content database extension Microsoft.SharePoint.BusinessData.SharedService.BdcDatabaseExtension is not enabled.\"\n * Updating a fixed duration task assignment from a timesheet may unexpectedly change the assignment\u2019s finish date to an earlier date.\n * Fixes an issue in which resetting the role inheritance by using the **SPWeb.ResetRoleInheritance** method does not work on copied sites that are created by using the Copy-SPSite cmdlet. \n * In some cases, existing files are overwritten even if users don't explicitly overwrite the files.\n * Fixes an issue in which an Office file that contains the number sign (#) in the file name is downloaded by a user who doesn\u2019t have sufficient permissions on the file.\n * Fixes an issue that prevents the BLOB cache feature from working unless the SharePoint application pool account is a member of the local Administrators group. If you add your SharePoint application pool account to the local Administrators group to work around this issue, we recommend that you remove that account from the local Administrators group after this update is installed. Removing the application pool account from the local Administrators group reduces potential security risks in your SharePoint farm.\n * Fixes an issue that causes an incorrect MIME type to be used for certain types of files that are stored in SharePoint, such as Cascading Style Sheet (.css) files. This may cause web browsers to incorrectly render webpages that depend on those files. To work around this issue, install the following Web Server Role (IIS) feature:**IIS 6 Metabase Compatibility (Web-Metabase)**This workaround is no longer necessary after this update is installed. Therefore, you can safely remove the IIS 6 Metabase Compatibility feature from SharePoint servers.\n\n## How to get and install the update\n\n### Method 1: Microsoft Update\n\nThis update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>).\n\n### Method 2: Microsoft Update Catalog\n\nTo get the standalone package for this update, go to the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/Search.aspx?q=KB4475529>) website.\n\n### Method 3: Microsoft Download Center\n\nYou can get the standalone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.\n\n * [Download security update 4475529 for the 64-bit version of SharePoint Server 2019](<http://www.microsoft.com/download/details.aspx?familyid=8a2923d5-6963-41d3-94dd-24a987ae5df7>)\n\n## More information\n\n### Security update deployment information\n\nFor deployment information about this update, see [security update deployment information: July 9, 2019](<https://support.microsoft.com/help/20190709>).\n\n### Security update replacement information\n\nThis security update replaces previously released security update [4475512](<http://support.microsoft.com/kb/4475512>).\n\n### File hash information\n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nsts2019-kb4475529-fullfile-x64-glb.exe| 54F04BF1D41766BE0BC97143FD629FBE0687D898| C6C9C7EDE398C428D6C6B0CA5A976788F94D2DC2F6489F395B302CD9C6CD9017 \n \nFile informationThe English (United States) version of this software update installs files that have the attributes that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.\n\n## \n\n__\n\nFor all supported x64-based versions of SharePoint Server 2019\n\nFile identifier| File name| File version| File size| Date| Time \n---|---|---|---|---|--- \nmicrosoft.office.access.services.moss.dll| microsoft.office.access.services.moss.dll| 16.0.10348.12104| 776328| 21-Jun-19| 05:38 \nascalc.dll| ascalc.dll| 16.0.10348.12104| 1001112| 21-Jun-19| 05:23 \nmicrosoft.office.access.server.application.dll| microsoft.office.access.server.application.dll| 16.0.10348.12104| 616608| 21-Jun-19| 05:05 \nmicrosoft.office.access.server.dll| microsoft.office.access.server.dll| 16.0.10348.12104| 1419120| 21-Jun-19| 05:32 \naccsrv.layouts.root.accsrvscripts.js| accessserverscripts.js| | 575536| 21-Jun-19| 06:16 \nconversion.chartserver.dll| chartserver.dll| 16.0.10348.12104| 16094352| 21-Jun-19| 05:36 \nppt.conversion.chartserver.dll| chartserver.dll| 16.0.10348.12104| 16094352| | \nppt.edit.chartserver.dll| chartserver.dll| 16.0.10348.12104| 16094352| | \nwac.office.chartserver.dll| chartserver.dll| 16.0.10348.12104| 16094352| | \nprodfeat.xml| feature.xml| | 616| 20-Jun-19| 04:01 \nastcmmn_js| assetcommon.js| | 18255| 21-Jun-19| 06:01 \nastpkrs_js| assetpickers.js| | 68294| 21-Jun-19| 06:07 \nsm.js| cmssitemanager.js| | 29281| 21-Jun-19| 06:01 \ncmssummarylinks_js| cmssummarylinks.js| | 6017| 21-Jun-19| 06:01 \neditmenu_js| editingmenu.js| | 11361| 21-Jun-19| 06:01 \nhierlist_js| hierarchicallistbox.js| | 30329| 21-Jun-19| 06:01 \nmediaplayer.js| mediaplayer.js| | 47727| 21-Jun-19| 06:01 \nptdlg.js| pickertreedialog.js| | 2952| 21-Jun-19| 06:01 \nselect_js| select.js| | 2389| 21-Jun-19| 06:01 \nslctctls_js| selectorcontrols.js| | 13290| 21-Jun-19| 06:01 \nserializ_js| serialize.js| | 3221| 21-Jun-19| 06:09 \nsp.ui.assetlibrary.ribbon.debug.js| sp.ui.assetlibrary.debug.js| | 13367| 21-Jun-19| 06:06 \nsp.ui.assetlibrary.js| sp.ui.assetlibrary.js| | 5457| 21-Jun-19| 06:16 \nsp.ui.pub.htmldesign.debug.js| sp.ui.pub.htmldesign.debug.js| | 38342| 21-Jun-19| 06:05 \nsp.ui.pub.htmldesign.js| sp.ui.pub.htmldesign.js| | 19409| 21-Jun-19| 06:13 \nsp.ui.pub.ribbon.debug.js| sp.ui.pub.ribbon.debug.js| | 146313| 21-Jun-19| 06:02 \nsp.ui.pub.ribbon.js| sp.ui.pub.ribbon.js| | 84981| 21-Jun-19| 06:16 \nsp.ui.rte.publishing.debug.js| sp.ui.rte.publishing.debug.js| | 98216| 21-Jun-19| 06:03 \nsp.ui.rte.publishing.js| sp.ui.rte.publishing.js| | 49718| 21-Jun-19| 06:16 \nsp.ui.spellcheck.debug.js| sp.ui.spellcheck.debug.js| | 68393| 21-Jun-19| 06:08 \nsp.ui.spellcheck.js| sp.ui.spellcheck.js| | 36524| 21-Jun-19| 06:16 \nsplchkpg_js| spellcheckentirepage.js| | 6655| 21-Jun-19| 06:01 \nspelchek_js| spellchecker.js| | 34659| 21-Jun-19| 06:07 \nvideoportal.js| videoportal.js| | 14744| 21-Jun-19| 06:01 \nmicrosoft.sharepoint.publishing.dll_isapi| microsoft.sharepoint.publishing.dll| 16.0.10348.12104| 5525160| 21-Jun-19| 05:22 \nsharepointpub.dll| microsoft.sharepoint.publishing.dll| 16.0.10348.12104| 5525160| 21-Jun-19| 05:22 \nsharepointpub_gac.dll| microsoft.sharepoint.publishing.dll| 16.0.10348.12104| 5525160| 21-Jun-19| 05:22 \nsppubint.dll| microsoft.sharepoint.publishing.intl.dll| 16.0.10348.12104| 359080| 21-Jun-19| 05:42 \nsppubint_gac.dll| microsoft.sharepoint.publishing.intl.dll| 16.0.10348.12104| 359080| 21-Jun-19| 05:42 \nschema.xml_pubresfeap| schema.xml| | 44173| 20-Jun-19| 08:41 \nasctyps.xml| assetcontenttypes.xml| | 2846| 20-Jun-19| 08:42 \nasctyps2.xml| assetcontenttypes2.xml| | 2460| 20-Jun-19| 08:41 \nasflds.xml| assetfields.xml| | 1366| 20-Jun-19| 08:42 \nasflds2.xml| assetfields2.xml| | 1045| 20-Jun-19| 08:41 \naslibalt.xml| assetlibrarytemplate.xml| | 555| 20-Jun-19| 04:03 \naslibft.xml| feature.xml| | 2763| 20-Jun-19| 08:40 \naslibui.xml| provisionedui.xml| | 5075| 20-Jun-19| 08:45 \naslibui2.xml| provisionedui2.xml| | 1708| 20-Jun-19| 08:42 \ncdsele.xml| contentdeploymentsource.xml| | 637| 20-Jun-19| 08:41 \ncdsfeatu.xml| feature.xml| | 604| 20-Jun-19| 08:42 \ndocmpgcv.xml| docmpageconverter.xml| | 496| 20-Jun-19| 08:42 \ndocxpgcv.xml| docxpageconverter.xml| | 496| 20-Jun-19| 08:43 \nconvfeat.xml| feature.xml| | 766| 20-Jun-19| 08:39 \nippagecv.xml| infopathpageconverter.xml| | 577| 20-Jun-19| 04:03 \nxslappcv.xml| xslapplicatorconverter.xml| | 575| 20-Jun-19| 08:42 \nanalyticsreports.xml| analyticsreports.xml| | 2850| 20-Jun-19| 08:41 \nxspsset.xml| catalogsitesettings.xml| | 556| 20-Jun-19| 08:39 \nxspfeat.xml| feature.xml| | 1514| 20-Jun-19| 08:31 \ndepoper.xml| deploymentoperations.xml| | 2415| 20-Jun-19| 08:43 \ndepfeat.xml| feature.xml| | 788| 20-Jun-19| 08:42 \npestset.xml| enhancedhtmlediting.xml| | 157| 20-Jun-19| 08:41 \npefeat.xml| feature.xml| | 793| 20-Jun-19| 04:04 \nenthmft.xml| feature.xml| | 564| 20-Jun-19| 08:42 \nenthmset.xml| themingsitesettings.xml| | 1005| 20-Jun-19| 08:44 \nenctb.xml| enterprisewikicontenttypebinding.xml| | 559| 20-Jun-19| 04:01 \nenctb2.xml| enterprisewikicontenttypebinding2.xml| | 390| 20-Jun-19| 08:41 \nenfet.xml| feature.xml| | 1168| 20-Jun-19| 08:42 \nenct.xml| enterprisewikicontenttypes.xml| | 1456| 20-Jun-19| 08:44 \nenct2.xml| enterprisewikicontenttypes2.xml| | 1211| 20-Jun-19| 08:41 \nenlayfet.xml| feature.xml| | 1618| 20-Jun-19| 08:40 \nprov.xml| provisionedfiles.xml| | 1181| 20-Jun-19| 08:41 \nprov2.xml| provisionedfiles2.xml| | 1197| 20-Jun-19| 04:03 \newiki2.xml| feature.xml| | 766| 20-Jun-19| 04:02 \nhtmlfeat.xml| feature.xml| | 11263| 20-Jun-19| 08:41 \nhtmlcolm.xml| htmldesigncolumns.xml| | 909| 20-Jun-19| 08:41 \nhtmlcol2.xml| htmldesigncolumns2.xml| | 543| 20-Jun-19| 08:41 \nhtmlcol3.xml| htmldesigncolumns3.xml| | 597| 20-Jun-19| 08:41 \nhtmlcont.xml| htmldesigncontenttypes.xml| | 2330| 20-Jun-19| 08:45 \nhtmlfile.xml| htmldesignfiles.xml| | 657| 20-Jun-19| 08:42 \nhtmlfil2.xml| htmldesignfiles2.xml| | 771| 20-Jun-19| 08:48 \nhtmlfil3.xml| htmldesignfiles3.xml| | 895| 20-Jun-19| 08:43 \nhtmldpui.xml| htmldesignprovisionedui.xml| | 669| 20-Jun-19| 04:00 \nhtmldrib.xml| htmldesignribbon.xml| | 29320| 20-Jun-19| 08:44 \nhtmldpct.xml| htmldisplaytemplatecontenttypes.xml| | 11361| 20-Jun-19| 08:43 \nhtmldpwp.xml| htmldisplaytemplatefiles.xml| | 9302| 20-Jun-19| 08:40 \nhtmldpwp10.xml| htmldisplaytemplatefiles10.xml| | 575| 20-Jun-19| 08:42 \nhtmldpwp11.xml| htmldisplaytemplatefiles11.xml| | 1091| 20-Jun-19| 08:41 \nhtmldpwp12.xml| htmldisplaytemplatefiles12.xml| | 401| 20-Jun-19| 08:42 \nhtmldpwp13.xml| htmldisplaytemplatefiles13.xml| | 396| 20-Jun-19| 08:41 \nhtmldpwp14.xml| htmldisplaytemplatefiles14.xml| | 856| 20-Jun-19| 08:42 \nhtmldpwp15.xml| htmldisplaytemplatefiles15.xml| | 492| 20-Jun-19| 08:41 \nhtmldpwp2.xml| htmldisplaytemplatefiles2.xml| | 830| 20-Jun-19| 04:01 \nhtmldpwp3.xml| htmldisplaytemplatefiles3.xml| | 497| 20-Jun-19| 08:41 \nhtmldpwp4.xml| htmldisplaytemplatefiles4.xml| | 496| 20-Jun-19| 08:42 \nhtmldpwp5.xml| htmldisplaytemplatefiles5.xml| | 506| 20-Jun-19| 08:43 \nhtmldpwp6.xml| htmldisplaytemplatefiles6.xml| | 412| 20-Jun-19| 08:41 \nhtmldpwp7.xml| htmldisplaytemplatefiles7.xml| | 4003| 20-Jun-19| 08:39 \nhtmldpwp8.xml| htmldisplaytemplatefiles8.xml| | 399| 20-Jun-19| 08:42 \nhtmldpwp9.xml| htmldisplaytemplatefiles9.xml| | 401| 20-Jun-19| 08:36 \nhtmldtcbs.xml| htmldisplaytemplatefilesoobcbs.xml| | 580| 20-Jun-19| 04:00 \nhtmldtqb.xml| htmldisplaytemplatefilesqb.xml| | 598| 20-Jun-19| 08:41 \nhtmldtqbref.xml| htmldisplaytemplatefilesqbref.xml| | 507| 20-Jun-19| 08:43 \nhtmldpwp_recs.xml| htmldisplaytemplatefilesrecs.xml| | 418| 20-Jun-19| 08:41 \nststngimplk.xml| sitesettingsimportlink.xml| | 667| 20-Jun-19| 08:40 \naltmp.xam| alternatemediaplayer.xaml| | 35634| 20-Jun-19| 08:46 \nmwpfeat.xml| feature.xml| | 940| 20-Jun-19| 08:39 \nmwpprovf.xml| provisionedfiles.xml| | 1457| 20-Jun-19| 08:05 \nmwpprovu.xml| provisionedui.xml| | 22914| 20-Jun-19| 08:41 \nmwpprovui2.xml| provisionedui2.xml| | 2690| 20-Jun-19| 08:46 \npnfeat.xml| feature.xml| | 782| 20-Jun-19| 08:42 \npnstset.xml| navigationsitesettings.xml| | 4721| 20-Jun-19| 08:40 \nplnfeat.xml| feature.xml| | 760| 20-Jun-19| 08:41 \nplnstset.xml| navigationsitesettings.xml| | 152| 20-Jun-19| 04:02 \ntpfeat.xml| feature.xml| | 2846| 20-Jun-19| 08:42 \ntpcls.xml| pointpublishingcolumns.xml| | 701| 20-Jun-19| 08:43 \ntpcts.xml| pointpublishingcontenttypes.xml| | 488| 20-Jun-19| 08:41 \ntptltsch.xml| schema.xml| | 4088| 20-Jun-19| 08:42 \npclts.xml| schema.xml| | 2354| 20-Jun-19| 04:01 \npcltf.xml| feature.xml| | 857| 20-Jun-19| 08:42 \npclt.xml| productcataloglisttemplate.xml| | 753| 20-Jun-19| 08:42 \npcfeat.xml| feature.xml| | 1699| 20-Jun-19| 08:40 \npccol.xml| productcatalogcolumns.xml| | 6259| 20-Jun-19| 08:42 \npcct.xml| productcatalogcontenttypes.xml| | 830| 20-Jun-19| 08:40 \npcct2.xml| productcatalogcontenttypes2.xml| | 643| 20-Jun-19| 08:42 \npcprov.xml| provisionedfiles.xml| | 926| 20-Jun-19| 08:43 \npubpubpf.xml| feature.xml| | 551| 20-Jun-19| 08:42 \npppptset.xml| portalsettings.xml| | 584| 20-Jun-19| 08:41 \nctconvst.xml| contenttypeconvertersettings.xml| | 511| 20-Jun-19| 08:32 \ndoclbset.xml| documentlibrarysettings.xml| | 524| 20-Jun-19| 04:00 \neditmenu.xml| editingmenu.xml| | 470| 20-Jun-19| 08:42 \npubfeat.xml| feature.xml| | 2696| 20-Jun-19| 08:46 \npaglttmp.xml| pageslisttemplate.xml| | 516| 20-Jun-19| 08:42 \nprovui.xml| provisionedui.xml| | 40574| 20-Jun-19| 08:40 \nprovui2.xml| provisionedui2.xml| | 1489| 20-Jun-19| 08:45 \nprovui3.xml| provisionedui3.xml| | 2135| 20-Jun-19| 08:40 \npubstset.xml| publishingsitesettings.xml| | 6235| 20-Jun-19| 08:41 \nregext.xml| regionalsettingsextensions.xml| | 328| 20-Jun-19| 08:42 \nsiteacmn.xml| siteactionmenucustomization.xml| | 646| 20-Jun-19| 08:46 \nvarflagc.xml| variationsflagcontrol.xml| | 473| 20-Jun-19| 08:41 \nvarnomin.xml| variationsnomination.xml| | 613| 20-Jun-19| 08:41 \npblyfeat.xml| feature.xml| | 6194| 20-Jun-19| 08:42 \npblyprovfile.xml| provisionedfiles.xml| | 7964| 20-Jun-19| 04:00 \npblyprovfile2.xml| provisionedfiles2.xml| | 610| 20-Jun-19| 08:42 \npblyprovfile4.xml| provisionedfiles4.xml| | 308| 20-Jun-19| 08:42 \npblyprovfile5.xml| provisionedfiles5.xml| | 414| 20-Jun-19| 08:42 \npblyprovfile6.xml| provisionedfiles6.xml| | 385| 20-Jun-19| 08:46 \npblyprovfile7.xml| provisionedfiles7.xml| | 1170| 20-Jun-19| 08:41 \npblyprovfile8.xml| provisionedfiles8.xml| | 507| 20-Jun-19| 08:41 \npblyprovui.xml| provisionedui.xml| | 11330| 20-Jun-19| 04:01 \nxspfeatlayouts.xml| searchboundpagelayouts.xml| | 3671| 20-Jun-19| 08:40 \npubmelem.xml| elements.xml| | 4149| 20-Jun-19| 04:04 \npubmele2.xml| elements2.xml| | 592| 20-Jun-19| 04:01 \npubmfeat.xml| feature.xml| | 1697| 20-Jun-19| 08:41 \npubmprui.xml| provisionedui.xml| | 1548| 20-Jun-19| 08:42 \npubmstng.xml| sitesettings.xml| | 670| 20-Jun-19| 08:41 \npubprft.xml| feature.xml| | 758| 20-Jun-19| 08:41 \npubrfeat.xml| feature.xml| | 4927| 20-Jun-19| 08:38 \nprovfile.xml| provisionedfiles.xml| | 4739| 20-Jun-19| 08:41 \nprovfl4.xml| provisionedfiles4.xml| | 1394| 20-Jun-19| 04:01 \npubrcol.xml| publishingcolumns.xml| | 20566| 20-Jun-19| 08:45 \npubrctt.xml| publishingcontenttypes.xml| | 12093| 20-Jun-19| 08:42 \npubrctt2.xml| publishingcontenttypes2.xml| | 304| 20-Jun-19| 08:40 \npubrctt3.xml| publishingcontenttypes3.xml| | 500| 20-Jun-19| 08:39 \npubrcont.xml| publishingcontrols.xml| | 405| 20-Jun-19| 08:41 \nprsset.xml| publishingresourcessitesettings.xml| | 3506| 20-Jun-19| 08:45 \nupgd1.xml| upgrade1.xml| | 548| 20-Jun-19| 03:39 \nupgd2.xml| upgrade2.xml| | 486| 20-Jun-19| 04:00 \nupgd3.xml| upgrade3.xml| | 600| 20-Jun-19| 04:01 \npubtfeat.xml| feature.xml| | 1477| 20-Jun-19| 08:40 \nrollplf.xml| feature.xml| | 862| 20-Jun-19| 08:43 \nrollplpf.xml| provisionedfiles.xml| | 14529| 20-Jun-19| 08:44 \nrollplct.xml| rolluppagecontenttype.xml| | 742| 20-Jun-19| 08:42 \nrollpf.xml| feature.xml| | 816| 20-Jun-19| 04:03 \nrollps.xml| rolluppagesettings.xml| | 4091| 20-Jun-19| 04:00 \nseofeatu.xml| feature.xml| | 1253| 20-Jun-19| 04:01 \nseoopt.xml| searchengineoptimization.xml| | 3578| 20-Jun-19| 08:45 \nseoopt1.xml| searchengineoptimization1.xml| | 2904| 20-Jun-19| 04:07 \nsppelm.xml| elements.xml| | 1843| 20-Jun-19| 08:47 \nsppfea.xml| feature.xml| | 1015| 20-Jun-19| 08:41 \nsaicona.xml| consoleaction.xml| | 412| 20-Jun-19| 08:45 \nsaifeat.xml| feature.xml| | 1324| 20-Jun-19| 08:29 \nsairibn.xml| ribbon.xml| | 2895| 20-Jun-19| 08:44 \nsaisset.xml| sitesettings.xml| | 584| 20-Jun-19| 08:45 \naddtheme.xml| additionalthemes.xml| | 3819| 20-Jun-19| 08:41 \nsbwcopa.xml| colorpalette.xml| | 4813| 20-Jun-19| 08:43 \nsbwcona.xml| consoleaction.xml| | 692| 20-Jun-19| 04:00 \nsbwct.xml| contenttypes.xml| | 4261| 20-Jun-19| 08:40 \nsbwdesba.xml| designbuilderaction.xml| | 444| 20-Jun-19| 08:41 \nsbwdesea.xml| designeditoraction.xml| | 438| 20-Jun-19| 08:40 \nsbwdpa.xml| designpackageactions.xml| | 418| 20-Jun-19| 08:42 \nsbwdpr.xml| designpreviewaction.xml| | 447| 20-Jun-19| 08:39 \nsbwdmt.xml| disablesystemmasterpagetheming.xml| | 436| 20-Jun-19| 08:42 \nsbwfeat.xml| feature.xml| | 6499| 20-Jun-19| 08:45 \nsbwinsdes.xml| installeddesigns.xml| | 536| 20-Jun-19| 08:42 \nsbwmob.xml| mobilechannel.xml| | 1098| 20-Jun-19| 08:41 \nsbwpagela.xml| pagelayouts.xml| | 4119| 20-Jun-19| 08:40 \nsbwpages.xml| pages.xml| | 13120| 20-Jun-19| 04:03 \npubblogwp.xml| publishingblogwebparts.xml| | 949| 20-Jun-19| 08:41 \nsbwqd.xml| quicklaunchdatasource.xml| | 685| 20-Jun-19| 08:41 \nsbwrb.xml| ribbon.xml| | 44107| 20-Jun-19| 08:45 \nsbwsearch.xml| search.xml| | 2352| 20-Jun-19| 08:42 \nsbwsc.xml| sitecolumns.xml| | 3579| 20-Jun-19| 08:43 \nsbwsec.xml| siteelementcontrols.xml| | 952| 20-Jun-19| 08:41 \nsbwss.xml| sitesettings.xml| | 14657| 20-Jun-19| 04:00 \nsbwcss.xml| styles.xml| | 625| 20-Jun-19| 08:42 \nsbwwps.xml| webparts.xml| | 509| 20-Jun-19| 08:46 \nsbwfsf.xml| feature.xml| | 708| 20-Jun-19| 08:41 \nscfeatr.xml| feature.xml| | 856| 20-Jun-19| 08:41 \nspelchek.xml| spellchecking.xml| | 1033| 20-Jun-19| 08:41 \nspelchk2.xml| spellchecking2.xml| | 2641| 20-Jun-19| 08:42 \ncms_tenantadmindeploymentlinksfeature_feature_xml| feature.xml| | 826| 20-Jun-19| 08:41 \ncms_tenantadmindeploymentlinksfeature_links_xml| links.xml| | 542| 20-Jun-19| 08:41 \ntopicplf.xml| feature.xml| | 732| 20-Jun-19| 08:46 \ntopicpf.xml| feature.xml| | 713| 20-Jun-19| 08:45 \nplnkfeat.xml| feature.xml| | 621| 20-Jun-19| 04:08 \npublcol.xml| publishedlinkscolumns.xml| | 1206| 20-Jun-19| 04:02 \npublctt.xml| publishedlinkscontenttypes.xml| | 948| 20-Jun-19| 08:44 \nv2vpblyfeat.xml| feature.xml| | 540| 20-Jun-19| 08:41 \nv2vpblyprovfil.xml| provisionedfiles.xml| | 1934| 20-Jun-19| 08:41 \nvwfrmlk.xml| feature.xml| | 794| 20-Jun-19| 04:00 \nxmlsfeat.xml| feature.xml| | 818| 20-Jun-19| 04:02 \nxmlsitem.xml| xmlsitemap.xml| | 624| 20-Jun-19| 08:43 \nsystem.collections.immutable.dll| system.collections.immutable.dll| 4.6.23123.00| 200344| | \nupdate_system.collections.immutable.dll| system.collections.immutable.dll| 4.6.23123.00| 200344| 21-Jun-19| 06:02 \ncsisrv.dll| csisrv.dll| 16.0.10348.12104| 1298816| 21-Jun-19| 05:12 \ncsisrvexe.exe| csisrvexe.exe| 16.0.10348.12104| 355528| 21-Jun-19| 05:37 \nonfda.dll| onfda.dll| 16.0.10348.12104| 2130824| 21-Jun-19| 05:47 \ncolumnfiltering.ascx| columnfiltering.ascx| | 443| 21-Jun-19| 10:40 \ndocsettemplates.ascx| docsettemplates.ascx| | 1459| 21-Jun-19| 10:40 \nmetadatanavkeyfilters.ascx| metadatanavkeyfilters.ascx| | 4647| 21-Jun-19| 10:40 \nmetadatanavtree.ascx| metadatanavtree.ascx| | 2686| 21-Jun-19| 10:40 \nmultilangtemplates.ascx| transmgmtlibtemplates.ascx| | 3287| 21-Jun-19| 10:40 \nvideosettemplates.ascx| videosettemplates.ascx| | 1972| 21-Jun-19| 10:40 \neditdlg.htm_multilang| editdlg.htm| | 4796| 21-Jun-19| 10:40 \nfiledlg.htm_multilang| filedlg.htm| | 3344| 21-Jun-19| 10:40 \nediscoveryquerystatistics.ascx| ediscoveryquerystatistics.ascx| | 1357| 21-Jun-19| 10:40 \nediscoverytemplate.ascx| ediscoverytemplate.ascx| | 3267| 21-Jun-19| 10:40 \nfrmirmp.dll_0001| microsoft.office.irm.formprotector.dll| 16.0.10348.12104| 169272| 21-Jun-19| 10:40 \npdfirmp.dll_0001| microsoft.office.irm.pdfprotector.dll| 16.0.10348.12104| 37992| 21-Jun-19| 10:40 \npdfirml.dll_0002| microsoft.office.irm.pdfprotectorlib.dll| 16.0.10348.12104| 1315640| 21-Jun-19| 10:40 \nbarcodeglobalsettings.ascx| barcodeglobalsettings.ascx| | 1473| 21-Jun-19| 10:40 \nbargensettings.ascx| bargensettings.ascx| | 1523| 21-Jun-19| 10:40 \ndropoffzoneroutingform.ascx| dropoffzoneroutingform.ascx| | 3528| 21-Jun-19| 10:40 \nrecordsribbon.ascx| recordsribbon.ascx| | 367| 21-Jun-19| 10:40 \nauditcustquery.ascx| auditcustomquery.ascx| | 11154| 21-Jun-19| 10:40 \nauditsettings.ascx| auditsettings.ascx| | 3594| 21-Jun-19| 10:40 \nbarcodesettings.ascx| barcodesettings.ascx| | 1399| 21-Jun-19| 10:40 \ndiscoveryglobalcontrol.ascx| discoveryglobalcontrol.ascx| | 5175| 21-Jun-19| 10:40 \ndiscoveryproperties.ascx| discoveryproperties.ascx| | 7132| 21-Jun-19| 10:40 \ndiscoveryquerystatistics.ascx| discoveryquerystatistics.ascx| | 3788| 21-Jun-19| 10:40 \ndlptemplatepicker.ascx| dlptemplatepicker.ascx| | 3594| 21-Jun-19| 10:40 \nlabelsettings.ascx| labelsettings.ascx| | 9510| 21-Jun-19| 10:40 \nretentionsettings.ascx| retentionsettings.ascx| | 11060| 21-Jun-19| 10:40 \ndw20.exe_0001| dw20.exe| 16.0.10348.12104| 2249104| 21-Jun-19| 05:32 \ndwtrig20.exe| dwtrig20.exe| 16.0.10348.12104| 327920| 21-Jun-19| 05:55 \nconversion.office.gfxserver.dll| gfxserver.dll| 16.0.10348.12104| 5275784| 21-Jun-19| 05:38 \nppt.conversion.gfxserver.dll| gfxserver.dll| 16.0.10348.12104| 5275784| | \nppt.edit.gfxserver.dll| gfxserver.dll| 16.0.10348.12104| 5275784| | \nwac.office.gfxserver.dll| gfxserver.dll| 16.0.10348.12104| 5275784| | \nconversion.igxserver.dll| igxserver.dll| 16.0.10348.12104| 12079200| 21-Jun-19| 05:33 \nppt.conversion.igxserver.dll| igxserver.dll| 16.0.10348.12104| 12079200| | \nppt.edit.igxserver.dll| igxserver.dll| 16.0.10348.12104| 12079200| | \nwac.office.igxserver.dll| igxserver.dll| 16.0.10348.12104| 12079200| | \nsltemp.asc| sldlibtemplates.ascx| | 12554| 20-Jun-19| 08:46 \nsldlib.js| sldlib.js| | 29295| 20-Jun-19| 08:40 \neditdlg.htm_slfeat| editdlg.htm| | 4796| 20-Jun-19| 08:42 \nfiledlg.htm_slfeat| filedlg.htm| | 3344| 20-Jun-19| 08:42 \nas_adal_dll_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| adal.dll| | 1356400| 20-Jun-19| 08:06 \nas_adal_dll_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| adal.dll| | 1811056| 20-Jun-19| 08:06 \nas_azureclient_dll_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| microsoft.analysisservices.azureclient.dll| | 310032| 20-Jun-19| 08:06 \nas_azureclient_dll_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| microsoft.analysisservices.azureclient.dll| | 309840| 20-Jun-19| 08:06 \nas_client_orcl7_xsl_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| orcl7.xsl| | 95724| 20-Jun-19| 08:06 \nas_client_orcl7_xsl_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| orcl7.xsl| | 95724| 20-Jun-19| 08:06 \nas_client_xmsrv_dll_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| xmsrv.dll| | 35083552| 19-Jun-19| 06:41 \nas_client_xmsrv_dll_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| xmsrv.dll| | 25541712| 20-Jun-19| 08:06 \nas_clientmsmgdsrv_dll_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| msmgdsrv.dll| | 7467088| 20-Jun-19| 08:06 \nas_clientmsmgdsrv_dll_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| msmgdsrv.dll| | 9102416| 20-Jun-19| 08:06 \nas_clientsql120_xsl_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| sql120.xsl| | 135232| 20-Jun-19| 08:06 \nas_clientsql120_xsl_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| sql120.xsl| | 135232| 20-Jun-19| 08:06 \nas_msmdlocal_dll_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| msmdlocal.dll| | 45697104| 20-Jun-19| 08:06 \nas_msmdlocal_dll_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| msmdlocal.dll| | 62970448| 20-Jun-19| 08:06 \nas_msolap_dll_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| msolap.dll| | 8025168| 20-Jun-19| 08:06 \nas_msolap_dll_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| msolap.dll| | 10346576| 19-Jun-19| 06:41 \nas_msolui_dll_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| msolui.dll| | 292112| 20-Jun-19| 08:07 \nas_msolui_dll_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| msolui.dll| | 312400| 19-Jun-19| 06:41 \nas_sqldumper_exe_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| sqldumper.exe| | 124000| 20-Jun-19| 08:06 \nas_sqldumper_exe_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| sqldumper.exe| | 147552| 20-Jun-19| 08:06 \nas_xmlrw_dll_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| xmlrw.dll| | 273720| 20-Jun-19| 08:06 \nas_xmlrw_dll_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| xmlrw.dll| | 323680| 20-Jun-19| 08:06 \nas_xmlrwbin_dll_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| xmlrwbin.dll| | 188520| 20-Jun-19| 08:06 \nas_xmlrwbin_dll_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| xmlrwbin.dll| | 221792| 20-Jun-19| 08:06 \nconversion.office.mso99lres.dll| mso99lres.dll| 16.0.10348.12104| 14544016| 21-Jun-19| 05:30 \nppt.conversion.mso99lres.dll| mso99lres.dll| 16.0.10348.12104| 14544016| | \nppt.edit.mso99lres.dll| mso99lres.dll| 16.0.10348.12104| 14544016| | \nwac.office.mso99lres.dll| mso99lres.dll| 16.0.10348.12104| 14544016| | \nconversion.office.mso20win32server.dll| mso20win32server.dll| 16.0.10348.12104| 4581688| 21-Jun-19| 10:16 \nmso.mso20win32server.dll| mso20win32server.dll| 16.0.10348.12104| 4581688| | \nppt.conversion.mso20win32server.dll| mso20win32server.dll| 16.0.10348.12104| 4581688| | \nppt.edit.mso20win32server.dll| mso20win32server.dll| 16.0.10348.12104| 4581688| | \nwac.office.mso20win32server.dll| mso20win32server.dll| 16.0.10348.12104| 4581688| | \nconversion.office.mso30win32server.dll| mso30win32server.dll| 16.0.10348.12104| 5636408| 21-Jun-19| 10:16 \nmso.mso30win32server.dll| mso30win32server.dll| 16.0.10348.12104| 5636408| | \nppt.conversion.mso30win32server.dll| mso30win32server.dll| 16.0.10348.12104| 5636408| | \nppt.edit.mso30win32server.dll| mso30win32server.dll| 16.0.10348.12104| 5636408| | \nwac.office.mso30win32server.dll| mso30win32server.dll| 16.0.10348.12104| 5636408| | \nconversion.office.mso40uiwin32server.dll| mso40uiwin32server.dll| 16.0.10348.12104| 12567864| 21-Jun-19| 10:16 \nppt.conversion.mso40uiwin32server.dll| mso40uiwin32server.dll| 16.0.10348.12104| 12567864| | \nppt.edit.mso40uiwin32server.dll| mso40uiwin32server.dll| 16.0.10348.12104| 12567864| | \nwac.office.mso40uiwin32server.dll| mso40uiwin32server.dll| 16.0.10348.12104| 12567864| | \nconversion.office.mso98win32server.dll| mso98win32server.dll| 16.0.10348.12104| 3979920| 21-Jun-19| 05:23 \nppt.conversion.mso98win32server.dll| mso98win32server.dll| 16.0.10348.12104| 3979920| | \nppt.edit.mso98win32server.dll| mso98win32server.dll| 16.0.10348.12104| 3979920| | \nwac.office.mso98win32server.dll| mso98win32server.dll| 16.0.10348.12104| 3979920| | \nconversion.office.msoserver.dll| msoserver.dll| 16.0.10348.12104| 14535480| 21-Jun-19| 10:16 \nppt.conversion.msoserver.dll| msoserver.dll| 16.0.10348.12104| 14535480| | \nppt.edit.msoserver.dll| msoserver.dll| 16.0.10348.12104| 14535480| | \nwac.office.msoserver.dll| msoserver.dll| 16.0.10348.12104| 14535480| | \nmicrosoft.office.web.common.dll| microsoft.office.web.common.dll| 16.0.10348.12104| 1980264| 21-Jun-19| 05:49 \nnl7data0011.dll_osssearch| nl7data0011.dll| 16.0.10348.12104| 7789840| 21-Jun-19| 05:40 \nnl7data0404.dll_osssearch| nl7data0404.dll| 16.0.10348.12104| 2708288| 21-Jun-19| 05:19 \nnl7data0804.dll_osssearch| nl7data0804.dll| 16.0.10348.12104| 3599168| 21-Jun-19| 05:33 \nconversion.oartodfserver.dll| oartodfserver.dll| 16.0.10348.12104| 3494016| 21-Jun-19| 05:59 \nppt.conversion.oartodfserver.dll| oartodfserver.dll| 16.0.10348.12104| 3494016| | \nppt.edit.oartodfserver.dll| oartodfserver.dll| 16.0.10348.12104| 3494016| | \nwac.office.oartodfserver.dll| oartodfserver.dll| 16.0.10348.12104| 3494016| | \nconversion.office.oartserver.dll| oartserver.dll| 16.0.10348.12104| 18189456| 21-Jun-19| 05:38 \nppt.conversion.oartserver.dll| oartserver.dll| 16.0.10348.12104| 18189456| | \nppt.edit.oartserver.dll| oartserver.dll| 16.0.10348.12104| 18189456| | \nwac.office.oartserver.dll| oartserver.dll| 16.0.10348.12104| 18189456| | \nconversion.cultures.office.odf| office.odf| | 2229424| 21-Jun-19| 05:12 \noffice.odf| office.odf| | 2229424| 21-Jun-19| 05:12 \nppt.conversion.cultures.office.odf| office.odf| | 2229424| | \nvisioserver.cultures.office.odf| office.odf| | 2229424| 21-Jun-19| 05:12 \nwac.conversion.cultures.office.odf| office.odf| | 2229424| | \nwac.powerpoint.edit.bin.cultures.office.odf| office.odf| | 2229424| | \nxlsrv.ecs.culture.office.odf| office.odf| | 2229424| | \nxlsrv.ecs.office.odf| office.odf| | 2229424| | \nconversionhtmlutil.dll| htmlutil.dll| 16.0.10348.12104| 2884448| 21-Jun-19| 05:53 \nonetutil.dll| onetutil.dll| 16.0.10348.12104| 2893472| 21-Jun-19| 05:56 \nconversion.office.osfserver.dll| osfserver.dll| 16.0.10348.12104| 175968| 21-Jun-19| 05:34 \nwac.office.osfserver.dll| osfserver.dll| 16.0.10348.12104| 175968| | \nconversion.office.osfsharedserver.dll| osfsharedserver.dll| 16.0.10348.12104| 748688| 21-Jun-19| 05:56 \nwac.office.osfsharedserver.dll| osfsharedserver.dll| 16.0.10348.12104| 748688| | \nconversion.office.osfuiserver.dll| osfuiserver.dll| 16.0.10348.12104| 426360| 21-Jun-19| 05:52 \nwac.office.osfuiserver.dll| osfuiserver.dll| 16.0.10348.12104| 426360| | \nosfserver_activities_dll.x64| microsoft.sharepoint.workflowservices.activities.dll| 16.0.10348.12104| 294600| 21-Jun-19| 05:48 \noffice_extension_manager_js| sp.officeextensionmanager.js| | 50904| 21-Jun-19| 04:42 \nmicrosoft.office.serviceinfrastructure.runtime.dll| microsoft.office.serviceinfrastructure.runtime.dll| 16.0.10348.12104| 1060072| 21-Jun-19| 06:00 \nugcdot.xml| feature.xml| | 629| 20-Jun-19| 08:46 \nmicrosoft.office.server.dll| microsoft.office.server.dll| 16.0.10348.12104| 3050632| 21-Jun-19| 05:22 \nmicrosoft.office.server.dll_isapi| microsoft.office.server.dll| 16.0.10348.12104| 3050632| 21-Jun-19| 05:22 \nmicrosoft.office.server.openxml.dll| microsoft.office.server.openxml.dll| 16.0.10348.12104| 1666208| 21-Jun-19| 05:53 \nmicrosoft.sharepoint.taxonomy.dll| microsoft.sharepoint.taxonomy.dll| 16.0.10348.12104| 1752736| 21-Jun-19| 05:32 \nmicrosoft.sharepoint.taxonomy.dll_gac| microsoft.sharepoint.taxonomy.dll| 16.0.10348.12104| 1752736| 21-Jun-19| 05:32 \nmicrosoft.sharepoint.taxonomy.dll_gac1| microsoft.sharepoint.taxonomy.dll| 16.0.10348.12104| 1752736| 21-Jun-19| 05:32 \nmediaplayer.xap| mediaplayer.xap| | 51601| 21-Jun-19| 10:21 \ndecompositiontree.xap| decompositiontree.xap| | 129641| 21-Jun-19| 10:21 \naddgal.xap| addgallery.xap| | 437707| 21-Jun-19| 10:21 \nwpgalim.xap| webpartgalleryimages.xap| | 109743| 21-Jun-19| 10:21 \naddgallery.xap_silverlight| addgallery.xap| | 403773| 21-Jun-19| 10:21 \nmicrosoft.sharepoint.client.xap| microsoft.sharepoint.client.xap| | 330203| 21-Jun-19| 10:21 \ndsigres.cab.x64| dsigres.cab| | 241967| 21-Jun-19| 10:21 \ndsigres.cab.x64_10266| dsigres.cab| | 241967| 21-Jun-19| 10:21 \ndsigres.cab.x64_1033| dsigres.cab| | 241967| 21-Jun-19| 10:21 \ndsigres.cab.x64_1087| dsigres.cab| | 241967| 21-Jun-19| 10:21 \ndsigctrl.cab.x64| dsigctrl.cab| | 491051| 21-Jun-19| 10:21 \ndsigres.cab.x86| dsigres.cab| | 194759| 21-Jun-19| 10:22 \ndsigres.cab.x86_10266| dsigres.cab| | 194759| 21-Jun-19| 10:22 \ndsigres.cab.x86_1033| dsigres.cab| | 194759| 21-Jun-19| 10:22 \ndsigres.cab.x86_1087| dsigres.cab| | 194759| 21-Jun-19| 10:22 \ndsigctrl.cab.x86| dsigctrl.cab| | 530557| 21-Jun-19| 10:22 \nppt.conversion.ppserver.dll| ppserver.dll| 16.0.10348.12104| 12236168| 21-Jun-19| 05:36 \nppt.edit.ppserver.dll| ppserver.dll| 16.0.10348.12104| 12236168| | \npowerpointpowershell.format.ps1xml| powerpointpowershell.format.ps1xml| | 14355| 21-Jun-19| 06:02 \npjintl_1_new.dll| pjintl.dll| 16.0.10348.12104| 4899000| 21-Jun-19| 05:00 \nschedengine_new.exe| schedengine.exe| 16.0.10348.12104| 16896216| 21-Jun-19| 05:31 \nmicrosoft.projectserver.client.silverlight.dll| microsoft.projectserver.client.silverlight.dll| 16.0.10348.12104| 403592| 21-Jun-19| 05:20 \nmicrosoft.projectserver.client.phone.dll| microsoft.projectserver.client.phone.dll| 16.0.10348.12104| 403080| 21-Jun-19| 05:27 \ncontentdatabasecreate.sql| contentdatabasecreate.sql| | 8403598| 21-Jun-19| 06:16 \nmicrosoft.office.project.server.database.dll| microsoft.office.project.server.database.dll| 16.0.10348.12104| 10370184| 21-Jun-19| 05:21 \nmicrosoft.office.project.server.database.extension.dll| microsoft.office.project.server.database.extension.dll| 16.0.10348.12104| 4383584| 21-Jun-19| 05:35 \nmicrosoft.office.project.server.dll| microsoft.office.project.server.dll| 16.0.10348.12104| 9611400| 21-Jun-19| 05:31 \nmicrosoft.projectserver.client.dll| microsoft.projectserver.client.dll| 16.0.10348.12104| 402680| 21-Jun-19| 05:48 \nmicrosoft.projectserver.client.dll_001| microsoft.projectserver.client.dll| 16.0.10348.12104| 402680| 21-Jun-19| 05:48 \nmicrosoft.projectserver.dll| microsoft.projectserver.dll| 16.0.10348.12104| 894400| 21-Jun-19| 05:44 \nmicrosoft.projectserver.dll_001| microsoft.projectserver.dll| 16.0.10348.12104| 894400| 21-Jun-19| 05:44 \nmicrosoft.projectserver.serverproxy.dll| microsoft.projectserver.serverproxy.dll| 16.0.10348.12104| 1308920| 21-Jun-19| 05:39 \nps.csom.scriptclient.debug.js| ps.debug.js| | 1026938| 20-Jun-19| 08:31 \nps.csom.scriptclient.js| ps.js| | 621285| 20-Jun-19| 08:44 \nmicrosoft.office.project.server.pwa.dll| microsoft.office.project.server.pwa.dll| 16.0.10348.12104| 2766576| 21-Jun-19| 05:28 \nmicrosoft.office.project.server.administration.dll| microsoft.office.project.server.administration.dll| 16.0.10348.12104| 1009288| 21-Jun-19| 05:19 \npwa.resx| pwa.resx| | 824177| 21-Jun-19| 05:58 \nmicrosoft.eedict_companies.de.dll| microsoft.eedict_companies.de| 16.0.10348.12104| 27496| 21-Jun-19| 05:14 \nmicrosoft.eedict_companies.dll| microsoft.eedict_companies| 16.0.10348.12104| 109872272| 21-Jun-19| 05:31 \nmicrosoft.eedict_companies.en.dll| microsoft.eedict_companies.en| 16.0.10348.12104| 25232| 21-Jun-19| 05:38 \nmicrosoft.eedict_companies.es.dll| microsoft.eedict_companies.es| 16.0.10348.12104| 25232| 21-Jun-19| 05:27 \nmicrosoft.eedict_companies.fr.dll| microsoft.eedict_companies.fr| 16.0.10348.12104| 33432| 21-Jun-19| 05:56 \nmicrosoft.eedict_companies.it.dll| microsoft.eedict_companies.it| 16.0.10348.12104| 54928| 21-Jun-19| 05:54 \nmicrosoft.eedict_companies.ja.dll| microsoft.eedict_companies.ja| 16.0.10348.12104| 1542296| 21-Jun-19| 05:18 \nmicrosoft.eedict_companies.nl.dll| microsoft.eedict_companies.nl| 16.0.10348.12104| 26768| 21-Jun-19| 05:45 \nmicrosoft.eedict_companies.no.dll| microsoft.eedict_companies.no| 16.0.10348.12104| 2106520| 21-Jun-19| 05:19 \nmicrosoft.eedict_companies.pt.dll| microsoft.eedict_companies.pt| 16.0.10348.12104| 26464| 21-Jun-19| 05:49 \nmicrosoft.eedict_companies.ru.dll| microsoft.eedict_companies.ru| 16.0.10348.12104| 33223312| 21-Jun-19| 05:32 \nmicrosoft.eedict_companies_acceptor.ar.dll| microsoft.eedict_companies_acceptor.ar| 16.0.10348.12104| 9896592| 21-Jun-19| 05:28 \nmicrosoft.stopworddictionary.dll| microsoft.stopworddictionary.dll| 16.0.10348.12104| 41104| 21-Jun-19| 05:20 \nmicrosoft.system_dictionaries_spellcheck.dll| microsoft.system_dictionaries_spellcheck.dll| 16.0.10348.12104| 24641168| 21-Jun-19| 05:30 \nodffilt.dll.x64| odffilt.dll| 16.0.10348.12104| 1875160| 21-Jun-19| 05:00 \nofffiltx.dll.x64| offfiltx.dll| 16.0.10348.12104| 2140872| 21-Jun-19| 05:37 \nmicrosoft.ceres.contentengine.nlpevaluators.dll| microsoft.ceres.contentengine.nlpevaluators.dll| 16.0.10348.12104| 260456| 21-Jun-19| 05:41 \nmicrosoft.ceres.contentengine.operators.mars.dll| microsoft.ceres.contentengine.operators.mars.dll| 16.0.10348.12104| 45712| 21-Jun-19| 05:55 \ndocumentformat.openxml.dllmsil2| documentformat.openxml.dll| 2.6.0.4| 5305360| | \nupdate_documentformat.openxml.dllmsil2| documentformat.openxml.dll| 2.6.0.4| 5305360| 19-Jun-19| 07:23 \nsystem.io.packaging.dllmsil| system.io.packaging.dll| 1.0.0.4| 121872| | \nupdate_system.io.packaging.dllmsil| system.io.packaging.dll| 1.0.0.4| 121872| 20-Jun-19| 07:52 \nmicrosoft.ceres.interactionengine.processing.builtin.dll| microsoft.ceres.interactionengine.processing.builtin.dll| 16.0.10348.12104| 410984| 21-Jun-19| 05:50 \nmicrosoft.ceres.nlpbase.dictionaries.dll| microsoft.ceres.nlpbase.dictionaries.dll| 16.0.10348.12104| 147304| 21-Jun-19| 05:46 \nmanagedblingsigned.dll| managedblingsigned.dll| | 1862344| | \nupdate_managedblingsigned.dll| managedblingsigned.dll| | 1862344| 20-Jun-19| 08:44 \najaxtkid.js| ajaxtoolkit.debug.js| | 312267| 20-Jun-19| 08:12 \najaxtkit.js| ajaxtoolkit.js| | 132858| 20-Jun-19| 08:46 \nsrchccd.js| search.clientcontrols.debug.js| | 380392| 19-Jun-19| 07:12 \nsrchcc.js| search.clientcontrols.js| | 204087| 20-Jun-19| 11:19 \nsrchuicd.js| searchui.debug.js| | 116371| 20-Jun-19| 08:11 \nsrchuicc.js| searchui.js| | 50907| 20-Jun-19| 08:46 \nsrchquerypipeline.dll| microsoft.office.server.search.query.dll| 16.0.10348.12104| 1111720| 21-Jun-19| 05:22 \nossapp.dll| microsoft.office.server.search.applications.dll| 16.0.10348.12104| 462504| 21-Jun-19| 05:41 \nossapp.dll_0001| microsoft.office.server.search.applications.dll| 16.0.10348.12104| 462504| 21-Jun-19| 05:41 \nclkprdct.dll| microsoft.office.server.search.clickpredict.dll| 16.0.10348.12104| 211104| 21-Jun-19| 05:17 \nsearchom.dll| microsoft.office.server.search.dll| 16.0.10348.12104| 21193064| 21-Jun-19| 05:08 \nsearchom.dll_0001| microsoft.office.server.search.dll| 16.0.10348.12104| 21193064| 21-Jun-19| 05:08 \nossex.dll| microsoft.office.server.search.exchangeadapter.dll| 16.0.10348.12104| 115880| 21-Jun-19| 05:17 \nossex.dll_0001| microsoft.office.server.search.exchangeadapter.dll| 16.0.10348.12104| 115880| 21-Jun-19| 05:17 \nsrchomnt.dll| microsoft.office.server.search.native.dll| 16.0.10348.12104| 525688| 21-Jun-19| 06:18 \nsearchom.dll_0003| microsoft.sharepoint.search.dll| 16.0.10348.12104| 3890376| 21-Jun-19| 05:50 \nsearchom.dll_0005| microsoft.sharepoint.search.dll| 16.0.10348.12104| 3890376| 21-Jun-19| 05:50 \nsrchomnt.dll_1| microsoft.sharepoint.search.native.dll| 16.0.10348.12104| 493768| 21-Jun-19| 05:27 \nmsscpi.dll| msscpi.dll| 16.0.10348.12104| 640376| 21-Jun-19| 05:38 \nmssdmn.exe| mssdmn.exe| 16.0.10348.12104| 907944| 21-Jun-19| 05:23 \nmssearch.exe| mssearch.exe| 16.0.10348.12104| 572600| 21-Jun-19| 05:28 \nmsslad.dll| msslad.dll| 16.0.10348.12104| 487080| 21-Jun-19| 05:30 \nmssph.dll| mssph.dll| 16.0.10348.12104| 2478760| 21-Jun-19| 05:48 \nmssrch.dll| mssrch.dll| 16.0.10348.12104| 3639160| 21-Jun-19| 05:49 \nquery9x.dll_0001| query.dll| 16.0.10348.12104| 423592| 21-Jun-19| 05:47 \ntquery.dll| tquery.dll| 16.0.10348.12104| 1073528| 21-Jun-19| 05:34 \nnoteswebservice.dll.oss.x86| noteswebservice.dll| 16.0.10348.12104| 1023656| 21-Jun-19| 05:30 \nitem_excel.html| item_excel.html| | 2696| 20-Jun-19| 08:39 \nitem_excel.js| item_excel.js| | 4014| 20-Jun-19| 08:05 \nitem_powerpoint.html| item_powerpoint.html| | 3221| 20-Jun-19| 08:38 \nitem_powerpoint.js| item_powerpoint.js| | 4570| 19-Jun-19| 08:16 \nitem_word.html| item_word.html| | 2832| 20-Jun-19| 08:39 \nitem_word.js| item_word.js| | 4160| 19-Jun-19| 08:15 \nsetup.exe| setup.exe| 16.0.10348.12104| 2147688| | \nsvrsetup.exe| setup.exe| 16.0.10348.12104| 2147688| 21-Jun-19| 05:35 \nsvrsetup.dll| svrsetup.dll| 16.0.10348.12104| 17390920| 21-Jun-19| 05:39 \nwsssetup.dll| wsssetup.dll| 16.0.10348.12104| 17390200| 21-Jun-19| 05:29 \nvisioserver.microsoft.office.graphics.shapebuilder.dll| microsoft.office.graphics.shapebuilder.dll| 16.0.10348.12104| 13104008| 21-Jun-19| 05:51 \nmicrosoft.sharepoint.flighting.dll| microsoft.sharepoint.flighting.dll| 16.0.10348.12104| 2294416| 21-Jun-19| 05:38 \nactxprjlchrd.js| activexwinprojlauncher.debug.js| | 2095| 21-Jun-19| 05:53 \nactxprjlchr.js| activexwinprojlauncher.js| | 985| 21-Jun-19| 05:53 \nbitreeview.js| bitreeview.js| | 12881| 21-Jun-19| 05:53 \ncontentfollowing.debug.js| contentfollowing.debug.js| | 123898| 21-Jun-19| 06:05 \ncontentfollowing.js| contentfollowing.js| | 54230| 21-Jun-19| 06:05 \nfollowedtags.debug.js| followedtags.debug.js| | 6347| 21-Jun-19| 06:05 \nfollowedtags.js| followedtags.js| | 2728| 21-Jun-19| 06:05 \nfollowingcommon.debug.js| followingcommon.debug.js| | 21971| 21-Jun-19| 06:05 \nfollowingcommon.js| followingcommon.js| | 9648| 21-Jun-19| 06:05 \ngroup.debug.js| group.debug.js| | 125958| 21-Jun-19| 06:07 \ngroup.js| group.js| | 75985| 21-Jun-19| 06:15 \nhashtagprofile.debug.js| hashtagprofile.debug.js| | 6184| 21-Jun-19| 06:05 \nhashtagprofile.js| hashtagprofile.js| | 3287| 21-Jun-19| 06:05 \nhierarchytreeview.js| hierarchytreeview.js| | 8801| 21-Jun-19| 05:53 \nhtmlmenu.js| htmlmenus.js| | 21159| 21-Jun-19| 05:53 \nkpilro.js| kpilro.js| | 3184| 21-Jun-19| 05:53 \nmrudocs.debug.js| mrudocs.debug.js| | 9192| 21-Jun-19| 06:05 \nmrudocs.js| mrudocs.js| | 5864| 21-Jun-19| 06:06 \nmydocs.debug.js| mydocs.debug.js| | 73509| 21-Jun-19| 06:05 \nmydocs.js| mydocs.js| | 34455| 21-Jun-19| 06:05 \nmylinks.debug.js| mylinks.debug.js| | 7003| 21-Jun-19| 06:05 \nmylinks.js| mylinks.js| | 2631| 21-Jun-19| 06:06 \nmysiterecommendationsdebug.js| mysiterecommendations.debug.js| | 74467| 21-Jun-19| 06:04 \nmysiterecommendations.js| mysiterecommendations.js| | 41290| 21-Jun-19| 06:04 \nnotificationpanel.debug.js| notificationpanel.debug.js| | 14102| 21-Jun-19| 06:05 \nnotificationpanel.js| notificationpanel.js| | 7019| 21-Jun-19| 06:06 \nportal.debug.js| portal.debug.js| | 94804| 21-Jun-19| 05:53 \nportal.js| portal.js| | 52491| 21-Jun-19| 05:53 \nprbrows.debug.js| profilebrowsercontrol.debug.js| | 52762| 21-Jun-19| 06:09 \nprbrows.js| profilebrowsercontrol.js| | 28064| 21-Jun-19| 06:15 \nprojectsummary.debug.js| projectsummary.debug.js| | 36524| 21-Jun-19| 05:53 \nprojectsummary.js| projectsummary.js| | 13120| 21-Jun-19| 05:53 \nratings.js| ratings.js| | 18207| 21-Jun-19| 05:53 \nreputation.debug.js| reputation.debug.js| | 5317| 21-Jun-19| 05:44 \nreputation.js| reputation.js| | 3430| 21-Jun-19| 06:15 \nsoccom.js| socialcomment.js| | 23528| 21-Jun-19| 05:53 \nsocdata.js| socialdata.js| | 14891| 21-Jun-19| 05:53 \nsoctag.js| socialtag.js| | 9994| 21-Jun-19| 06:16 \nsprecdocsd.js| sp.recentdocs.debug.js| | 40634| 21-Jun-19| 06:05 \nsprecdocs.js| sp.recentdocs.js| | 18262| 21-Jun-19| 06:05 \nannouncementtilesdebug.js| sp.ui.announcementtiles.debug.js| | 14781| 21-Jun-19| 06:02 \nannouncementtiles.js| sp.ui.announcementtiles.js| | 8784| 21-Jun-19| 06:15 \nspui_cold.js| sp.ui.collabmailbox.debug.js| | 11768| 21-Jun-19| 06:02 \nspui_col.js| sp.ui.collabmailbox.js| | 7594| 21-Jun-19| 06:16 \ncommunities.js| sp.ui.communities.js| | 43975| 21-Jun-19| 06:15 \ncommunitiestileview.js| sp.ui.communities.tileview.js| | 8540| 21-Jun-19| 06:15 \ncommunityfeed.js| sp.ui.communityfeed.js| | 9999| 21-Jun-19| 06:14 \ncommunitymoderation.js| sp.ui.communitymoderation.js| | 8225| 21-Jun-19| 06:15 \nsp.ui.documentssharedbyme.debug.js| sp.ui.documentssharedbyme.debug.js| | 3174| 21-Jun-19| 06:02 \nsp.ui.documentssharedbyme.js| sp.ui.documentssharedbyme.js| | 2212| 21-Jun-19| 06:15 \nsp.ui.documentssharedwithme.debug.js| sp.ui.documentssharedwithme.debug.js| | 41725| 21-Jun-19| 05:54 \nsp.ui.documentssharedwithme.js| sp.ui.documentssharedwithme.js| | 24712| 21-Jun-19| 06:15 \nspui_listsearchbox_debug.js| sp.ui.listsearchbox.debug.js| | 39586| 21-Jun-19| 05:29 \nspui_listsearchbox.js| sp.ui.listsearchbox.js| | 20182| 21-Jun-19| 06:15 \nspui_listsearchboxbootstrap_debug.js| sp.ui.listsearchboxbootstrap.debug.js| | 7401| 21-Jun-19| 06:05 \nspui_listsearchboxbootstrap.js| sp.ui.listsearchboxbootstrap.js| | 3070| 21-Jun-19| 06:06 \nmicrofeeddebug.js| sp.ui.microfeed.debug.js| | 393708| 21-Jun-19| 05:48 \nmicrofeed.js| sp.ui.microfeed.js| | 230149| 21-Jun-19| 06:15 \nmysitecommondebug.js| sp.ui.mysitecommon.debug.js| | 131548| 21-Jun-19| 05:19 \nmysitecommon.js| sp.ui.mysitecommon.js| | 75540| 21-Jun-19| 06:13 \nmysitenavigationdebug.js| sp.ui.mysitenavigation.debug.js| | 2523| 21-Jun-19| 06:06 \nmysitenavigation.js| sp.ui.mysitenavigation.js| | 2523| 21-Jun-19| 06:06 \nmysiterecommendationsuidebug.js| sp.ui.mysiterecommendations.debug.js| | 14330| 21-Jun-19| 05:58 \nmysiterecommendationsui.js| sp.ui.mysiterecommendations.js| | 7268| 21-Jun-19| 06:16 \npeopledebug.js| sp.ui.people.debug.js| | 87048| 21-Jun-19| 06:07 \npeopledebug.js1| sp.ui.people.debug.js| | 87048| 21-Jun-19| 06:07 \npeople.js| sp.ui.people.js| | 59579| 21-Jun-19| 06:15 \npeople.js1| sp.ui.people.js| | 59579| 21-Jun-19| 06:15 \nspui_persond.js| sp.ui.person.debug.js| | 18230| 21-Jun-19| 06:02 \nspui_person.js| sp.ui.person.js| | 10326| 21-Jun-19| 06:16 \nspui_psd.js| sp.ui.promotedsites.debug.js| | 24862| 21-Jun-19| 06:07 \nspui_ps.js| sp.ui.promotedsites.js| | 15125| 21-Jun-19| 06:15 \nsp.ui.ratings.debug.js| sp.ui.ratings.debug.js| | 20220| 21-Jun-19| 06:07 \nsp.ui.ratings.js| sp.ui.ratings.js| | 11911| 21-Jun-19| 06:15 \nsp.ui.reputation.debug.js| sp.ui.reputation.debug.js| | 42482| 21-Jun-19| 06:00 \nsp.ui.reputation.js| sp.ui.reputation.js| | 25976| 21-Jun-19| 06:15 \nspssoc.js| sp.ui.socialribbon.js| | 20742| 21-Jun-19| 06:16 \nhomeapi.dll_gac| microsoft.sharepoint.homeapi.dll| 16.0.10348.12104| 360600| 21-Jun-19| 05:38 \nhomeapi.dll_isapi| microsoft.sharepoint.homeapi.dll| 16.0.10348.12104| 360600| 21-Jun-19| 05:38 \nportal.dll| microsoft.sharepoint.portal.dll| 16.0.10348.12104| 7002264| 21-Jun-19| 05:29 \nportal.dll_001| microsoft.sharepoint.portal.dll| 16.0.10348.12104| 7002264| 21-Jun-19| 05:29 \nantixsslibrary.dll| antixsslibrary.dll| 3.0.3259.31320| 26256| | \nupdate_antixsslibrary.dll| antixsslibrary.dll| 3.0.3259.31320| 26256| 19-Jun-19| 07:49 \nstsapa.dll| microsoft.sharepoint.applicationpages.administration.dll| 16.0.10348.12104| 696992| 21-Jun-19| 05:42 \nwssadmop.dll_0001| microsoft.sharepoint.administrationoperation.dll| 16.0.10348.12104| 1181456| 21-Jun-19| 05:31 \nmicrosoft.sharepoint.health.dll| microsoft.sharepoint.health.dll| 16.0.10348.12104| 144648| 21-Jun-19| 05:58 \nmicrosoft.sharepoint.identitymodel.dll| microsoft.sharepoint.identitymodel.dll| 16.0.10348.12104| 659320| 21-Jun-19| 05:32 \nmicrosoft.owin.3.0.1.dll| microsoft.owin.dll| 3.0.40213.64| 101032| | \nupdate_microsoft.owin.3.0.1.dll| microsoft.owin.dll| 3.0.40213.64| 101032| 20-Jun-19| 08:03 \nmicrosoft.owin.host.systemweb.3.0.1.dll| microsoft.owin.host.systemweb.dll| 3.0.40213.64| 133288| | \nupdate_microsoft.owin.host.systemweb.3.0.1.dll| microsoft.owin.host.systemweb.dll| 3.0.40213.64| 133288| 20-Jun-19| 08:45 \nmicrosoft.sharepoint.client.dll.x64| microsoft.sharepoint.client.dll| 16.0.10348.12104| 862360| 21-Jun-19| 05:48 \nmicrosoft.sharepoint.client.dll_0001.x64| microsoft.sharepoint.client.dll| 16.0.10348.12104| 862360| 21-Jun-19| 05:48 \nmicrosoft.sharepoint.client.phone.dll| microsoft.sharepoint.client.phone.dll| 16.0.10348.12104| 807080| 21-Jun-19| 05:32 \nmicrosoft.sharepoint.client.portable.dll.x64| microsoft.sharepoint.client.portable.dll| 16.0.10348.12104| 823184| 21-Jun-19| 05:36 \nmicrosoft.sharepoint.client.portable.dll_gac.x64| microsoft.sharepoint.client.portable.dll| 16.0.10348.12104| 823184| 21-Jun-19| 05:36 \nmicrosoft.sharepoint.client.silverlight.dll.x64| microsoft.sharepoint.client.silverlight.dll| 16.0.10348.12104| 806600| 21-Jun-19| 05:48 \ncontextinfo.dll_0001| microsoft.sharepoint.context.dll| 16.0.10348.12104| 56672| 21-Jun-19| 05:29 \nmicrosoft.sharepoint.serverstub.dll| microsoft.sharepoint.serverstub.dll| 16.0.10348.12104| 2897136| 21-Jun-19| 05:47 \noffprsx.dll| offparser.dll| 16.0.10348.12104| 2194296| 21-Jun-19| 05:55 \nstslib.dll_0001| microsoft.sharepoint.library.dll| 16.0.10348.12104| 238240| 21-Jun-19| 05:28 \nowssvr.dll_0001| owssvr.dll| 16.0.10348.12104| 6908072| 21-Jun-19| 05:33 \nmicrosoft.sharepoint.powershell.dll_0001| microsoft.sharepoint.powershell.dll| 16.0.10348.12104| 1074344| 21-Jun-19| 05:41 \nmicrosoft.sharepoint.powershell.intl.dll| microsoft.sharepoint.powershell.intl.dll| 16.0.10348.12104| 105640| 21-Jun-19| 05:11 \npsconfig.exe| psconfig.exe| 16.0.10348.12104| 547040| 21-Jun-19| 05:38 \npsconfigui.exe| psconfigui.exe| 16.0.10348.12104| 817888| 21-Jun-19| 05:12 \ncore_0.rsx| core.resx| | 526140| 21-Jun-19| 04:35 \nstsom.dll| microsoft.sharepoint.dll| 16.0.10348.12104| 38541944| 21-Jun-19| 05:26 \nstsom.dll_0001| microsoft.sharepoint.dll| 16.0.10348.12104| 38541944| 21-Jun-19| 05:26 \nstsomdr.dll| microsoft.sharepoint.intl.dll| 16.0.10348.12104| 1417592| 21-Jun-19| 05:54 \nstsap.dll| microsoft.sharepoint.applicationpages.dll| 16.0.10348.12104| 2454768| 21-Jun-19| 05:56 \nstssoap.dll| stssoap.dll| 16.0.10348.12104| 784552| 21-Jun-19| 05:31 \nsubsetproxy.dll_0001| microsoft.sharepoint.subsetproxy.dll| 16.0.10348.12104| 1148664| 21-Jun-19| 05:42 \nsubsetshim.dll_0001| microsoft.sharepoint.dll| 16.900.rup.rpr| 2455184| 21-Jun-19| 05:50 \nsystem.net.http.formatting.5.2.3.dll| system.net.http.formatting.dll| 5.2.30128.0| 185544| | \nupdate_system.net.http.formatting.5.2.3.dll| system.net.http.formatting.dll| 5.2.30128.0| 185544| 20-Jun-19| 07:51 \nsystem.web.http.5.2.3.dll| system.web.http.dll| 5.2.30128.0| 471240| | \nupdate_system.web.http.5.2.3.dll| system.web.http.dll| 5.2.30128.0| 471240| 20-Jun-19| 08:10 \napplications.asx_0014| applications.aspx| | 3998| 20-Jun-19| 08:46 \napps.asx_0014| apps.aspx| | 3974| 20-Jun-19| 08:46 \nbackups.asx_0014| backups.aspx| | 3983| 19-Jun-19| 08:12 \nconfigurationwizards.asx_0014| configurationwizards.aspx| | 4022| 20-Jun-19| 08:46 \ndefault.asx_0014| default.aspx| | 5440| 20-Jun-19| 08:46 \ngenappsettings.asx_0014| generalapplicationsettings.aspx| | 4041| 20-Jun-19| 08:45 \nmonitoring.asx_0014| monitoring.aspx| | 3992| 19-Jun-19| 08:23 \no365config.asx_0015| office365configuration.aspx| | 5180| 20-Jun-19| 08:45 \nsecurity.asx_0014| security.aspx| | 3986| 20-Jun-19| 08:46 \nsysset.asx_0014| systemsettings.aspx| | 4004| 20-Jun-19| 08:46 \nupgandmig.asx_0014| upgradeandmigration.aspx| | 4019| 20-Jun-19| 08:46 \ndip.js| dip.js| | 50487| 20-Jun-19| 08:45 \ndip.js_14| dip.js| | 50487| 20-Jun-19| 08:45 \naccreqctl.debug.js| accessrequestscontrol.debug.js| | 20696| 21-Jun-19| 04:57 \naccreqctl.js| accessrequestscontrol.js| | 11684| 21-Jun-19| 04:57 \naccreqviewtmpl.debug.js| accessrequestsviewtemplate.debug.js| | 50013| 21-Jun-19| 04:57 \naccreqviewtmpl.js| accessrequestsviewtemplate.js| | 22933| 21-Jun-19| 04:57 \nappcatalogfieldtemplate.debug.js| appcatalogfieldtemplate.debug.js| | 9638| 21-Jun-19| 04:57 \nappcatalogfieldtemplate.js| appcatalogfieldtemplate.js| | 3695| 21-Jun-19| 04:57 \nappdeveloperdash.debug.js| appdeveloperdash.debug.js| | 23162| 21-Jun-19| 04:57 \nappdeveloperdash.js| appdeveloperdash.js| | 11552| 21-Jun-19| 04:57 \napprequestmanagefieldtemplate.debug.js| apprequestmanagefieldtemplate.debug.js| | 2771| 21-Jun-19| 04:57 \napprequestmanagefieldtemplate.js| apprequestmanagefieldtemplate.js| | 1476| 21-Jun-19| 04:57 \nautofill.debug.js| autofill.debug.js| | 20542| 21-Jun-19| 04:57 \nautofill.js| autofill.js| | 11562| 21-Jun-19| 04:57 \nautohostedlicensingtemplates.debug.js| autohostedlicensingtemplates.debug.js| | 21187| 21-Jun-19| 04:57 \nautohostedlicensingtemplates.js| autohostedlicensingtemplates.js| | 8989| 21-Jun-19| 04:57 \nbform.debug.js| bform.debug.js| | 460795| 21-Jun-19| 06:02 \nbform.js| bform.js| | 259449| 21-Jun-19| 06:02 \nblank.debug.js| blank.debug.js| | 755| 21-Jun-19| 04:57 \nblank.js| blank.js| | 456| 21-Jun-19| 04:57 \ncallout.debug.js| callout.debug.js| | 92039| 21-Jun-19| 04:57 \ncallout.js| callout.js| | 29823| 21-Jun-19| 04:57 \nchoicebuttonfieldtemplate.debug.js| choicebuttonfieldtemplate.debug.js| | 6382| 21-Jun-19| 04:57 \nchoicebuttonfieldtemplate.js| choicebuttonfieldtemplate.js| | 2743| 21-Jun-19| 04:57 \nclientforms.debug.js| clientforms.debug.js| | 155351| 21-Jun-19| 04:57 \nclientforms.js| clientforms.js| | 78857| 21-Jun-19| 04:57 \nclientpeoplepicker.debug.js| clientpeoplepicker.debug.js| | 83399| 21-Jun-19| 04:57 \nclientpeoplepicker.js| clientpeoplepicker.js| | 44298| 21-Jun-19| 04:57 \nclientrenderer.debug.js| clientrenderer.debug.js| | 30681| 21-Jun-19| 06:09 \nclientrenderer.js| clientrenderer.js| | 12960| 21-Jun-19| 06:09 \nclienttemplates.debug.js| clienttemplates.debug.js| | 397742| 21-Jun-19| 04:57 \nclienttemplates.js| clienttemplates.js| | 203209| 21-Jun-19| 04:57 \ncommonvalidation.debug.js| commonvalidation.debug.js| | 6758| 21-Jun-19| 06:07 \ncomval.js| commonvalidation.js| | 4224| 21-Jun-19| 06:07 \ncore.debug.js| core.debug.js| | 955623| 21-Jun-19| 04:57 \ncore.js_0001| core.js| | 506903| 21-Jun-19| 04:57 \ncreatesharedfolderdialog.debug.js| createsharedfolderdialog.debug.js| | 42912| 21-Jun-19| 04:57 \ncreatesharedfolderdialog.js| createsharedfolderdialog.js| | 18732| 21-Jun-19| 04:57 \ndatepicker.debug.js| datepicker.debug.js| | 160256| 21-Jun-19| 06:06 \ndatepick.js| datepicker.js| | 71408| 21-Jun-19| 06:06 \ndesigngallery.debug.js| designgallery.debug.js| | 47390| 21-Jun-19| 04:57 \ndesigngallery.js| designgallery.js| | 29175| 21-Jun-19| 04:57 \ndevdash.debug.js| devdash.debug.js| | 89841| 21-Jun-19| 06:09 \ndevdash.js| devdash.js| | 38404| 21-Jun-19| 06:09 \ndragdrop.debug.js| dragdrop.debug.js| | 237831| 21-Jun-19| 04:57 \ndragdrop.js| dragdrop.js| | 122518| 21-Jun-19| 04:57 \nentityeditor.debug.js| entityeditor.debug.js| | 73995| 21-Jun-19| 04:57 \nentityeditor.js| entityeditor.js| | 38999| 21-Jun-19| 04:57 \nfilepreview.debug.js| filepreview.debug.js| | 25986| 21-Jun-19| 04:57 \nfilepreview.js| filepreview.js| | 14046| 21-Jun-19| 04:57 \nfoldhyperlink.debug.js| foldhyperlink.debug.js| | 3924| 21-Jun-19| 04:57 \nfoldhyperlink.js| foldhyperlink.js| | 1863| 21-Jun-19| 04:57 \nform.debug.js| form.debug.js| | 241306| 21-Jun-19| 04:57 \nform.js| form.js| | 129252| 21-Jun-19| 04:57 \nganttscript.debug.js| ganttscript.debug.js| | 9384| 21-Jun-19| 04:57 \nganttscr.js| ganttscript.js| | 5100| 21-Jun-19| 04:57 \ngeolocationfieldtemplate.debug.js| geolocationfieldtemplate.debug.js| | 40968| 21-Jun-19| 04:57 \ngeolocationfieldtemplate.js| geolocationfieldtemplate.js| | 15413| 21-Jun-19| 04:57 \ngroupboard.debug.js| groupboard.debug.js| | 16339| 21-Jun-19| 06:06 \ngroupboard.js| groupboard.js| | 9550| 21-Jun-19| 06:06 \ngroupeditempicker.debug.js| groupeditempicker.debug.js| | 21014| 21-Jun-19| 04:57 \ngip.js| groupeditempicker.js| | 12057| 21-Jun-19| 04:57 \nhierarchytaskslist.debug.js| hierarchytaskslist.debug.js| | 60796| 21-Jun-19| 04:57 \nhierarchytaskslist.js| hierarchytaskslist.js| | 20088| 21-Jun-19| 04:57 \nimglib.debug.js| imglib.debug.js| | 91322| 21-Jun-19| 04:57 \nimglib.js| imglib.js| | 53907| 21-Jun-19| 04:57 \ninit.debug.js| init.debug.js| | 626534| 21-Jun-19| 04:57 \ninit.js_0001| init.js| | 303047| 21-Jun-19| 04:57 \ninplview.debug.js| inplview.debug.js| | 155120| 21-Jun-19| 04:57 \ninplview.js| inplview.js| | 79291| 21-Jun-19| 04:57 \njsgrid.debug.js| jsgrid.debug.js| | 1185607| 21-Jun-19| 04:57 \njsgrid.gantt.debug.js| jsgrid.gantt.debug.js| | 110109| 21-Jun-19| 04:57 \njsgrid.gantt.js| jsgrid.gantt.js| | 42306| 21-Jun-19| 04:57 \njsgrid.js| jsgrid.js| | 444681| 21-Jun-19| 04:57 \nlanguagepickercontrol.js| languagepickercontrol.js| | 11518| 21-Jun-19| 04:57 \nlistview.debug.js| listview.debug.js| | 930411| 21-Jun-19| 06:09 \nlistview.js| listview.js| | 399999| 21-Jun-19| 06:09 \nmapviewtemplate.debug.js| mapviewtemplate.debug.js| | 38394| 21-Jun-19| 04:57 \nmapviewtemplate.js| mapviewtemplate.js| | 15544| 21-Jun-19| 04:57 \nmenu.debug.js| menu.debug.js| | 103516| 21-Jun-19| 05:33 \nmenu.js_0001| menu.js| | 52561| 21-Jun-19| 05:33 \nmountpt.debug.js| mountpoint.debug.js| | 13632| 21-Jun-19| 04:57 \nmountpt.js| mountpoint.js| | 6213| 21-Jun-19| 04:57 \nmquery.debug.js| mquery.debug.js| | 60340| 21-Jun-19| 04:57 \nmquery.js| mquery.js| | 22616| 21-Jun-19| 04:57 \nms.rte.debug.js| ms.rte.debug.js| | 714303| 21-Jun-19| 04:40 \nms.rte.js| ms.rte.js| | 401121| 21-Jun-19| 04:40 \noffline.debug.js| offline.debug.js| | 22145| 21-Jun-19| 04:57 \noffline.js| offline.js| | 11376| 21-Jun-19| 04:57 \nows.debug.js| ows.debug.js| | 714258| 21-Jun-19| 06:06 \nows.js| ows.js| | 376947| 21-Jun-19| 06:06 \nowsbrows.debug.js| owsbrows.debug.js| | 24730| 21-Jun-19| 05:34 \nowsbrows.js| owsbrows.js| | 13193| 21-Jun-19| 05:35 \npickerhierarchycontrol.js| pickerhierarchycontrol.js| | 84678| 21-Jun-19| 04:51 \nquicklaunch.debug.js| quicklaunch.debug.js| | 135522| 21-Jun-19| 04:57 \nquicklaunch.js| quicklaunch.js| | 74050| 21-Jun-19| 04:57 \nradiobuttonwithchildren.js| radiobuttonwithchildren.js| | 3557| 21-Jun-19| 04:57 \nroamingapps.debug.js| roamingapps.debug.js| | 55031| 21-Jun-19| 04:57 \nroamingapps.js| roamingapps.js| | 21855| 21-Jun-19| 04:57 \nsharing.debug.js| sharing.debug.js| | 322361| 21-Jun-19| 04:57 \nsharing.js| sharing.js| | 135350| 21-Jun-19| 04:57 \nsharingmodern.debug.js| sharingmodern.debug.js| | 18196| 21-Jun-19| 04:57 \nsharingmodern.js| sharingmodern.js| | 5807| 21-Jun-19| 04:57 \nsinglesignon.debug.js| singlesignon.debug.js| | 17059| 21-Jun-19| 06:09 \nsinglesignon.js| singlesignon.js| | 6062| 21-Jun-19| 06:09 \nsiteupgrade.debug.js| siteupgrade.debug.js| | 1693| 21-Jun-19| 06:08 \nsiteupgrade.debug.js_14| siteupgrade.debug.js| | 1693| 21-Jun-19| 06:08 \nsiteupgrade.js| siteupgrade.js| | 1121| 21-Jun-19| 06:07 \nsiteupgrade.js_14| siteupgrade.js| | 1121| 21-Jun-19| 06:07 \nsp.accessibility.debug.js| sp.accessibility.debug.js| | 34811| 21-Jun-19| 06:02 \nsp.accessibility.js| sp.accessibility.js| | 21843| 21-Jun-19| 06:02 \nsp.core.debug.js| sp.core.debug.js| | 165966| 21-Jun-19| 04:40 \nsp.core.js| sp.core.js| | 87863| 21-Jun-19| 04:40 \nsp.datetimeutil.debug.js| sp.datetimeutil.debug.js| | 115552| 21-Jun-19| 04:51 \nsp.datetimeutil.js| sp.datetimeutil.js| | 66620| 21-Jun-19| 04:51 \nsp.debug.js| sp.debug.js| | 1705869| 21-Jun-19| 04:50 \nsp.exp.debug.js| sp.exp.debug.js| | 41182| 21-Jun-19| 04:37 \nsp.exp.js| sp.exp.js| | 24500| 21-Jun-19| 04:38 \nsp.init.debug.js| sp.init.debug.js| | 57831| 21-Jun-19| 04:37 \nsp.init.js| sp.init.js| | 32954| 21-Jun-19| 04:37 \nsp.js| sp.js| | 1044591| 21-Jun-19| 04:50 \nspmap.debug.js| sp.map.debug.js| | 15759| 21-Jun-19| 04:51 \nspmap.js| sp.map.js| | 8533| 21-Jun-19| 04:51 \nsppageinstr.debug.js| sp.pageinstrumentation.debug.js| | 1925| 21-Jun-19| 04:51 \nsppageinstr.js| sp.pageinstrumentation.js| | 1397| 21-Jun-19| 04:51 \nsp.requestexecutor.debug.js| sp.requestexecutor.debug.js| | 100405| 21-Jun-19| 04:35 \nsp.requestexecutor.js| sp.requestexecutor.js| | 63698| 21-Jun-19| 04:35 \nsp.ribbon.debug.js| sp.ribbon.debug.js| | 361474| 21-Jun-19| 04:51 \nsp.ribbon.js| sp.ribbon.js| | 222919| 21-Jun-19| 04:51 \nsp.runtime.debug.js| sp.runtime.debug.js| | 197022| 21-Jun-19| 04:41 \nsp.runtime.js| sp.runtime.js| | 115686| 21-Jun-19| 04:41 \nsp.simpleloggermobile.debug.js| sp.simpleloggermobile.debug.js| | 40931| 21-Jun-19| 06:06 \nsp.simpleloggermobile.js| sp.simpleloggermobile.js| | 20444| 21-Jun-19| 06:06 \nsp.storefront.debug.js| sp.storefront.debug.js| | 440500| 21-Jun-19| 05:24 \nsp.storefront.js| sp.storefront.js| | 296738| 21-Jun-19| 05:24 \nsp.ui.admin.debug.js| sp.ui.admin.debug.js| | 18904| 21-Jun-19| 06:06 \nsp.ui.admin.js| sp.ui.admin.js| | 11613| 21-Jun-19| 06:06 \nsp.ui.allapps.debug.js| sp.ui.allapps.debug.js| | 45304| 21-Jun-19| 05:21 \nsp.ui.allapps.js| sp.ui.allapps.js| | 27974| 21-Jun-19| 05:21 \nsp.ui.applicationpages.calendar.debug.js| sp.ui.applicationpages.calendar.debug.js| | 278348| 21-Jun-19| 04:54 \nsp.ui.applicationpages.calendar.js| sp.ui.applicationpages.calendar.js| | 143409| 21-Jun-19| 04:54 \nsp.ui.applicationpages.debug.js| sp.ui.applicationpages.debug.js| | 11283| 21-Jun-19| 05:28 \nsp.ui.applicationpages.js| sp.ui.applicationpages.js| | 7684| 21-Jun-19| 05:28 \nsp.ui.bdcadminpages.debug.js| sp.ui.bdcadminpages.debug.js| | 16634| 21-Jun-19| 06:07 \nsp.ui.bdcadminpages.js| sp.ui.bdcadminpages.js| | 11652| 21-Jun-19| 06:06 \nspblogd.js| sp.ui.blogs.debug.js| | 51882| 21-Jun-19| 06:07 \nspblog.js| sp.ui.blogs.js| | 31204| 21-Jun-19| 06:07 \nsp.ui.combobox.debug.js| sp.ui.combobox.debug.js| | 100153| 21-Jun-19| 05:08 \nsp.ui.combobox.js| sp.ui.combobox.js| | 52058| 21-Jun-19| 05:08 \nsp.ui.controls.debug.js| sp.ui.controls.debug.js| | 58556| 21-Jun-19| 05:13 \nsp.ui.controls.js| sp.ui.controls.js| | 39729| 21-Jun-19| 05:13 \nsp.ui.dialog.debug.js| sp.ui.dialog.debug.js| | 75579| 21-Jun-19| 04:40 \nsp.ui.dialog.js| sp.ui.dialog.js| | 44114| 21-Jun-19| 04:40 \nspdiscd.js| sp.ui.discussions.debug.js| | 136669| 21-Jun-19| 05:25 \nspdisc.js| sp.ui.discussions.js| | 81747| 21-Jun-19| 05:25 \nspimgcd.js| sp.ui.imagecrop.debug.js| | 28399| 21-Jun-19| 06:05 \nspimgc.js| sp.ui.imagecrop.js| | 28399| 21-Jun-19| 06:05 \nspui_rid.js| sp.ui.relateditems.debug.js| | 29224| 21-Jun-19| 05:16 \nspui_ri.js| sp.ui.relateditems.js| | 18378| 21-Jun-19| 05:16 \nsp.ui.rte.debug.js| sp.ui.rte.debug.js| | 355959| 21-Jun-19| 04:54 \nsp.ui.rte.js| sp.ui.rte.js| | 217946| 21-Jun-19| 04:54 \nsp.ui.tileview.debug.js| sp.ui.tileview.debug.js| | 100921| 21-Jun-19| 05:14 \nsp.ui.tileview.js| sp.ui.tileview.js| | 61802| 21-Jun-19| 05:15 \nspui_tld.js| sp.ui.timeline.debug.js| | 488762| 21-Jun-19| 04:55 \nspui_tl.js| sp.ui.timeline.js| | 265918| 21-Jun-19| 04:55 \nspgantt.debug.js| spgantt.debug.js| | 192623| 21-Jun-19| 04:57 \nspgantt.js| spgantt.js| | 69727| 21-Jun-19| 04:57 \nspgridview.debug.js| spgridview.debug.js| | 7876| 21-Jun-19| 04:57 \nspgridvw.js| spgridview.js| | 4903| 21-Jun-19| 04:57 \nstart.debug.js| start.debug.js| | 185210| 21-Jun-19| 06:06 \nstart.js| start.js| | 101324| 21-Jun-19| 06:06 \nsuitelinks.debug.js| suitelinks.debug.js| | 32319| 21-Jun-19| 04:57 \nsuitelnk.js| suitelinks.js| | 13508| 21-Jun-19| 04:57 \ntimecard.debug.js| timecard.debug.js| | 37455| 21-Jun-19| 04:57 \ntimecard.js| timecard.js| | 21192| 21-Jun-19| 04:57 \nwpadder.debug.js| wpadder.debug.js| | 52865| 21-Jun-19| 04:57 \nwpadder.js| wpadder.js| | 33270| 21-Jun-19| 04:57 \nwpcm.debug.js| wpcm.debug.js| | 7521| 21-Jun-19| 04:57 \nwpcm.js| wpcm.js| | 3849| 21-Jun-19| 04:57 \nsigstore.dll| sigstore.dll| | 19888| | \nupdate_sigstore.dll| sigstore.dll| | 19888| 20-Jun-19| 08:46 \nstore.sql| store.sql| | 8073301| 20-Jun-19| 08:02 \nstore.xml| store.xml| | 8915771| 21-Jun-19| 05:38 \nstoreazure.xml| store_azure.xml| | 8915771| 21-Jun-19| 05:34 \nusagedb.sql| usagedb.sql| | 88742| 20-Jun-19| 08:45 \nusgdbup.sql| usgdbup.sql| | 88551| 20-Jun-19| 08:46 \nappassoc.asx| applicationassociations.aspx| | 5504| 20-Jun-19| 08:44 \nauthen.asx| authentication.aspx| | 13965| 20-Jun-19| 08:45 \nblkftyp.asx| blockedfiletype.aspx| | 4282| 20-Jun-19| 08:44 \ndftcntdb.asx| defaultcontentdb.aspx| | 6243| 20-Jun-19| 08:45 \nhealrepo.asx| healthreport.aspx| | 6499| 19-Jun-19| 08:15 \nincemail.asx| incomingemail.aspx| | 22663| 20-Jun-19| 08:45 \nirmadmin.asx| irmadmin.aspx| | 8804| 20-Jun-19| 08:45 \nlogusage.asx| logusage.aspx| | 14555| 20-Jun-19| 08:45 \nmetrics.asx| metrics.aspx| | 15403| 20-Jun-19| 08:45 \nofadmin.asx| officialfileadmin.aspx| | 13839| 20-Jun-19| 08:45 \nprivacy.asx| privacy.aspx| | 10182| 20-Jun-19| 08:44 \nslctcfaz.asx| selectcrossfirewallaccesszone.aspx| | 5643| 20-Jun-19| 08:45 \nsvcappcn.asx| serviceapplicationconnect.aspx| | 5027| 20-Jun-19| 08:45 \nsiteex.asx| siteandlistexport.aspx| | 12538| 20-Jun-19| 08:44 \nsitebaks.asx| sitebackuporexportstatus.aspx| | 10389| 20-Jun-19| 08:44 \nsitecbac.asx| sitecollectionbackup.aspx| | 10764| 20-Jun-19| 08:45 \nsitequot.asx| sitequota.aspx| | 24455| 20-Jun-19| 08:45 \nspscrstg.asx_0002| spsecuritysettings.aspx| | 7731| 19-Jun-19| 08:28 \nunatcdb.asx| unattacheddbselect.aspx| | 6322| 20-Jun-19| 08:43 \nuser_solution.asx| usersolutions.aspx| | 9571| 20-Jun-19| 08:44 \nversions.asx| versions.aspx| | 37378| 20-Jun-19| 08:46 \nofadmin.aspx_tenantadmin| ta_officialfileadmin.aspx| | 11593| 20-Jun-19| 08:40 \nowstimer.exe_0001| owstimer.exe| 16.0.10348.12104| 86872| 21-Jun-19| 05:49 \nmicrosoft.extensions.dependencyinjection.abstractions.1.0.0.dll| microsoft.extensions.dependencyinjection.abstractions.dll| 1.0.0.20622| 42600| | \nupdate_microsoft.extensions.dependencyinjection.abstractions.1.0.0.dll| microsoft.extensions.dependencyinjection.abstractions.dll| 1.0.0.20622| 42600| 21-Jun-19| 06:05 \nmicrosoft.extensions.dependencyinjection.1.0.0.dll| microsoft.extensions.dependencyinjection.dll| 1.0.0.20622| 44136| | \nupdate_microsoft.extensions.dependencyinjection.1.0.0.dll| microsoft.extensions.dependencyinjection.dll| 1.0.0.20622| 44136| 21-Jun-19| 06:09 \nmicrosoft.odata.core.7.0.0.dll| microsoft.odata.core.dll| 7.0.0.0| 1402712| | \nupdate_microsoft.odata.core.7.0.0.dll| microsoft.odata.core.dll| 7.0.0.0| 1402712| 21-Jun-19| 06:03 \nmicrosoft.odata.edm.7.0.0.dll| microsoft.odata.edm.dll| 7.0.0.0| 787080| | \nupdate_microsoft.odata.edm.7.0.0.dll| microsoft.odata.edm.dll| 7.0.0.0| 787080| 21-Jun-19| 06:05 \nmicrosoft.spatial.7.0.0.dll| microsoft.spatial.dll| 7.0.0.0| 142464| | \nupdate_microsoft.spatial.7.0.0.dll| microsoft.spatial.dll| 7.0.0.0| 142464| 21-Jun-19| 06:02 \nsystem.collections.immutable.1.2.0.dll| system.collections.immutable.dll| 1.0.24212.01| 181096| | \nupdate_system.collections.immutable.1.2.0.dll| system.collections.immutable.1.2.0.dll| 1.0.24212.01| 181096| 21-Jun-19| 06:01 \nsystem.web.http.owin.5.2.3.dll| system.web.http.owin.dll| 5.2.30128.0| 71288| | \nupdate_system.web.http.owin.5.2.3.dll| system.web.http.owin.dll| 5.2.30128.0| 71288| 21-Jun-19| 06:09 \nsystem.web.odata.6.0.0.dll| system.web.odata.dll| 6.0.40914.0| 786744| | \nupdate_system.web.odata.6.0.0.dll| system.web.odata.dll| 6.0.40914.0| 786744| 21-Jun-19| 05:53 \nspwriter.exe_0001| spwriter.exe| 16.0.10348.12104| 58024| 21-Jun-19| 06:00 \nstswel.dll| stswel.dll| 16.0.10348.12104| 3685032| 21-Jun-19| 05:39 \nstswfacb.dll| microsoft.sharepoint.workflowactions.dll| 16.0.10348.12104| 320696| 21-Jun-19| 05:36 \nstswfact.dll| microsoft.sharepoint.workflowactions.dll| 16.0.10348.12104| 320696| 21-Jun-19| 05:36 \nsts.workflows.dll| microsoft.sharepoint.workflows.dll| 16.0.10348.12104| 73888| 21-Jun-19| 05:18 \nie50up.debug.js| ie50up.debug.js| | 155104| 21-Jun-19| 06:06 \nie50up.js| ie50up.js| | 81715| 21-Jun-19| 06:06 \nie55up.debug.js| ie55up.debug.js| | 154298| 21-Jun-19| 06:01 \nie55up.js| ie55up.js| | 81176| 21-Jun-19| 06:01 \nnon_ie.debug.js| non_ie.debug.js| | 102961| 21-Jun-19| 06:07 \nnon_ie.js| non_ie.js| | 60388| 21-Jun-19| 06:08 \nbpstd.debug.js| bpstd.debug.js| | 8194| 21-Jun-19| 06:07 \nbpstd.js| bpstd.js| | 4668| 21-Jun-19| 06:07 \nctp.debug.js| ctp.debug.js| | 7940| 21-Jun-19| 06:09 \nctp.js| ctp.js| | 4223| 21-Jun-19| 06:09 \ncvtp.debug.js| cvtp.debug.js| | 5066| 21-Jun-19| 06:07 \ncvtp.js| cvtp.js| | 2704| 21-Jun-19| 06:07 \nitp.debug.js| itp.debug.js| | 13120| 21-Jun-19| 06:08 \nitp.js| itp.js| | 9814| 21-Jun-19| 06:07 \nxtp.debug.js| xtp.debug.js| | 3605| 21-Jun-19| 06:07 \nxtp.js| xtp.js| | 1801| 21-Jun-19| 06:08 \nosrv_sandbox.dll| microsoft.office.server.sandbox.dll| 16.0.10348.12104| 769224| 21-Jun-19| 05:18 \nmicrosoft.office.web.sandbox.dll| microsoft.office.web.sandbox.dll| 16.0.10348.12104| 769432| 21-Jun-19| 05:41 \nsts_sandbox.dll| microsoft.sharepoint.sandbox.dll| 16.0.10348.12104| 769216| 21-Jun-19| 05:56 \nvisfilt.dll.x64| visfilt.dll| 16.0.10348.12104| 6398632| 21-Jun-19| 05:22 \nvisioserver.vutils.dll| vutils.dll| 16.0.10348.12104| 3239016| 21-Jun-19| 05:29 \nsts_odspnextnewux1efa61166de43c71668b949c99f0686b| listitemformdeferred.js| | 2257106| 19-Jun-19| 11:23 \nsts_odspnextnewuxe8f363779e230efb9d852eceace8ab24| listitemformreactcontrols.js| | 199526| 19-Jun-19| 11:23 \nsts_odspnextnewuxbe3313501487c79fe05e26c262deaaa9| createsite.json| | 43508| 19-Jun-19| 11:23 \nsts_odspnextnewux73bf67ca708ed0b9bbee05da7d4ab95b| listitemform.json| | 178730| 19-Jun-19| 11:23 \nodbonedrive.json| odbonedrive.json| | 359240| 19-Jun-19| 11:23 \nsts_odspnextnewux0caa67c96a8a488d88a0b64e58cf6219| recyclebin.json| | 181108| 19-Jun-19| 11:23 \nsts_odspnextnewux82ec74261e20424f9653d60d8846afce| sitehub.json| | 223233| 19-Jun-19| 11:23 \nsts_odspnextnewuxc2feb86763199de55a499729d395cb83| splist.json| | 299043| 19-Jun-19| 11:23 \nsts_odspnextnewuxc4da3cf2e6b1ad11477e32ac2c90cea6| odbdeferred.js| | 2440782| 19-Jun-19| 11:23 \nsts_odspnextnewux8c0380eb9a20542616b7c1feeac0f995| odbonedrive.js| | 678219| 19-Jun-19| 11:23 \nsts_odspnextnewux1a2b15ed274bbfbba6d5eaa8be1efc60| odbuploadmanager.js| | 64324| 19-Jun-19| 11:23 \nsts_odspnextnewuxee5697f761f94ca16ffd86a4ef02d1a8| recyclebindeferred.js| | 2822614| 19-Jun-19| 11:24 \nsts_odspnextnewuxb8931dbbdb97beb330defb6bad1ae332| sitehubdeferred.js| | 2414362| 19-Jun-19| 11:24 \nsts_odspnextnewux75199cdb9d900d5ff11f7782399cb17f| splistdeferred.js| | 2280032| 19-Jun-19| 11:24 \nsts_odspnextnewux95c14b220e8e6a345ca52833f517b678| splistreactcontrolsdeferred.js| | 286608| 19-Jun-19| 11:24 \nsts_odspnextnewux30484b0717864b439efabcb4caaf6538| spoapp.js| | 272957| 19-Jun-19| 11:24 \nsts_odspnextnewuxb680d3a8e2013810dae29dafe4d75340| spofiles.js| | 610823| 19-Jun-19| 11:24 \nsts_odspnextnewuxa1bba3f539805635ed1b4d1828dbd548| spouploadmanager.js| | 70861| 19-Jun-19| 11:24 \nsts_spclientnewux11247c610eb2b35fec6b7d74a26c38f0| 0.0.js| | 398344| 19-Jun-19| 11:24 \nsts_spclientnewuxe5f4fb44132db455bfc5684abc91d769| 0.contentrollupwebpart-propertypanesettings.js| | 13836| 19-Jun-19| 11:24 \nsts_spclientnewuxf8f9524d7aede8aa27335bd307d3283c| 0.developer-tools.js| | 482322| 19-Jun-19| 11:24 \nsts_spclientnewux8f54e1232a604b66101d785f00e07c5d| 0.image-gallery-edit-mode.js| | 39729| 19-Jun-19| 11:24 \nsts_spclientnewux10b60c752308e4797414cc1592352c08| 0.page-picker-component.js| | 135789| 19-Jun-19| 11:24 \nsts_spclientnewuxe567272b5c2a010aa70b17e8c313858a| 0.quick-links-property-pane.js| | 13168| 19-Jun-19| 11:24 \nsts_spclientnewux5b94fcc774f1d14f356a8939ad0c76cf| 0.sp-filepickercontrol.js| | 286022| 19-Jun-19| 11:24 \nsts_spclientnewux1a0dd8556ea12fdfdce46c1b97bf966d| 0.sp-pages-panels.js| | 635831| 19-Jun-19| 11:24 \nsts_spclientnewuxf51e90850f93328c38d84d1e68d27fb3| 0.sp-people-contact-card.js| | 13725| 19-Jun-19| 11:24 \nsts_spclientnewux892018044204a190e9f581edcd620dae| 0.sp-rte-propertypane.js| | 39875| 19-Jun-19| 11:24 \nsts_spclientnewuxe8964dd3d437ce4f33115b3bc0557c72| 0.sp-webpart-base-propertypane.js| | 130210| 19-Jun-19| 11:24 \nsts_spclientnewux6bcd61d2c5362c6320b3a14b80a5b5a8| 0.toolbox.js| | 34732| 19-Jun-19| 11:24 \nsts_spclientnewux48cae7c08b68c5b16fa6bb6d1d734fe3| 0ef418ba-5d19-4ade-9db0-b339873291d0.json| | 12533| 19-Jun-19| 11:24 \nsts_spclientnewux0c482d383b518aa8956558dbdc75bd48| 1.debug-prompt-components.js| | 342352| 19-Jun-19| 11:24 \nsts_spclientnewuxe45badc655897ae1f90884f5a1a97ee7| 1.sp-pages-comments.js| | 99824| 19-Jun-19| 11:24 \nsts_spclientnewuxb2c3d8de1fdcb7cca7c4b2044da486f5| 1.sp-title-region-webpart-edit-mode.js| | 5423| 19-Jun-19| 11:24 \nsts_spclientnewux62046735201d3091111f28556666e654| 1.sp-webpart-base-maintenancemode.js| | 4830| 19-Jun-19| 11:24 \nsts_spclientnewuxf9441b622f01689f522ab5fb5fe73335| 1.twitter-web-part-property-pane-configuration.js| | 4502| 19-Jun-19| 11:24 \nsts_spclientnewux2640b3a11359099d8bdf5c5c5f8d0e69| 10.sp-pages-search.js| | 1771191| 19-Jun-19| 11:24 \nsts_spclientnewuxa36a04dce9a2a71bf262086728c8fca4| 12.sp-news-digest-layout-component.js| | 78511| 19-Jun-19| 11:24 \nsts_spclientnewux0abc9921c94a0185a26543546fe69bf9| 13.sp-command-bar.js| | 85479| 19-Jun-19| 11:24 \nsts_spclientnewux5fc507cbbaf792d92d7c965bf98229fb| 14.sp-pages-news.js| | 33108| 19-Jun-19| 11:24 \nsts_spclientnewux0ac00e19bb36ceac5b16c783f9c57697| 16.sp-pages-sitesseeall.js| | 10059| 19-Jun-19| 11:24 \nsts_spclientnewux34bd612300838bb534ab17b955244e64| 17.sp-pages-seeall.js| | 10003| 19-Jun-19| 11:24 \nsts_spclientnewux703f83fa82314d3646b6336ccfc68c7d| 18.sp-pages-firstrun.js| | 21481| 19-Jun-19| 11:24 \nsts_spclientnewux7ba0584c61764c54362d49e256636a60| 2.herowebpart-propertypaneconfiguration.js| | 20379| 19-Jun-19| 11:24 \nsts_spclientnewux4ae937081b814e011b3a30f8781ff6a0| 2.sp-list-webpart-setup.js| | 4226| 19-Jun-19| 11:24 \nsts_spclientnewuxd27a762a6f595ea2f447ab2d8ec565da| 2.sp-pages-social.js| | 50013| 19-Jun-19| 11:24 \nsts_spclientnewuxe24fd72f1cbfb12913e16ac1df4cdcb5| 20745d7d-8581-4a6c-bf26-68279bc123fc.json| | 12654| 19-Jun-19| 11:24 \nsts_spclientnewux52b9b523aa83665cd001252b93e94ac1| 2161a1c6-db61-4731-b97c-3cdb303f7cbb.json| | 13231| 19-Jun-19| 11:24 \nsts_spclientnewuxc54eccabfa9009b899cb953abfdf678f| 23.sp-pages-planner.js| | 3542| 19-Jun-19| 11:24 \nsts_spclientnewuxf6dfe077c4098d2785be12a31e5473d2| 24.sp-pages-mobileupsellview.js| | 1782| 19-Jun-19| 11:24 \nsts_spclientnewuxf6f7df5704468d218c5f3b26fe863bd9| 243166f5-4dc3-4fe2-9df2-a7971b546a0a.json| | 6971| 19-Jun-19| 11:24 \nsts_spclientnewuxc81847f87b94153a324bd86419f281a7| 25.sp-pages-app.js| | 1875| 19-Jun-19| 11:24 \nsts_spclientnewuxffbcf313abc7966e7e6a8b536675bbe5| 275c0095-a77e-4f6d-a2a0-6a7626911518.json| | 21256| 19-Jun-19| 11:24 \nsts_spclientnewux4324d9c2f2457e23dc7ffb0d040b05b8| 28.editnavchunk.js| | 59095| 19-Jun-19| 11:24 \nsts_spclientnewux1e6815f76323c00fbafeb7b4dc9cc99e| 29.sp-pages-newpagedialog.js| | 36075| 19-Jun-19| 11:24 \nsts_spclientnewux36bc50758605996dd2de21816e72ee1b| 2ba60960-c928-4ae5-9bb2-f40c17c611b8.json| | 13174| 19-Jun-19| 11:24 \nsts_spclientnewux0ebe3b2589e383ae358631657a956c04| 2e57bdfd-b419-4536-8fc1-e0681be4c1a6.json| | 13203| 19-Jun-19| 11:24 \nsts_spclientnewux263fefdcdce7237f0c86c5e707b0cb41| 3.sp-imageeditcontrol.js| | 27070| 19-Jun-19| 11:24 \nsts_spclientnewux97cf7a0b7f088024120f36c9581e9186| 3.sp-pages-events.js| | 203036| 19-Jun-19| 11:24 \nsts_spclientnewux8031c437dabae71b5524cf06f87980ce| 31.sp-pages-pagestatusnotifier.js| | 2550| 19-Jun-19| 11:24 \nsts_spclientnewuxb86635d3446dedd3ac668ca110311406| 31e9537e-f9dc-40a4-8834-0e3b7df418bc.json| | 14677| 19-Jun-19| 11:24 \nsts_spclientnewux7d2dc45432f95b86fd103556238966cc| 32.sp-pages-newsdigest-navbar.js| | 2232| 19-Jun-19| 11:24 \nsts_spclientnewux07d34bca797f60c1a73b0d1676b500e5| 39c4c1c2-63fa-41be-8cc2-f6c0b49b253d.json| | 12263| 19-Jun-19| 11:24 \nsts_spclientnewux58e18b3d801d33325553bb31ac88885c| 4.image-gallery-light-box.js| | 6463| 19-Jun-19| 11:24 \nsts_spclientnewuxe2421af58d3d88a988faa8ba86b4adba| 4.sp-pages-sharebyemail.js| | 77679| 19-Jun-19| 11:24 \nsts_spclientnewux342db9533a3215a3913c429babe7abdc| 46698648-fcd5-41fc-9526-c7f7b2ace919.json| | 13806| 19-Jun-19| 11:24 \nsts_spclientnewux158a628d96eef5d6058dbfae15012eca| 490d7c76-1824-45b2-9de3-676421c997fa.json| | 15352| 19-Jun-19| 11:24 \nsts_spclientnewuxfb61b8977a1e1fb434df06105e16277f| 5.sp-pages-navigation.js| | 18909| 19-Jun-19| 11:24 \nsts_spclientnewux4986186266f727199b59946626fb8518| 544dd15b-cf3c-441b-96da-004d5a8cea1d.json| | 13834| 19-Jun-19| 11:24 \nsts_spclientnewuxb907f5fcee962e6ea16d517b503603f4| 6410b3b6-d440-4663-8744-378976dc041e.json| | 15198| 19-Jun-19| 11:24 \nsts_spclientnewux9947ff60b8287e06021dd8602e52a729| 6676088b-e28e-4a90-b9cb-d0d0303cd2eb.json| | 14484| 19-Jun-19| 11:24 \nsts_spclientnewux87639a606cb4eff65fc640a791358fab| 71c19a43-d08c-4178-8218-4df8554c0b0e.json| | 14977| 19-Jun-19| 11:24 \nsts_spclientnewuxa2e20ea074942a4b9cd5953a7cf70276| 7f718435-ee4d-431c-bdbf-9c4ff326f46e.json| | 13553| 19-Jun-19| 11:24 \nsts_spclientnewux7b48f61cb957c98d82358746f12289b0| 8654b779-4886-46d4-8ffb-b5ed960ee986.json| | 12583| 19-Jun-19| 11:24 \nsts_spclientnewux1496efe075e30075e96a884d8a074cd1| 893a257e-9c92-49bc-8a36-2f6bb058da34.json| | 141746| 19-Jun-19| 11:24 \nsts_spclientnewuxc5a328833cf912cc5b9867a481094c28| 8c88f208-6c77-4bdb-86a0-0c47b4316588.json| | 12200| 19-Jun-19| 11:24 \nsts_spclientnewuxa7df2052c2e0346723a7875f2e78139d| 9.sp-pages-teamstab.js| | 111208| 19-Jun-19| 11:24 \nsts_spclientnewuxcace392aa7eeb0215447d8373ed109d9| 91a50c94-865f-4f5c-8b4e-e49659e69772.json| | 15541| 19-Jun-19| 11:24 \nsts_spclientnewux0682b2fe8e8e6f7cccca4db9a0c29990| 9d7e898c-f1bb-473a-9ace-8b415036578b.json| | 13832| 19-Jun-19| 11:24 \nsts_spclientnewux0fdddb1f7d99376230fe4d4bb49759c8| a5df8fdf-b508-4b66-98a6-d83bc2597f63.json| | 12061| 19-Jun-19| 11:24 \nsts_spclientnewuxcf9063f036a2e975629266aaa103d655| af8be689-990e-492a-81f7-ba3e4cd3ed9c.json| | 15409| 19-Jun-19| 11:24 \nsts_spclientnewuxd98a7a0da89134c14b2cda056449e632| b19b3b9e-8d13-4fec-a93c-401a091c0707.json| | 15301| 19-Jun-19| 11:24 \nsts_spclientnewux79892d83bd937bf01186bd091972e9a1| b7dd04e1-19ce-4b24-9132-b60a1c2b910d.json| | 23126| 19-Jun-19| 11:24 \nsts_spclientnewuxf5e9c8e2184df5b63ca16f1319fa7960| c4bd7b2f-7b6e-4599-8485-16504575f590.json| | 15854| 19-Jun-19| 11:24 \nsts_spclientnewux7e3c7f016142a2f71b28f9d75fc43958| c70391ea-0b10-4ee9-b2b4-006d3fcad0cd.json| | 14970| 19-Jun-19| 11:24 \nsts_spclientnewux408dd0ffcb6b1d88eceefc32163a8518| cbe7b0a9-3504-44dd-a3a3-0e5cacd07788.json| | 14194| 19-Jun-19| 11:24 \nsts_spclientnewuxe04b7ba5c57d6efdd1b3f023a9afd70f| d1d91016-032f-456d-98a4-721247c305e8.json| | 12829| 19-Jun-19| 11:24 \nsts_spclientnewuxe0de0464927d19518f48aaff08ed2ad1| daf0b71c-6de8-4ef7-b511-faae7c388708.json| | 17481| 19-Jun-19| 11:24 \nsts_spclientnewuxa08a88a1a20d60fc6fa9f6eecf78666e| embed-webpart-base.js| | 47068| 19-Jun-19| 11:24 \nsts_spclientnewux1248484f0eaf072567b2270eb74e2a1f| listview-host-assembly.js| | 723714| 19-Jun-19| 11:24 \nsts_spclientnewuxa8c9aa3afb3e1858c4883c80b87b0886| sp-application-base.js| | 88086| 19-Jun-19| 11:24 \nsts_spclientnewux26dacaeae91404692b5c89ca58e6ef98| sp-bing-map-webpart-bundle.js| | 74178| 19-Jun-19| 11:24 \nsts_spclientnewuxa61f5e0f461e05cce0e0c856fdaae280| sp-blogs-webpart-bundle.js| | 138095| 19-Jun-19| 11:24 \nsts_spclientnewuxf5d396401fea052502b6aae89b8cc207| sp-canvas.js| | 304637| 19-Jun-19| 11:24 \nsts_spclientnewuxacbcfd1635aafc26d7fa34d3a4170557| sp-carousel-layout.js| | 74660| 19-Jun-19| 11:24 \nsts_spclientnewux22d4383e576bd2d0767efe61a9b0177f| sp-classic-page-assembly.js| | 1526343| 19-Jun-19| 11:24 \nsts_spclientnewux687ed0916c9953c4eb72b0f5cd6905e1| sp-compactcard-layout.js| | 26189| 19-Jun-19| 11:24 \nsts_spclientnewux3fd286c73a51e55671b2cf05ad879fe4| sp-component-layouts.js| | 192659| 19-Jun-19| 11:24 \nsts_spclientnewux6d0b88b1fc07d52bfd5ed0e7ffd2ff96| sp-component-utilities.js| | 106641| 19-Jun-19| 11:24 \nsts_spclientnewuxf9e26c8ba0232226f164fb3134158861| sp-connector-webpart.js| | 137981| 19-Jun-19| 11:24 \nsts_spclientnewuxaeab4a7dad255efb982d8cc6384a6b30| sp-contentrollup-webpart-bundle.js| | 225614| 19-Jun-19| 11:24 \nsts_spclientnewux2a2fc2a92e0cb8cd022d363ea1786ae4| sp-custommessageregion-bundle.js| | 34510| 19-Jun-19| 11:24 \nsts_spclientnewuxc80a54337999c221a2752d525a9f98ac| sp-dataproviders.js| | 95993| 19-Jun-19| 11:24 \nsts_spclientnewuxd14e8603d99cfdea0f8636f109640add| sp-datetimepicker.js| | 105535| 19-Jun-19| 11:24 \nsts_spclientnewux294ffd36afbed5a9fdb51794f4f3a730| sp-default-assembly.js| | 701574| 19-Jun-19| 11:24 \nsts_spclientnewuxe526f3106af18bfd9a893c145a68bea1| sp-divider-webpart-bundle.js| | 32150| 19-Jun-19| 11:24 \nsts_spclientnewux6c85212e5fd53659abdaac84362ead1f| sp-documentembed-webpart-bundle.js| | 97121| 19-Jun-19| 11:24 \nsts_spclientnewuxc67750e80ee512c39aae0f51156cc4c5| sp-embed-webparts-bundle.js| | 43199| 19-Jun-19| 11:24 \nsts_spclientnewux960f55d92c073ad967c1d41757c1f0a8| sp-events-webpart-bundle.js| | 71240| 19-Jun-19| 11:24 \nsts_spclientnewuxe983fe94f37bdad72135b55a29225aed| sp-forms-webpart-bundle.js| | 61656| 19-Jun-19| 11:24 \nsts_spclientnewuxf19a838e191127967cd29ae6b20ab799| sp-groupcalendar-webpart-bundle.js| | 133450| 19-Jun-19| 11:24 \nsts_spclientnewuxa591d003a7a8c3afca3c8688ad401ea0| sp-hero-webpart-bundle.js| | 128284| 19-Jun-19| 11:24 \nsts_spclientnewux772296c19fc27e1b6f18d28759f2ba5b| sp-html-embed.js| | 40476| 19-Jun-19| 11:24 \nsts_spclientnewux8f461cff81c07d944621f876e997777e| sp-image-gallery-webpart-bundle.js| | 81367| 19-Jun-19| 11:24 \nsts_spclientnewux2d92f617d4e9cc7ec385e0e500a3d7b2| sp-image-webpart-bundle.js| | 105611| 19-Jun-19| 11:24 \nsts_spclientnewux42e703f43e251f868d972f61dafd921e| sp-linkpreview-webpart-bundle.js| | 66341| 19-Jun-19| 11:24 \nsts_spclientnewux49b289bb50fa43774a9d4645eef75e88| sp-list-webpart-bundle.js| | 1029956| 19-Jun-19| 11:24 \nsts_spclientnewux6b8c7c4233559a13836ef1a691ba7023| sp-loader.js| | 147060| 19-Jun-19| 11:24 \nsts_spclientnewux383919f8fe3b958e524c8a635d1e2c2c| sp-loader-assembly.js| | 584353| 19-Jun-19| 11:24 \nsts_spclientnewuxe842d74f8bb0760b55d7f43f35d0d7a7| sp-newsfeed-webpart-bundle.js| | 135972| 19-Jun-19| 11:24 \nsts_spclientnewux11d2e484811a186abfb7f9a6c7275fd4| sp-newsreel-webpart-bundle.js| | 135964| 19-Jun-19| 11:24 \nsts_spclientnewuxe2e58fc5fb56b66cddf843e55ff5f992| sp-news-webpart-bundle.js| | 135786| 19-Jun-19| 11:24 \nsts_spclientnewuxc21a3246bdf5a3aa770903ed6fd493ee| sp-pages.js| | 492374| 19-Jun-19| 11:24 \nsts_spclientnewuxb3b4f7cd0e237860f1b8fdbe1372826e| sp-pages-assembly.js| | 2555719| 19-Jun-19| 11:24 \nsts_spclientnewuxb7c159038749343c1c4b0ec9f2deec4c| sp-pages-core.js| | 59295| 19-Jun-19| 11:24 \nsts_spclientnewuxb3342cfbf53938dec6fdf773f6adeebc| sp-people-webparts-bundle.js| | 166431| 19-Jun-19| 11:24 \nsts_spclientnewuxb501aed454e9ea1b719ba92103130738| sp-planner-webpart-bundle.js| | 3143147| 19-Jun-19| 11:24 \nsts_spclientnewuxea46ce84a74da087564f5d905acd4e56| sp-powerapps-webpart.js| | 24084| 19-Jun-19| 11:24 \nsts_spclientnewux22fad59d46fcfec7745b173cc20fd92d| sp-queryfilter.js| | 141706| 19-Jun-19| 11:24 \nsts_spclientnewuxec0d18f646f918f9cae4bd08ccdc09ab| sp-quickchart-webpart-bundle.js| | 255118| 19-Jun-19| 11:24 \nsts_spclientnewux0bbc1a9825e04eb5a37f62f2a09d2dbf| sp-quick-links-webpart.js| | 95055| 19-Jun-19| 11:24 \nsts_spclientnewux113384fd2f31fde205b8bf2f79ccdcd3| sp-siteactivity-webpart-bundle.js| | 194583| 19-Jun-19| 11:24 \nsts_spclientnewux2f7f2f92075f659c5926320cfab3f096| sp-sitepicker.js| | 44819| 19-Jun-19| 11:24 \nsts_spclientnewux6c3d8d275dd7351021418bffbebe3d8c| sp-spacer-webpart-bundle.js| | 44319| 19-Jun-19| 11:24 \nsts_spclientnewuxf5437647b691243399470c6a80d66804| sp-title-region-webpart.js| | 129204| 19-Jun-19| 11:24 \nsts_spclientnewuxb200a6283a80b8a6b4ee220419563723| sp-toolbox.js| | 31030| 19-Jun-19| 11:24 \nsts_spclientnewux3436740e82f30185ab432f7dbe7eed84| sp-twitter-webpart-bundle.js| | 44259| 19-Jun-19| 11:24 \nsts_spclientnewux084c8b925815606929921fa578f05539| sp-webpart-application-assembly.js| | 1521382| 19-Jun-19| 11:24 \nsts_spclientnewuxf9d542f5e7a1ffba716f8cf63efa490b| sp-webpart-base.js| | 106452| 19-Jun-19| 11:24 \nsts_spclientnewux1113dc0b40c4f62ba0b2c0cbbc272713| sp-webpart-shared.js| | 151404| 19-Jun-19| 11:24 \nsts_spclientnewuxf6f4d7aff6b346521ef692276ec4c4c6| sp-webpart-workbench.js| | 51898| 19-Jun-19| 11:24 \nsts_spclientnewux96fbeacb80b41e044617bbe3fade4c6c| sp-webpart-workbench-assembly.js| | 1915876| 19-Jun-19| 11:24 \nsts_spclientnewuxb936577a0b035ab65bc7e49bd5e6a9ab| sp-yammerembed-webpart-bundle.js| | 144166| 19-Jun-19| 11:24 \nsts_spclientnewux80dae808de3b5078b4efc4fb29865793| e377ea37-9047-43b9-8cdb-a761be2f8e09.json| | 13427| 19-Jun-19| 11:24 \nsts_spclientnewuxab7b1df6c15b0a294a30492e9ac8fae1| eb95c819-ab8f-4689-bd03-0c2d65d47b1f.json| | 14590| 19-Jun-19| 11:24 \nsts_spclientnewux8ef36081a346aba067e958bbb3d5a845| f6fdf4f8-4a24-437b-a127-32e66a5dd9b4.json| | 13425| 19-Jun-19| 11:24 \nsts_spclientnewuxcb869d957d4e64318530b63e610d75f7| f92bf067-bc19-489e-a556-7fe95f508720.json| | 18015| 19-Jun-19| 11:24 \nsts_spclientnewux2e8f0649b2b51d464fb6d12bb368a21f| spclientmanifests.json| | 842420| 19-Jun-19| 11:25 \nsts_spclientnewuxcdd2fade97e6bd1c609dafc0204d0272| office-ui-fabric-react-bundle.js| | 548691| 19-Jun-19| 11:25 \nsts_spclientnewuxd06b22027fae659d53ac198990a2bb9a| sp-dragzone.js| | 8397| 19-Jun-19| 11:25 \nsts_spclientnewuxdce4aa0e772fc2b45853242803a8efdf| sp-flex-layout.js| | 6517| 19-Jun-19| 11:25 \nsts_spclientnewux121e8abb46c9ff351343b680014b113b| sp-hero-layout.js| | 20682| 19-Jun-19| 11:25 \nsts_spclientnewuxf915d58a5d7a11c9f0074f6a6b62e431| sp-masonry-layout.js| | 73604| 19-Jun-19| 11:25 \nsts_spclientnewux45c199cda8c597c6b22274f4ccd6346b| tab-test-field-customizer.js| | 5718| 19-Jun-19| 11:25 \ncui.debug.js| cui.debug.js| | 657986| 21-Jun-19| 04:35 \ncui.js| cui.js| | 364466| 21-Jun-19| 06:16 \nxui.debug.js| xui.debug.js| | 45549| 21-Jun-19| 04:35 \nxui.js| xui.js| | 18954| 21-Jun-19| 06:16 \nwac.word.sword.dll| sword.dll| 16.0.10348.12104| 12805752| | \nwdsrv.conversion.sword.dll| sword.dll| 16.0.10348.12104| 12805752| 21-Jun-19| 05:42 \ntranslationqueue.sql| translationqueue.sql| | 53164| 21-Jun-19| 06:13 \noffxml.dll| offxml.dll| 16.0.10348.12104| 427672| 21-Jun-19| 05:27 \n \nHow to get help and support for this security updateHelp for installing updates: [Protect yourself online](<https://www.microsoft.com/safety/pc-security/updates.aspx>) \n \nHelp for protecting your Windows-based computer from viruses and malware: [Microsoft Security](<http://support.microsoft.com/contactus/cu_sc_virsec_master>) \n \nLocal support according to your country: [International Support](<https://www.microsoft.com/en-us/locale.aspx>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-07-09T07:00:00", "type": "mskb", "title": "Description of the security update for SharePoint Server 2019: July 9, 2019", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1006", "CVE-2019-1134"], "modified": "2019-07-09T07:00:00", "id": "KB4475529", "href": "https://support.microsoft.com/en-us/help/4475529", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-23T19:13:37", "description": "None\n## Summary\n\nThis security update resolves an Authentication Bypass vulnerability that allows SAML tokens to be signed by using arbitrary symmetric keys in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF). To learn more about the vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2019-1006](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1006>) and [Microsoft Common Vulnerabilities and Exposures CVE-2019-1134](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1134>).**Note** To apply this security update, you must have the release version of Microsoft SharePoint Enterprise Server 2016 installed on the computer.This public update delivers Feature Pack 2 for SharePoint Server 2016. Feature Pack 2 contains the following feature:\n\n * SharePoint Framework (SPFx)\nThis public update also delivers all the features that were included in Feature Pack 1 for SharePoint Server 2016, including:\n * Administrative Actions Logging\n * MinRole enhancements\n * SharePoint Custom Tiles\n * Hybrid Auditing (preview)\n * Hybrid Taxonomy\n * OneDrive API for SharePoint on-premises\n * OneDrive for Business modern user experience (available to Software Assurance customers)\nThe OneDrive for Business modern user experience requires an active Software Assurance contract at the time that the experience is enabled, either by installation of the public update or by manual enablement. If you don't have an active Software Assurance contract at the time of enablement, you must turn off the OneDrive for Business modern user experience.For more information, see the following Microsoft Docs articles:\n * [New features in the November 2016 Public Update for SharePoint Server 2016 (Feature Pack 1)](<https://go.microsoft.com/fwlink/?linkid=832679>)\n * [New features in the September 2017 Public Update for SharePoint Server 2016 (Feature Pack 2)](<https://go.microsoft.com/fwlink/?linkid=856819>)\n\n## Improvements and fixes\n\nThis update contains the following improvements in SharePoint Server 2016:\n\n * Adds support for the new Japanese era name to the Chinese word breaker to make sure that the name will be broken correctly.\n * Makes general improvements for notebooks that are located in folders that are synced through OneDrive.\nContains fixes for the following nonsecurity issues in SharePoint Server 2016:\n * You can\u2018t create a subsite based on a template that includes content in a site collection that has a retention policy.\n * Query Builder takes a long time to load or times out if there are many managed properties (for example, more than 10 thousand) in the Search service application (SSA).\n * Fixes an error when re-executing the backup and restore operations after executing the backup and restore operations with UI mode.\n * Fixes an issue in which resetting the role inheritance by using the SPWeb.ResetRoleInheritance method does not work on copied sites that are created by using the Copy-SPSite cmdlet.\n * In some cases, existing files are overwritten even if users don\u2019t explicitly overwrite the files.\nContains the following improvements and fixes for nonsecurity issues in Project Server 2016:\n * Makes changes so that the first year of an era in Japanese dates on a timeline view shows as the special Kanji character (\u5143). The Japanese date format is now consistent between the calendar date picker and the timeline view.\n * You can now update a task dependency lead and lag time by using the **LinkLagDuration **property through the client-side object model (CSOM). Similar to other duration properties (such as the **Task.Duration** property in the Task Object), **LinkLagDuration** accepts either a string or an integer value, such as \"1d\" or \"480\" to indicate one day of work.\n * After you change actual work values in a timesheet, you find that the columnar **Total work **values in the time-phased grid part of the view does not sum correctly.\n * When you query project-level information through the client-side object model (CSOM), read performance is slow if the Project Owner field is included.\n\n## How to get and install the update\n\n### Method 1: Microsoft Update\n\nThis update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>).\n\n### Method 2: Microsoft Update Catalog\n\nTo get the standalone package for this update, go to the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/Search.aspx?q=KB4475520>) website.\n\n### Method 3: Microsoft Download Center\n\nYou can get the standalone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.\n\n * [Download security update 4475520 for the 64-bit version of SharePoint Enterprise Server 2016](<http://www.microsoft.com/download/details.aspx?familyid=e11d0034-16b1-4d30-9618-315d549d048f>)\n\n## More Information\n\n### Security update deployment information\n\nFor deployment information about this update, see [security update deployment information: July 9, 2019](<https://support.microsoft.com/help/20190709>).\n\n### Security update replacement information\n\nThis security update replaces previously released security update [4464594](<http://support.microsoft.com/kb/4464594>).\n\n### File hash information\n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nsts2016-kb4475520-fullfile-x64-glb.exe| 81E7F45B22FCF7257ACEEDA232EE24C55F9B8D63| C06799126163D7863F2F98D903296BFA0F2ACB063B14869F03933844228595B5 \n \nFile informationDownload the [list of files that are included in security update 4475520](<https://download.microsoft.com/download/5/0/C/50CC7AB1-F550-4784-9264-D38E976FDC7D/4475520.csv>).\n\n## How to get help and support for this security update\n\nHelp for installing updates: [Protect yourself online](<https://www.microsoft.com/safety/pc-security/updates.aspx>) \n \nHelp for protecting your Windows-based computer from viruses and malware: [Microsoft Security](<http://support.microsoft.com/contactus/cu_sc_virsec_master>) \n \nLocal support according to your country: [International Support](<https://www.microsoft.com/en-us/locale.aspx>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-07-09T07:00:00", "type": "mskb", "title": "Description of the security update for SharePoint Enterprise Server 2016: July 9, 2019", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1006", "CVE-2019-1134"], "modified": "2019-07-09T07:00:00", "id": "KB4475520", "href": "https://support.microsoft.com/en-us/help/4475520", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-23T19:13:38", "description": "None\n## Summary\n\nThis security update resolves an Authentication Bypass vulnerability that allows SAML tokens to be signed by using arbitrary symmetric keys in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF). To learn more about the vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2019-1006](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1006>) and [Microsoft Common Vulnerabilities and Exposures CVE-2019-1134](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1134>). \n \n**Note** To apply this security update, you must have the release version of [Service Pack 1 for Microsoft SharePoint Server 2013](<http://support.microsoft.com/kb/2880552>) installed on the computer.\n\n## Improvements and fixes\n\nThis security update contains the following improvement:\n\n * Improves translations for all language versions of SharePoint Enterprise Server 2013.\n\n## How to get and install the update\n\n### Method 1: Microsoft Update\n\nThis update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>).\n\n### Method 2: Microsoft Update Catalog\n\nTo get the standalone package for this update, go to the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/Search.aspx?q=KB4475522>) website.\n\n### Method 3: Microsoft Download Center\n\nYou can get the standalone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.\n\n * [Download security update 4475522 for the 64-bit version of SharePoint Enterprise Server 2013](<http://www.microsoft.com/download/details.aspx?familyid=e19207d9-3e44-4f3e-addf-e02d2b459f28>)\n\n## More Information\n\n### Security update deployment information\n\nFor deployment information about this update, see [security update deployment information: July 9, 2019](<https://support.microsoft.com/help/20190709>).\n\n### Security update replacement information\n\nThis security update replaces previously released security update [4464597](<http://support.microsoft.com/kb/4464597>).\n\n### File hash information\n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \ncoreserverloc2013-kb4475522-fullfile-x64-glb.exe| 5E2A6A1925866CC6F96569286089CBFE4885E0B8| 5AABCE00033853DD9F8B53114FF7541126F965659794B9427227B7473A056A93 \n \nFile informationDownload the [list of files that are included in security update 4475522](<https://download.microsoft.com/download/1/3/D/13D93130-8D62-487D-B4B7-7CCDB1A969AF/4475522.csv>).\n\n## How to get help and support for this security update\n\nHelp for installing updates: [Protect yourself online](<https://www.microsoft.com/safety/pc-security/updates.aspx>) \n \nHelp for protecting your Windows-based computer from viruses and malware: [Microsoft Security](<http://support.microsoft.com/contactus/cu_sc_virsec_master>) \n \nLocal support according to your country: [International Support](<https://www.microsoft.com/en-us/locale.aspx>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-07-09T07:00:00", "type": "mskb", "title": "Description of the security update for SharePoint Enterprise Server 2013: July 9, 2019", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1006", "CVE-2019-1134"], "modified": "2019-07-09T07:00:00", "id": "KB4475522", "href": "https://support.microsoft.com/en-us/help/4475522", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-23T19:25:32", "description": "None\n**Applies to:**Microsoft .NET Framework 2.0 Microsoft .NET Framework 3.0 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 \n\n## Summary\n\nA remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An Authentication Bypass vulnerability exists in WCF and WIF, allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in Sharepoint. An information disclosure vulnerability exists when Exchange and Azure Active Directory allow creation of entities with Display Names having non-printable characters. \n \nTo learn more about the vulnerabilities, go to the following Common Vulnerabilities and Exposures (CVE). \n\n * [CVE-2019-1113](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1113>)\n * [CVE-2019-1006](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1006>)\n * [CVE-2019-1083](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1083>)\n** Important **\n\n * All updates for .NET Framework 4.6 for Windows Server 2008 Service Pack 2 (SP2) require that the d3dcompiler_47.dll update is installed. We recommend that you install the included d3dcompiler_47.dll update before you apply this update. For more information about the d3dcompiler_47.dll, see [KB 4019990](<https://support.microsoft.com/help/4019990>).\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this update\n\nThe following articles contain additional information about this update as it relates to individual product versions.\n\n * [4507003](<https://support.microsoft.com/help/4507003>) Description of the Security and Quality Rollup for .NET Framework 2.0, 3.0 for Windows Server 2008 SP2 (KB4507003) \n * [4507001](<https://support.microsoft.com/help/4507001>) Description of the Security and Quality Rollup for .NET Framework 4.5.2 for Windows Server 2008 SP2 (KB4507001) \n * [4506997](<https://support.microsoft.com/help/4506997>) Description of the Security and Quality Rollup for .NET Framework 4.6 for Windows Server 2008 SP2 (KB4506997) \n\n## Information about protection and security\n\n * Protect yourself online: [Windows Security support](<https://support.microsoft.com/hub/4099151/windows-security-help>)\n * Learn how we guard against cyber threats: [Microsoft Security](<https://www.microsoft.com/security>)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-07-09T07:00:00", "type": "mskb", "title": "Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008 SP2 (KB4507423)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1006", "CVE-2019-1083", "CVE-2019-1113"], "modified": "2019-07-09T07:00:00", "id": "KB4507423", "href": "https://support.microsoft.com/en-us/help/4507423", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-23T19:25:28", "description": "None\n**Applies to:**Microsoft .NET Framework 3.5 and 4.8 \n\n## Summary\n\nA remote code execution vulnerability exists in .NET software if the software fails to check the source markup of a file. An Authentication Bypass vulnerability exists in WCF and WIF that lets SAML tokens be signed by using arbitrary symmetric keys. This vulnerability enables an attacker to impersonate another user. The vulnerability exists in WCF, WIF 3.5, and later in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in SharePoint. An information disclosure vulnerability exists if Exchange and Azure Active Directory enable entities to be created even though they have Display Names that contain non-printable characters. \n \nTo learn more about the vulnerabilities, go to the following Common Vulnerabilities and Exposures (CVE):\n\n * [CVE-2019-1113](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1113>)\n * [CVE-2019-1006](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1006>)\n * [CVE-2019-1083](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1083>)\n\n## Known issues in this update \n\nMicrosoft is not currently aware of any issues in this update. \n\n## How to get this update\n\n**Install this update** To download and install this update, go to **Settings**, **Update & Security**, **Windows Update**, and then select **Check for updates**. This update will be downloaded and installed automatically from Windows Update. \nTo get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=4506991>) website. **File information** For a list of the files that are provided in this update, download the [file information for cumulative update 4506991](<http://download.microsoft.com/download/A/F/3/AF37FD5B-47C7-4BA1-9FE2-B1B242C62516/4506991.csv>). \n\n## Information about protection and security\n\n * Protect yourself online: [Windows Security support](<https://support.microsoft.com/hub/4099151/windows-security-help>)\n * Learn how we guard against cyber threats: [Microsoft Security](<https://www.microsoft.com/security>)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-07-09T07:00:00", "type": "mskb", "title": "July 9, 2019 \u2014 KB4506991 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 1903", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1006", "CVE-2019-1083", "CVE-2019-1113"], "modified": "2019-07-09T07:00:00", "id": "KB4506991", "href": "https://support.microsoft.com/en-us/help/4506991", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-23T19:25:31", "description": "None\n**Applies to:**Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET Framework 4.7.2 Microsoft .NET Framework 4.8 \n\n## Summary\n\nA remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An Authentication Bypass vulnerability exists in WCF and WIF, allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in Sharepoint. An information disclosure vulnerability exists when Exchange and Azure Active Directory allow creation of entities with Display Names having non-printable characters. \n \nTo learn more about the vulnerabilities, go to the following Common Vulnerabilities and Exposures (CVE). \n\n * [CVE-2019-1113](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1113>)\n * [CVE-2019-1006](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1006>)\n * [CVE-2019-1083](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1083>)\n** Important **\n\n * All updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 require that the d3dcompiler_47.dll update is installed. We recommend that you install the included d3dcompiler_47.dll update before you apply this update. For more information about the d3dcompiler_47.dll, see [KB 4019990](<https://support.microsoft.com/help/4019990>).\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this update\n\nThe following articles contain additional information about this update as it relates to individual product versions.\n\n * [4506974](<https://support.microsoft.com/help/4506974>) Description of the Security Only Update for .NET Framework 3.5 for Windows Server 2012 (KB4506974) \n * [4506965](<https://support.microsoft.com/help/4506965>) Description of the Security Only Update for .NET Framework 4.5.2 for Windows Server 2012 (KB4506965) \n * [4506961](<https://support.microsoft.com/help/4506961>) Description of the Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012 (KB4506961) \n * [4506954](<https://support.microsoft.com/help/4506954>) Description of the Security Only Update for .NET Framework 4.8 for Windows Server 2012 (KB4506954) \n\n## Information about protection and security\n\n * Protect yourself online: [Windows Security support](<https://support.microsoft.com/hub/4099151/windows-security-help>)\n * Learn how we guard against cyber threats: [Microsoft Security](<https://www.microsoft.com/security>)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-07-09T07:00:00", "type": "mskb", "title": "Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 (KB4507412)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1006", "CVE-2019-1083", "CVE-2019-1113"], "modified": "2019-07-09T07:00:00", "id": "KB4507412", "href": "https://support.microsoft.com/en-us/help/4507412", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-23T19:25:32", "description": "None\n**Applies to:**Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET Framework 4.7.2 Microsoft .NET Framework 4.8 \n\n## Summary\n\nA remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An Authentication Bypass vulnerability exists in WCF and WIF, allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in Sharepoint. An information disclosure vulnerability exists when Exchange and Azure Active Directory allow creation of entities with Display Names having non-printable characters. \n \nTo learn more about the vulnerabilities, go to the following Common Vulnerabilities and Exposures (CVE). \n\n * [CVE-2019-1113](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1113>)\n * [CVE-2019-1006](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1006>)\n * [CVE-2019-1083](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1083>)\n** Important **\n\n * All updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 require that the d3dcompiler_47.dll update is installed. We recommend that you install the included d3dcompiler_47.dll update before you apply this update. For more information about the d3dcompiler_47.dll, see [KB 4019990](<https://support.microsoft.com/help/4019990>).\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this update\n\nThe following articles contain additional information about this update as it relates to individual product versions.\n\n * [4507002](<https://support.microsoft.com/help/4507002>) Description of the Security and Quality Rollup for .NET Framework 3.5 for Windows Server 2012 (KB4507002) \n * [4507000](<https://support.microsoft.com/help/4507000>) Description of the Security and Quality Rollup for .NET Framework 4.5.2 for Windows Server 2012 (KB4507000) \n * [4506995](<https://support.microsoft.com/help/4506995>) Description of the Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012 (KB4506995) \n * [4506992](<https://support.microsoft.com/help/4506992>) Description of the Security and Quality Rollup for .NET Framework 4.8 for Windows Server 2012 (KB4506992) \n\n## Information about protection and security\n\n * Protect yourself online: [Windows Security support](<https://support.microsoft.com/hub/4099151/windows-security-help>)\n * Learn how we guard against cyber threats: [Microsoft Security](<https://www.microsoft.com/security>)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-07-09T07:00:00", "type": "mskb", "title": "Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 (KB4507421)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1006", "CVE-2019-1083", "CVE-2019-1113"], "modified": "2019-07-09T07:00:00", "id": "KB4507421", "href": "https://support.microsoft.com/en-us/help/4507421", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-23T19:25:26", "description": "None\n**Applies to:**Microsoft .NET Framework 4.8 \n\n## Summary\n\nA remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An Authentication Bypass vulnerability exists in WCF and WIF, allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in Sharepoint. An information disclosure vulnerability exists when Exchange and Azure Active Directory allow creation of entities with Display Names having non-printable characters. \n \nTo learn more about the vulnerabilities, go to the following Common Vulnerabilities and Exposures (CVE). \n\n * [CVE-2019-1113](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1113>)\n * [CVE-2019-1006](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1006>)\n * [CVE-2019-1083](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1083>)\n\n## Known issues in this update \n\nMicrosoft is not currently aware of any issues in this update. \n\n## How to get this update\n\n**Install this update** To download and install this update, go to **Settings**, **Update & Security**, **Windows Update**, and then select **Check for updates**. This update will be downloaded and installed automatically from Windows Update. \nTo get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=4506987>) website. **File information** For a list of the files that are provided in this update, download the [file information for cumulative update 4506987](<http://download.microsoft.com/download/A/F/3/AF37FD5B-47C7-4BA1-9FE2-B1B242C62516/4506987.csv>). \n\n## Information about protection and security\n\n * Protect yourself online: [Windows Security support](<https://support.microsoft.com/hub/4099151/windows-security-help>)\n * Learn how we guard against cyber threats: [Microsoft Security](<https://www.microsoft.com/security>)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-07-09T07:00:00", "type": "mskb", "title": "July 9, 2019 \u2014 KB4506987 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1703", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1006", "CVE-2019-1083", "CVE-2019-1113"], "modified": "2019-07-09T07:00:00", "id": "KB4506987", "href": "https://support.microsoft.com/en-us/help/4506987", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-23T19:25:30", "description": "None\n**Applies to:**Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET Framework 4.7.2 Microsoft .NET Framework 4.8 \n\n## Summary\n\nA remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An Authentication Bypass vulnerability exists in WCF and WIF, allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in Sharepoint. An information disclosure vulnerability exists when Exchange and Azure Active Directory allow creation of entities with Display Names having non-printable characters. \n \nTo learn more about the vulnerabilities, go to the following Common Vulnerabilities and Exposures (CVE). \n\n * [CVE-2019-1113](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1113>)\n * [CVE-2019-1006](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1006>)\n * [CVE-2019-1083](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1083>)\n** Important **\n\n * All updates for .NET Framework 4.7.2, 4.7.1, 4.7, 4.6.2, 4.6.1, and 4.6 require that the d3dcompiler_47.dll update is installed. We recommend that you install the included d3dcompiler_47.dll update before you apply this update. For more information about the d3dcompiler_47.dll, see [KB 4019990](<https://support.microsoft.com/help/4019990>).\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this update\n\nThe following articles contain additional information about this update as it relates to individual product versions.\n\n * [4506976](<https://support.microsoft.com/help/4506976>) Description of the Security Only Update for .NET Framework 3.5.1 for Windows 7 SP1 and Server 2008 R2 SP1 (KB4506976)\n * [4506966](<https://support.microsoft.com/help/4506966>) Description of the Security Only Update for .NET Framework 4.5.2 for Windows 7 SP1 and Server 2008 R2 SP1 and Server 2008 SP2 (KB4506966)\n * [4506963](<https://support.microsoft.com/help/4506963>) Description of the Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1 and for .NET Framework 4.6 for Server 2008 SP2(KB4506963)\n * [4506956](<https://support.microsoft.com/help/4506956>) Description of the Security Only Update for .NET Framework 4.8 for Windows 7 SP1 and Server 2008 R2 SP1 (KB4506956)\n\n## Information about protection and security\n\n * Protect yourself online: [Windows Security support](<https://support.microsoft.com/hub/4099151/windows-security-help>)\n * Learn how we guard against cyber threats: [Microsoft Security](<https://www.microsoft.com/security>)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-07-09T07:00:00", "type": "mskb", "title": "Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Server 2008 R2 SP1 (KB4507411)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1006", "CVE-2019-1083", "CVE-2019-1113"], "modified": "2019-07-09T07:00:00", "id": "KB4507411", "href": "https://support.microsoft.com/en-us/help/4507411", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-23T19:25:32", "description": "None\n**Applies to:**Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET Framework 4.7.2 Microsoft .NET Framework 4.8 \n\n## Summary\n\nA remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An Authentication Bypass vulnerability exists in WCF and WIF, allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in Sharepoint. An information disclosure vulnerability exists when Exchange and Azure Active Directory allow creation of entities with Display Names having non-printable characters. \n \nTo learn more about the vulnerabilities, go to the following Common Vulnerabilities and Exposures (CVE). \n\n * [CVE-2019-1113](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1113>)\n * [CVE-2019-1006](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1006>)\n * [CVE-2019-1083](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1083>)\n** Important **\n\n * All updates for .NET Framework 4.7.2, 4.7.1, 4.7, 4.6.2, 4.6.1, and 4.6 require that the d3dcompiler_47.dll update is installed. We recommend that you install the included d3dcompiler_47.dll update before you apply this update. For more information about the d3dcompiler_47.dll, see [KB 4019990](<https://support.microsoft.com/help/4019990>).\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this update\n\nThe following articles contain additional information about this update as it relates to individual product versions.\n\n * [4507004](<https://support.microsoft.com/help/4507004>) Description of the Security and Quality Rollup for .NET Framework 3.5.1 for Windows 7 SP1 and Server 2008 R2 SP1 and Server 2008 (KB4507004) \n * [4507001](<https://support.microsoft.com/help/4507001>) Description of the Security and Quality Rollup for .NET Framework 4.5.2 for Windows 7 SP1 and Server 2008 R2 SP1 and Server 2008 (KB4507001) \n * [4506997](<https://support.microsoft.com/help/4506997>) Description of the Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1 and Server 2008 (KB4506997) \n * [4506994](<https://support.microsoft.com/help/4506994>) Description of the Security and Quality Rollup for .NET Framework 4.8 for Windows 7 SP1 and Server 2008 R2 SP1 and Server 2008 (KB4506994) \n\n## Information about protection and security\n\n * Protect yourself online: [Windows Security support](<https://support.microsoft.com/hub/4099151/windows-security-help>)\n * Learn how we guard against cyber threats: [Microsoft Security](<https://www.microsoft.com/security>)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-07-09T07:00:00", "type": "mskb", "title": "Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Server 2008 R2 SP1 (KB4507420)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1006", "CVE-2019-1083", "CVE-2019-1113"], "modified": "2019-07-09T07:00:00", "id": "KB4507420", "href": "https://support.microsoft.com/en-us/help/4507420", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-23T19:25:32", "description": "None\n**Applies to:**Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET Framework 4.7.2 Microsoft .NET Framework 4.8 \n\n## Summary\n\nA remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An Authentication Bypass vulnerability exists in WCF and WIF, allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in Sharepoint. An information disclosure vulnerability exists when Exchange and Azure Active Directory allow creation of entities with Display Names having non-printable characters. \n \nTo learn more about the vulnerabilities, go to the following Common Vulnerabilities and Exposures (CVE). \n\n * [CVE-2019-1113](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1113>)\n * [CVE-2019-1006](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1006>)\n * [CVE-2019-1083](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1083>)\n** Important **\n\n * As a reminder to advanced IT administrators, updates to .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2 should only be applied on systems where .NET Framework 3.5 is present and enabled. Customers who attempt to pre-install updates to .NET Framework 3.5 to offline images that do not contain the .NET Framework 3.5 product enabled will expose these systems to failures to enable .NET Framework 3.5 after the systems are online. For more extensive information about deploying .NET Framework 3.5, see [Microsoft .NET Framework 3.5 Deployment Considerations.](<https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/microsoft-net-framework-35-deployment-considerations >)\n * All updates for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 require that update KB 2919355 is installed. We recommend that you install update KB 2919355 on your Windows 8.1-based, Windows RT 8.1-based, or Windows Server 2012 R2-based computer so that you receive updates in the future.\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this update\n\nThe following articles contain additional information about this update as it relates to individual product versions.\n\n * [4507005](<https://support.microsoft.com/help/4507005>) Description of the Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB4507005) \n * [4506999](<https://support.microsoft.com/help/4506999>) Description of the Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB4506999) \n * [4506996](<https://support.microsoft.com/help/4506996>) Description of the Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB4506996) \n * [4506993](<https://support.microsoft.com/help/4506993>) Description of the Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB4506993) \n\n## Information about protection and security\n\n * Protect yourself online: [Windows Security support](<https://support.microsoft.com/hub/4099151/windows-security-help>)\n * Learn how we guard against cyber threats: [Microsoft Security](<https://www.microsoft.com/security>)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-07-09T07:00:00", "type": "mskb", "title": "Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB4507422)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1006", "CVE-2019-1083", "CVE-2019-1113"], "modified": "2019-07-09T07:00:00", "id": "KB4507422", "href": "https://support.microsoft.com/en-us/help/4507422", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-23T19:25:31", "description": "None\n**Applies to:**Microsoft .NET Framework 3.0 SP2 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6\n\n## Summary\n\nA remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An Authentication Bypass vulnerability exists in WCF and WIF, allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in Sharepoint. An information disclosure vulnerability exists when Exchange and Azure Active Directory allow creation of entities with Display Names having non-printable characters. \n \nTo learn more about the vulnerabilities, go to the following Common Vulnerabilities and Exposures (CVE). \n\n * [CVE-2019-1113](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1113>)\n * [CVE-2019-1006](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1006>)\n * [CVE-2019-1083](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1083>)\n** Important **\n\n * All updates for .NET Framework 4.6 for Windows Server 2008 Service Pack 2 (SP2) require that the d3dcompiler_47.dll update is installed. We recommend that you install the included d3dcompiler_47.dll update before you apply this update. For more information about the d3dcompiler_47.dll, see [KB 4019990](<https://support.microsoft.com/help/4019990>).\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this update\n\nThe following articles contain additional information about this update as it relates to individual product versions.\n\n * [4506975](<https://support.microsoft.com/help/4506975>) Description of the Security Only Update for .NET Framework 3.0 SP2 for Windows Server 2008 SP2 (KB4506975)\n * [4506966](<https://support.microsoft.com/help/4506966>) Description of the Security Only Update for .NET Framework 4.5.2 for Windows Server 2008 SP2 (KB4506966)\n * [4506963](<https://support.microsoft.com/help/4506963>) Description of the Security Only Update for .NET Framework 4.6 for Windows Server 2008 SP2 (KB4506963)\n\n## Information about protection and security\n\n * Protect yourself online: [Windows Security support](<https://support.microsoft.com/hub/4099151/windows-security-help>)\n * Learn how we guard against cyber threats: [Microsoft Security](<https://www.microsoft.com/security>)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-07-09T07:00:00", "type": "mskb", "title": "Security Only Update for .NET Framework 3.0 SP2, 4.5.2, 4.6 for Windows Server 2008 SP2 (KB4507414)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1006", "CVE-2019-1083", "CVE-2019-1113"], "modified": "2019-07-09T07:00:00", "id": "KB4507414", "href": "https://support.microsoft.com/en-us/help/4507414", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-23T19:25:31", "description": "None\n**Applies to:**Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET Framework 4.7.2 Microsoft .NET Framework 4.8 \n\n## Summary\n\nA remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An Authentication Bypass vulnerability exists in WCF and WIF, allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in Sharepoint. An information disclosure vulnerability exists when Exchange and Azure Active Directory allow creation of entities with Display Names having non-printable characters. \n \nTo learn more about the vulnerabilities, go to the following Common Vulnerabilities and Exposures (CVE). \n\n * [CVE-2019-1113](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1113>)\n * [CVE-2019-1006](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1006>)\n * [CVE-2019-1083](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1083>)\n** Important **\n\n * As a reminder to advanced IT administrators, updates to .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2 should only be applied on systems where .NET Framework 3.5 is present and enabled. Customers who attempt to pre-install updates to .NET Framework 3.5 to offline images that do not contain the .NET Framework 3.5 product enabled will expose these systems to failures to enable .NET Framework 3.5 after the systems are online. For more extensive information about deploying .NET Framework 3.5, see [Microsoft .NET Framework 3.5 Deployment Considerations.](<https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/microsoft-net-framework-35-deployment-considerations >)\n * All updates for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 require that update KB 2919355 is installed. We recommend that you install update KB 2919355 on your Windows 8.1-based, Windows RT 8.1-based, or Windows Server 2012 R2-based computer so that you receive updates in the future.\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this update\n\nThe following articles contain additional information about this update as it relates to individual product versions.\n\n * [4506977](<https://support.microsoft.com/help/4506977>) Description of the Security Only Update for .NET Framework 3.5 for Windows 8.1 and Server 2012 R2 (KB4506977) \n * [4506964](<https://support.microsoft.com/help/4506964>) Description of the Security Only Update for .NET Framework 4.5.2 for Windows 8.1 and Server 2012 R2 (KB4506964) \n * [4506962](<https://support.microsoft.com/help/4506962>) Description of the Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2 (KB4506962) \n * [4506955](<https://support.microsoft.com/help/4506955>) Description of the Security Only Update for .NET Framework 4.8 for Windows 8.1 and Server 2012 R2 (KB4506955) \n\n## Information about protection and security\n\n * Protect yourself online: [Windows Security support](<https://support.microsoft.com/hub/4099151/windows-security-help>)\n * Learn how we guard against cyber threats: [Microsoft Security](<https://www.microsoft.com/security>)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-07-09T07:00:00", "type": "mskb", "title": "Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Server 2012 R2 (KB4507413)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1006", "CVE-2019-1083", "CVE-2019-1113"], "modified": "2019-07-09T07:00:00", "id": "KB4507413", "href": "https://support.microsoft.com/en-us/help/4507413", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-23T19:25:27", "description": "None\n**Applies to:**Microsoft .NET Framework 4.8 \n\n## Summary\n\nA remote code execution vulnerability exists in .NET software if the software fails to check the source markup of a file. An Authentication Bypass vulnerability exists in WCF and WIF that enabloes SAML tokens to be signed by using arbitrary symmetric keys. This vulnerability enables an attacker to impersonate another user. The vulnerability exists in WCF, WIF 3.5 and later in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in SharePoint. An information disclosure vulnerability exists if Exchange and Azure Active Directory let entities be created even though they have Display Names that contain non-printable characters. \n \nTo learn more about the vulnerabilities, go to the following Common Vulnerabilities and Exposures (CVE):\n\n * [CVE-2019-1113](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1113>)\n * [CVE-2019-1006](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1006>)\n * [CVE-2019-1083](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1083>)\n\n## Known issues in this update \n\nMicrosoft is not currently aware of any issues in this update. \n\n## How to get this update\n\n**Install this update**To download and install this update, go to **Settings**, **Update & Security**, **Windows Update**, and then select **Check for updates**.This update will be downloaded and installed automatically from Windows Update. \n \nTo get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=4506988>) website.**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4506988](<http://download.microsoft.com/download/A/F/3/AF37FD5B-47C7-4BA1-9FE2-B1B242C62516/4506988.csv>).\n\n## Information about protection and security\n\n * Protect yourself online: [Windows Security support](<https://support.microsoft.com/hub/4099151/windows-security-help>)\n * Learn how we guard against cyber threats: [Microsoft Security](<https://www.microsoft.com/security>)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-07-09T07:00:00", "type": "mskb", "title": "July 9, 2019 \u2014 KB4506988 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1709", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1006", "CVE-2019-1083", "CVE-2019-1113"], "modified": "2019-07-09T07:00:00", "id": "KB4506988", "href": "https://support.microsoft.com/en-us/help/4506988", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-23T19:25:31", "description": "None\n**Applies to:**Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.7.2 and 4.8 \n\n## Summary\n\nA remote code execution vulnerability exists in .NET software if the software fails to check the source markup of a file. An Authentication Bypass vulnerability exists in WCF and WIF that lets SAML tokens be signed by using arbitrary symmetric keys. This vulnerability enables an attacker to impersonate another user. The vulnerability exists in WCF, WIF 3.5 and later in .NET Framework, the WIF 1.0 component in Windows, the WIF Nuget package, and the WIF implementation in SharePoint. An information disclosure vulnerability exists if Exchange and Azure Active Directory allow the creation of entities by using Display Names that have non-printable characters. \n \nTo learn more about the vulnerabilities, go to the following Common Vulnerabilities and Exposures (CVE):\n\n * [CVE-2019-1113](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1113>)\n * [CVE-2019-1006](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1006>)\n * [CVE-2019-1083](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1083>)\n\n## Additional information about this update\n\nThe following articles contain additional information about this update as it relates to individual product versions:\n\n * [4506998](<https://support.microsoft.com/help/4506998>) Description of the Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809 and Windows Server 2019 (KB4506998)\n * [4506990](<https://support.microsoft.com/help/4506990>) Description of the Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1809 and Windows Server 2019 (KB4506990)\n\n## Information about protection and security\n\n * Protect yourself online: [Windows Security support](<https://support.microsoft.com/hub/4099151/windows-security-help>)\n * Learn how we guard against cyber threats: [Microsoft Security](<https://www.microsoft.com/security>)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-07-09T07:00:00", "type": "mskb", "title": "July 9, 2019 \u2014 KB4507419 Cumulative Update for .NET Framework 3.5, 4.7.2, 4.8 for Windows 10, version 1809 and Windows Server 2019", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1006", "CVE-2019-1083", "CVE-2019-1113"], "modified": "2019-07-09T07:00:00", "id": "KB4507419", "href": "https://support.microsoft.com/en-us/help/4507419", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-23T19:25:28", "description": "None\n**Applies to:**Microsoft .NET Framework 4.8 \n\n## Summary\n\nA remote code execution vulnerability exists in .NET software if the software fails to check the source markup of a file. An Authentication Bypass vulnerability exists in WCF and WIF that enables SAML tokens to be signed by using arbitrary symmetric keys. This vulnerability enables an attacker to impersonate another user. The vulnerability exists in WCF, WIF 3.5, and later in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in SharePoint. An information disclosure vulnerability exists if Exchange and Azure Active Directory let entities be created even though they have Display Names that contain non-printable characters. \n \nTo learn more about the vulnerabilities, go to the following Common Vulnerabilities and Exposures (CVE):\n\n * [CVE-2019-1113](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1113>)\n * [CVE-2019-1006](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1006>)\n * [CVE-2019-1083](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1083>)\n\n## Known issues in this update \n\nMicrosoft is not currently aware of any issues in this update. \n\n## How to get this update\n\n**Install this update**To download and install this update, go to **Settings**, **Update & Security**, **Windows Update**, and then select **Check for updates**.This update will be downloaded and installed automatically from Windows Update. \n \nTo get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=4506989>) website.**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4506989](<http://download.microsoft.com/download/A/F/3/AF37FD5B-47C7-4BA1-9FE2-B1B242C62516/4506989.csv>).\n\n## Information about protection and security\n\n * Protect yourself online: [Windows Security support](<https://support.microsoft.com/hub/4099151/windows-security-help>)\n * Learn how we guard against cyber threats: [Microsoft Security](<https://www.microsoft.com/security>)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-07-09T07:00:00", "type": "mskb", "title": "July 9, 2019 \u2014 KB4506989 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1803", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1006", "CVE-2019-1083", "CVE-2019-1113"], "modified": "2019-07-09T07:00:00", "id": "KB4506989", "href": "https://support.microsoft.com/en-us/help/4506989", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-23T19:25:26", "description": "None\n**Applies to:**Microsoft .NET Framework 4.8 \n\n## Summary\n\nA remote code execution vulnerability exists in .NET software if the software fails to check the source markup of a file. An Authentication Bypass vulnerability exists in WCF and WIF, allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability enables an attacker to impersonate another user. The vulnerability exists in WCF, WIF 3.5 and later in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in Sharepoint. An information disclosure vulnerability exists if Exchange and Azure Active Directory allow entities to be created although the Display Names contain non-printable characters. \n \nTo learn more about these vulnerabilities, go to the following Common Vulnerabilities and Exposures (CVE):\n\n * [CVE-2019-1113](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1113>)\n * [CVE-2019-1006](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1006>)\n * [CVE-2019-1083](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-1083>)\n\n## Known issues in this update \n\nMicrosoft is not currently aware of any issues in this update. \n\n## How to get this update\n\n**Install this update** To download and install this update, go to **Settings**, **Update & Security**, **Windows Update**, and then select **Check for updates**. This update will be downloaded and installed automatically from Windows Update. \nTo get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=4506986>) website. **File information** For a list of the files that are provided in this update, download the [file information for cumulative update 4506986](<http://download.microsoft.com/download/A/F/3/AF37FD5B-47C7-4BA1-9FE2-B1B242C62516/4506986.csv>). \n\n## Information about protection and security\n\n * Protect yourself online: [Windows Security support](<https://support.microsoft.com/hub/4099151/windows-security-help>)\n * Learn how we guard against cyber threats: [Microsoft Security](<https://www.microsoft.com/security>)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-07-09T07:00:00", "type": "mskb", "title": "July 9, 2019 \u2014 KB4506986 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1006", "CVE-2019-1083", "CVE-2019-1113"], "modified": "2019-07-09T07:00:00", "id": "KB4506986", "href": "https://support.microsoft.com/en-us/help/4506986", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2020-06-05T16:27:17", "description": "This host is missing an important security\n update according to Microsoft KB4475510.", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft SharePoint Foundation WCF/WIF SAML Authentication Bypass Vulnerability (KB4475510)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1006"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310815500", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815500", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nCPE = \"cpe:/a:microsoft:sharepoint_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815500\");\n script_version(\"2020-06-04T09:02:37+0000\");\n script_cve_id(\"CVE-2019-1006\");\n script_bugtraq_id(108978);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 09:02:37 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 13:35:38 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft SharePoint Foundation WCF/WIF SAML Authentication Bypass Vulnerability (KB4475510)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security\n update according to Microsoft KB4475510.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists when Microsoft SharePoint\n Server does not properly sanitize a specially crafted web request to an\n affected SharePoint server.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to conduct spoofing attacks and perform unauthorized actions,\n other attacks are also possible.\");\n\n script_tag(name:\"affected\", value:\"Microsoft SharePoint Foundation 2010 Service Pack 2.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the\n references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4475510\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"gb_ms_sharepoint_sever_n_foundation_detect.nasl\");\n script_mandatory_keys(\"MS/SharePoint/Server/Ver\");\n script_require_ports(139, 445);\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nshareVer = infos['version'];\n\nif(shareVer !~ \"^14\\.\"){\n exit(0);\n}\n\npath = infos['location'];\nif(!path || \"Could not find the install location\" >< path){\n exit(0);\n}\n\nif(!os_arch = get_kb_item(\"SMB/Windows/Arch\")){\n exit(0);\n}\n\nif(\"x86\" >< os_arch){\n key_list = make_list(\"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\");\n}\nelse if(\"x64\" >< os_arch){\n key_list = make_list(\"SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\",\n \"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\");\n}\n\nforeach key(key_list)\n{\n path = registry_get_sz(key:key, item:\"CommonFilesDir\");\n\n if(path)\n {\n path = path + \"\\Microsoft Shared\\web server extensions\\14\\ISAPI\";\n\n dllVer = fetch_file_version(sysPath:path, file_name:\"microsoft.sharepoint.search.dll\");\n if(dllVer && version_in_range(version:dllVer, test_version:\"14.0\", test_version2:\"14.0.7232.4999\"))\n {\n report = report_fixed_ver(file_checked:path + \"\\microsoft.sharepoint.search.dll\",\n file_version:dllVer, vulnerable_range:\"14.0 - 14.0.7232.4999\");\n security_message(data:report);\n exit(0);\n }\n }\n}\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-06-05T16:27:13", "description": "This host is missing an important security\n update according to Microsoft KB4475527", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft SharePoint Foundation 2013 WCF/WIF SAML Authentication Bypass Vulnerability (KB4475527)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1006"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310815503", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815503", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nCPE = \"cpe:/a:microsoft:sharepoint_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815503\");\n script_version(\"2020-06-04T09:02:37+0000\");\n script_cve_id(\"CVE-2019-1006\");\n script_bugtraq_id(108978);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 09:02:37 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 12:54:55 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft SharePoint Foundation 2013 WCF/WIF SAML Authentication Bypass Vulnerability (KB4475527)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security\n update according to Microsoft KB4475527\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host\");\n\n script_tag(name:\"insight\", value:\"An authentication bypass vulnerability exists\n in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF),\n allowing signing of SAML tokens with arbitrary symmetric keys.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to bypass the authentication mechanism and gain unauthorized access. This may\n lead to further attacks.\");\n\n script_tag(name:\"affected\", value:\"Microsoft SharePoint Foundation 2013 Service Pack 1.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the\n references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4475527\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"gb_ms_sharepoint_sever_n_foundation_detect.nasl\");\n script_mandatory_keys(\"MS/SharePoint/Server/Ver\");\n script_require_ports(139, 445);\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\n\nshareVer = infos['version'];\nif(shareVer !~ \"^15\\.\"){\n exit(0);\n}\n\npath = infos['location'];\nif(!path || \"Could not find the install location\" >< path){\n exit(0);\n}\n\nif(!os_arch = get_kb_item(\"SMB/Windows/Arch\")){\n exit(0);\n}\n\nif(\"x86\" >< os_arch){\n key_list = make_list(\"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\");\n}\nelse if(\"x64\" >< os_arch){\n key_list = make_list(\"SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\",\n \"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\");\n}\n\nforeach key(key_list)\n{\n path = registry_get_sz(key:key, item:\"CommonFilesDir\");\n if(path)\n {\n path = path + \"\\microsoft shared\\Web Server Extensions\\15\\BIN\";\n dllVer = fetch_file_version(sysPath:path, file_name:\"Onetutil.dll\");\n if(dllVer=~ \"^15\\.\" && version_is_less(version:dllVer, test_version:\"15.0.5153.0999\"))\n {\n report = report_fixed_ver(file_checked:path + \"\\Onetutil.dll\",\n file_version:dllVer, vulnerable_range:\"15.0 - 15.0.5153.0999\");\n security_message(data:report);\n exit(0);\n }\n }\n}\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-06-05T16:27:13", "description": "This host is missing an important security\n update according to Microsoft KB4475522", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft SharePoint Enterprise Server 2013 Multiple Vulnerabilities(KB4475522)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1134", "CVE-2019-1006"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310815502", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815502", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815502\");\n script_version(\"2020-06-04T09:02:37+0000\");\n script_cve_id(\"CVE-2019-1134\", \"CVE-2019-1006\");\n script_bugtraq_id(109028, 108978);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 09:02:37 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 13:07:37 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft SharePoint Enterprise Server 2013 Multiple Vulnerabilities(KB4475522)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security\n update according to Microsoft KB4475522\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws due to,\n\n - An authentication bypass vulnerability exists in Windows Communication\n Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing\n of SAML tokens with arbitrary symmetric keys.\n\n - A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint\n Server does not properly sanitize a specially crafted web request to an affected\n SharePoint server.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to perform cross-site scripting attacks on affected systems and run script in\n the security context of the current user and read content that the attacker is\n not authorized to read, use the victim's identity to take actions on the\n SharePoint site on behalf of the user.\");\n\n script_tag(name:\"affected\", value:\"Microsoft SharePoint Enterprise Server 2013 Service Pack 1.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4475522\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"gb_ms_sharepoint_sever_n_foundation_detect.nasl\");\n script_mandatory_keys(\"MS/SharePoint/Server/Ver\");\n script_require_ports(139, 445);\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(!infos = get_app_version_and_location( cpe:'cpe:/a:microsoft:sharepoint_server', exit_no_version:TRUE )) exit(0);\nshareVer = infos['version'];\n\nif(shareVer =~ \"^15\\.\")\n{\n path = registry_get_sz(key:\"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Office15.OSERVER\",\n item:\"InstallLocation\");\n if(path)\n {\n path = path + \"\\15.0\\bin\";\n\n dllVer = fetch_file_version(sysPath:path, file_name:\"microsoft.sharepoint.publishing.dll\");\n if(dllVer && version_in_range(version:dllVer, test_version:\"15.0\", test_version2:\"15.0.5145.0999\"))\n {\n report = report_fixed_ver(file_checked:path + \"\\microsoft.sharepoint.publishing.dll\",\n file_version:dllVer, vulnerable_range:\"15.0 - 15.0.5145.0999\");\n security_message(data:report);\n exit(0);\n }\n }\n}\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-06-05T16:27:19", "description": "This host is missing an important security\n update according to Microsoft KB4475520", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft SharePoint Enterprise Server 2016 Multiple Vulnerabilities (KB4475520)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1134", "CVE-2019-1006"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310815501", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815501", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815501\");\n script_version(\"2020-06-04T09:02:37+0000\");\n script_cve_id(\"CVE-2019-1134\", \"CVE-2019-1006\");\n script_bugtraq_id(109028, 108978);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 09:02:37 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 13:27:24 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft SharePoint Enterprise Server 2016 Multiple Vulnerabilities (KB4475520)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security\n update according to Microsoft KB4475520\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - An authentication bypass vulnerability exists in Windows Communication\n Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing\n of SAML tokens with arbitrary symmetric keys.\n\n - A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint\n Server does not properly sanitize a specially crafted web request to an affected\n SharePoint server.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to perform cross-site scripting attacks on affected systems and run script in\n the security context of the current user and read content that the attacker is\n not authorized to read, use the victim's identity to take actions on the\n SharePoint site on behalf of the user.\");\n\n script_tag(name:\"affected\", value:\"Microsoft SharePoint Enterprise Server 2016.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4475520\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"gb_ms_sharepoint_sever_n_foundation_detect.nasl\");\n script_mandatory_keys(\"MS/SharePoint/Server/Ver\");\n script_require_ports(139, 445);\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\n\nif( ! infos = get_app_version_and_location( cpe:'cpe:/a:microsoft:sharepoint_server') ) exit( 0 );\n\nshareVer = infos['version'];\nif(shareVer !~ \"^16\\.\"){\n exit(0);\n}\n\nif(!os_arch = get_kb_item(\"SMB/Windows/Arch\")){\n exit(0);\n}\n\nif(\"x86\" >< os_arch){\n key_list = make_list(\"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\");\n}\nelse if(\"x64\" >< os_arch){\n key_list = make_list(\"SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\",\n \"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\");\n}\n\nforeach key(key_list)\n{\n path = registry_get_sz(key:key, item:\"CommonFilesDir\");\n\n if(path)\n {\n path = path + \"\\microsoft shared\\Web Server Extensions\\16\\BIN\";\n dllVer = fetch_file_version(sysPath:path, file_name:\"Onetutil.dll\");\n if(dllVer =~ \"^16\\.\" && version_is_less(version:dllVer, test_version:\"16.0.4873.1000\"))\n {\n report = report_fixed_ver(file_checked:path + \"\\Onetutil.dll\",\n file_version:dllVer, vulnerable_range:\"16.0 - 16.0.4873.0999\");\n security_message(data:report);\n exit(0);\n }\n }\n}\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-06-05T16:27:30", "description": "This host is missing a critical security\n update according to Microsoft KB4507423", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft .NET Framework Multiple Vulnerabilities (KB4507423)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1006", "CVE-2019-1113", "CVE-2019-1083"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310815510", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815510", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815510\");\n script_version(\"2020-06-04T09:02:37+0000\");\n script_cve_id(\"CVE-2019-1113\", \"CVE-2019-1006\", \"CVE-2019-1083\");\n script_bugtraq_id(108977, 108978, 108981);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 09:02:37 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 09:35:44 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft .NET Framework Multiple Vulnerabilities (KB4507423)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4507423\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - An error in Windows Communication Foundation (WCF) and Windows Identity Foundation\n (WIF), allowing signing of SAML tokens with arbitrary symmetric keys.\n\n - An error when Microsoft Common Object Runtime Library improperly handles web\n requests.\n\n - An error in .NET software when the software fails to check the source markup\n of a file.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain elevated privileges, conduct denial-of-service condition and execute\n arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Microsoft .NET Framework 2.0, 3.0, 4.5.2 and 4.6 for Microsoft Windows Server 2008 SP2.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4507423\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4507003\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4507001\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4506997\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win2008:3, win2008x64:3) <= 0){\n exit(0);\n}\n\nif(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\.NETFramework\")){\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\ASP.NET\")){\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\NET Framework Setup\\NDP\\v4\\Full\\\")){\n exit(0);\n }\n }\n}\n\nkey_list = make_list(\"SOFTWARE\\Microsoft\\.NETFramework\\\", \"SOFTWARE\\Microsoft\\ASP.NET\\\", \"SOFTWARE\\Microsoft\\NET Framework Setup\\NDP\\v4\\Full\\\");\n\nforeach key(key_list)\n{\n if(\".NETFramework\" >< key)\n {\n foreach item (registry_enum_keys(key:key))\n {\n NetPath = registry_get_sz(key:key + item, item:\"InstallRoot\");\n if(NetPath && \"\\Microsoft.NET\\Framework\" >< NetPath)\n {\n foreach item (registry_enum_keys(key:key))\n {\n dotPath = NetPath + item;\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.IdentityModel.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4507003\n if(version_in_range(version:dllVer, test_version:\"3.0\", test_version2:\"3.0.4506.8830\"))\n {\n vulnerable_range = \"3.0 - 3.0.4506.8830\";\n break;\n }\n\n ## https://support.microsoft.com/en-us/help/4507001\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.30000\", test_version2:\"4.0.30319.36565\"))\n {\n vulnerable_range = \"4.0.30319.30000 - 4.0.30319.36565\";\n break;\n }\n ## https://support.microsoft.com/en-us/help/4506997\n else if(version_in_range(version:dllVer, test_version:\"4.6\", test_version2:\"4.7.3439\"))\n {\n vulnerable_range = \"4.6 - 4.7.3439\";\n break;\n }\n }\n }\n if(vulnerable_range){\n break;\n }\n }\n }\n\n }\n\n if((!vulnerable_range) && \"ASP.NET\" >< key)\n {\n foreach item (registry_enum_keys(key:key))\n {\n dotPath = registry_get_sz(key:key + item, item:\"Path\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.identitymodel.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4507003\n if(version_in_range(version:dllVer, test_version:\"3.0\", test_version2:\"3.0.4506.8830\"))\n {\n vulnerable_range = \"3.0 - 3.0.4506.8830\";\n break;\n }\n\n ## https://support.microsoft.com/en-us/help/4507001\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.30000\", test_version2:\"4.0.30319.36565\"))\n {\n vulnerable_range = \"4.0.30319.30000 - 4.0.30319.36565\";\n break;\n }\n ## https://support.microsoft.com/en-us/help/4506997\n else if(version_in_range(version:dllVer, test_version:\"4.6\", test_version2:\"4.7.3439\"))\n {\n vulnerable_range = \"4.6 - 4.7.3439\";\n break;\n }\n }\n }\n }\n }\n\n ## For versions greater than 4.5 (https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/how-to-determine-which-versions-are-installed#net_b)\n if((!vulnerable_range) && \"NET Framework Setup\" >< key)\n {\n dotPath = registry_get_sz(key:key, item:\"InstallPath\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.identitymodel.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4507003\n if(version_in_range(version:dllVer, test_version:\"3.0\", test_version2:\"3.0.4506.8830\")){\n vulnerable_range = \"3.0 - 3.0.4506.8830\";\n }\n\n ## https://support.microsoft.com/en-us/help/4507001\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.30000\", test_version2:\"4.0.30319.36565\")){\n vulnerable_range = \"4.0.30319.30000 - 4.0.30319.36565\";\n }\n ## https://support.microsoft.com/en-us/help/4506997\n else if(version_in_range(version:dllVer, test_version:\"4.6\", test_version2:\"4.7.3439\")){\n vulnerable_range = \"4.6 - 4.7.3439\";\n }\n }\n }\n }\n\n if(vulnerable_range)\n {\n report = report_fixed_ver(file_checked:dotPath + \"System.identitymodel.dll\",\n file_version:dllVer, vulnerable_range:vulnerable_range);\n security_message(data:report);\n exit(0);\n }\n}\nexit(99);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-05T16:27:24", "description": "This host is missing a critical security\n update according to Microsoft KB4506987", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft .NET Framework Multiple Vulnerabilities (KB4506987)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1006", "CVE-2019-1113", "CVE-2019-1083"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310815151", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815151", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815151\");\n script_version(\"2020-06-04T09:02:37+0000\");\n script_cve_id(\"CVE-2019-1113\", \"CVE-2019-1006\", \"CVE-2019-1083\");\n script_bugtraq_id(108977, 108978, 108981);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 09:02:37 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 09:35:44 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft .NET Framework Multiple Vulnerabilities (KB4506987)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4506987\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - An error in Windows Communication Foundation (WCF) and Windows Identity Foundation\n (WIF), allowing signing of SAML tokens with arbitrary symmetric keys.\n\n - An error when Microsoft Common Object Runtime Library improperly handles web\n requests.\n\n - An error in .NET software when the software fails to check the source markup\n of a file.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain elevated privileges, conduct denial-of-service condition and execute\n arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Microsoft .NET Framework 4.8 on Microsoft Windows 10 Version 1703.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4506987\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(edgeVer =~ \"^11\\.0\\.15063\")\n{\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\.NETFramework\")){\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\ASP.NET\")){\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\NET Framework Setup\\NDP\\v4\\Full\\\")){\n exit(0);\n }\n }\n }\n\n key_list = make_list(\"SOFTWARE\\Microsoft\\.NETFramework\\\", \"SOFTWARE\\Microsoft\\ASP.NET\\\", \"SOFTWARE\\Microsoft\\NET Framework Setup\\NDP\\v4\\Full\\\");\n\n foreach key(key_list)\n {\n if(\".NETFramework\" >< key)\n {\n foreach item (registry_enum_keys(key:key))\n {\n NetPath = registry_get_sz(key:key + item, item:\"InstallRoot\");\n if(NetPath && \"\\Microsoft.NET\\Framework\" >< NetPath)\n {\n foreach item (registry_enum_keys(key:key))\n {\n dotPath = NetPath + item;\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.workflow.runtime.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4506987\n if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\"))\n {\n vulnerable_range = \"4.8 - 4.8.3824\" ;\n break;\n }\n }\n }\n if(vulnerable_range){\n break;\n }\n }\n }\n }\n\n if((!vulnerable_range) && \"ASP.NET\" >< key)\n {\n foreach item (registry_enum_keys(key:key))\n {\n dotPath = registry_get_sz(key:key + item, item:\"Path\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.workflow.runtime.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4506987\n if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\"))\n {\n vulnerable_range = \"4.8 - 4.8.3824\" ;\n break;\n }\n }\n }\n }\n }\n\n ## For versions greater than 4.5 (https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/how-to-determine-which-versions-are-installed#net_b)\n if((!vulnerable_range) && \"NET Framework Setup\" >< key)\n {\n dotPath = registry_get_sz(key:key, item:\"InstallPath\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.workflow.runtime.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4506987\n if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\")){\n vulnerable_range = \"4.8 - 4.8.3824\" ;\n }\n }\n }\n }\n\n if(vulnerable_range)\n {\n report = report_fixed_ver(file_checked:dotPath + \"System.workflow.runtime.dll\",\n file_version:dllVer, vulnerable_range:vulnerable_range);\n security_message(data:report);\n exit(0);\n }\n }\n}\nexit(99);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-05T16:27:30", "description": "This host is missing a critical security\n update according to Microsoft KB4506991", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft .NET Framework Multiple Vulnerabilities (KB4506991)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1006", "CVE-2019-1113", "CVE-2019-1083"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310815153", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815153", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815153\");\n script_version(\"2020-06-04T09:02:37+0000\");\n script_cve_id(\"CVE-2019-1113\", \"CVE-2019-1006\", \"CVE-2019-1083\");\n script_bugtraq_id(108977, 108978, 108981);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 09:02:37 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 09:35:44 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft .NET Framework Multiple Vulnerabilities (KB4506991)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4506991\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - An error in Windows Communication Foundation (WCF) and Windows Identity Foundation\n (WIF), allowing signing of SAML tokens with arbitrary symmetric keys.\n\n - An error when Microsoft Common Object Runtime Library improperly handles web\n requests.\n\n - An error in .NET software when the software fails to check the source markup\n of a file.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain elevated privileges, conduct denial-of-service condition and execute\n arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Microsoft .NET Framework 4.8 on Microsoft Windows 10 Version 1903.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4506991\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(edgeVer =~ \"^11\\.0\\.18362\")\n{\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\.NETFramework\")){\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\ASP.NET\")){\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\NET Framework Setup\\NDP\\v4\\Full\\\")){\n exit(0);\n }\n }\n }\n\n key_list = make_list(\"SOFTWARE\\Microsoft\\.NETFramework\\\", \"SOFTWARE\\Microsoft\\ASP.NET\\\", \"SOFTWARE\\Microsoft\\NET Framework Setup\\NDP\\v4\\Full\\\");\n\n foreach key(key_list)\n {\n if(\".NETFramework\" >< key)\n {\n foreach item (registry_enum_keys(key:key))\n {\n NetPath = registry_get_sz(key:key + item, item:\"InstallRoot\");\n if(NetPath && \"\\Microsoft.NET\\Framework\" >< NetPath)\n {\n foreach item (registry_enum_keys(key:key))\n {\n dotPath = NetPath + item;\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.workflow.runtime.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4506991\n if(version_in_range(version:dllVer, test_version:\"3.0\", test_version2:\"3.0.4203.9139\"))\n {\n vulnerable_range = \"3.0 - 3.0.4203.9139\" ;\n break;\n }\n\n ## https://support.microsoft.com/en-us/help/4506991\n if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\"))\n {\n vulnerable_range = \"4.8 - 4.8.3824\" ;\n break;\n }\n }\n }\n if(vulnerable_range){\n break;\n }\n }\n }\n }\n\n if((!vulnerable_range) && \"ASP.NET\" >< key)\n {\n foreach item (registry_enum_keys(key:key))\n {\n dotPath = registry_get_sz(key:key + item, item:\"Path\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.workflow.runtime.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4506991\n if(version_in_range(version:dllVer, test_version:\"3.0\", test_version2:\"3.0.4203.9139\"))\n {\n vulnerable_range = \"3.0 - 3.0.4203.9139\" ;\n break;\n }\n\n ## https://support.microsoft.com/en-us/help/4506991\n if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\"))\n {\n vulnerable_range = \"4.8 - 4.8.3824\" ;\n break;\n }\n }\n }\n }\n }\n\n ## For versions greater than 4.5 (https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/how-to-determine-which-versions-are-installed#net_b)\n if((!vulnerable_range) && \"NET Framework Setup\" >< key)\n {\n dotPath = registry_get_sz(key:key, item:\"InstallPath\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.workflow.runtime.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4506991\n if(version_in_range(version:dllVer, test_version:\"3.0\", test_version2:\"3.0.4203.9139\")){\n vulnerable_range = \"3.0 - 3.0.4203.9139\" ;\n }\n\n ## https://support.microsoft.com/en-us/help/4506991\n if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\")){\n vulnerable_range = \"4.8 - 4.8.3824\" ;\n }\n }\n }\n }\n\n if(vulnerable_range)\n {\n report = report_fixed_ver(file_checked:dotPath + \"System.workflow.runtime.dll\",\n file_version:dllVer, vulnerable_range:vulnerable_range);\n security_message(data:report);\n exit(0);\n }\n }\n}\nexit(99);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-05T16:27:27", "description": "This host is missing a critical security\n update according to Microsoft KB4507422", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft .NET Framework Multiple Vulnerabilities (KB4507422)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1006", "CVE-2019-1113", "CVE-2019-1083"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310815159", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815159", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815159\");\n script_version(\"2020-06-04T09:02:37+0000\");\n script_cve_id(\"CVE-2019-1113\", \"CVE-2019-1006\", \"CVE-2019-1083\");\n script_bugtraq_id(108977, 108978, 108981);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 09:02:37 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 09:35:44 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft .NET Framework Multiple Vulnerabilities (KB4507422)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4507422\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - An error in Windows Communication Foundation (WCF) and Windows Identity Foundation\n (WIF), allowing signing of SAML tokens with arbitrary symmetric keys.\n\n - An error when Microsoft Common Object Runtime Library improperly handles web\n requests.\n\n - An error in .NET software when the software fails to check the source markup\n of a file.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain elevated privileges, conduct denial-of-service condition and execute\n arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Microsoft .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 on Microsoft Windows 8.1 and Microsoft Windows Server 2012 R2.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4507422\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4507005\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4506999\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4506996\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4506993\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win8_1:1, win8_1x64:1, win2012R2:1) <= 0){\n exit(0);\n}\n\nif(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\.NETFramework\")){\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\ASP.NET\")){\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\NET Framework Setup\\NDP\\v4\\Full\\\")){\n exit(0);\n }\n }\n}\n\nkey_list = make_list(\"SOFTWARE\\Microsoft\\.NETFramework\\\", \"SOFTWARE\\Microsoft\\ASP.NET\\\", \"SOFTWARE\\Microsoft\\NET Framework Setup\\NDP\\v4\\Full\\\");\n\nforeach key(key_list)\n{\n if(\".NETFramework\" >< key)\n {\n foreach item (registry_enum_keys(key:key))\n {\n NetPath = registry_get_sz(key:key + item, item:\"InstallRoot\");\n if(NetPath && \"\\Microsoft.NET\\Framework\" >< NetPath)\n {\n foreach item (registry_enum_keys(key:key))\n {\n dotPath = NetPath + item;\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.identitymodel.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4507005\n if(version_in_range(version:dllVer, test_version:\"3.0\", test_version2:\"3.0.4506.8830\"))\n {\n vulnerable_range = \"3.0 - 3.0.4506.8830\";\n break;\n }\n ## https://support.microsoft.com/en-us/help/4506999\n else if(version_in_range(version:dllVer, test_version:\"4.0.30319.30000\", test_version2:\"4.0.30319.36565\"))\n {\n vulnerable_range = \"4.0.30319.30000 - 4.0.30319.36565\";\n break;\n }\n # https://support.microsoft.com/en-us/help/4506996\n else if(version_in_range(version:dllVer, test_version:\"4.6\", test_version2:\"4.7.3439\"))\n {\n vulnerable_range = \"4.6 - 4.7.3439\";\n break;\n }\n ## https://support.microsoft.com/en-us/help/4506993\n else if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\"))\n {\n vulnerable_range = \"4.8 - 4.8.3824\";\n break;\n }\n }\n }\n if(vulnerable_range){\n break;\n }\n }\n }\n }\n\n if((!vulnerable_range) && \"ASP.NET\" >< key)\n {\n foreach item (registry_enum_keys(key:key))\n {\n dotPath = registry_get_sz(key:key + item, item:\"Path\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.identitymodel.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4507005\n if(version_in_range(version:dllVer, test_version:\"3.0\", test_version2:\"3.0.4506.8830\"))\n {\n vulnerable_range = \"3.0 - 3.0.4506.8830\";\n break;\n }\n ## https://support.microsoft.com/en-us/help/4506999\n else if(version_in_range(version:dllVer, test_version:\"4.0.30319.30000\", test_version2:\"4.0.30319.36565\"))\n {\n vulnerable_range = \"4.0.30319.30000 - 4.0.30319.36565\";\n break;\n }\n # https://support.microsoft.com/en-us/help/4506996\n else if(version_in_range(version:dllVer, test_version:\"4.6\", test_version2:\"4.7.3439\"))\n {\n vulnerable_range = \"4.6 - 4.7.3439\";\n break;\n }\n ## https://support.microsoft.com/en-us/help/4506993\n else if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\"))\n {\n vulnerable_range = \"4.8 - 4.8.3824\";\n break;\n }\n }\n }\n }\n }\n\n ## For versions greater than 4.5 (https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/how-to-determine-which-versions-are-installed#net_b)\n if((!vulnerable_range) && \"NET Framework Setup\" >< key)\n {\n dotPath = registry_get_sz(key:key, item:\"InstallPath\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.identitymodel.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4507005\n if(version_in_range(version:dllVer, test_version:\"3.0\", test_version2:\"3.0.4506.8830\")){\n vulnerable_range = \"3.0 - 3.0.4506.8830\";\n }\n ## https://support.microsoft.com/en-us/help/4506999\n else if(version_in_range(version:dllVer, test_version:\"4.0.30319.30000\", test_version2:\"4.0.30319.36565\")){\n vulnerable_range = \"4.0.30319.30000 - 4.0.30319.36565\";\n }\n # https://support.microsoft.com/en-us/help/4506996\n else if(version_in_range(version:dllVer, test_version:\"4.6\", test_version2:\"4.7.3439\")){\n vulnerable_range = \"4.6 - 4.7.3439\";\n }\n ## https://support.microsoft.com/en-us/help/4506993\n else if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\")){\n vulnerable_range = \"4.8 - 4.8.3824\";\n }\n }\n }\n }\n\n if(vulnerable_range)\n {\n report = report_fixed_ver(file_checked:dotPath + \"System.identitymodel.dll\",\n file_version:dllVer, vulnerable_range:vulnerable_range);\n security_message(data:report);\n exit(0);\n }\n}\nexit(99);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-05T16:27:22", "description": "This host is missing a critical security\n update according to Microsoft KB4507421", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft .NET Framework Multiple Vulnerabilities (KB4507421)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1006", "CVE-2019-1113", "CVE-2019-1083"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310815509", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815509", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815509\");\n script_version(\"2020-06-04T09:02:37+0000\");\n script_cve_id(\"CVE-2019-1113\", \"CVE-2019-1006\", \"CVE-2019-1083\");\n script_bugtraq_id(108977, 108978, 108981);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 09:02:37 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 09:35:44 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft .NET Framework Multiple Vulnerabilities (KB4507421)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4507421\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - An error in Windows Communication Foundation (WCF) and Windows Identity Foundation\n (WIF), allowing signing of SAML tokens with arbitrary symmetric keys.\n\n - An error when Microsoft Common Object Runtime Library improperly handles web\n requests.\n\n - An error in .NET software when the software fails to check the source markup\n of a file.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain elevated privileges, conduct denial-of-service condition and execute\n arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Microsoft .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 on Microsoft Windows Server 2012.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4507421\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4507002\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4507000\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4506995\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4506992\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\n\nif(hotfix_check_sp(win2012:1) <= 0){\n exit(0);\n}\n\nif(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\.NETFramework\")){\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\ASP.NET\")){\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\NET Framework Setup\\NDP\\v4\\Full\\\")){\n exit(0);\n }\n }\n}\n\nkey_list = make_list(\"SOFTWARE\\Microsoft\\.NETFramework\\\", \"SOFTWARE\\Microsoft\\ASP.NET\\\", \"SOFTWARE\\Microsoft\\NET Framework Setup\\NDP\\v4\\Full\\\");\nforeach key(key_list)\n{\n if(\".NETFramework\" >< key)\n {\n foreach item (registry_enum_keys(key:key))\n {\n NetPath = registry_get_sz(key:key + item, item:\"InstallRoot\");\n if(NetPath && \"\\Microsoft.NET\\Framework\" >< NetPath)\n {\n foreach item (registry_enum_keys(key:key))\n {\n dotPath = NetPath + item;\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.identitymodel.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4507002\n if(version_in_range(version:dllVer, test_version:\"3.0\", test_version2:\"3.0.4506.8830\"))\n {\n vulnerable_range = \"3.0 - 3.0.4506.8830\";\n break;\n }\n ## https://support.microsoft.com/en-us/help/4507000\n else if(version_in_range(version:dllVer, test_version:\"4.0.30319.30000\", test_version2:\"4.0.30319.36565\"))\n {\n vulnerable_range = \"4.0.30319.30000 - 4.0.30319.36565\";\n break;\n }\n # https://support.microsoft.com/en-us/help/4506995\n else if(version_in_range(version:dllVer, test_version:\"4.6\", test_version2:\"4.7.3439\"))\n {\n vulnerable_range = \"4.6 - 4.7.3439\";\n break;\n }\n ## https://support.microsoft.com/en-us/help/4506992\n else if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\"))\n {\n vulnerable_range = \"4.8 - 4.8.3824\";\n break;\n }\n }\n }\n if(vulnerable_range){\n break;\n }\n }\n }\n }\n\n if((!vulnerable_range) && \"ASP.NET\" >< key)\n {\n foreach item (registry_enum_keys(key:key))\n {\n dotPath = registry_get_sz(key:key + item, item:\"Path\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.identitymodel.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4507002\n if(version_in_range(version:dllVer, test_version:\"3.0\", test_version2:\"3.0.4506.8830\"))\n {\n vulnerable_range = \"3.0 - 3.0.4506.8830\";\n break;\n }\n ## https://support.microsoft.com/en-us/help/4507000\n else if(version_in_range(version:dllVer, test_version:\"4.0.30319.30000\", test_version2:\"4.0.30319.36565\"))\n {\n vulnerable_range = \"4.0.30319.30000 - 4.0.30319.36565\";\n break;\n }\n # https://support.microsoft.com/en-us/help/4506995\n else if(version_in_range(version:dllVer, test_version:\"4.6\", test_version2:\"4.7.3439\"))\n {\n vulnerable_range = \"4.6 - 4.7.3439\";\n break;\n }\n ## https://support.microsoft.com/en-us/help/4506992\n else if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\"))\n {\n vulnerable_range = \"4.8 - 4.8.3824\";\n break;\n }\n }\n }\n }\n }\n\n ## For versions greater than 4.5 (https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/how-to-determine-which-versions-are-installed#net_b)\n if((!vulnerable_range) && \"NET Framework Setup\" >< key)\n {\n dotPath = registry_get_sz(key:key, item:\"InstallPath\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.identitymodel.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4507002\n if(version_in_range(version:dllVer, test_version:\"3.0\", test_version2:\"3.0.4506.8830\")){\n vulnerable_range = \"3.0 - 3.0.4506.8830\";\n }\n ## https://support.microsoft.com/en-us/help/4507000\n else if(version_in_range(version:dllVer, test_version:\"4.0.30319.30000\", test_version2:\"4.0.30319.36565\")){\n vulnerable_range = \"4.0.30319.30000 - 4.0.30319.36565\";\n }\n # https://support.microsoft.com/en-us/help/4506995\n else if(version_in_range(version:dllVer, test_version:\"4.6\", test_version2:\"4.7.3439\")){\n vulnerable_range = \"4.6 - 4.7.3439\";\n }\n ## https://support.microsoft.com/en-us/help/4506992\n else if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\")){\n vulnerable_range = \"4.8 - 4.8.3824\";\n }\n }\n }\n }\n\n if(vulnerable_range)\n {\n report = report_fixed_ver(file_checked:dotPath + \"System.identitymodel.dll\",\n file_version:dllVer, vulnerable_range:vulnerable_range);\n security_message(data:report);\n exit(0);\n }\n}\nexit(99);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-05T16:27:21", "description": "This host is missing a critical security\n update according to Microsoft KB4506988", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft .NET Framework Multiple Vulnerabilities (KB4506988)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1006", "CVE-2019-1113", "CVE-2019-1083"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310815152", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815152", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815152\");\n script_version(\"2020-06-04T09:02:37+0000\");\n script_cve_id(\"CVE-2019-1113\", \"CVE-2019-1006\", \"CVE-2019-1083\");\n script_bugtraq_id(108977, 108978, 108981);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 09:02:37 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 09:35:44 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft .NET Framework Multiple Vulnerabilities (KB4506988)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4506988\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - An error in Windows Communication Foundation (WCF) and Windows Identity Foundation\n (WIF), allowing signing of SAML tokens with arbitrary symmetric keys.\n\n - An error when Microsoft Common Object Runtime Library improperly handles web\n requests.\n\n - An error in .NET software when the software fails to check the source markup\n of a file.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain elevated privileges, conduct denial-of-service condition and execute\n arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Microsoft .NET Framework 4.8 on Microsoft Windows 10 Version 1709.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4506988\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(edgeVer =~ \"^11\\.0\\.16299\")\n{\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\.NETFramework\")){\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\ASP.NET\")){\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\NET Framework Setup\\NDP\\v4\\Full\\\")){\n exit(0);\n }\n }\n }\n\n key_list = make_list(\"SOFTWARE\\Microsoft\\.NETFramework\\\", \"SOFTWARE\\Microsoft\\ASP.NET\\\", \"SOFTWARE\\Microsoft\\NET Framework Setup\\NDP\\v4\\Full\\\");\n\n foreach key(key_list)\n {\n if(\".NETFramework\" >< key)\n {\n foreach item (registry_enum_keys(key:key))\n {\n NetPath = registry_get_sz(key:key + item, item:\"InstallRoot\");\n if(NetPath && \"\\Microsoft.NET\\Framework\" >< NetPath)\n {\n foreach item (registry_enum_keys(key:key))\n {\n dotPath = NetPath + item;\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.workflow.runtime.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4506988\n if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\"))\n {\n vulnerable_range = \"4.8 - 4.8.3824\" ;\n break;\n }\n }\n }\n if(vulnerable_range){\n break;\n }\n }\n }\n }\n\n if((!vulnerable_range) && \"ASP.NET\" >< key)\n {\n foreach item (registry_enum_keys(key:key))\n {\n dotPath = registry_get_sz(key:key + item, item:\"Path\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.workflow.runtime.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4506988\n if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\"))\n {\n vulnerable_range = \"4.8 - 4.8.3824\" ;\n break;\n }\n }\n }\n }\n }\n\n ## For versions greater than 4.5 (https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/how-to-determine-which-versions-are-installed#net_b)\n if((!vulnerable_range) && \"NET Framework Setup\" >< key)\n {\n dotPath = registry_get_sz(key:key, item:\"InstallPath\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.workflow.runtime.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4506988\n if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\")){\n vulnerable_range = \"4.8 - 4.8.3824\" ;\n }\n }\n }\n }\n\n if(vulnerable_range)\n {\n report = report_fixed_ver(file_checked:dotPath + \"System.workflow.runtime.dll\",\n file_version:dllVer, vulnerable_range:vulnerable_range);\n security_message(data:report);\n exit(0);\n }\n }\n}\nexit(99);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-05T16:27:13", "description": "This host is missing a critical security\n update according to Microsoft KB4507420", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft .NET Framework Multiple Vulnerabilities (KB4507420)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1006", "CVE-2019-1113", "CVE-2019-1083"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310815156", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815156", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815156\");\n script_version(\"2020-06-04T09:02:37+0000\");\n script_cve_id(\"CVE-2019-1113\", \"CVE-2019-1006\", \"CVE-2019-1083\");\n script_bugtraq_id(108977, 108978, 108981);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 09:02:37 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 09:35:44 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft .NET Framework Multiple Vulnerabilities (KB4507420)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4507420\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - An error in Windows Communication Foundation (WCF) and Windows Identity Foundation\n (WIF), allowing signing of SAML tokens with arbitrary symmetric keys.\n\n - An error when Microsoft Common Object Runtime Library improperly handles web\n requests.\n\n - An error in .NET software when the software fails to check the source markup\n of a file.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain elevated privileges, conduct denial-of-service condition and execute\n arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Microsoft .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 and 4.8 on Microsoft Windows 7 SP1 and Microsoft Windows Server 2008 R2 SP1.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4506994/\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4506997/\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4507001/\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4507004/\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4507420/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win7:2, win7x64:2, win2008r2:2) <= 0){\n exit(0);\n}\n\nif(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\.NETFramework\")){\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\ASP.NET\")){\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\NET Framework Setup\\NDP\\v4\\Full\\\")){\n exit(0);\n }\n }\n}\n\nkey_list = make_list(\"SOFTWARE\\Microsoft\\.NETFramework\\\", \"SOFTWARE\\Microsoft\\ASP.NET\\\", \"SOFTWARE\\Microsoft\\NET Framework Setup\\NDP\\v4\\Full\\\");\n\nforeach key(key_list)\n{\n if(\".NETFramework\" >< key)\n {\n foreach item (registry_enum_keys(key:key))\n {\n NetPath = registry_get_sz(key:key + item, item:\"InstallRoot\");\n if(NetPath && \"\\Microsoft.NET\\Framework\" >< NetPath)\n {\n foreach item (registry_enum_keys(key:key))\n {\n dotPath = NetPath + item;\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.identitymodel.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4507004\n if(version_in_range(version:dllVer, test_version:\"3.0\", test_version2:\"3.0.4506.8830\"))\n {\n vulnerable_range = \"3.0 - 3.0.4506.8830\";\n break;\n }\n ## https://support.microsoft.com/en-us/help/4507001\n else if(version_in_range(version:dllVer, test_version:\"4.0.30319.30000\", test_version2:\"4.0.30319.36565\"))\n {\n vulnerable_range = \"4.0.30319.30000 - 4.0.30319.36565\";\n break;\n }\n # https://support.microsoft.com/en-us/help/4506997\n else if(version_in_range(version:dllVer, test_version:\"4.6\", test_version2:\"4.7.3439\"))\n {\n vulnerable_range = \"4.6 - 4.7.3439\";\n break;\n }\n ## https://support.microsoft.com/en-us/help/4506994\n else if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\"))\n {\n vulnerable_range = \"4.8 - 4.8.3824\";\n break;\n }\n }\n }\n if(vulnerable_range){\n break;\n }\n }\n }\n }\n\n if((!vulnerable_range) && \"ASP.NET\" >< key)\n {\n foreach item (registry_enum_keys(key:key))\n {\n dotPath = registry_get_sz(key:key + item, item:\"Path\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.identitymodel.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4507004\n if(version_in_range(version:dllVer, test_version:\"3.0\", test_version2:\"3.0.4506.8830\"))\n {\n vulnerable_range = \"3.0 - 3.0.4506.8830\";\n break;\n }\n ## https://support.microsoft.com/en-us/help/4507001\n else if(version_in_range(version:dllVer, test_version:\"4.0.30319.30000\", test_version2:\"4.0.30319.36565\"))\n {\n vulnerable_range = \"4.0.30319.30000 - 4.0.30319.36565\";\n break;\n }\n # https://support.microsoft.com/en-us/help/4506997\n else if(version_in_range(version:dllVer, test_version:\"4.6\", test_version2:\"4.7.3439\"))\n {\n vulnerable_range = \"4.6 - 4.7.3439\";\n break;\n }\n ## https://support.microsoft.com/en-us/help/4506994\n else if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\"))\n {\n vulnerable_range = \"4.8 - 4.8.3824\";\n break;\n }\n }\n }\n }\n }\n\n ## For versions greater than 4.5 (https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/how-to-determine-which-versions-are-installed#net_b)\n if((!vulnerable_range) && \"NET Framework Setup\" >< key)\n {\n dotPath = registry_get_sz(key:key, item:\"InstallPath\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.identitymodel.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4507004\n if(version_in_range(version:dllVer, test_version:\"3.0\", test_version2:\"3.0.4506.8830\")){\n vulnerable_range = \"3.0 - 3.0.4506.8830\";\n }\n ## https://support.microsoft.com/en-us/help/4507001\n else if(version_in_range(version:dllVer, test_version:\"4.0.30319.30000\", test_version2:\"4.0.30319.36565\")){\n vulnerable_range = \"4.0.30319.30000 - 4.0.30319.36565\";\n }\n # https://support.microsoft.com/en-us/help/4506997\n else if(version_in_range(version:dllVer, test_version:\"4.6\", test_version2:\"4.7.3439\")){\n vulnerable_range = \"4.6 - 4.7.3439\";\n }\n ## https://support.microsoft.com/en-us/help/4506994\n else if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\")){\n vulnerable_range = \"4.8 - 4.8.3824\";\n }\n }\n }\n }\n\n if(vulnerable_range)\n {\n report = report_fixed_ver(file_checked:dotPath + \"System.identitymodel.dll\",\n file_version:dllVer, vulnerable_range:vulnerable_range);\n security_message(data:report);\n exit(0);\n }\n}\nexit(99);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-05T16:27:30", "description": "This host is missing a critical security\n update according to Microsoft KB4507419", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft .NET Framework Multiple Vulnerabilities (KB4507419)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1006", "CVE-2019-1113", "CVE-2019-1083"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310815150", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815150", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815150\");\n script_version(\"2020-06-04T09:02:37+0000\");\n script_cve_id(\"CVE-2019-1113\", \"CVE-2019-1006\", \"CVE-2019-1083\");\n script_bugtraq_id(108977, 108978, 108981);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 09:02:37 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 09:35:44 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft .NET Framework Multiple Vulnerabilities (KB4507419)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4507419\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - An error in Windows Communication Foundation (WCF) and Windows Identity Foundation\n (WIF), allowing signing of SAML tokens with arbitrary symmetric keys.\n\n - An error when Microsoft Common Object Runtime Library improperly handles web\n requests.\n\n - An error in .NET software when the software fails to check the source markup\n of a file.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain elevated privileges, conduct denial-of-service condition and execute\n arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Microsoft .NET Framework 3.5, 4.7.2 and 4.8 on Microsoft Windows 10 version 1809 and Microsoft Windows Server 2019.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4506998\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4506990\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4507419\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\n\nif(hotfix_check_sp(win10:1, win10x64:1, win2019:1) <= 0){\n exit(0);\n}\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(edgeVer =~ \"^11\\.0\\.17763\")\n{\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\.NETFramework\")){\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\ASP.NET\")){\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\NET Framework Setup\\NDP\\v4\\Full\\\")){\n exit(0);\n }\n }\n }\n\n key_list = make_list(\"SOFTWARE\\Microsoft\\.NETFramework\\\", \"SOFTWARE\\Microsoft\\ASP.NET\\\", \"SOFTWARE\\Microsoft\\NET Framework Setup\\NDP\\v4\\Full\\\");\n\n foreach key(key_list)\n {\n if(\".NETFramework\" >< key)\n {\n foreach item (registry_enum_keys(key:key))\n {\n NetPath = registry_get_sz(key:key + item, item:\"InstallRoot\");\n if(NetPath && \"\\Microsoft.NET\\Framework\" >< NetPath)\n {\n foreach item (registry_enum_keys(key:key))\n {\n dotPath = NetPath + item;\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.workflow.runtime.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4506998\n ## https://support.microsoft.com/en-us/help/4506990\n if(version_in_range(version:dllVer, test_version:\"3.0\", test_version2:\"3.0.4203.9041\"))\n {\n vulnerable_range = \"3.0 - 3.0.4203.9041\" ;\n break;\n }\n\n ## https://support.microsoft.com/en-us/help/4506998\n else if(version_in_range(version:dllVer, test_version:\"4.7\", test_version2:\"4.7.3439\"))\n {\n vulnerable_range = \"4.7 - 4.7.3439\" ;\n break;\n }\n ## https://support.microsoft.com/en-us/help/4506990/\n else if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\"))\n {\n vulnerable_range = \"4.8 - 4.8.3824\" ;\n break;\n }\n }\n }\n if(vulnerable_range){\n break;\n }\n }\n }\n }\n if((!vulnerable_range) && \"ASP.NET\" >< key)\n {\n foreach item (registry_enum_keys(key:key))\n {\n dotPath = registry_get_sz(key:key + item, item:\"Path\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.workflow.runtime.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4506998\n ## https://support.microsoft.com/en-us/help/4506990\n if(version_in_range(version:dllVer, test_version:\"3.0\", test_version2:\"3.0.4203.9041\"))\n {\n vulnerable_range = \"3.0 - 3.0.4203.9041\" ;\n break;\n }\n\n ## https://support.microsoft.com/en-us/help/4506998\n else if(version_in_range(version:dllVer, test_version:\"4.7\", test_version2:\"4.7.3439\"))\n {\n vulnerable_range = \"4.7 - 4.7.3439\" ;\n break;\n }\n ## https://support.microsoft.com/en-us/help/4506990/\n else if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\"))\n {\n vulnerable_range = \"4.8 - 4.8.3824\" ;\n break;\n }\n }\n }\n }\n }\n\n ## For versions greater than 4.5 (https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/how-to-determine-which-versions-are-installed#net_b)\n if((!vulnerable_range) && \"NET Framework Setup\" >< key)\n {\n dotPath = registry_get_sz(key:key, item:\"InstallPath\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.workflow.runtime.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4506998\n ## https://support.microsoft.com/en-us/help/4506990\n if(version_in_range(version:dllVer, test_version:\"3.0\", test_version2:\"3.0.4203.9041\")){\n vulnerable_range = \"3.0 - 3.0.4203.9041\" ;\n }\n\n ## https://support.microsoft.com/en-us/help/4506998\n else if(version_in_range(version:dllVer, test_version:\"4.7\", test_version2:\"4.7.3439\")){\n vulnerable_range = \"4.7 - 4.7.3439\" ;\n }\n\n ## https://support.microsoft.com/en-us/help/4506990/\n else if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\")){\n vulnerable_range = \"4.8 - 4.8.3824\" ;\n }\n }\n }\n }\n\n if(vulnerable_range)\n {\n report = report_fixed_ver(file_checked:dotPath + \"System.workflow.runtime.dll\",\n file_version:dllVer, vulnerable_range:vulnerable_range);\n security_message(data:report);\n exit(0);\n }\n }\n}\nexit(99);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-05T16:27:27", "description": "This host is missing a critical security\n update according to Microsoft KB4506989", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft .NET Framework Multiple Vulnerabilities (KB4506989)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1006", "CVE-2019-1113", "CVE-2019-1083"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310815155", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815155", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815155\");\n script_version(\"2020-06-04T09:02:37+0000\");\n script_cve_id(\"CVE-2019-1113\", \"CVE-2019-1006\", \"CVE-2019-1083\");\n script_bugtraq_id(108977, 108978, 108981);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 09:02:37 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 09:35:44 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft .NET Framework Multiple Vulnerabilities (KB4506989)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4506989\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - An error in Windows Communication Foundation (WCF) and Windows Identity Foundation\n (WIF), allowing signing of SAML tokens with arbitrary symmetric keys.\n\n - An error when Microsoft Common Object Runtime Library improperly handles web\n requests.\n\n - An error in .NET software when the software fails to check the source markup\n of a file.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain elevated privileges, conduct denial-of-service condition and execute\n arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Microsoft .NET Framework 4.8 on Microsoft Windows 10 Version 1803.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4506989\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(edgeVer =~ \"^11\\.0\\.17134\")\n{\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\.NETFramework\")){\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\ASP.NET\")){\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\NET Framework Setup\\NDP\\v4\\Full\\\")){\n exit(0);\n }\n }\n }\n\n key_list = make_list(\"SOFTWARE\\Microsoft\\.NETFramework\\\", \"SOFTWARE\\Microsoft\\ASP.NET\\\", \"SOFTWARE\\Microsoft\\NET Framework Setup\\NDP\\v4\\Full\\\");\n\n foreach key(key_list)\n {\n if(\".NETFramework\" >< key)\n {\n foreach item (registry_enum_keys(key:key))\n {\n NetPath = registry_get_sz(key:key + item, item:\"InstallRoot\");\n if(NetPath && \"\\Microsoft.NET\\Framework\" >< NetPath)\n {\n foreach item (registry_enum_keys(key:key))\n {\n dotPath = NetPath + item;\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.workflow.runtime.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4506989\n if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\"))\n {\n vulnerable_range = \"4.8 - 4.8.3824\" ;\n break;\n }\n }\n }\n if(vulnerable_range){\n break;\n }\n }\n }\n }\n\n if((!vulnerable_range) && \"ASP.NET\" >< key)\n {\n foreach item (registry_enum_keys(key:key))\n {\n dotPath = registry_get_sz(key:key + item, item:\"Path\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.workflow.runtime.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4506989\n if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\"))\n {\n vulnerable_range = \"4.8 - 4.8.3824\" ;\n break;\n }\n }\n }\n }\n }\n\n ## For versions greater than 4.5 (https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/how-to-determine-which-versions-are-installed#net_b)\n if((!vulnerable_range) && \"NET Framework Setup\" >< key)\n {\n dotPath = registry_get_sz(key:key, item:\"InstallPath\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.workflow.runtime.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4506989\n if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\")){\n vulnerable_range = \"4.8 - 4.8.3824\" ;\n }\n }\n }\n }\n\n if(vulnerable_range)\n {\n report = report_fixed_ver(file_checked:dotPath + \"System.workflow.runtime.dll\",\n file_version:dllVer, vulnerable_range:vulnerable_range);\n security_message(data:report);\n exit(0);\n }\n }\n}\nexit(99);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-05T16:27:22", "description": "This host is missing a critical security\n update according to Microsoft KB4506986", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft .NET Framework Multiple Vulnerabilities (KB4506986)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1006", "CVE-2019-1113", "CVE-2019-1083"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310815508", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815508", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815508\");\n script_version(\"2020-06-04T09:02:37+0000\");\n script_cve_id(\"CVE-2019-1113\", \"CVE-2019-1006\", \"CVE-2019-1083\");\n script_bugtraq_id(108977, 108978, 108981);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 09:02:37 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 09:35:44 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft .NET Framework Multiple Vulnerabilities (KB4506986)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4506986\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - An error in Windows Communication Foundation (WCF) and Windows Identity Foundation\n (WIF), allowing signing of SAML tokens with arbitrary symmetric keys.\n\n - An error when Microsoft Common Object Runtime Library improperly handles web\n requests.\n\n - An error in .NET software when the software fails to check the source markup\n of a file.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain elevated privileges, conduct denial-of-service condition and execute\n arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Microsoft .NET Framework 4.8 on Microsoft Windows 10 Version 1607 and Microsoft Windows Server 2016.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4506986\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1, win2016:1) <= 0){\n exit(0);\n}\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(edgeVer =~ \"^11\\.0\\.14393\")\n{\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\.NETFramework\")){\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\ASP.NET\")){\n if(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\NET Framework Setup\\NDP\\v4\\Full\\\")){\n exit(0);\n }\n }\n }\n\n key_list = make_list(\"SOFTWARE\\Microsoft\\.NETFramework\\\", \"SOFTWARE\\Microsoft\\ASP.NET\\\", \"SOFTWARE\\Microsoft\\NET Framework Setup\\NDP\\v4\\Full\\\");\n\n foreach key(key_list)\n {\n if(\".NETFramework\" >< key)\n {\n foreach item (registry_enum_keys(key:key))\n {\n NetPath = registry_get_sz(key:key + item, item:\"InstallRoot\");\n if(NetPath && \"\\Microsoft.NET\\Framework\" >< NetPath)\n {\n foreach item (registry_enum_keys(key:key))\n {\n dotPath = NetPath + item;\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.workflow.runtime.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4506986\n if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\"))\n {\n vulnerable_range = \"4.8 - 4.8.3824\" ;\n break;\n }\n }\n }\n if(vulnerable_range){\n break;\n }\n }\n }\n }\n\n if((!vulnerable_range) && \"ASP.NET\" >< key)\n {\n foreach item (registry_enum_keys(key:key))\n {\n dotPath = registry_get_sz(key:key + item, item:\"Path\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.workflow.runtime.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4506986\n if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\"))\n {\n vulnerable_range = \"4.8 - 4.8.3824\" ;\n break;\n }\n }\n }\n }\n }\n\n ## For versions greater than 4.5 (https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/how-to-determine-which-versions-are-installed#net_b)\n if((!vulnerable_range) && \"NET Framework Setup\" >< key)\n {\n dotPath = registry_get_sz(key:key, item:\"InstallPath\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.workflow.runtime.dll\");\n if(dllVer)\n {\n ## https://support.microsoft.com/en-us/help/4506986\n if(version_in_range(version:dllVer, test_version:\"4.8\", test_version2:\"4.8.3824\")){\n vulnerable_range = \"4.8 - 4.8.3824\" ;\n }\n }\n }\n }\n\n if(vulnerable_range)\n {\n report = report_fixed_ver(file_checked:dotPath + \"System.workflow.runtime.dll\",\n file_version:dllVer, vulnerable_range:vulnerable_range);\n security_message(data:report);\n exit(0);\n }\n }\n}\nexit(99);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-07-21T20:40:50", "description": "This host is missing a critical security\n update according to Microsoft KB4480963", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4507462)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0683", "CVE-2019-1082", "CVE-2019-1093", "CVE-2019-0887", "CVE-2019-1097", "CVE-2019-1063", "CVE-2019-1004", "CVE-2019-1089", "CVE-2019-0880", "CVE-2019-1104", "CVE-2019-1094", "CVE-2019-1059", "CVE-2019-1085", "CVE-2019-1006", "CVE-2019-1088", "CVE-2019-1095", "CVE-2019-1096", "CVE-2019-0785", "CVE-2019-1071", "CVE-2019-1130", "CVE-2019-1108", "CVE-2019-1073", "CVE-2019-1102", "CVE-2019-1125"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815514", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815514", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815514\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-0683\", \"CVE-2019-0785\", \"CVE-2019-0880\", \"CVE-2019-0887\",\n \"CVE-2019-1004\", \"CVE-2019-1006\", \"CVE-2019-1059\", \"CVE-2019-1063\",\n \"CVE-2019-1071\", \"CVE-2019-1073\", \"CVE-2019-1082\", \"CVE-2019-1085\",\n \"CVE-2019-1088\", \"CVE-2019-1089\", \"CVE-2019-1093\", \"CVE-2019-1094\",\n \"CVE-2019-1095\", \"CVE-2019-1096\", \"CVE-2019-1097\", \"CVE-2019-1102\",\n \"CVE-2019-1104\", \"CVE-2019-1108\", \"CVE-2019-1125\", \"CVE-2019-1130\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 09:30:27 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4507462)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4480963\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the\n target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - DHCP failover servers improperly handle network packets.\n\n - splwow64.exe improperly handles certain calls.\n\n - Remote Desktop Services improperly handles clipboard redirection.\n\n - Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF),\n allow signing of SAML tokens with arbitrary symmetric keys.\n\n - Kernel Information Disclosure Vulnerability (SWAPGS Attack).\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to execute arbitrary code, elevate privileges, bypass authentication and disclose\n sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Windows Server 2012.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4507462\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win2012:1) <= 0){\n exit(0);\n}\n\ndllpath = smb_get_system32root();\nif(!dllpath)\n exit(0);\n\nfileVer = fetch_file_version(sysPath:dllpath, file_name:\"Gdi32.dll\");\nif(!fileVer)\n exit(0);\n\nif(version_is_less(version:fileVer, test_version:\"6.2.9200.22802\")) {\n report = report_fixed_ver(file_checked:dllpath + \"\\Gdi32.dll\",\n file_version:fileVer, vulnerable_range:\"Less than 6.2.9200.22802\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:55", "description": "This host is missing a critical security\n update according to Microsoft KB4507452", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4507452)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0683", "CVE-2019-1093", "CVE-2019-0887", "CVE-2019-1097", "CVE-2019-1063", "CVE-2019-1004", "CVE-2019-1101", "CVE-2019-1132", "CVE-2019-1098", "CVE-2019-1116", "CVE-2019-1089", "CVE-2019-1104", "CVE-2019-1100", "CVE-2019-1094", "CVE-2019-1059", "CVE-2019-1085", "CVE-2019-1006", "CVE-2019-1088", "CVE-2019-1095", "CVE-2019-1096", "CVE-2019-1099", "CVE-2019-1071", "CVE-2019-1108", "CVE-2019-1073", "CVE-2019-1102", "CVE-2019-1125"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815513", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815513", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815513\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-0683\", \"CVE-2019-0887\", \"CVE-2019-1004\", \"CVE-2019-1006\",\n \"CVE-2019-1059\", \"CVE-2019-1063\", \"CVE-2019-1071\", \"CVE-2019-1073\",\n \"CVE-2019-1085\", \"CVE-2019-1088\", \"CVE-2019-1089\", \"CVE-2019-1093\",\n \"CVE-2019-1094\", \"CVE-2019-1095\", \"CVE-2019-1096\", \"CVE-2019-1097\",\n \"CVE-2019-1098\", \"CVE-2019-1099\", \"CVE-2019-1100\", \"CVE-2019-1101\",\n \"CVE-2019-1102\", \"CVE-2019-1104\", \"CVE-2019-1108\", \"CVE-2019-1116\",\n \"CVE-2019-1125\", \"CVE-2019-1132\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 09:30:27 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4507452)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4507452\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Remote Desktop Services improperly handles clipboard redirection.\n\n - Scripting Engine improperly handles objects in memory in Internet Explorer.\n\n - Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF),\n allow signing of SAML tokens with arbitrary symmetric keys.\n\n - Windows kernel improperly handles objects in memory.\n\n - Kernel Information Disclosure Vulnerability (SWAPGS Attack).\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n an attacker to execute arbitrary code, elevate privileges by escaping a\n sandbox and gain access to sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4507452\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win2008:3, win2008x64:3) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nsysVer = fetch_file_version(sysPath:sysPath, file_name:\"Win32k.sys\");\nif(!sysVer)\n exit(0);\n\nif(version_is_less(version:sysVer, test_version:\"6.0.6003.20569\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Win32k.sys\",\n file_version:sysVer, vulnerable_range:\"Less than 6.0.6003.20569\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:55", "description": "This host is missing a critical security\n update according to Microsoft KB4507449", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4507449)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0683", "CVE-2019-1082", "CVE-2019-1093", "CVE-2019-0887", "CVE-2019-1097", "CVE-2019-1063", "CVE-2019-1004", "CVE-2019-1101", "CVE-2019-1132", "CVE-2019-1098", "CVE-2019-1116", "CVE-2019-1089", "CVE-2019-1104", "CVE-2019-1100", "CVE-2019-1094", "CVE-2019-1059", "CVE-2019-1085", "CVE-2019-1006", "CVE-2019-1088", "CVE-2019-1095", "CVE-2019-1096", "CVE-2019-1099", "CVE-2019-1071", "CVE-2019-1001", "CVE-2019-1108", "CVE-2019-1073", "CVE-2019-1102", "CVE-2019-1056", "CVE-2019-1125"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815403", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815403", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815403\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-0683\", \"CVE-2019-0887\", \"CVE-2019-1001\", \"CVE-2019-1004\",\n \"CVE-2019-1006\", \"CVE-2019-1056\", \"CVE-2019-1059\", \"CVE-2019-1063\",\n \"CVE-2019-1071\", \"CVE-2019-1073\", \"CVE-2019-1082\", \"CVE-2019-1085\",\n \"CVE-2019-1088\", \"CVE-2019-1089\", \"CVE-2019-1093\", \"CVE-2019-1094\",\n \"CVE-2019-1095\", \"CVE-2019-1096\", \"CVE-2019-1097\", \"CVE-2019-1098\",\n \"CVE-2019-1099\", \"CVE-2019-1100\", \"CVE-2019-1101\", \"CVE-2019-1102\",\n \"CVE-2019-1104\", \"CVE-2019-1108\", \"CVE-2019-1116\", \"CVE-2019-1125\",\n \"CVE-2019-1132\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 09:30:27 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4507449)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4507449\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on\n the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist as,\n\n - Remote Desktop Services improperly handles clipboard redirection.\n\n - Scripting Engine improperly handles objects in memory in Microsoft browsers.\n\n - Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF),\n allow signing of SAML tokens with arbitrary symmetric keys.\n\n - Windows GDI component improperly handles objects in memory.\n\n - An elevation of privilege vulnerability exists in Active Directory Forest\n trusts due to a default setting.\n\n - Kernel Information Disclosure Vulnerability (SWAPGS Attack).\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n an attacker to execute arbitrary code on a victim system, obtain information to\n further compromise the user's system and gain elevated privileges.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1\n\n - Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4507449\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win7:2, win7x64:2, win2008r2:2) <= 0){\n exit(0);\n}\n\ndllPath = smb_get_system32root();\nif(!dllPath)\n exit(0);\n\nfileVer = fetch_file_version(sysPath:dllPath, file_name:\"Ntdll.dll\");\nif(!fileVer)\n exit(0);\n\nif(version_is_less(version:fileVer, test_version:\"6.1.7601.24499\")) {\n report = report_fixed_ver(file_checked:dllPath + \"\\Ntdll.dll\",\n file_version:fileVer, vulnerable_range:\"Less than 6.1.7601.24499\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:48", "description": "This host is missing a critical security\n update according to Microsoft KB4507448", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4507448)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0683", "CVE-2019-1126", "CVE-2019-1082", "CVE-2019-1093", "CVE-2019-0887", "CVE-2019-1097", "CVE-2019-1086", "CVE-2019-1063", "CVE-2019-1004", "CVE-2019-1089", "CVE-2019-0880", "CVE-2019-1087", "CVE-2019-1104", "CVE-2019-1094", "CVE-2019-1059", "CVE-2019-1085", "CVE-2019-1006", "CVE-2019-1088", "CVE-2019-0811", "CVE-2019-1095", "CVE-2019-1096", "CVE-2019-0785", "CVE-2019-1071", "CVE-2019-1001", "CVE-2019-1130", "CVE-2019-1108", "CVE-2019-1073", "CVE-2019-1102", "CVE-2019-1056", "CVE-2019-1125"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815402", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815402", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815402\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-0785\", \"CVE-2019-0811\", \"CVE-2019-0880\", \"CVE-2019-0887\",\n \"CVE-2019-1102\", \"CVE-2019-1001\", \"CVE-2019-1004\", \"CVE-2019-1104\",\n \"CVE-2019-1006\", \"CVE-2019-1108\", \"CVE-2019-1056\", \"CVE-2019-1059\",\n \"CVE-2019-1063\", \"CVE-2019-1071\", \"CVE-2019-1073\", \"CVE-2019-1126\",\n \"CVE-2019-1130\", \"CVE-2019-1082\", \"CVE-2019-1085\", \"CVE-2019-1086\",\n \"CVE-2019-1087\", \"CVE-2019-1088\", \"CVE-2019-1089\", \"CVE-2019-1095\",\n \"CVE-2019-1096\", \"CVE-2019-1097\", \"CVE-2019-1093\", \"CVE-2019-1094\",\n \"CVE-2019-0683\", \"CVE-2019-1125\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 10:16:06 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4507448)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4507448\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Scripting engine handles objects in memory in Microsoft browsers.\n\n - Windows RDP client improperly discloses the contents of its memory.\n\n - Windows Graphics Device Interface (GDI) handles objects in the memory.\n\n - An elevation of privilege exists in Windows Audio Service.\n\n - Internet Explorer improperly accesses objects in memory.\n\n - Kernel Information Disclosure Vulnerability (SWAPGS Attack).\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to execute arbitrary code, elevate privileges, bypass authentication, conduct\n denial-of-service condition and disclose sensitive information.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows Server 2012 R2\n\n - Microsoft Windows 8.1 for 32-bit/x64\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4507448\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win2012R2:1, win8_1:1, win8_1x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nfileVer = fetch_file_version(sysPath:sysPath, file_name:\"gdi32.dll\");\nif(!fileVer)\n exit(0);\n\nif(version_is_less(version:fileVer, test_version:\"6.3.9600.19402\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Gdi32.dll\",\n file_version:fileVer, vulnerable_range:\"Less than 6.3.9600.19402\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:43", "description": "This host is missing a critical security\n update according to Microsoft KB4507458", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4507458)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0683", "CVE-2019-1082", "CVE-2019-1093", "CVE-2019-0887", "CVE-2019-1097", "CVE-2019-1086", "CVE-2019-1063", "CVE-2019-1004", "CVE-2019-1103", "CVE-2019-1089", "CVE-2019-0880", "CVE-2019-1087", "CVE-2019-1104", "CVE-2019-1094", "CVE-2019-1059", "CVE-2019-1067", "CVE-2019-1085", "CVE-2019-1006", "CVE-2019-1088", "CVE-2019-1095", "CVE-2019-0999", "CVE-2019-1096", "CVE-2019-1107", "CVE-2019-1071", "CVE-2019-1001", "CVE-2019-1130", "CVE-2019-1062", "CVE-2019-1108", "CVE-2019-1113", "CVE-2019-1091", "CVE-2019-1073", "CVE-2019-1102", "CVE-2019-1056", "CVE-2019-1083", "CVE-2019-1092", "CVE-2019-1125"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815409", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815409", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815409\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-0880\", \"CVE-2019-0887\", \"CVE-2019-1102\", \"CVE-2019-0999\",\n \"CVE-2019-1001\", \"CVE-2019-1004\", \"CVE-2019-1103\", \"CVE-2019-1104\",\n \"CVE-2019-1107\", \"CVE-2019-1006\", \"CVE-2019-1108\", \"CVE-2019-1113\",\n \"CVE-2019-1056\", \"CVE-2019-1059\", \"CVE-2019-1062\", \"CVE-2019-1063\",\n \"CVE-2019-1067\", \"CVE-2019-1071\", \"CVE-2019-1073\", \"CVE-2019-1130\",\n \"CVE-2019-1082\", \"CVE-2019-1083\", \"CVE-2019-1085\", \"CVE-2019-1086\",\n \"CVE-2019-1087\", \"CVE-2019-1088\", \"CVE-2019-1089\", \"CVE-2019-1091\",\n \"CVE-2019-1092\", \"CVE-2019-1095\", \"CVE-2019-1096\", \"CVE-2019-1097\",\n \"CVE-2019-1093\", \"CVE-2019-1094\", \"CVE-2019-0683\", \"CVE-2019-1125\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 08:44:05 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4507458)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4507458\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Scripting engine improperly handles objects in memory in Microsoft browsers.\n\n - Windows RDP client improperly discloses the contents of its memory.\n\n - Chakra scripting engine improperly handles objects in memory in Microsoft Edge.\n\n - Windows Graphics Device Interface (GDI) improperly handles objects in the memory.\n\n - Kernel Information Disclosure Vulnerability (SWAPGS Attack).\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to execute arbitrary code in kernel mode, elevate privileges\n by escaping a sandbox, gain access to sensitive information and conduct\n denial-of-service.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 for 32-bit Systems\n\n - Microsoft Windows 10 for x64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4507458\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer)\n exit(0);\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.10240.0\", test_version2:\"11.0.10240.18274\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.10240.0 - 11.0.10240.18274\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:39", "description": "This host is missing a critical security\n update according to Microsoft KB4507450", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4507450)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0683", "CVE-2019-1093", "CVE-2019-0887", "CVE-2019-1097", "CVE-2019-1106", "CVE-2019-1086", "CVE-2019-1063", "CVE-2019-1004", "CVE-2019-1103", "CVE-2019-0865", "CVE-2019-1089", "CVE-2019-0880", "CVE-2019-1087", "CVE-2019-1104", "CVE-2019-1094", "CVE-2019-1059", "CVE-2019-1067", "CVE-2019-1129", "CVE-2019-1085", "CVE-2019-1006", "CVE-2019-1088", "CVE-2019-1095", "CVE-2019-0999", "CVE-2019-1096", "CVE-2019-0966", "CVE-2019-1107", "CVE-2019-1071", "CVE-2019-1001", "CVE-2019-1130", "CVE-2019-1062", "CVE-2019-1108", "CVE-2019-1113", "CVE-2019-1091", "CVE-2019-1073", "CVE-2019-1102", "CVE-2019-1056", "CVE-2019-1083", "CVE-2019-1092", "CVE-2019-1125"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815404", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815404", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815404\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-0865\", \"CVE-2019-0880\", \"CVE-2019-0887\", \"CVE-2019-1102\",\n \"CVE-2019-0966\", \"CVE-2019-0999\", \"CVE-2019-1001\", \"CVE-2019-1004\",\n \"CVE-2019-1103\", \"CVE-2019-1104\", \"CVE-2019-1106\", \"CVE-2019-1107\",\n \"CVE-2019-1006\", \"CVE-2019-1108\", \"CVE-2019-1113\", \"CVE-2019-1056\",\n \"CVE-2019-1059\", \"CVE-2019-1062\", \"CVE-2019-1063\", \"CVE-2019-1067\",\n \"CVE-2019-1071\", \"CVE-2019-1073\", \"CVE-2019-1129\", \"CVE-2019-1130\",\n \"CVE-2019-1083\", \"CVE-2019-1085\", \"CVE-2019-1086\", \"CVE-2019-1087\",\n \"CVE-2019-1088\", \"CVE-2019-1089\", \"CVE-2019-1091\", \"CVE-2019-1092\",\n \"CVE-2019-1095\", \"CVE-2019-1096\", \"CVE-2019-1097\", \"CVE-2019-1093\",\n \"CVE-2019-1094\", \"CVE-2019-0683\", \"CVE-2019-1125\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 09:21:44 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4507450)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4507450\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - SymCrypt improperly handles a specially crafted digital signature.\n\n - Scripting engine improperly handles objects in memory in Microsoft browsers.\n\n - Windows RDP client improperly discloses the contents of its memory.\n\n - Chakra scripting engine improperly handles objects in memory in Microsoft\n Edge.\n\n - Windows Graphics Device Interface (GDI) improperly handles objects in the\n memory.\n\n - Kernel Information Disclosure Vulnerability (SWAPGS Attack).\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to execute arbitrary code in kernel mode, elevate privileges\n by escaping a sandbox, gain access to sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Windows 10 Version 1703 x32/x64.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4507450\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer)\n exit(0);\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.15063.0\", test_version2:\"11.0.15063.1927\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.15063.0 - 11.0.15063.1927\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:45", "description": "This host is missing a critical security\n update according to Microsoft KB4507460", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4507460)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0683", "CVE-2019-1126", "CVE-2019-1082", "CVE-2019-1093", "CVE-2019-0887", "CVE-2019-1097", "CVE-2019-1106", "CVE-2019-1086", "CVE-2019-1063", "CVE-2019-1004", "CVE-2019-1103", "CVE-2019-1089", "CVE-2019-0880", "CVE-2019-1087", "CVE-2019-1104", "CVE-2019-1094", "CVE-2019-1059", "CVE-2019-1067", "CVE-2019-1085", "CVE-2019-1006", "CVE-2019-1088", "CVE-2019-0811", "CVE-2019-1095", "CVE-2019-0999", "CVE-2019-1096", "CVE-2019-0966", "CVE-2019-0785", "CVE-2019-1107", "CVE-2019-1071", "CVE-2019-1001", "CVE-2019-1130", "CVE-2019-1062", "CVE-2019-1108", "CVE-2019-1113", "CVE-2019-1091", "CVE-2019-1073", "CVE-2019-1102", "CVE-2019-0975", "CVE-2019-1056", "CVE-2019-1083", "CVE-2019-1092", "CVE-2019-1125"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815406", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815406", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815406\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-0785\", \"CVE-2019-0811\", \"CVE-2019-0880\", \"CVE-2019-0887\",\n \"CVE-2019-1102\", \"CVE-2019-0966\", \"CVE-2019-0975\", \"CVE-2019-0999\",\n \"CVE-2019-1001\", \"CVE-2019-1004\", \"CVE-2019-1103\", \"CVE-2019-1104\",\n \"CVE-2019-1106\", \"CVE-2019-1107\", \"CVE-2019-1006\", \"CVE-2019-1108\",\n \"CVE-2019-1113\", \"CVE-2019-1056\", \"CVE-2019-1059\", \"CVE-2019-1062\",\n \"CVE-2019-1063\", \"CVE-2019-1067\", \"CVE-2019-1071\", \"CVE-2019-1073\",\n \"CVE-2019-1126\", \"CVE-2019-1130\", \"CVE-2019-1082\", \"CVE-2019-1083\",\n \"CVE-2019-1085\", \"CVE-2019-1086\", \"CVE-2019-1087\", \"CVE-2019-1088\",\n \"CVE-2019-1089\", \"CVE-2019-1091\", \"CVE-2019-1092\", \"CVE-2019-1095\",\n \"CVE-2019-1096\", \"CVE-2019-1097\", \"CVE-2019-1093\", \"CVE-2019-1094\",\n \"CVE-2019-0683\", \"CVE-2019-1125\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 09:46:44 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4507460)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4507460\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Scripting engine improperly handles objects in memory in Microsoft browsers.\n\n - Windows RDP client improperly discloses the contents of its memory.\n\n - Windows Graphics Device Interface (GDI) improperly handles objects in the\n memory.\n\n - An elevation of privilege exists in Windows Audio Service.\n\n - Kernel Information Disclosure Vulnerability (SWAPGS Attack).\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to execute arbitrary code in kernel mode, elevate privileges\n by escaping a sandbox, gain access to sensitive information and conduct\n denial-of-service condition.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows Server 2016\n\n - Microsoft Windows 10 Version 1607 x32/x64\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4507460\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win2016:1, win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer)\n exit(0);\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.14393.0\", test_version2:\"11.0.14393.3084\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.14393.0 - 11.0.14393.3084\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:54", "description": "This host is missing a critical security\n update according to Microsoft KB4507469", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4507469)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1123", "CVE-2019-0683", "CVE-2019-1090", "CVE-2019-1126", "CVE-2019-1093", "CVE-2019-0887", "CVE-2019-1097", "CVE-2019-1122", "CVE-2019-1106", "CVE-2019-1086", "CVE-2019-1063", "CVE-2019-1004", "CVE-2019-1037", "CVE-2019-1120", "CVE-2019-1103", "CVE-2019-0865", "CVE-2019-1128", "CVE-2019-1127", "CVE-2019-1089", "CVE-2019-0880", "CVE-2019-1087", "CVE-2019-1104", "CVE-2019-1121", "CVE-2019-1074", "CVE-2019-1094", "CVE-2019-1059", "CVE-2019-1067", "CVE-2019-1129", "CVE-2019-1117", "CVE-2019-1085", "CVE-2019-1006", "CVE-2019-1088", "CVE-2019-0811", "CVE-2019-1095", "CVE-2019-1096", "CVE-2019-0966", "CVE-2019-0785", "CVE-2019-1107", "CVE-2019-1071", "CVE-2019-1001", "CVE-2019-1130", "CVE-2019-1062", "CVE-2019-1124", "CVE-2019-1108", "CVE-2019-1118", "CVE-2019-1119", "CVE-2019-1091", "CVE-2019-1073", "CVE-2019-1102", "CVE-2019-0975", "CVE-2019-1056", "CVE-2019-1092", "CVE-2019-1125"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815408", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815408", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815408\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-0785\", \"CVE-2019-0811\", \"CVE-2019-0865\", \"CVE-2019-0880\",\n \"CVE-2019-0887\", \"CVE-2019-1097\", \"CVE-2019-1102\", \"CVE-2019-0966\",\n \"CVE-2019-0975\", \"CVE-2019-1001\", \"CVE-2019-1004\", \"CVE-2019-1103\",\n \"CVE-2019-1104\", \"CVE-2019-1106\", \"CVE-2019-1107\", \"CVE-2019-1108\",\n \"CVE-2019-1006\", \"CVE-2019-1037\", \"CVE-2019-1056\", \"CVE-2019-1059\",\n \"CVE-2019-1062\", \"CVE-2019-1063\", \"CVE-2019-1067\", \"CVE-2019-1117\",\n \"CVE-2019-1118\", \"CVE-2019-1119\", \"CVE-2019-1120\", \"CVE-2019-1121\",\n \"CVE-2019-1122\", \"CVE-2019-1123\", \"CVE-2019-1071\", \"CVE-2019-1073\",\n \"CVE-2019-1124\", \"CVE-2019-1126\", \"CVE-2019-1127\", \"CVE-2019-1128\",\n \"CVE-2019-1129\", \"CVE-2019-1130\", \"CVE-2019-1074\", \"CVE-2019-1085\",\n \"CVE-2019-1086\", \"CVE-2019-1087\", \"CVE-2019-1088\", \"CVE-2019-1089\",\n \"CVE-2019-1090\", \"CVE-2019-1091\", \"CVE-2019-1092\", \"CVE-2019-1095\",\n \"CVE-2019-1096\", \"CVE-2019-1093\", \"CVE-2019-1094\", \"CVE-2019-0683\",\n \"CVE-2019-1125\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 08:23:27 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4507469)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4507469\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - SymCrypt improperly handles a specially crafted digital signature.\n\n - Scripting engine improperly handles objects in memory in Microsoft browsers.\n\n - DirectWrite improperly handles objects in memory.\n\n - Windows RDP client improperly discloses the contents of its memory.\n\n - Active Directory Federation Services (ADFS) improperly updates its list\n of banned IP addresses.\n\n - Kernel Information Disclosure Vulnerability (SWAPGS Attack).\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers\n to run arbitrary code, obtain information to further compromise the user's\n system, conduct denial-of-service and take control of the affected system.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows Server 2019\n\n - Microsoft Windows 10 Version 1809 for 32-bit Systems\n\n - Microsoft Windows 10 Version 1809 for x64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates.\n Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4507469\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer)\n exit(0);\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.17763.0\", test_version2:\"11.0.17763.614\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.17763.0 - 11.0.17763.614\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:44", "description": "This host is missing a critical security\n update according to Microsoft KB4507453", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4507453)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1123", "CVE-2019-0683", "CVE-2019-1090", "CVE-2019-1126", "CVE-2019-1093", "CVE-2019-0887", "CVE-2019-0998", "CVE-2019-1097", "CVE-2019-1122", "CVE-2019-1106", "CVE-2019-1086", "CVE-2019-1063", "CVE-2019-1004", "CVE-2019-1037", "CVE-2019-1120", "CVE-2019-1103", "CVE-2019-0865", "CVE-2019-1128", "CVE-2019-1127", "CVE-2019-1089", "CVE-2019-0880", "CVE-2019-1087", "CVE-2019-1104", "CVE-2019-1121", "CVE-2019-1074", "CVE-2019-1094", "CVE-2019-1059", "CVE-2019-1067", "CVE-2019-1129", "CVE-2019-1117", "CVE-2019-1085", "CVE-2019-1006", "CVE-2019-1088", "CVE-2019-0811", "CVE-2019-1095", "CVE-2019-1096", "CVE-2019-0966", "CVE-2019-0785", "CVE-2019-1107", "CVE-2019-1071", "CVE-2019-1001", "CVE-2019-1130", "CVE-2019-1062", "CVE-2019-1124", "CVE-2019-1108", "CVE-2019-1118", "CVE-2019-1119", "CVE-2019-1091", "CVE-2019-1073", "CVE-2019-1102", "CVE-2019-0975", "CVE-2019-1056", "CVE-2019-1092", "CVE-2019-1125"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815410", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815410", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815410\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-0683\", \"CVE-2019-0785\", \"CVE-2019-0811\", \"CVE-2019-0865\",\n \"CVE-2019-0880\", \"CVE-2019-0887\", \"CVE-2019-0966\", \"CVE-2019-0975\",\n \"CVE-2019-0998\", \"CVE-2019-1001\", \"CVE-2019-1004\", \"CVE-2019-1006\",\n \"CVE-2019-1037\", \"CVE-2019-1056\", \"CVE-2019-1059\", \"CVE-2019-1062\",\n \"CVE-2019-1063\", \"CVE-2019-1067\", \"CVE-2019-1071\", \"CVE-2019-1073\",\n \"CVE-2019-1074\", \"CVE-2019-1085\", \"CVE-2019-1086\", \"CVE-2019-1087\",\n \"CVE-2019-1088\", \"CVE-2019-1089\", \"CVE-2019-1090\", \"CVE-2019-1091\",\n \"CVE-2019-1092\", \"CVE-2019-1093\", \"CVE-2019-1094\", \"CVE-2019-1095\",\n \"CVE-2019-1096\", \"CVE-2019-1097\", \"CVE-2019-1102\", \"CVE-2019-1103\",\n \"CVE-2019-1104\", \"CVE-2019-1106\", \"CVE-2019-1107\", \"CVE-2019-1108\",\n \"CVE-2019-1117\", \"CVE-2019-1118\", \"CVE-2019-1119\", \"CVE-2019-1120\",\n \"CVE-2019-1121\", \"CVE-2019-1122\", \"CVE-2019-1123\", \"CVE-2019-1124\",\n \"CVE-2019-1125\", \"CVE-2019-1126\", \"CVE-2019-1127\", \"CVE-2019-1128\",\n \"CVE-2019-1129\", \"CVE-2019-1130\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 08:56:08 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4507453)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4507453\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - SymCrypt improperly handles a specially crafted digital signature.\n\n - Scripting engine improperly handles objects in memory in Microsoft browsers.\n\n - DirectWrite improperly handles objects in memory.\n\n - Windows RDP client improperly discloses the contents of its memory.\n\n - Windows Graphics Device Interface (GDI) improperly handles objects in\n the memory.\n\n - Kernel Information Disclosure Vulnerability (SWAPGS Attack).\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to execute arbitrary code in kernel mode, elevate privileges\n by escaping a sandbox, gain access to sensitive information and conduct\n denial-of-service.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1903 for 32-bit Systems\n\n - Microsoft Windows 10 Version 1903 for x64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4507453\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer)\n exit(0);\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.18362.0\", test_version2:\"11.0.18362.238\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.18362.0 - 11.0.18362.238\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:53", "description": "This host is missing a critical security\n update according to Microsoft KB4507455", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4507455)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1123", "CVE-2019-0683", "CVE-2019-1093", "CVE-2019-0887", "CVE-2019-1097", "CVE-2019-1122", "CVE-2019-1106", "CVE-2019-1086", "CVE-2019-1063", "CVE-2019-1004", "CVE-2019-1037", "CVE-2019-1120", "CVE-2019-1103", "CVE-2019-0865", "CVE-2019-1128", "CVE-2019-1127", "CVE-2019-1089", "CVE-2019-0880", "CVE-2019-1087", "CVE-2019-1104", "CVE-2019-1121", "CVE-2019-1074", "CVE-2019-1094", "CVE-2019-1059", "CVE-2019-1067", "CVE-2019-1129", "CVE-2019-1117", "CVE-2019-1085", "CVE-2019-1006", "CVE-2019-1088", "CVE-2019-1095", "CVE-2019-0999", "CVE-2019-1096", "CVE-2019-0966", "CVE-2019-1107", "CVE-2019-1071", "CVE-2019-1001", "CVE-2019-1130", "CVE-2019-1062", "CVE-2019-1124", "CVE-2019-1108", "CVE-2019-1118", "CVE-2019-1119", "CVE-2019-1113", "CVE-2019-1091", "CVE-2019-1073", "CVE-2019-1102", "CVE-2019-1056", "CVE-2019-1083", "CVE-2019-1092", "CVE-2019-1125"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815400", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815400", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815400\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-0865\", \"CVE-2019-0880\", \"CVE-2019-0887\", \"CVE-2019-1097\",\n \"CVE-2019-1102\", \"CVE-2019-0966\", \"CVE-2019-0999\", \"CVE-2019-1001\",\n \"CVE-2019-1004\", \"CVE-2019-1103\", \"CVE-2019-1104\", \"CVE-2019-1106\",\n \"CVE-2019-1107\", \"CVE-2019-1006\", \"CVE-2019-1108\", \"CVE-2019-1113\",\n \"CVE-2019-1037\", \"CVE-2019-1056\", \"CVE-2019-1059\", \"CVE-2019-1062\",\n \"CVE-2019-1063\", \"CVE-2019-1067\", \"CVE-2019-1117\", \"CVE-2019-1118\",\n \"CVE-2019-1119\", \"CVE-2019-1120\", \"CVE-2019-1121\", \"CVE-2019-1122\",\n \"CVE-2019-1123\", \"CVE-2019-1124\", \"CVE-2019-1071\", \"CVE-2019-1073\",\n \"CVE-2019-1127\", \"CVE-2019-1128\", \"CVE-2019-1129\", \"CVE-2019-1130\",\n \"CVE-2019-1074\", \"CVE-2019-1083\", \"CVE-2019-1085\", \"CVE-2019-1086\",\n \"CVE-2019-1087\", \"CVE-2019-1088\", \"CVE-2019-1089\", \"CVE-2019-1091\",\n \"CVE-2019-1092\", \"CVE-2019-1095\", \"CVE-2019-1096\", \"CVE-2019-1093\",\n \"CVE-2019-1094\", \"CVE-2019-0683\", \"CVE-2019-1125\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 09:30:27 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4507455)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4507455\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - SymCrypt improperly handles a specially crafted digital signature.\n\n - Scripting engine improperly handles objects in memory in Microsoft browsers.\n\n - Windows RDP client improperly discloses the contents of its memory.\n\n - Windows Graphics Device Interface (GDI) improperly handles objects in\n the memory.\n\n - An elevation of privilege exists in Windows Audio Service.\n\n - Kernel Information Disclosure Vulnerability (SWAPGS Attack).\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to execute arbitrary code in kernel mode, elevate privileges\n by escaping a sandbox, gain access to sensitive information, conduct\n denial-of-service and take control of the affected system.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1709 for 32-bit Systems\n\n - Microsoft Windows 10 Version 1709 for 64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4507455\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer)\n exit(0);\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.16299.0\", test_version2:\"11.0.16299.1267\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.16299.0 - 11.0.16299.1267\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:50", "description": "This host is missing a critical security\n update according to Microsoft KB4507435", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4507435)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1123", "CVE-2019-0683", "CVE-2019-1090", "CVE-2019-1126", "CVE-2019-1093", "CVE-2019-0887", "CVE-2019-1097", "CVE-2019-1122", "CVE-2019-1106", "CVE-2019-1086", "CVE-2019-1063", "CVE-2019-1004", "CVE-2019-1037", "CVE-2019-1120", "CVE-2019-1103", "CVE-2019-0865", "CVE-2019-1128", "CVE-2019-1127", "CVE-2019-1089", "CVE-2019-0880", "CVE-2019-1087", "CVE-2019-1104", "CVE-2019-1121", "CVE-2019-1074", "CVE-2019-1094", "CVE-2019-1059", "CVE-2019-1067", "CVE-2019-1129", "CVE-2019-1117", "CVE-2019-1085", "CVE-2019-1006", "CVE-2019-1088", "CVE-2019-0811", "CVE-2019-1095", "CVE-2019-0999", "CVE-2019-1096", "CVE-2019-0966", "CVE-2019-0785", "CVE-2019-1107", "CVE-2019-1071", "CVE-2019-1001", "CVE-2019-1130", "CVE-2019-1062", "CVE-2019-1124", "CVE-2019-1108", "CVE-2019-1118", "CVE-2019-1119", "CVE-2019-1113", "CVE-2019-1091", "CVE-2019-1073", "CVE-2019-1102", "CVE-2019-0975", "CVE-2019-1056", "CVE-2019-1083", "CVE-2019-1092", "CVE-2019-1125"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815401", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815401", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815401\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-0785\", \"CVE-2019-0811\", \"CVE-2019-0865\", \"CVE-2019-0880\",\n \"CVE-2019-0887\", \"CVE-2019-1102\", \"CVE-2019-0966\", \"CVE-2019-0975\",\n \"CVE-2019-0999\", \"CVE-2019-1001\", \"CVE-2019-1004\", \"CVE-2019-1103\",\n \"CVE-2019-1104\", \"CVE-2019-1106\", \"CVE-2019-1107\", \"CVE-2019-1006\",\n \"CVE-2019-1108\", \"CVE-2019-1037\", \"CVE-2019-1056\", \"CVE-2019-1113\",\n \"CVE-2019-1059\", \"CVE-2019-1062\", \"CVE-2019-1063\", \"CVE-2019-1067\",\n \"CVE-2019-1117\", \"CVE-2019-1118\", \"CVE-2019-1119\", \"CVE-2019-1120\",\n \"CVE-2019-1121\", \"CVE-2019-1122\", \"CVE-2019-1123\", \"CVE-2019-1124\",\n \"CVE-2019-1071\", \"CVE-2019-1073\", \"CVE-2019-1126\", \"CVE-2019-1127\",\n \"CVE-2019-1128\", \"CVE-2019-1129\", \"CVE-2019-1130\", \"CVE-2019-1074\",\n \"CVE-2019-1083\", \"CVE-2019-1085\", \"CVE-2019-1086\", \"CVE-2019-1087\",\n \"CVE-2019-1088\", \"CVE-2019-1089\", \"CVE-2019-1090\", \"CVE-2019-1091\",\n \"CVE-2019-1092\", \"CVE-2019-1095\", \"CVE-2019-1096\", \"CVE-2019-1097\",\n \"CVE-2019-1093\", \"CVE-2019-1094\", \"CVE-2019-0683\", \"CVE-2019-1125\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-10 09:41:08 +0530 (Wed, 10 Jul 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4507435)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4507435\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - SymCrypt improperly handles a specially crafted digital signature.\n\n - Scripting engine improperly handles objects in memory in Microsoft browsers.\n\n - Windows RDP client improperly discloses the contents of its memory.\n\n - Windows Graphics Device Interface (GDI) improperly handles objects in\n the memory.\n\n - An elevation of privilege exists in Windows Audio Service.\n\n - Kernel Information Disclosure Vulnerability (SWAPGS Attack).\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to execute arbitrary code in kernel mode, elevate privileges\n by escaping a sandbox, gain access to sensitive information, conduct\n denial of service and could take control of the affected system.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1803 for 32-bit Systems\n\n - Microsoft Windows 10 Version 1803 for x64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4507435\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer)\n exit(0);\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.17134.0\", test_version2:\"11.0.17134.884\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.17134.0 - 11.0.17134.884\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "mscve": [{"lastseen": "2023-06-14T15:27:29", "description": "An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user, which can lead to elevation of privileges. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in SharePoint.\n\nAn unauthenticated attacker can exploit this by signing a SAML token with any arbitrary symmetric key.\n\nThis security update addresses the issue by ensuring all versions of WCF and WIF validate the key used to sign SAML tokens correctly.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-07-09T07:00:00", "type": "mscve", "title": "WCF/WIF SAML Token Authentication Bypass Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1006"], "modified": "2019-07-09T07:00:00", "id": "MS:CVE-2019-1006", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2019-1006", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2023-05-24T14:25:39", "description": "The Microsoft SharePoint Server installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities :\n\n - An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user, which can lead to elevation of privileges. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in SharePoint. An unauthenticated attacker can exploit this by signing a SAML token with any arbitrary symmetric key. This security update addresses the issue by ensuring all versions of WCF and WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006)\n\n - A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. The attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions on the SharePoint site on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user. The security update addresses the vulnerability by helping to ensure that SharePoint Server properly sanitizes web requests. (CVE-2019-1134)", "cvss3": {}, "published": "2019-07-09T00:00:00", "type": "nessus", "title": "Security Updates for Microsoft SharePoint Server (July 2019)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1006", "CVE-2019-1134"], "modified": "2023-04-14T00:00:00", "cpe": ["cpe:/a:microsoft:sharepoint_server", "cpe:/a:microsoft:sharepoint_foundation"], "id": "SMB_NT_MS19_JUL_OFFICE_SHAREPOINT.NASL", "href": "https://www.tenable.com/plugins/nessus/126584", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126584);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/14\");\n\n script_cve_id(\"CVE-2019-1006\", \"CVE-2019-1134\");\n script_bugtraq_id(108978, 109028);\n script_xref(name:\"MSKB\", value:\"4475510\");\n script_xref(name:\"MSKB\", value:\"4475520\");\n script_xref(name:\"MSKB\", value:\"4475522\");\n script_xref(name:\"MSKB\", value:\"4475527\");\n script_xref(name:\"MSKB\", value:\"4475529\");\n script_xref(name:\"MSFT\", value:\"MS19-4475510\");\n script_xref(name:\"MSFT\", value:\"MS19-4475520\");\n script_xref(name:\"MSFT\", value:\"MS19-4475522\");\n script_xref(name:\"MSFT\", value:\"MS19-4475527\");\n script_xref(name:\"MSFT\", value:\"MS19-4475529\");\n\n script_name(english:\"Security Updates for Microsoft SharePoint Server (July 2019)\");\n script_summary(english:\"Checks for Microsoft security updates.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft SharePoint Server installation on the remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft SharePoint Server installation on the remote\nhost is missing security updates. It is, therefore, affected\nby multiple vulnerabilities :\n\n - An authentication bypass vulnerability exists in Windows\n Communication Foundation (WCF) and Windows Identity\n Foundation (WIF), allowing signing of SAML tokens with\n arbitrary symmetric keys. This vulnerability allows an\n attacker to impersonate another user, which can lead to\n elevation of privileges. The vulnerability exists in\n WCF, WIF 3.5 and above in .NET Framework, WIF 1.0\n component in Windows, WIF Nuget package, and WIF\n implementation in SharePoint. An unauthenticated\n attacker can exploit this by signing a SAML token with\n any arbitrary symmetric key. This security update\n addresses the issue by ensuring all versions of WCF and\n WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006)\n\n - A cross-site-scripting (XSS) vulnerability exists when\n Microsoft SharePoint Server does not properly sanitize a\n specially crafted web request to an affected SharePoint\n server. An authenticated attacker could exploit the\n vulnerability by sending a specially crafted request to\n an affected SharePoint server. The attacker who\n successfully exploited the vulnerability could then\n perform cross-site scripting attacks on affected systems\n and run script in the security context of the current\n user. The attacks could allow the attacker to read\n content that the attacker is not authorized to read, use\n the victim's identity to take actions on the SharePoint\n site on behalf of the user, such as change permissions\n and delete content, and inject malicious content in the\n browser of the user. The security update addresses the\n vulnerability by helping to ensure that SharePoint\n Server properly sanitizes web requests. (CVE-2019-1134)\");\n # https://support.microsoft.com/en-us/help/4475520/security-update-for-sharepoint-enterprise-server-2016\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ccb4bdba\");\n # https://support.microsoft.com/en-us/help/4475522/security-update-for-sharepoint-enterprise-server-2013\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?11471b7c\");\n # https://support.microsoft.com/en-us/help/4475527/security-update-for-sharepoint-foundation-2013-july-9-2019\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f6efc6d4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released the following security updates to address this issue: \n -KB4475510 \n -KB4475520\n -KB4475522\n -KB4475527\n -KB4475529\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1006\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:sharepoint_foundation\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:sharepoint_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_sharepoint_installed.nbin\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('vcf_extras_microsoft.inc');\n\nvar app_info = vcf::microsoft::sharepoint::get_app_info();\nvar kb_checks = \n[\n {\n 'product' : '2010',\n 'edition' : 'Foundation',\n 'kb' : '4475510',\n 'path' : app_info.path,\n 'version' : '14.0.7235.5000',\n 'min_version' : '14.0.0.0',\n 'append' : \"microsoft shared\\web server extensions\\14\\isapi\",\n 'file' : 'microsoft.sharepoint.dll',\n 'product_name' : 'Microsoft SharePoint Foundaiton Server 2010 SP2'\n },\n {\n 'product' : '2013',\n 'edition' : 'Server',\n 'kb' : '4475522',\n 'path' : app_info.path,\n 'version' : '15.0.5151.1000',\n 'min_version' : '15.0.0.0',\n 'append' : \"TransformApps\",\n 'file' : 'docxpageconverter.exe',\n 'product_name' : 'Microsoft SharePoint Enterprise Server 2013 SP1'\n },\n {\n 'product' : '2013',\n 'edition' : 'Foundation',\n 'kb' : '4475527',\n 'path' : app_info.path,\n 'version' : '15.0.5111.1000',\n 'min_version' : '15.0.0.0',\n 'append' : \"microsoft shared\\web server extensions\\15\\bin\",\n 'file' : 'csisrv.dll',\n 'product_name' : 'Microsoft SharePoint Foundaiton Server 2013 SP1'\n },\n {\n 'product' : '2016',\n 'edition' : 'Server',\n 'kb' : '4475520',\n 'path' : app_info.path,\n 'version' : '16.0.4867.1000',\n 'min_version' : '16.0.0.0',\n 'append' : \"bin\",\n 'file' : 'microsoft.sharepoint.publishing.dll',\n 'product_name' : 'Microsoft SharePoint Enterprise Server 2016'\n },\n {\n 'product' : '2019',\n 'edition' : 'Server',\n 'kb' : '4475529',\n 'path' : app_info.path,\n 'version' : '16.0.10348.12104',\n 'min_version' : '16.0.10000.0',\n 'append' : \"microsoft shared\\web server extensions\\15\\bin\",\n 'file' : 'microsoft.sharepoint.publishing.dll',\n 'product_name' : 'Microsoft SharePoint Server 2019'\n }\n];\nvcf::microsoft::sharepoint::check_version_and_report\n(\n app_info:app_info, \n bulletin:'MS19-07',\n constraints:kb_checks, \n severity:SECURITY_HOLE\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:26:45", "description": "The Microsoft .NET Framework installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities :\n\n - An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user, which can lead to elevation of privileges. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in SharePoint. An unauthenticated attacker can exploit this by signing a SAML token with any arbitrary symmetric key. This security update addresses the issue by ensuring all versions of WCF and WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006)\n\n - A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-1113)\n\n - A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET web application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the .NET application. The update addresses the vulnerability by correcting how the .NET web application handles web requests. (CVE-2019-1083)", "cvss3": {}, "published": "2019-07-10T00:00:00", "type": "nessus", "title": "Security Updates for Microsoft .NET Framework (July 2019)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1006", "CVE-2019-1083", "CVE-2019-1113"], "modified": "2021-06-03T00:00:00", "cpe": ["cpe:/a:microsoft:.net_framework"], "id": "SMB_NT_MS19_JUL_DOTNET.NASL", "href": "https://www.tenable.com/plugins/nessus/126600", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126600);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2019-1006\", \"CVE-2019-1083\", \"CVE-2019-1113\");\n script_bugtraq_id(108977, 108981);\n script_xref(name:\"MSKB\", value:\"4507435\");\n script_xref(name:\"MSKB\", value:\"4507460\");\n script_xref(name:\"MSKB\", value:\"4507423\");\n script_xref(name:\"MSKB\", value:\"4507422\");\n script_xref(name:\"MSKB\", value:\"4507421\");\n script_xref(name:\"MSKB\", value:\"4507420\");\n script_xref(name:\"MSKB\", value:\"4507414\");\n script_xref(name:\"MSKB\", value:\"4507419\");\n script_xref(name:\"MSKB\", value:\"4507412\");\n script_xref(name:\"MSKB\", value:\"4507413\");\n script_xref(name:\"MSKB\", value:\"4507411\");\n script_xref(name:\"MSKB\", value:\"4506991\");\n script_xref(name:\"MSKB\", value:\"4507450\");\n script_xref(name:\"MSKB\", value:\"4506987\");\n script_xref(name:\"MSKB\", value:\"4506986\");\n script_xref(name:\"MSKB\", value:\"4507455\");\n script_xref(name:\"MSKB\", value:\"4506989\");\n script_xref(name:\"MSKB\", value:\"4506988\");\n script_xref(name:\"MSKB\", value:\"4507458\");\n script_xref(name:\"MSFT\", value:\"MS19-4507435\");\n script_xref(name:\"MSFT\", value:\"MS19-4507460\");\n script_xref(name:\"MSFT\", value:\"MS19-4507423\");\n script_xref(name:\"MSFT\", value:\"MS19-4507422\");\n script_xref(name:\"MSFT\", value:\"MS19-4507421\");\n script_xref(name:\"MSFT\", value:\"MS19-4507420\");\n script_xref(name:\"MSFT\", value:\"MS19-4507414\");\n script_xref(name:\"MSFT\", value:\"MS19-4507419\");\n script_xref(name:\"MSFT\", value:\"MS19-4507412\");\n script_xref(name:\"MSFT\", value:\"MS19-4507413\");\n script_xref(name:\"MSFT\", value:\"MS19-4507411\");\n script_xref(name:\"MSFT\", value:\"MS19-4506991\");\n script_xref(name:\"MSFT\", value:\"MS19-4507450\");\n script_xref(name:\"MSFT\", value:\"MS19-4506987\");\n script_xref(name:\"MSFT\", value:\"MS19-4506986\");\n script_xref(name:\"MSFT\", value:\"MS19-4507455\");\n script_xref(name:\"MSFT\", value:\"MS19-4506989\");\n script_xref(name:\"MSFT\", value:\"MS19-4506988\");\n script_xref(name:\"MSFT\", value:\"MS19-4507458\");\n script_xref(name:\"IAVA\", value:\"2019-A-0240-S\");\n\n script_name(english:\"Security Updates for Microsoft .NET Framework (July 2019)\");\n script_summary(english:\"Checks for Microsoft security updates.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft .NET Framework installation on the remote host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft .NET Framework installation on the remote host\nis missing security updates. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - An authentication bypass vulnerability exists in Windows\n Communication Foundation (WCF) and Windows Identity\n Foundation (WIF), allowing signing of SAML tokens with\n arbitrary symmetric keys. This vulnerability allows an\n attacker to impersonate another user, which can lead to\n elevation of privileges. The vulnerability exists in\n WCF, WIF 3.5 and above in .NET Framework, WIF 1.0\n component in Windows, WIF Nuget package, and WIF\n implementation in SharePoint. An unauthenticated\n attacker can exploit this by signing a SAML token with\n any arbitrary symmetric key. This security update\n addresses the issue by ensuring all versions of WCF and\n WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006)\n\n - A remote code execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-1113)\n\n - A denial of service vulnerability exists when Microsoft\n Common Object Runtime Library improperly handles web\n requests. An attacker who successfully exploited this\n vulnerability could cause a denial of service against a\n .NET web application. A remote unauthenticated attacker\n could exploit this vulnerability by issuing specially\n crafted requests to the .NET application. The update\n addresses the vulnerability by correcting how the .NET\n web application handles web requests. (CVE-2019-1083)\");\n # https://support.microsoft.com/en-us/help/4507435/windows-10-update-kb4507435\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3bfac69e\");\n # https://support.microsoft.com/en-us/help/4507460/windows-10-update-kb4507460\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dd6e86c0\");\n # https://support.microsoft.com/en-us/help/4507423/security-and-quality-rollup-for-net-framework-2-0-3-0-4-5-2-4-6\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9bd4e25a\");\n # https://support.microsoft.com/en-us/help/4507422/security-and-quality-rollup-for-net-framework\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?858ef63b\");\n # https://support.microsoft.com/en-us/help/4507421/security-and-quality-rollup-for-net-framework\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0de7f142\");\n # https://support.microsoft.com/en-us/help/4507420/security-and-quality-rollup-for-net-framework\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8b8b7b50\");\n # https://support.microsoft.com/en-us/help/4507414/security-only-update-for-net-framework-3-0-sp2-4-5-2-4-6\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?eb25ce98\");\n # https://support.microsoft.com/en-us/help/4507419/july-9-2019-kb4507419-cumulative-update-for-net-framework\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1e436e1f\");\n # https://support.microsoft.com/en-us/help/4507412/security-only-update-for-net-framework\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2123a8a4\");\n # https://support.microsoft.com/en-us/help/4507413/security-only-update-for-net-framework\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fef03323\");\n # https://support.microsoft.com/en-us/help/4507411/security-only-update-for-net-framework\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ce4aeddd\");\n # https://support.microsoft.com/en-us/help/4506991/july-9-2019-kb4506991-cumulative-update-for-net-framework-3-5-and-4-8\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8d3a86a9\");\n # https://support.microsoft.com/en-us/help/4507450/windows-10-update-kb4507450\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f489340c\");\n # https://support.microsoft.com/en-us/help/4506987/july-9-2019-kb4506987-cumulative-update-for-net-framework-4-8\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ff0c98be\");\n # https://support.microsoft.com/en-us/help/4506986/july-9-2019-kb4506986-cumulative-update-for-net-framework-4-8\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7a0ad909\");\n # https://support.microsoft.com/en-us/help/4507455/windows-10-update-kb4507455\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4741f3da\");\n # https://support.microsoft.com/en-us/help/4506989/july-9-2019-kb4506989-cumulative-update-for-net-framework-4-8\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ccd5eb26\");\n # https://support.microsoft.com/en-us/help/4506988/july-9-2019-kb4506988-cumulative-update-for-net-framework-4-8\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?df72c2c1\");\n # https://support.microsoft.com/en-us/help/4507458/windows-10-update-kb4507458\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dfda1841\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released security updates for Microsoft .NET Framework.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1113\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:.net_framework\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_dotnet_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\", \"microsoft_net_framework_installed.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('install_func.inc');\ninclude('misc_func.inc');\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS19-07';\nkbs = make_list(\n '4506986',\n '4506987',\n '4506988',\n '4506989',\n '4506991',\n '4507411',\n '4507412',\n '4507413',\n '4507414',\n '4507419',\n '4507420',\n '4507421',\n '4507422',\n '4507423',\n '4507435',\n '4507450',\n '4507455',\n '4507458',\n '4507460'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_WARNING);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2', win7:'1', win8:'0', win81:'0', win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nproductname = get_kb_item_or_exit('SMB/ProductName', exit_code:1);\nif ('Windows 8' >< productname && 'Windows 8.1' >!< productname) audit(AUDIT_OS_SP_NOT_VULN);\nelse if ('Vista' >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(exit_on_fail:TRUE, as_share:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\napp = 'Microsoft .NET Framework';\nget_install_count(app_name:app, exit_if_zero:TRUE);\ninstalls = get_combined_installs(app_name:app);\n\nvuln = 0;\n\nif (installs[0] == 0)\n{\n foreach install (installs[1])\n {\n version = install['version'];\n if( version != UNKNOWN_VER &&\n smb_check_dotnet_rollup(rollup_date:'07_2019', dotnet_ver:version))\n vuln++;\n }\n}\nif(vuln)\n{\n hotfix_security_warning();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, 'affected');\n}\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-24T15:09:27", "description": "The remote Windows host is missing security update 4507464 or cumulative update 4507462. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-1113)\n\n - A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted. (CVE-2019-0880)\n\n - An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1108)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1096)\n\n - An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1088)\n\n - An elevation of privilege vulnerability exists in Microsoft Windows where a certain dll, with Local Service privilege, is vulnerable to race planting a customized dll. An attacker who successfully exploited this vulnerability could potentially elevate privilege to SYSTEM. The update addresses this vulnerability by requiring system privileges for a certain DLL.\n (CVE-2019-1082)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1001)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1063)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1104)\n\n - An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory.\n (CVE-2019-1093, CVE-2019-1097)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1094, CVE-2019-1095)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. (CVE-2019-1071)\n\n - An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1130)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1004, CVE-2019-1056, CVE-2019-1059)\n\n - A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an authenticated attacker abuses clipboard redirection. An attacker who successfully exploited this vulnerability could execute arbitrary code on the victim system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-0887)\n\n - An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2019-1085)\n\n - A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET web application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the .NET application. The update addresses the vulnerability by correcting how the .NET web application handles web requests. (CVE-2019-1083)\n\n - A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server. An attacker who successfully exploited the vulnerability could either run arbitrary code on the DHCP failover server or cause the DHCP service to become nonresponsive.\n (CVE-2019-0785)\n\n - An elevation of privilege vulnerability exists in rpcss.dll when the RPC service Activation Kernel improperly handles an RPC request. (CVE-2019-1089)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1073)\n\n - A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1102)\n\n - An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user, which can lead to elevation of privileges. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in SharePoint. An unauthenticated attacker can exploit this by signing a SAML token with any arbitrary symmetric key. This security update addresses the issue by ensuring all versions of WCF and WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006) \n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. (CVE-2019-1125)", "cvss3": {}, "published": "2019-07-09T00:00:00", "type": "nessus", "title": "KB4507464: Windows Server 2012 July 2019 Security Update (SWAPGS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0785", "CVE-2019-0880", "CVE-2019-0887", "CVE-2019-1001", "CVE-2019-1004", "CVE-2019-1006", "CVE-2019-1056", "CVE-2019-1059", "CVE-2019-1063", "CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1082", "CVE-2019-1083", "CVE-2019-1085", "CVE-2019-1088", "CVE-2019-1089", "CVE-2019-1093", "CVE-2019-1094", "CVE-2019-1095", "CVE-2019-1096", "CVE-2019-1097", "CVE-2019-1102", "CVE-2019-1104", "CVE-2019-1108", "CVE-2019-1113", "CVE-2019-1125", "CVE-2019-1130"], "modified": "2022-05-25T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_JUL_4507462.NASL", "href": "https://www.tenable.com/plugins/nessus/126578", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126578);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2019-0785\",\n \"CVE-2019-0880\",\n \"CVE-2019-0887\",\n \"CVE-2019-1001\",\n \"CVE-2019-1004\",\n \"CVE-2019-1006\",\n \"CVE-2019-1056\",\n \"CVE-2019-1059\",\n \"CVE-2019-1063\",\n \"CVE-2019-1071\",\n \"CVE-2019-1073\",\n \"CVE-2019-1082\",\n \"CVE-2019-1083\",\n \"CVE-2019-1085\",\n \"CVE-2019-1088\",\n \"CVE-2019-1089\",\n \"CVE-2019-1093\",\n \"CVE-2019-1094\",\n \"CVE-2019-1095\",\n \"CVE-2019-1096\",\n \"CVE-2019-1097\",\n \"CVE-2019-1102\",\n \"CVE-2019-1104\",\n \"CVE-2019-1108\",\n \"CVE-2019-1113\",\n \"CVE-2019-1125\",\n \"CVE-2019-1130\"\n );\n script_xref(name:\"MSKB\", value:\"4507462\");\n script_xref(name:\"MSKB\", value:\"4507464\");\n script_xref(name:\"MSFT\", value:\"MS19-4507462\");\n script_xref(name:\"MSFT\", value:\"MS19-4507464\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"KB4507464: Windows Server 2012 July 2019 Security Update (SWAPGS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4507464\nor cumulative update 4507462. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A remote code execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-1113)\n\n - A local elevation of privilege vulnerability exists in\n how splwow64.exe handles certain calls. An attacker who\n successfully exploited the vulnerability could elevate\n privileges on an affected system from low-integrity to\n medium-integrity. This vulnerability by itself does not\n allow arbitrary code execution; however, it could allow\n arbitrary code to be run if the attacker uses it in\n combination with another vulnerability (such as a remote\n code execution vulnerability or another elevation of\n privilege vulnerability) that is capable of leveraging\n the elevated privileges when code execution is\n attempted. (CVE-2019-0880)\n\n - An information disclosure vulnerability exists when the\n Windows RDP client improperly discloses the contents of\n its memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1108)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1096)\n\n - An elevation of privilege exists in Windows Audio\n Service. An attacker who successfully exploited the\n vulnerability could run arbitrary code with elevated\n privileges. (CVE-2019-1088)\n\n - An elevation of privilege vulnerability exists in\n Microsoft Windows where a certain dll, with Local\n Service privilege, is vulnerable to race planting a\n customized dll. An attacker who successfully exploited\n this vulnerability could potentially elevate privilege\n to SYSTEM. The update addresses this vulnerability by\n requiring system privileges for a certain DLL.\n (CVE-2019-1082)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1001)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1063)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1104)\n\n - An information disclosure vulnerability exists when\n DirectWrite improperly discloses the contents of its\n memory. An attacker who successfully exploited the\n vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how DirectWrite handles objects in memory.\n (CVE-2019-1093, CVE-2019-1097)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1094, CVE-2019-1095)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. An authenticated attacker could exploit this\n vulnerability by running a specially crafted\n application. The update addresses the vulnerability by\n correcting how the Windows kernel handles objects in\n memory. (CVE-2019-1071)\n\n - An elevation of privilege vulnerability exists when\n Windows AppX Deployment Service (AppXSVC) improperly\n handles hard links. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1130)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1004, CVE-2019-1056, CVE-2019-1059)\n\n - A remote code execution vulnerability exists in Remote\n Desktop Services formerly known as Terminal Services\n when an authenticated attacker abuses clipboard\n redirection. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on the victim\n system. An attacker could then install programs; view,\n change, or delete data; or create new accounts with full\n user rights. (CVE-2019-0887)\n\n - An elevation of privilege vulnerability exists in the\n way that the wlansvc.dll handles objects in memory. An\n attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2019-1085)\n\n - A denial of service vulnerability exists when Microsoft\n Common Object Runtime Library improperly handles web\n requests. An attacker who successfully exploited this\n vulnerability could cause a denial of service against a\n .NET web application. A remote unauthenticated attacker\n could exploit this vulnerability by issuing specially\n crafted requests to the .NET application. The update\n addresses the vulnerability by correcting how the .NET\n web application handles web requests. (CVE-2019-1083)\n\n - A memory corruption vulnerability exists in the Windows\n Server DHCP service when an attacker sends specially\n crafted packets to a DHCP failover server. An attacker\n who successfully exploited the vulnerability could\n either run arbitrary code on the DHCP failover server or\n cause the DHCP service to become nonresponsive.\n (CVE-2019-0785)\n\n - An elevation of privilege vulnerability exists in\n rpcss.dll when the RPC service Activation Kernel\n improperly handles an RPC request. (CVE-2019-1089)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1073)\n\n - A remote code execution vulnerability exists in the way\n that the Windows Graphics Device Interface (GDI) handles\n objects in the memory. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-1102)\n\n - An authentication bypass vulnerability exists in Windows\n Communication Foundation (WCF) and Windows Identity\n Foundation (WIF), allowing signing of SAML tokens with\n arbitrary symmetric keys. This vulnerability allows an\n attacker to impersonate another user, which can lead to\n elevation of privileges. The vulnerability exists in\n WCF, WIF 3.5 and above in .NET Framework, WIF 1.0\n component in Windows, WIF Nuget package, and WIF\n implementation in SharePoint. An unauthenticated\n attacker can exploit this by signing a SAML token with\n any arbitrary symmetric key. This security update\n addresses the issue by ensuring all versions of WCF and\n WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006)\n \n - An information disclosure vulnerability exists when\n certain central processing units (CPU) speculatively\n access memory. An attacker who successfully exploited\n the vulnerability could read privileged data across\n trust boundaries. (CVE-2019-1125)\");\n # https://support.microsoft.com/en-us/help/4507462/windows-server-2012-update-kb4507462\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?94506c02\");\n # https://support.microsoft.com/en-us/help/4507464/windows-server-2012-update-kb4507464\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?12c153e6\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4507464 or Cumulative Update KB4507462.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1102\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-0785\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-07\";\nkbs = make_list('4507462', '4507464');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win8:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\n# Windows 8 EOL\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.2\",\n sp:0,\n rollup_date:\"07_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4507462, 4507464])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:26:13", "description": "The remote Windows host is missing security update 4507461 or cumulative update 4507452. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an authenticated attacker abuses clipboard redirection. An attacker who successfully exploited this vulnerability could execute arbitrary code on the victim system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-0887)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1063)\n\n - A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-1113)\n\n - A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1102)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1004, CVE-2019-1059)\n\n - A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET web application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the .NET application. The update addresses the vulnerability by correcting how the .NET web application handles web requests. (CVE-2019-1083)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1104)\n\n - An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory.\n (CVE-2019-1093, CVE-2019-1097)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1094, CVE-2019-1095, CVE-2019-1098, CVE-2019-1099, CVE-2019-1100, CVE-2019-1101, CVE-2019-1116)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. (CVE-2019-1071)\n\n - An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1108)\n\n - An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user, which can lead to elevation of privileges. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in SharePoint. An unauthenticated attacker can exploit this by signing a SAML token with any arbitrary symmetric key. This security update addresses the issue by ensuring all versions of WCF and WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1073)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1132)\n\n - An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1088)\n\n - An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2019-1085)\n\n - An elevation of privilege vulnerability exists in rpcss.dll when the RPC service Activation Kernel improperly handles an RPC request. (CVE-2019-1089)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1096) \n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. (CVE-2019-1125)", "cvss3": {}, "published": "2019-07-09T00:00:00", "type": "nessus", "title": "KB4507461: Windows Server 2008 July 2019 Security Update (SWAPGS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0887", "CVE-2019-1004", "CVE-2019-1006", "CVE-2019-1059", "CVE-2019-1063", "CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1083", "CVE-2019-1085", "CVE-2019-1088", "CVE-2019-1089", "CVE-2019-1093", "CVE-2019-1094", "CVE-2019-1095", "CVE-2019-1096", "CVE-2019-1097", "CVE-2019-1098", "CVE-2019-1099", "CVE-2019-1100", "CVE-2019-1101", "CVE-2019-1102", "CVE-2019-1104", "CVE-2019-1108", "CVE-2019-1113", "CVE-2019-1116", "CVE-2019-1125", "CVE-2019-1132"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_JUL_4507452.NASL", "href": "https://www.tenable.com/plugins/nessus/126573", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126573);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2019-0887\",\n \"CVE-2019-1004\",\n \"CVE-2019-1006\",\n \"CVE-2019-1059\",\n \"CVE-2019-1063\",\n \"CVE-2019-1071\",\n \"CVE-2019-1073\",\n \"CVE-2019-1083\",\n \"CVE-2019-1085\",\n \"CVE-2019-1088\",\n \"CVE-2019-1089\",\n \"CVE-2019-1093\",\n \"CVE-2019-1094\",\n \"CVE-2019-1095\",\n \"CVE-2019-1096\",\n \"CVE-2019-1097\",\n \"CVE-2019-1098\",\n \"CVE-2019-1099\",\n \"CVE-2019-1100\",\n \"CVE-2019-1101\",\n \"CVE-2019-1102\",\n \"CVE-2019-1104\",\n \"CVE-2019-1108\",\n \"CVE-2019-1113\",\n \"CVE-2019-1116\",\n \"CVE-2019-1125\",\n \"CVE-2019-1132\"\n );\n script_xref(name:\"MSKB\", value:\"4507452\");\n script_xref(name:\"MSKB\", value:\"4507461\");\n script_xref(name:\"MSFT\", value:\"MS19-4507452\");\n script_xref(name:\"MSFT\", value:\"MS19-4507461\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/05\");\n\n script_name(english:\"KB4507461: Windows Server 2008 July 2019 Security Update (SWAPGS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4507461\nor cumulative update 4507452. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A remote code execution vulnerability exists in Remote\n Desktop Services formerly known as Terminal Services\n when an authenticated attacker abuses clipboard\n redirection. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on the victim\n system. An attacker could then install programs; view,\n change, or delete data; or create new accounts with full\n user rights. (CVE-2019-0887)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1063)\n\n - A remote code execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-1113)\n\n - A remote code execution vulnerability exists in the way\n that the Windows Graphics Device Interface (GDI) handles\n objects in the memory. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-1102)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1004, CVE-2019-1059)\n\n - A denial of service vulnerability exists when Microsoft\n Common Object Runtime Library improperly handles web\n requests. An attacker who successfully exploited this\n vulnerability could cause a denial of service against a\n .NET web application. A remote unauthenticated attacker\n could exploit this vulnerability by issuing specially\n crafted requests to the .NET application. The update\n addresses the vulnerability by correcting how the .NET\n web application handles web requests. (CVE-2019-1083)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1104)\n\n - An information disclosure vulnerability exists when\n DirectWrite improperly discloses the contents of its\n memory. An attacker who successfully exploited the\n vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how DirectWrite handles objects in memory.\n (CVE-2019-1093, CVE-2019-1097)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1094, CVE-2019-1095, CVE-2019-1098,\n CVE-2019-1099, CVE-2019-1100, CVE-2019-1101,\n CVE-2019-1116)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. An authenticated attacker could exploit this\n vulnerability by running a specially crafted\n application. The update addresses the vulnerability by\n correcting how the Windows kernel handles objects in\n memory. (CVE-2019-1071)\n\n - An information disclosure vulnerability exists when the\n Windows RDP client improperly discloses the contents of\n its memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1108)\n\n - An authentication bypass vulnerability exists in Windows\n Communication Foundation (WCF) and Windows Identity\n Foundation (WIF), allowing signing of SAML tokens with\n arbitrary symmetric keys. This vulnerability allows an\n attacker to impersonate another user, which can lead to\n elevation of privileges. The vulnerability exists in\n WCF, WIF 3.5 and above in .NET Framework, WIF 1.0\n component in Windows, WIF Nuget package, and WIF\n implementation in SharePoint. An unauthenticated\n attacker can exploit this by signing a SAML token with\n any arbitrary symmetric key. This security update\n addresses the issue by ensuring all versions of WCF and\n WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1073)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1132)\n\n - An elevation of privilege exists in Windows Audio\n Service. An attacker who successfully exploited the\n vulnerability could run arbitrary code with elevated\n privileges. (CVE-2019-1088)\n\n - An elevation of privilege vulnerability exists in the\n way that the wlansvc.dll handles objects in memory. An\n attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2019-1085)\n\n - An elevation of privilege vulnerability exists in\n rpcss.dll when the RPC service Activation Kernel\n improperly handles an RPC request. (CVE-2019-1089)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1096)\n \n - An information disclosure vulnerability exists when\n certain central processing units (CPU) speculatively\n access memory. An attacker who successfully exploited\n the vulnerability could read privileged data across\n trust boundaries. (CVE-2019-1125)\");\n # https://support.microsoft.com/en-us/help/4507452/windows-server-2008-update-kb4507452\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?01b80f6a\");\n # https://support.microsoft.com/en-us/help/4507461/windows-server-2008-update-kb4507461\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c28becb3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4507461 or Cumulative Update KB4507452.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1102\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1113\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-07\";\nkbs = make_list('4507461', '4507452');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Vista\" >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.0\",\n sp:2,\n rollup_date:\"07_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4507461, 4507452])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-24T15:08:39", "description": "The remote Windows host is missing security update 4507457 or cumulative update 4507448. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-1113)\n\n - A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted. (CVE-2019-0880)\n\n - An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1108)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1096)\n\n - An elevation of privilege vulnerability exists in Microsoft Windows where a certain dll, with Local Service privilege, is vulnerable to race planting a customized dll. An attacker who successfully exploited this vulnerability could potentially elevate privilege to SYSTEM. The update addresses this vulnerability by requiring system privileges for a certain DLL.\n (CVE-2019-1082)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1001)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1063)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1104)\n\n - An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory.\n (CVE-2019-1093, CVE-2019-1097)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1094, CVE-2019-1095)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. (CVE-2019-1071)\n\n - An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1086, CVE-2019-1087, CVE-2019-1088)\n\n - An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1130)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1004, CVE-2019-1056, CVE-2019-1059)\n\n - A security feature bypass vulnerability exists in Active Directory Federation Services (ADFS) which could allow an attacker to bypass the extranet lockout policy.\n (CVE-2019-1126)\n\n - A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an authenticated attacker abuses clipboard redirection. An attacker who successfully exploited this vulnerability could execute arbitrary code on the victim system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-0887)\n\n - An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2019-1085)\n\n - A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET web application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the .NET application. The update addresses the vulnerability by correcting how the .NET web application handles web requests. (CVE-2019-1083)\n\n - A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server. An attacker who successfully exploited the vulnerability could either run arbitrary code on the DHCP failover server or cause the DHCP service to become nonresponsive.\n (CVE-2019-0785)\n\n - An elevation of privilege vulnerability exists in rpcss.dll when the RPC service Activation Kernel improperly handles an RPC request. (CVE-2019-1089)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1073)\n\n - A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1102)\n\n - An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user, which can lead to elevation of privileges. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in SharePoint. An unauthenticated attacker can exploit this by signing a SAML token with any arbitrary symmetric key. This security update addresses the issue by ensuring all versions of WCF and WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006)\n\n - A denial of service vulnerability exists in Windows DNS Server when it fails to properly handle DNS queries. An attacker who successfully exploited this vulnerability could cause the DNS Server service to become nonresponsive. (CVE-2019-0811) \n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. (CVE-2019-1125)", "cvss3": {}, "published": "2019-07-09T00:00:00", "type": "nessus", "title": "KB4507457: Windows 8.1 and Windows Server 2012 R2 July 2019 Security Update (SWAPGS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0785", "CVE-2019-0811", "CVE-2019-0880", "CVE-2019-0887", "CVE-2019-1001", "CVE-2019-1004", "CVE-2019-1006", "CVE-2019-1056", "CVE-2019-1059", "CVE-2019-1063", "CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1082", "CVE-2019-1083", "CVE-2019-1085", "CVE-2019-1086", "CVE-2019-1087", "CVE-2019-1088", "CVE-2019-1089", "CVE-2019-1093", "CVE-2019-1094", "CVE-2019-1095", "CVE-2019-1096", "CVE-2019-1097", "CVE-2019-1102", "CVE-2019-1104", "CVE-2019-1108", "CVE-2019-1113", "CVE-2019-1125", "CVE-2019-1126", "CVE-2019-1130"], "modified": "2022-05-25T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_JUL_4507448.NASL", "href": "https://www.tenable.com/plugins/nessus/126570", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126570);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2019-0785\",\n \"CVE-2019-0811\",\n \"CVE-2019-0880\",\n \"CVE-2019-0887\",\n \"CVE-2019-1001\",\n \"CVE-2019-1004\",\n \"CVE-2019-1006\",\n \"CVE-2019-1056\",\n \"CVE-2019-1059\",\n \"CVE-2019-1063\",\n \"CVE-2019-1071\",\n \"CVE-2019-1073\",\n \"CVE-2019-1082\",\n \"CVE-2019-1083\",\n \"CVE-2019-1085\",\n \"CVE-2019-1086\",\n \"CVE-2019-1087\",\n \"CVE-2019-1088\",\n \"CVE-2019-1089\",\n \"CVE-2019-1093\",\n \"CVE-2019-1094\",\n \"CVE-2019-1095\",\n \"CVE-2019-1096\",\n \"CVE-2019-1097\",\n \"CVE-2019-1102\",\n \"CVE-2019-1104\",\n \"CVE-2019-1108\",\n \"CVE-2019-1113\",\n \"CVE-2019-1125\",\n \"CVE-2019-1126\",\n \"CVE-2019-1130\"\n );\n script_xref(name:\"MSKB\", value:\"4507448\");\n script_xref(name:\"MSKB\", value:\"4507457\");\n script_xref(name:\"MSFT\", value:\"MS19-4507448\");\n script_xref(name:\"MSFT\", value:\"MS19-4507457\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"KB4507457: Windows 8.1 and Windows Server 2012 R2 July 2019 Security Update (SWAPGS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4507457\nor cumulative update 4507448. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A remote code execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-1113)\n\n - A local elevation of privilege vulnerability exists in\n how splwow64.exe handles certain calls. An attacker who\n successfully exploited the vulnerability could elevate\n privileges on an affected system from low-integrity to\n medium-integrity. This vulnerability by itself does not\n allow arbitrary code execution; however, it could allow\n arbitrary code to be run if the attacker uses it in\n combination with another vulnerability (such as a remote\n code execution vulnerability or another elevation of\n privilege vulnerability) that is capable of leveraging\n the elevated privileges when code execution is\n attempted. (CVE-2019-0880)\n\n - An information disclosure vulnerability exists when the\n Windows RDP client improperly discloses the contents of\n its memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1108)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1096)\n\n - An elevation of privilege vulnerability exists in\n Microsoft Windows where a certain dll, with Local\n Service privilege, is vulnerable to race planting a\n customized dll. An attacker who successfully exploited\n this vulnerability could potentially elevate privilege\n to SYSTEM. The update addresses this vulnerability by\n requiring system privileges for a certain DLL.\n (CVE-2019-1082)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1001)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1063)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1104)\n\n - An information disclosure vulnerability exists when\n DirectWrite improperly discloses the contents of its\n memory. An attacker who successfully exploited the\n vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how DirectWrite handles objects in memory.\n (CVE-2019-1093, CVE-2019-1097)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1094, CVE-2019-1095)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. An authenticated attacker could exploit this\n vulnerability by running a specially crafted\n application. The update addresses the vulnerability by\n correcting how the Windows kernel handles objects in\n memory. (CVE-2019-1071)\n\n - An elevation of privilege exists in Windows Audio\n Service. An attacker who successfully exploited the\n vulnerability could run arbitrary code with elevated\n privileges. (CVE-2019-1086, CVE-2019-1087,\n CVE-2019-1088)\n\n - An elevation of privilege vulnerability exists when\n Windows AppX Deployment Service (AppXSVC) improperly\n handles hard links. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1130)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1004, CVE-2019-1056, CVE-2019-1059)\n\n - A security feature bypass vulnerability exists in Active\n Directory Federation Services (ADFS) which could allow\n an attacker to bypass the extranet lockout policy.\n (CVE-2019-1126)\n\n - A remote code execution vulnerability exists in Remote\n Desktop Services formerly known as Terminal Services\n when an authenticated attacker abuses clipboard\n redirection. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on the victim\n system. An attacker could then install programs; view,\n change, or delete data; or create new accounts with full\n user rights. (CVE-2019-0887)\n\n - An elevation of privilege vulnerability exists in the\n way that the wlansvc.dll handles objects in memory. An\n attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2019-1085)\n\n - A denial of service vulnerability exists when Microsoft\n Common Object Runtime Library improperly handles web\n requests. An attacker who successfully exploited this\n vulnerability could cause a denial of service against a\n .NET web application. A remote unauthenticated attacker\n could exploit this vulnerability by issuing specially\n crafted requests to the .NET application. The update\n addresses the vulnerability by correcting how the .NET\n web application handles web requests. (CVE-2019-1083)\n\n - A memory corruption vulnerability exists in the Windows\n Server DHCP service when an attacker sends specially\n crafted packets to a DHCP failover server. An attacker\n who successfully exploited the vulnerability could\n either run arbitrary code on the DHCP failover server or\n cause the DHCP service to become nonresponsive.\n (CVE-2019-0785)\n\n - An elevation of privilege vulnerability exists in\n rpcss.dll when the RPC service Activation Kernel\n improperly handles an RPC request. (CVE-2019-1089)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1073)\n\n - A remote code execution vulnerability exists in the way\n that the Windows Graphics Device Interface (GDI) handles\n objects in the memory. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-1102)\n\n - An authentication bypass vulnerability exists in Windows\n Communication Foundation (WCF) and Windows Identity\n Foundation (WIF), allowing signing of SAML tokens with\n arbitrary symmetric keys. This vulnerability allows an\n attacker to impersonate another user, which can lead to\n elevation of privileges. The vulnerability exists in\n WCF, WIF 3.5 and above in .NET Framework, WIF 1.0\n component in Windows, WIF Nuget package, and WIF\n implementation in SharePoint. An unauthenticated\n attacker can exploit this by signing a SAML token with\n any arbitrary symmetric key. This security update\n addresses the issue by ensuring all versions of WCF and\n WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006)\n\n - A denial of service vulnerability exists in Windows DNS\n Server when it fails to properly handle DNS queries. An\n attacker who successfully exploited this vulnerability\n could cause the DNS Server service to become\n nonresponsive. (CVE-2019-0811)\n \n - An information disclosure vulnerability exists when\n certain central processing units (CPU) speculatively\n access memory. An attacker who successfully exploited\n the vulnerability could read privileged data across\n trust boundaries. (CVE-2019-1125)\");\n # https://support.microsoft.com/en-us/help/4507448/windows-8-1-update-kb4507448\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d231fad3\");\n # https://support.microsoft.com/en-us/help/4507457/windows-8-1-update-kb4507457\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1d422a75\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4507457 or Cumulative Update KB4507448.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1102\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-0785\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-07\";\nkbs = make_list('4507448', '4507457');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\n# Windows 8 EOL\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname && \"8.1\" >!< productname)\n audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.3\",\n sp:0,\n rollup_date:\"07_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4507448, 4507457])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:25:39", "description": "The remote Windows host is missing security update 4507456 or cumulative update 4507449. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an authenticated attacker abuses clipboard redirection. An attacker who successfully exploited this vulnerability could execute arbitrary code on the victim system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-0887)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1063)\n\n - An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2019-1085)\n\n - A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1102)\n\n - A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET web application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the .NET application. The update addresses the vulnerability by correcting how the .NET web application handles web requests. (CVE-2019-1083)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1104)\n\n - An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory.\n (CVE-2019-1093, CVE-2019-1097)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1094, CVE-2019-1095, CVE-2019-1098, CVE-2019-1099, CVE-2019-1100, CVE-2019-1101, CVE-2019-1116)\n\n - A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-1113)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. (CVE-2019-1071)\n\n - An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1108)\n\n - An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user, which can lead to elevation of privileges. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in SharePoint. An unauthenticated attacker can exploit this by signing a SAML token with any arbitrary symmetric key. This security update addresses the issue by ensuring all versions of WCF and WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1073)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1132)\n\n - An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1088)\n\n - An elevation of privilege vulnerability exists in rpcss.dll when the RPC service Activation Kernel improperly handles an RPC request. (CVE-2019-1089)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1096)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1004, CVE-2019-1056, CVE-2019-1059)\n\n - An elevation of privilege vulnerability exists in Microsoft Windows where a certain dll, with Local Service privilege, is vulnerable to race planting a customized dll. An attacker who successfully exploited this vulnerability could potentially elevate privilege to SYSTEM. The update addresses this vulnerability by requiring system privileges for a certain DLL.\n (CVE-2019-1082)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1001) \n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. (CVE-2019-1125)", "cvss3": {}, "published": "2019-07-09T00:00:00", "type": "nessus", "title": "KB4507456: Windows 7 and Windows Server 2008 R2 July 2019 Security Update (SWAPGS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0887", "CVE-2019-1001", "CVE-2019-1004", "CVE-2019-1006", "CVE-2019-1056", "CVE-2019-1059", "CVE-2019-1063", "CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1082", "CVE-2019-1083", "CVE-2019-1085", "CVE-2019-1088", "CVE-2019-1089", "CVE-2019-1093", "CVE-2019-1094", "CVE-2019-1095", "CVE-2019-1096", "CVE-2019-1097", "CVE-2019-1098", "CVE-2019-1099", "CVE-2019-1100", "CVE-2019-1101", "CVE-2019-1102", "CVE-2019-1104", "CVE-2019-1108", "CVE-2019-1113", "CVE-2019-1116", "CVE-2019-1125", "CVE-2019-1132"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_JUL_4507449.NASL", "href": "https://www.tenable.com/plugins/nessus/126571", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126571);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2019-0887\",\n \"CVE-2019-1001\",\n \"CVE-2019-1004\",\n \"CVE-2019-1006\",\n \"CVE-2019-1056\",\n \"CVE-2019-1059\",\n \"CVE-2019-1063\",\n \"CVE-2019-1071\",\n \"CVE-2019-1073\",\n \"CVE-2019-1082\",\n \"CVE-2019-1083\",\n \"CVE-2019-1085\",\n \"CVE-2019-1088\",\n \"CVE-2019-1089\",\n \"CVE-2019-1093\",\n \"CVE-2019-1094\",\n \"CVE-2019-1095\",\n \"CVE-2019-1096\",\n \"CVE-2019-1097\",\n \"CVE-2019-1098\",\n \"CVE-2019-1099\",\n \"CVE-2019-1100\",\n \"CVE-2019-1101\",\n \"CVE-2019-1102\",\n \"CVE-2019-1104\",\n \"CVE-2019-1108\",\n \"CVE-2019-1113\",\n \"CVE-2019-1116\",\n \"CVE-2019-1125\",\n \"CVE-2019-1132\"\n );\n script_xref(name:\"MSKB\", value:\"4507449\");\n script_xref(name:\"MSKB\", value:\"4507456\");\n script_xref(name:\"MSFT\", value:\"MS19-4507449\");\n script_xref(name:\"MSFT\", value:\"MS19-4507456\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/05\");\n\n script_name(english:\"KB4507456: Windows 7 and Windows Server 2008 R2 July 2019 Security Update (SWAPGS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4507456\nor cumulative update 4507449. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A remote code execution vulnerability exists in Remote\n Desktop Services formerly known as Terminal Services\n when an authenticated attacker abuses clipboard\n redirection. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on the victim\n system. An attacker could then install programs; view,\n change, or delete data; or create new accounts with full\n user rights. (CVE-2019-0887)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1063)\n\n - An elevation of privilege vulnerability exists in the\n way that the wlansvc.dll handles objects in memory. An\n attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2019-1085)\n\n - A remote code execution vulnerability exists in the way\n that the Windows Graphics Device Interface (GDI) handles\n objects in the memory. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-1102)\n\n - A denial of service vulnerability exists when Microsoft\n Common Object Runtime Library improperly handles web\n requests. An attacker who successfully exploited this\n vulnerability could cause a denial of service against a\n .NET web application. A remote unauthenticated attacker\n could exploit this vulnerability by issuing specially\n crafted requests to the .NET application. The update\n addresses the vulnerability by correcting how the .NET\n web application handles web requests. (CVE-2019-1083)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1104)\n\n - An information disclosure vulnerability exists when\n DirectWrite improperly discloses the contents of its\n memory. An attacker who successfully exploited the\n vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how DirectWrite handles objects in memory.\n (CVE-2019-1093, CVE-2019-1097)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1094, CVE-2019-1095, CVE-2019-1098,\n CVE-2019-1099, CVE-2019-1100, CVE-2019-1101,\n CVE-2019-1116)\n\n - A remote code execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-1113)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. An authenticated attacker could exploit this\n vulnerability by running a specially crafted\n application. The update addresses the vulnerability by\n correcting how the Windows kernel handles objects in\n memory. (CVE-2019-1071)\n\n - An information disclosure vulnerability exists when the\n Windows RDP client improperly discloses the contents of\n its memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1108)\n\n - An authentication bypass vulnerability exists in Windows\n Communication Foundation (WCF) and Windows Identity\n Foundation (WIF), allowing signing of SAML tokens with\n arbitrary symmetric keys. This vulnerability allows an\n attacker to impersonate another user, which can lead to\n elevation of privileges. The vulnerability exists in\n WCF, WIF 3.5 and above in .NET Framework, WIF 1.0\n component in Windows, WIF Nuget package, and WIF\n implementation in SharePoint. An unauthenticated\n attacker can exploit this by signing a SAML token with\n any arbitrary symmetric key. This security update\n addresses the issue by ensuring all versions of WCF and\n WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1073)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1132)\n\n - An elevation of privilege exists in Windows Audio\n Service. An attacker who successfully exploited the\n vulnerability could run arbitrary code with elevated\n privileges. (CVE-2019-1088)\n\n - An elevation of privilege vulnerability exists in\n rpcss.dll when the RPC service Activation Kernel\n improperly handles an RPC request. (CVE-2019-1089)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1096)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1004, CVE-2019-1056, CVE-2019-1059)\n\n - An elevation of privilege vulnerability exists in\n Microsoft Windows where a certain dll, with Local\n Service privilege, is vulnerable to race planting a\n customized dll. An attacker who successfully exploited\n this vulnerability could potentially elevate privilege\n to SYSTEM. The update addresses this vulnerability by\n requiring system privileges for a certain DLL.\n (CVE-2019-1082)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1001)\n \n - An information disclosure vulnerability exists when\n certain central processing units (CPU) speculatively\n access memory. An attacker who successfully exploited\n the vulnerability could read privileged data across\n trust boundaries. (CVE-2019-1125)\");\n # https://support.microsoft.com/en-us/help/4507449/windows-7-update-kb4507449\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cbe675e9\");\n # https://support.microsoft.com/en-us/help/4507456/windows-7-update-kb4507456\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0b4f001f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4507456 or Cumulative Update KB4507449.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1102\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1113\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-07\";\nkbs = make_list('4507449', '4507456');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win7:'1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.1\",\n sp:1,\n rollup_date:\"07_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4507449, 4507456])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-24T15:07:05", "description": "The remote Windows host is missing security update 4507458.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-0999)\n\n - A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-1113)\n\n - A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted. (CVE-2019-0880)\n\n - An elevation of privilege vulnerability exists in rpcss.dll when the RPC service Activation Kernel improperly handles an RPC request. (CVE-2019-1089)\n\n - An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1108)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1096)\n\n - An elevation of privilege vulnerability exists in Microsoft Windows where a certain dll, with Local Service privilege, is vulnerable to race planting a customized dll. An attacker who successfully exploited this vulnerability could potentially elevate privilege to SYSTEM. The update addresses this vulnerability by requiring system privileges for a certain DLL.\n (CVE-2019-1082)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1001)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1063)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1104)\n\n - An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory.\n (CVE-2019-1093, CVE-2019-1097)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1094, CVE-2019-1095)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. (CVE-2019-1071)\n\n - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1067)\n\n - An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1086, CVE-2019-1087, CVE-2019-1088)\n\n - An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1130)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1004, CVE-2019-1056, CVE-2019-1059)\n\n - A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an authenticated attacker abuses clipboard redirection. An attacker who successfully exploited this vulnerability could execute arbitrary code on the victim system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-0887)\n\n - An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2019-1085)\n\n - A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET web application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the .NET application. The update addresses the vulnerability by correcting how the .NET web application handles web requests. (CVE-2019-1083)\n\n - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1107)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1073)\n\n - A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1102)\n\n - An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user, which can lead to elevation of privileges. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in SharePoint. An unauthenticated attacker can exploit this by signing a SAML token with any arbitrary symmetric key. This security update addresses the issue by ensuring all versions of WCF and WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006)\n\n - An information disclosure vulnerability exists when Unistore.dll fails to properly handle objects in memory.\n An attacker who successfully exploited the vulnerability could potentially disclose memory contents of an elevated process. (CVE-2019-1091) \n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. (CVE-2019-1125)", "cvss3": {}, "published": "2019-07-09T00:00:00", "type": "nessus", "title": "KB4507458: Windows 10 July 2019 Security Update (SWAPGS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0880", "CVE-2019-0887", "CVE-2019-0999", "CVE-2019-1001", "CVE-2019-1004", "CVE-2019-1006", "CVE-2019-1056", "CVE-2019-1059", "CVE-2019-1062", "CVE-2019-1063", "CVE-2019-1067", "CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1082", "CVE-2019-1083", "CVE-2019-1085", "CVE-2019-1086", "CVE-2019-1087", "CVE-2019-1088", "CVE-2019-1089", "CVE-2019-1091", "CVE-2019-1092", "CVE-2019-1093", "CVE-2019-1094", "CVE-2019-1095", "CVE-2019-1096", "CVE-2019-1097", "CVE-2019-1102", "CVE-2019-1103", "CVE-2019-1104", "CVE-2019-1107", "CVE-2019-1108", "CVE-2019-1113", "CVE-2019-1125", "CVE-2019-1130"], "modified": "2022-05-25T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS19_JUL_4507458.NASL", "href": "https://www.tenable.com/plugins/nessus/126576", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126576);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2019-0880\",\n \"CVE-2019-0887\",\n \"CVE-2019-0999\",\n \"CVE-2019-1001\",\n \"CVE-2019-1004\",\n \"CVE-2019-1006\",\n \"CVE-2019-1056\",\n \"CVE-2019-1059\",\n \"CVE-2019-1062\",\n \"CVE-2019-1063\",\n \"CVE-2019-1067\",\n \"CVE-2019-1071\",\n \"CVE-2019-1073\",\n \"CVE-2019-1082\",\n \"CVE-2019-1083\",\n \"CVE-2019-1085\",\n \"CVE-2019-1086\",\n \"CVE-2019-1087\",\n \"CVE-2019-1088\",\n \"CVE-2019-1089\",\n \"CVE-2019-1091\",\n \"CVE-2019-1092\",\n \"CVE-2019-1093\",\n \"CVE-2019-1094\",\n \"CVE-2019-1095\",\n \"CVE-2019-1096\",\n \"CVE-2019-1097\",\n \"CVE-2019-1102\",\n \"CVE-2019-1103\",\n \"CVE-2019-1104\",\n \"CVE-2019-1107\",\n \"CVE-2019-1108\",\n \"CVE-2019-1113\",\n \"CVE-2019-1125\",\n \"CVE-2019-1130\"\n );\n script_xref(name:\"MSKB\", value:\"4507458\");\n script_xref(name:\"MSFT\", value:\"MS19-4507458\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"KB4507458: Windows 10 July 2019 Security Update (SWAPGS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4507458.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when\n DirectX improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could run arbitrary code in kernel mode. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-0999)\n\n - A remote code execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-1113)\n\n - A local elevation of privilege vulnerability exists in\n how splwow64.exe handles certain calls. An attacker who\n successfully exploited the vulnerability could elevate\n privileges on an affected system from low-integrity to\n medium-integrity. This vulnerability by itself does not\n allow arbitrary code execution; however, it could allow\n arbitrary code to be run if the attacker uses it in\n combination with another vulnerability (such as a remote\n code execution vulnerability or another elevation of\n privilege vulnerability) that is capable of leveraging\n the elevated privileges when code execution is\n attempted. (CVE-2019-0880)\n\n - An elevation of privilege vulnerability exists in\n rpcss.dll when the RPC service Activation Kernel\n improperly handles an RPC request. (CVE-2019-1089)\n\n - An information disclosure vulnerability exists when the\n Windows RDP client improperly discloses the contents of\n its memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1108)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1096)\n\n - An elevation of privilege vulnerability exists in\n Microsoft Windows where a certain dll, with Local\n Service privilege, is vulnerable to race planting a\n customized dll. An attacker who successfully exploited\n this vulnerability could potentially elevate privilege\n to SYSTEM. The update addresses this vulnerability by\n requiring system privileges for a certain DLL.\n (CVE-2019-1082)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1001)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1063)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1104)\n\n - An information disclosure vulnerability exists when\n DirectWrite improperly discloses the contents of its\n memory. An attacker who successfully exploited the\n vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how DirectWrite handles objects in memory.\n (CVE-2019-1093, CVE-2019-1097)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1094, CVE-2019-1095)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. An authenticated attacker could exploit this\n vulnerability by running a specially crafted\n application. The update addresses the vulnerability by\n correcting how the Windows kernel handles objects in\n memory. (CVE-2019-1071)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2019-1067)\n\n - An elevation of privilege exists in Windows Audio\n Service. An attacker who successfully exploited the\n vulnerability could run arbitrary code with elevated\n privileges. (CVE-2019-1086, CVE-2019-1087,\n CVE-2019-1088)\n\n - An elevation of privilege vulnerability exists when\n Windows AppX Deployment Service (AppXSVC) improperly\n handles hard links. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1130)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1004, CVE-2019-1056, CVE-2019-1059)\n\n - A remote code execution vulnerability exists in Remote\n Desktop Services formerly known as Terminal Services\n when an authenticated attacker abuses clipboard\n redirection. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on the victim\n system. An attacker could then install programs; view,\n change, or delete data; or create new accounts with full\n user rights. (CVE-2019-0887)\n\n - An elevation of privilege vulnerability exists in the\n way that the wlansvc.dll handles objects in memory. An\n attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2019-1085)\n\n - A denial of service vulnerability exists when Microsoft\n Common Object Runtime Library improperly handles web\n requests. An attacker who successfully exploited this\n vulnerability could cause a denial of service against a\n .NET web application. A remote unauthenticated attacker\n could exploit this vulnerability by issuing specially\n crafted requests to the .NET application. The update\n addresses the vulnerability by correcting how the .NET\n web application handles web requests. (CVE-2019-1083)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2019-1062, CVE-2019-1092,\n CVE-2019-1103, CVE-2019-1107)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1073)\n\n - A remote code execution vulnerability exists in the way\n that the Windows Graphics Device Interface (GDI) handles\n objects in the memory. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-1102)\n\n - An authentication bypass vulnerability exists in Windows\n Communication Foundation (WCF) and Windows Identity\n Foundation (WIF), allowing signing of SAML tokens with\n arbitrary symmetric keys. This vulnerability allows an\n attacker to impersonate another user, which can lead to\n elevation of privileges. The vulnerability exists in\n WCF, WIF 3.5 and above in .NET Framework, WIF 1.0\n component in Windows, WIF Nuget package, and WIF\n implementation in SharePoint. An unauthenticated\n attacker can exploit this by signing a SAML token with\n any arbitrary symmetric key. This security update\n addresses the issue by ensuring all versions of WCF and\n WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006)\n\n - An information disclosure vulnerability exists when\n Unistore.dll fails to properly handle objects in memory.\n An attacker who successfully exploited the vulnerability\n could potentially disclose memory contents of an\n elevated process. (CVE-2019-1091)\n \n - An information disclosure vulnerability exists when\n certain central processing units (CPU) speculatively\n access memory. An attacker who successfully exploited\n the vulnerability could read privileged data across\n trust boundaries. (CVE-2019-1125)\");\n # https://support.microsoft.com/en-us/help/4507458/windows-10-update-kb4507458\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dfda1841\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4507458.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1102\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1113\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-07\";\nkbs = make_list('4507458');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"10240\",\n rollup_date:\"07_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4507458])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-24T15:09:27", "description": "The remote Windows host is missing security update 4507450.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-0999)\n\n - A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-1113)\n\n - A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted. (CVE-2019-0880)\n\n - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107)\n\n - An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1108)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1096)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-0966)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1001)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1063)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1104)\n\n - An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory.\n (CVE-2019-1093, CVE-2019-1097)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1094, CVE-2019-1095)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. (CVE-2019-1071)\n\n - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1067)\n\n - An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1086, CVE-2019-1087, CVE-2019-1088)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1004, CVE-2019-1056, CVE-2019-1059)\n\n - A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an authenticated attacker abuses clipboard redirection. An attacker who successfully exploited this vulnerability could execute arbitrary code on the victim system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-0887)\n\n - An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2019-1085)\n\n - A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET web application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the .NET application. The update addresses the vulnerability by correcting how the .NET web application handles web requests. (CVE-2019-1083)\n\n - An elevation of privilege vulnerability exists in rpcss.dll when the RPC service Activation Kernel improperly handles an RPC request. (CVE-2019-1089)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1073)\n\n - A denial of service vulnerability exists when SymCrypt improperly handles a specially crafted digital signature. An attacker could exploit the vulnerability by creating a specially crafted connection or message.\n The security update addresses the vulnerability by correcting the way SymCrypt handles digital signatures.\n (CVE-2019-0865)\n\n - A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1102)\n\n - An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user, which can lead to elevation of privileges. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in SharePoint. An unauthenticated attacker can exploit this by signing a SAML token with any arbitrary symmetric key. This security update addresses the issue by ensuring all versions of WCF and WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006)\n\n - An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1129, CVE-2019-1130)\n\n - An information disclosure vulnerability exists when Unistore.dll fails to properly handle objects in memory.\n An attacker who successfully exploited the vulnerability could potentially disclose memory contents of an elevated process. (CVE-2019-1091) \n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. (CVE-2019-1125)", "cvss3": {}, "published": "2019-07-09T00:00:00", "type": "nessus", "title": "KB4507450: Windows 10 Version 1703 July 2019 Security Update (SWAPGS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0865", "CVE-2019-0880", "CVE-2019-0887", "CVE-2019-0966", "CVE-2019-0999", "CVE-2019-1001", "CVE-2019-1004", "CVE-2019-1006", "CVE-2019-1056", "CVE-2019-1059", "CVE-2019-1062", "CVE-2019-1063", "CVE-2019-1067", "CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1083", "CVE-2019-1085", "CVE-2019-1086", "CVE-2019-1087", "CVE-2019-1088", "CVE-2019-1089", "CVE-2019-1091", "CVE-2019-1092", "CVE-2019-1093", "CVE-2019-1094", "CVE-2019-1095", "CVE-2019-1096", "CVE-2019-1097", "CVE-2019-1102", "CVE-2019-1103", "CVE-2019-1104", "CVE-2019-1106", "CVE-2019-1107", "CVE-2019-1108", "CVE-2019-1113", "CVE-2019-1125", "CVE-2019-1129", "CVE-2019-1130"], "modified": "2022-05-25T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS19_JUL_4507450.NASL", "href": "https://www.tenable.com/plugins/nessus/126572", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126572);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2019-0865\",\n \"CVE-2019-0880\",\n \"CVE-2019-0887\",\n \"CVE-2019-0966\",\n \"CVE-2019-0999\",\n \"CVE-2019-1001\",\n \"CVE-2019-1004\",\n \"CVE-2019-1006\",\n \"CVE-2019-1056\",\n \"CVE-2019-1059\",\n \"CVE-2019-1062\",\n \"CVE-2019-1063\",\n \"CVE-2019-1067\",\n \"CVE-2019-1071\",\n \"CVE-2019-1073\",\n \"CVE-2019-1083\",\n \"CVE-2019-1085\",\n \"CVE-2019-1086\",\n \"CVE-2019-1087\",\n \"CVE-2019-1088\",\n \"CVE-2019-1089\",\n \"CVE-2019-1091\",\n \"CVE-2019-1092\",\n \"CVE-2019-1093\",\n \"CVE-2019-1094\",\n \"CVE-2019-1095\",\n \"CVE-2019-1096\",\n \"CVE-2019-1097\",\n \"CVE-2019-1102\",\n \"CVE-2019-1103\",\n \"CVE-2019-1104\",\n \"CVE-2019-1106\",\n \"CVE-2019-1107\",\n \"CVE-2019-1108\",\n \"CVE-2019-1113\",\n \"CVE-2019-1125\",\n \"CVE-2019-1129\",\n \"CVE-2019-1130\"\n );\n script_xref(name:\"MSKB\", value:\"4507450\");\n script_xref(name:\"MSFT\", value:\"MS19-4507450\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/05\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"KB4507450: Windows 10 Version 1703 July 2019 Security Update (SWAPGS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4507450.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when\n DirectX improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could run arbitrary code in kernel mode. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-0999)\n\n - A remote code execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-1113)\n\n - A local elevation of privilege vulnerability exists in\n how splwow64.exe handles certain calls. An attacker who\n successfully exploited the vulnerability could elevate\n privileges on an affected system from low-integrity to\n medium-integrity. This vulnerability by itself does not\n allow arbitrary code execution; however, it could allow\n arbitrary code to be run if the attacker uses it in\n combination with another vulnerability (such as a remote\n code execution vulnerability or another elevation of\n privilege vulnerability) that is capable of leveraging\n the elevated privileges when code execution is\n attempted. (CVE-2019-0880)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2019-1062, CVE-2019-1092,\n CVE-2019-1103, CVE-2019-1106, CVE-2019-1107)\n\n - An information disclosure vulnerability exists when the\n Windows RDP client improperly discloses the contents of\n its memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1108)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1096)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V on a host server fails to properly validate\n input from a privileged user on a guest operating\n system. (CVE-2019-0966)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1001)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1063)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1104)\n\n - An information disclosure vulnerability exists when\n DirectWrite improperly discloses the contents of its\n memory. An attacker who successfully exploited the\n vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how DirectWrite handles objects in memory.\n (CVE-2019-1093, CVE-2019-1097)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1094, CVE-2019-1095)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. An authenticated attacker could exploit this\n vulnerability by running a specially crafted\n application. The update addresses the vulnerability by\n correcting how the Windows kernel handles objects in\n memory. (CVE-2019-1071)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2019-1067)\n\n - An elevation of privilege exists in Windows Audio\n Service. An attacker who successfully exploited the\n vulnerability could run arbitrary code with elevated\n privileges. (CVE-2019-1086, CVE-2019-1087,\n CVE-2019-1088)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1004, CVE-2019-1056, CVE-2019-1059)\n\n - A remote code execution vulnerability exists in Remote\n Desktop Services formerly known as Terminal Services\n when an authenticated attacker abuses clipboard\n redirection. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on the victim\n system. An attacker could then install programs; view,\n change, or delete data; or create new accounts with full\n user rights. (CVE-2019-0887)\n\n - An elevation of privilege vulnerability exists in the\n way that the wlansvc.dll handles objects in memory. An\n attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2019-1085)\n\n - A denial of service vulnerability exists when Microsoft\n Common Object Runtime Library improperly handles web\n requests. An attacker who successfully exploited this\n vulnerability could cause a denial of service against a\n .NET web application. A remote unauthenticated attacker\n could exploit this vulnerability by issuing specially\n crafted requests to the .NET application. The update\n addresses the vulnerability by correcting how the .NET\n web application handles web requests. (CVE-2019-1083)\n\n - An elevation of privilege vulnerability exists in\n rpcss.dll when the RPC service Activation Kernel\n improperly handles an RPC request. (CVE-2019-1089)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1073)\n\n - A denial of service vulnerability exists when SymCrypt\n improperly handles a specially crafted digital\n signature. An attacker could exploit the vulnerability\n by creating a specially crafted connection or message.\n The security update addresses the vulnerability by\n correcting the way SymCrypt handles digital signatures.\n (CVE-2019-0865)\n\n - A remote code execution vulnerability exists in the way\n that the Windows Graphics Device Interface (GDI) handles\n objects in the memory. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-1102)\n\n - An authentication bypass vulnerability exists in Windows\n Communication Foundation (WCF) and Windows Identity\n Foundation (WIF), allowing signing of SAML tokens with\n arbitrary symmetric keys. This vulnerability allows an\n attacker to impersonate another user, which can lead to\n elevation of privileges. The vulnerability exists in\n WCF, WIF 3.5 and above in .NET Framework, WIF 1.0\n component in Windows, WIF Nuget package, and WIF\n implementation in SharePoint. An unauthenticated\n attacker can exploit this by signing a SAML token with\n any arbitrary symmetric key. This security update\n addresses the issue by ensuring all versions of WCF and\n WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006)\n\n - An elevation of privilege vulnerability exists when\n Windows AppX Deployment Service (AppXSVC) improperly\n handles hard links. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1129,\n CVE-2019-1130)\n\n - An information disclosure vulnerability exists when\n Unistore.dll fails to properly handle objects in memory.\n An attacker who successfully exploited the vulnerability\n could potentially disclose memory contents of an\n elevated process. (CVE-2019-1091)\n \n - An information disclosure vulnerability exists when\n certain central processing units (CPU) speculatively\n access memory. An attacker who successfully exploited\n the vulnerability could read privileged data across\n trust boundaries. (CVE-2019-1125)\");\n # https://support.microsoft.com/en-us/help/4507450/windows-10-update-kb4507450\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f489340c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4507450.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1102\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1113\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-07\";\nkbs = make_list('4507450');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"15063\",\n rollup_date:\"07_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4507450])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-30T17:03:24", "description": "The remote Windows host is missing security update 4507460.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-0999)\n\n - A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-1113)\n\n - A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted. (CVE-2019-0880)\n\n - An elevation of privilege vulnerability exists in rpcss.dll when the RPC service Activation Kernel improperly handles an RPC request. (CVE-2019-1089)\n\n - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107)\n\n - An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1108)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1096)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-0966)\n\n - An elevation of privilege vulnerability exists in Microsoft Windows where a certain dll, with Local Service privilege, is vulnerable to race planting a customized dll. An attacker who successfully exploited this vulnerability could potentially elevate privilege to SYSTEM. The update addresses this vulnerability by requiring system privileges for a certain DLL.\n (CVE-2019-1082)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1001)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1063)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1104)\n\n - An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory.\n (CVE-2019-1093, CVE-2019-1097)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1094, CVE-2019-1095)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. (CVE-2019-1071)\n\n - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1067)\n\n - An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1086, CVE-2019-1087, CVE-2019-1088)\n\n - An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1130)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1004, CVE-2019-1056, CVE-2019-1059)\n\n - A security feature bypass vulnerability exists in Active Directory Federation Services (ADFS) which could allow an attacker to bypass the extranet lockout policy.\n (CVE-2019-1126)\n\n - A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an authenticated attacker abuses clipboard redirection. An attacker who successfully exploited this vulnerability could execute arbitrary code on the victim system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-0887)\n\n - An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2019-1085)\n\n - A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET web application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the .NET application. The update addresses the vulnerability by correcting how the .NET web application handles web requests. (CVE-2019-1083)\n\n - A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server. An attacker who successfully exploited the vulnerability could either run arbitrary code on the DHCP failover server or cause the DHCP service to become nonresponsive.\n (CVE-2019-0785)\n\n - A security feature bypass vulnerability exists when Active Directory Federation Services (ADFS) improperly updates its list of banned IP addresses.\n (CVE-2019-0975)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1073)\n\n - A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1102)\n\n - An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user, which can lead to elevation of privileges. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in SharePoint. An unauthenticated attacker can exploit this by signing a SAML token with any arbitrary symmetric key. This security update addresses the issue by ensuring all versions of WCF and WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006)\n\n - An information disclosure vulnerability exists when Unistore.dll fails to properly handle objects in memory.\n An attacker who successfully exploited the vulnerability could potentially disclose memory contents of an elevated process. (CVE-2019-1091)\n\n - A denial of service vulnerability exists in Windows DNS Server when it fails to properly handle DNS queries. An attacker who successfully exploited this vulnerability could cause the DNS Server service to become nonresponsive. (CVE-2019-0811) \n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. (CVE-2019-1125)", "cvss3": {}, "published": "2019-07-09T00:00:00", "type": "nessus", "title": "KB4507460: Windows 10 Version 1607 and Windows Server 2016 July 2019 Security Update (SWAPGS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0785", "CVE-2019-0811", "CVE-2019-0880", "CVE-2019-0887", "CVE-2019-0966", "CVE-2019-0975", "CVE-2019-0999", "CVE-2019-1001", "CVE-2019-1004", "CVE-2019-1006", "CVE-2019-1056", "CVE-2019-1059", "CVE-2019-1062", "CVE-2019-1063", "CVE-2019-1067", "CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1082", "CVE-2019-1083", "CVE-2019-1085", "CVE-2019-1086", "CVE-2019-1087", "CVE-2019-1088", "CVE-2019-1089", "CVE-2019-1091", "CVE-2019-1092", "CVE-2019-1093", "CVE-2019-1094", "CVE-2019-1095", "CVE-2019-1096", "CVE-2019-1097", "CVE-2019-1102", "CVE-2019-1103", "CVE-2019-1104", "CVE-2019-1106", "CVE-2019-1107", "CVE-2019-1108", "CVE-2019-1113", "CVE-2019-1125", "CVE-2019-1126", "CVE-2019-1130"], "modified": "2022-05-25T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS19_JUL_4507460.NASL", "href": "https://www.tenable.com/plugins/nessus/126577", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126577);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2019-0785\",\n \"CVE-2019-0811\",\n \"CVE-2019-0880\",\n \"CVE-2019-0887\",\n \"CVE-2019-0966\",\n \"CVE-2019-0975\",\n \"CVE-2019-0999\",\n \"CVE-2019-1001\",\n \"CVE-2019-1004\",\n \"CVE-2019-1006\",\n \"CVE-2019-1056\",\n \"CVE-2019-1059\",\n \"CVE-2019-1062\",\n \"CVE-2019-1063\",\n \"CVE-2019-1067\",\n \"CVE-2019-1071\",\n \"CVE-2019-1073\",\n \"CVE-2019-1082\",\n \"CVE-2019-1083\",\n \"CVE-2019-1085\",\n \"CVE-2019-1086\",\n \"CVE-2019-1087\",\n \"CVE-2019-1088\",\n \"CVE-2019-1089\",\n \"CVE-2019-1091\",\n \"CVE-2019-1092\",\n \"CVE-2019-1093\",\n \"CVE-2019-1094\",\n \"CVE-2019-1095\",\n \"CVE-2019-1096\",\n \"CVE-2019-1097\",\n \"CVE-2019-1102\",\n \"CVE-2019-1103\",\n \"CVE-2019-1104\",\n \"CVE-2019-1106\",\n \"CVE-2019-1107\",\n \"CVE-2019-1108\",\n \"CVE-2019-1113\",\n \"CVE-2019-1125\",\n \"CVE-2019-1126\",\n \"CVE-2019-1130\"\n );\n script_xref(name:\"MSKB\", value:\"4507460\");\n script_xref(name:\"MSFT\", value:\"MS19-4507460\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"KB4507460: Windows 10 Version 1607 and Windows Server 2016 July 2019 Security Update (SWAPGS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4507460.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when\n DirectX improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could run arbitrary code in kernel mode. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-0999)\n\n - A remote code execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-1113)\n\n - A local elevation of privilege vulnerability exists in\n how splwow64.exe handles certain calls. An attacker who\n successfully exploited the vulnerability could elevate\n privileges on an affected system from low-integrity to\n medium-integrity. This vulnerability by itself does not\n allow arbitrary code execution; however, it could allow\n arbitrary code to be run if the attacker uses it in\n combination with another vulnerability (such as a remote\n code execution vulnerability or another elevation of\n privilege vulnerability) that is capable of leveraging\n the elevated privileges when code execution is\n attempted. (CVE-2019-0880)\n\n - An elevation of privilege vulnerability exists in\n rpcss.dll when the RPC service Activation Kernel\n improperly handles an RPC request. (CVE-2019-1089)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2019-1062, CVE-2019-1092,\n CVE-2019-1103, CVE-2019-1106, CVE-2019-1107)\n\n - An information disclosure vulnerability exists when the\n Windows RDP client improperly discloses the contents of\n its memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1108)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1096)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V on a host server fails to properly validate\n input from a privileged user on a guest operating\n system. (CVE-2019-0966)\n\n - An elevation of privilege vulnerability exists in\n Microsoft Windows where a certain dll, with Local\n Service privilege, is vulnerable to race planting a\n customized dll. An attacker who successfully exploited\n this vulnerability could potentially elevate privilege\n to SYSTEM. The update addresses this vulnerability by\n requiring system privileges for a certain DLL.\n (CVE-2019-1082)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1001)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1063)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1104)\n\n - An information disclosure vulnerability exists when\n DirectWrite improperly discloses the contents of its\n memory. An attacker who successfully exploited the\n vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how DirectWrite handles objects in memory.\n (CVE-2019-1093, CVE-2019-1097)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1094, CVE-2019-1095)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. An authenticated attacker could exploit this\n vulnerability by running a specially crafted\n application. The update addresses the vulnerability by\n correcting how the Windows kernel handles objects in\n memory. (CVE-2019-1071)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2019-1067)\n\n - An elevation of privilege exists in Windows Audio\n Service. An attacker who successfully exploited the\n vulnerability could run arbitrary code with elevated\n privileges. (CVE-2019-1086, CVE-2019-1087,\n CVE-2019-1088)\n\n - An elevation of privilege vulnerability exists when\n Windows AppX Deployment Service (AppXSVC) improperly\n handles hard links. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1130)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1004, CVE-2019-1056, CVE-2019-1059)\n\n - A security feature bypass vulnerability exists in Active\n Directory Federation Services (ADFS) which could allow\n an attacker to bypass the extranet lockout policy.\n (CVE-2019-1126)\n\n - A remote code execution vulnerability exists in Remote\n Desktop Services formerly known as Terminal Services\n when an authenticated attacker abuses clipboard\n redirection. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on the victim\n system. An attacker could then install programs; view,\n change, or delete data; or create new accounts with full\n user rights. (CVE-2019-0887)\n\n - An elevation of privilege vulnerability exists in the\n way that the wlansvc.dll handles objects in memory. An\n attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2019-1085)\n\n - A denial of service vulnerability exists when Microsoft\n Common Object Runtime Library improperly handles web\n requests. An attacker who successfully exploited this\n vulnerability could cause a denial of service against a\n .NET web application. A remote unauthenticated attacker\n could exploit this vulnerability by issuing specially\n crafted requests to the .NET application. The update\n addresses the vulnerability by correcting how the .NET\n web application handles web requests. (CVE-2019-1083)\n\n - A memory corruption vulnerability exists in the Windows\n Server DHCP service when an attacker sends specially\n crafted packets to a DHCP failover server. An attacker\n who successfully exploited the vulnerability could\n either run arbitrary code on the DHCP failover server or\n cause the DHCP service to become nonresponsive.\n (CVE-2019-0785)\n\n - A security feature bypass vulnerability exists when\n Active Directory Federation Services (ADFS) improperly\n updates its list of banned IP addresses.\n (CVE-2019-0975)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1073)\n\n - A remote code execution vulnerability exists in the way\n that the Windows Graphics Device Interface (GDI) handles\n objects in the memory. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-1102)\n\n - An authentication bypass vulnerability exists in Windows\n Communication Foundation (WCF) and Windows Identity\n Foundation (WIF), allowing signing of SAML tokens with\n arbitrary symmetric keys. This vulnerability allows an\n attacker to impersonate another user, which can lead to\n elevation of privileges. The vulnerability exists in\n WCF, WIF 3.5 and above in .NET Framework, WIF 1.0\n component in Windows, WIF Nuget package, and WIF\n implementation in SharePoint. An unauthenticated\n attacker can exploit this by signing a SAML token with\n any arbitrary symmetric key. This security update\n addresses the issue by ensuring all versions of WCF and\n WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006)\n\n - An information disclosure vulnerability exists when\n Unistore.dll fails to properly handle objects in memory.\n An attacker who successfully exploited the vulnerability\n could potentially disclose memory contents of an\n elevated process. (CVE-2019-1091)\n\n - A denial of service vulnerability exists in Windows DNS\n Server when it fails to properly handle DNS queries. An\n attacker who successfully exploited this vulnerability\n could cause the DNS Server service to become\n nonresponsive. (CVE-2019-0811)\n \n - An information disclosure vulnerability exists when\n certain central processing units (CPU) speculatively\n access memory. An attacker who successfully exploited\n the vulnerability could read privileged data across\n trust boundaries. (CVE-2019-1125)\");\n # https://support.microsoft.com/en-us/help/4507460/windows-10-update-kb4507460\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dd6e86c0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4507460.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1102\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-0785\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-07\";\nkbs = make_list('4507460');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"14393\",\n rollup_date:\"07_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4507460])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-24T15:09:27", "description": "The remote Windows host is missing security update 4507455.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-0999)\n\n - A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-1113)\n\n - A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted. (CVE-2019-0880)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-0966)\n\n - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107)\n\n - An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1108)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1096)\n\n - An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with administrator privileges. (CVE-2019-1037)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1001)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1063)\n\n - An elevation of privilege vulnerability exists in Microsoft Windows where certain folders, with local service privilege, are vulnerable to symbolic link attack. An attacker who successfully exploited this vulnerability could potentially access unauthorized information. The update addresses this vulnerability by not allowing symbolic links in these scenarios.\n (CVE-2019-1074)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1104)\n\n - An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory.\n (CVE-2019-1093, CVE-2019-1097)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1094, CVE-2019-1095)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. (CVE-2019-1071)\n\n - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1067)\n\n - An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1086, CVE-2019-1087, CVE-2019-1088)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1004, CVE-2019-1056, CVE-2019-1059)\n\n - A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an authenticated attacker abuses clipboard redirection. An attacker who successfully exploited this vulnerability could execute arbitrary code on the victim system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-0887)\n\n - An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2019-1085)\n\n - A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET web application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the .NET application. The update addresses the vulnerability by correcting how the .NET web application handles web requests. (CVE-2019-1083)\n\n - An elevation of privilege vulnerability exists in rpcss.dll when the RPC service Activation Kernel improperly handles an RPC request. (CVE-2019-1089)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1073)\n\n - A denial of service vulnerability exists when SymCrypt improperly handles a specially crafted digital signature. An attacker could exploit the vulnerability by creating a specially crafted connection or message.\n The security update addresses the vulnerability by correcting the way SymCrypt handles digital signatures.\n (CVE-2019-0865)\n\n - A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1102)\n\n - An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user, which can lead to elevation of privileges. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in SharePoint. An unauthenticated attacker can exploit this by signing a SAML token with any arbitrary symmetric key. This security update addresses the issue by ensuring all versions of WCF and WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006)\n\n - An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1129, CVE-2019-1130)\n\n - An information disclosure vulnerability exists when Unistore.dll fails to properly handle objects in memory.\n An attacker who successfully exploited the vulnerability could potentially disclose memory contents of an elevated process. (CVE-2019-1091)\n\n - A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory. (CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128) \n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. (CVE-2019-1125)", "cvss3": {}, "published": "2019-07-09T00:00:00", "type": "nessus", "title": "KB4507455: Windows 10 Version 1709 July 2019 Security Update (SWAPGS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0865", "CVE-2019-0880", "CVE-2019-0887", "CVE-2019-0966", "CVE-2019-0999", "CVE-2019-1001", "CVE-2019-1004", "CVE-2019-1006", "CVE-2019-1037", "CVE-2019-1056", "CVE-2019-1059", "CVE-2019-1062", "CVE-2019-1063", "CVE-2019-1067", "CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1074", "CVE-2019-1083", "CVE-2019-1085", "CVE-2019-1086", "CVE-2019-1087", "CVE-2019-1088", "CVE-2019-1089", "CVE-2019-1091", "CVE-2019-1092", "CVE-2019-1093", "CVE-2019-1094", "CVE-2019-1095", "CVE-2019-1096", "CVE-2019-1097", "CVE-2019-1102", "CVE-2019-1103", "CVE-2019-1104", "CVE-2019-1106", "CVE-2019-1107", "CVE-2019-1108", "CVE-2019-1113", "CVE-2019-1117", "CVE-2019-1118", "CVE-2019-1119", "CVE-2019-1120", "CVE-2019-1121", "CVE-2019-1122", "CVE-2019-1123", "CVE-2019-1124", "CVE-2019-1125", "CVE-2019-1127", "CVE-2019-1128", "CVE-2019-1129", "CVE-2019-1130"], "modified": "2022-05-25T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS19_JUL_4507455.NASL", "href": "https://www.tenable.com/plugins/nessus/126575", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126575);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2019-0865\",\n \"CVE-2019-0880\",\n \"CVE-2019-0887\",\n \"CVE-2019-0966\",\n \"CVE-2019-0999\",\n \"CVE-2019-1001\",\n \"CVE-2019-1004\",\n \"CVE-2019-1006\",\n \"CVE-2019-1037\",\n \"CVE-2019-1056\",\n \"CVE-2019-1059\",\n \"CVE-2019-1062\",\n \"CVE-2019-1063\",\n \"CVE-2019-1067\",\n \"CVE-2019-1071\",\n \"CVE-2019-1073\",\n \"CVE-2019-1074\",\n \"CVE-2019-1083\",\n \"CVE-2019-1085\",\n \"CVE-2019-1086\",\n \"CVE-2019-1087\",\n \"CVE-2019-1088\",\n \"CVE-2019-1089\",\n \"CVE-2019-1091\",\n \"CVE-2019-1092\",\n \"CVE-2019-1093\",\n \"CVE-2019-1094\",\n \"CVE-2019-1095\",\n \"CVE-2019-1096\",\n \"CVE-2019-1097\",\n \"CVE-2019-1102\",\n \"CVE-2019-1103\",\n \"CVE-2019-1104\",\n \"CVE-2019-1106\",\n \"CVE-2019-1107\",\n \"CVE-2019-1108\",\n \"CVE-2019-1113\",\n \"CVE-2019-1117\",\n \"CVE-2019-1118\",\n \"CVE-2019-1119\",\n \"CVE-2019-1120\",\n \"CVE-2019-1121\",\n \"CVE-2019-1122\",\n \"CVE-2019-1123\",\n \"CVE-2019-1124\",\n \"CVE-2019-1125\",\n \"CVE-2019-1127\",\n \"CVE-2019-1128\",\n \"CVE-2019-1129\",\n \"CVE-2019-1130\"\n );\n script_xref(name:\"MSKB\", value:\"4507455\");\n script_xref(name:\"MSFT\", value:\"MS19-4507455\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/05\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"KB4507455: Windows 10 Version 1709 July 2019 Security Update (SWAPGS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4507455.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when\n DirectX improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could run arbitrary code in kernel mode. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-0999)\n\n - A remote code execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-1113)\n\n - A local elevation of privilege vulnerability exists in\n how splwow64.exe handles certain calls. An attacker who\n successfully exploited the vulnerability could elevate\n privileges on an affected system from low-integrity to\n medium-integrity. This vulnerability by itself does not\n allow arbitrary code execution; however, it could allow\n arbitrary code to be run if the attacker uses it in\n combination with another vulnerability (such as a remote\n code execution vulnerability or another elevation of\n privilege vulnerability) that is capable of leveraging\n the elevated privileges when code execution is\n attempted. (CVE-2019-0880)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V on a host server fails to properly validate\n input from a privileged user on a guest operating\n system. (CVE-2019-0966)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2019-1062, CVE-2019-1092,\n CVE-2019-1103, CVE-2019-1106, CVE-2019-1107)\n\n - An information disclosure vulnerability exists when the\n Windows RDP client improperly discloses the contents of\n its memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1108)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1096)\n\n - An elevation of privilege vulnerability exists in the\n way Windows Error Reporting (WER) handles files. An\n attacker who successfully exploited this vulnerability\n could run arbitrary code in kernel mode. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with administrator\n privileges. (CVE-2019-1037)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1001)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1063)\n\n - An elevation of privilege vulnerability exists in\n Microsoft Windows where certain folders, with local\n service privilege, are vulnerable to symbolic link\n attack. An attacker who successfully exploited this\n vulnerability could potentially access unauthorized\n information. The update addresses this vulnerability by\n not allowing symbolic links in these scenarios.\n (CVE-2019-1074)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1104)\n\n - An information disclosure vulnerability exists when\n DirectWrite improperly discloses the contents of its\n memory. An attacker who successfully exploited the\n vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how DirectWrite handles objects in memory.\n (CVE-2019-1093, CVE-2019-1097)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1094, CVE-2019-1095)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. An authenticated attacker could exploit this\n vulnerability by running a specially crafted\n application. The update addresses the vulnerability by\n correcting how the Windows kernel handles objects in\n memory. (CVE-2019-1071)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2019-1067)\n\n - An elevation of privilege exists in Windows Audio\n Service. An attacker who successfully exploited the\n vulnerability could run arbitrary code with elevated\n privileges. (CVE-2019-1086, CVE-2019-1087,\n CVE-2019-1088)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1004, CVE-2019-1056, CVE-2019-1059)\n\n - A remote code execution vulnerability exists in Remote\n Desktop Services formerly known as Terminal Services\n when an authenticated attacker abuses clipboard\n redirection. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on the victim\n system. An attacker could then install programs; view,\n change, or delete data; or create new accounts with full\n user rights. (CVE-2019-0887)\n\n - An elevation of privilege vulnerability exists in the\n way that the wlansvc.dll handles objects in memory. An\n attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2019-1085)\n\n - A denial of service vulnerability exists when Microsoft\n Common Object Runtime Library improperly handles web\n requests. An attacker who successfully exploited this\n vulnerability could cause a denial of service against a\n .NET web application. A remote unauthenticated attacker\n could exploit this vulnerability by issuing specially\n crafted requests to the .NET application. The update\n addresses the vulnerability by correcting how the .NET\n web application handles web requests. (CVE-2019-1083)\n\n - An elevation of privilege vulnerability exists in\n rpcss.dll when the RPC service Activation Kernel\n improperly handles an RPC request. (CVE-2019-1089)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1073)\n\n - A denial of service vulnerability exists when SymCrypt\n improperly handles a specially crafted digital\n signature. An attacker could exploit the vulnerability\n by creating a specially crafted connection or message.\n The security update addresses the vulnerability by\n correcting the way SymCrypt handles digital signatures.\n (CVE-2019-0865)\n\n - A remote code execution vulnerability exists in the way\n that the Windows Graphics Device Interface (GDI) handles\n objects in the memory. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-1102)\n\n - An authentication bypass vulnerability exists in Windows\n Communication Foundation (WCF) and Windows Identity\n Foundation (WIF), allowing signing of SAML tokens with\n arbitrary symmetric keys. This vulnerability allows an\n attacker to impersonate another user, which can lead to\n elevation of privileges. The vulnerability exists in\n WCF, WIF 3.5 and above in .NET Framework, WIF 1.0\n component in Windows, WIF Nuget package, and WIF\n implementation in SharePoint. An unauthenticated\n attacker can exploit this by signing a SAML token with\n any arbitrary symmetric key. This security update\n addresses the issue by ensuring all versions of WCF and\n WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006)\n\n - An elevation of privilege vulnerability exists when\n Windows AppX Deployment Service (AppXSVC) improperly\n handles hard links. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1129,\n CVE-2019-1130)\n\n - An information disclosure vulnerability exists when\n Unistore.dll fails to properly handle objects in memory.\n An attacker who successfully exploited the vulnerability\n could potentially disclose memory contents of an\n elevated process. (CVE-2019-1091)\n\n - A remote code execution vulnerability exists in the way\n that DirectWrite handles objects in memory. An attacker\n who successfully exploited this vulnerability could take\n control of the affected system. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights. There are\n multiple ways an attacker could exploit the\n vulnerability, such as by convincing a user to open a\n specially crafted document, or by convincing a user to\n visit an untrusted webpage. The security update\n addresses the vulnerability by correcting how\n DirectWrite handles objects in memory. (CVE-2019-1117,\n CVE-2019-1118, CVE-2019-1119, CVE-2019-1120,\n CVE-2019-1121, CVE-2019-1122, CVE-2019-1123,\n CVE-2019-1124, CVE-2019-1127, CVE-2019-1128)\n \n - An information disclosure vulnerability exists when\n certain central processing units (CPU) speculatively\n access memory. An attacker who successfully exploited\n the vulnerability could read privileged data across\n trust boundaries. (CVE-2019-1125)\");\n # https://support.microsoft.com/en-us/help/4507455/windows-10-update-kb4507455\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4741f3da\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4507455.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1128\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-07\";\nkbs = make_list('4507455');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\nmy_os_build = get_kb_item(\"SMB/WindowsVersionBuild\");\nproductname = get_kb_item_or_exit(\"SMB/ProductName\");\n\nif (my_os_build == \"16299\" && \"enterprise\" >!< tolower(productname) && \"education\" >!< tolower(productname) && \"server\" >!< tolower(productname))\n audit(AUDIT_OS_NOT, \"a supported version of Windows\");\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"16299\",\n rollup_date:\"07_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4507455])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-30T17:03:04", "description": "The remote Windows host is missing security update 4507453.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-1113)\n\n - A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted. (CVE-2019-0880)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-0966)\n\n - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107)\n\n - An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1108)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1096)\n\n - An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with administrator privileges. (CVE-2019-1037)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1001)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1063)\n\n - An elevation of privilege vulnerability exists in Microsoft Windows where certain folders, with local service privilege, are vulnerable to symbolic link attack. An attacker who successfully exploited this vulnerability could potentially access unauthorized information. The update addresses this vulnerability by not allowing symbolic links in these scenarios.\n (CVE-2019-1074)\n\n - An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2019-1090)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1104)\n\n - An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory.\n (CVE-2019-1093, CVE-2019-1097)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1094, CVE-2019-1095)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. (CVE-2019-1071)\n\n - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1067)\n\n - An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1086, CVE-2019-1087, CVE-2019-1088)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1004, CVE-2019-1056, CVE-2019-1059)\n\n - A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an authenticated attacker abuses clipboard redirection. An attacker who successfully exploited this vulnerability could execute arbitrary code on the victim system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-0887)\n\n - An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2019-1085)\n\n - A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET web application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the .NET application. The update addresses the vulnerability by correcting how the .NET web application handles web requests. (CVE-2019-1083)\n\n - An elevation of privilege vulnerability exists in rpcss.dll when the RPC service Activation Kernel improperly handles an RPC request. (CVE-2019-1089)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1073)\n\n - A denial of service vulnerability exists when SymCrypt improperly handles a specially crafted digital signature. An attacker could exploit the vulnerability by creating a specially crafted connection or message.\n The security update addresses the vulnerability by correcting the way SymCrypt handles digital signatures.\n (CVE-2019-0865)\n\n - A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1102)\n\n - An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user, which can lead to elevation of privileges. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in SharePoint. An unauthenticated attacker can exploit this by signing a SAML token with any arbitrary symmetric key. This security update addresses the issue by ensuring all versions of WCF and WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006)\n\n - An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1129, CVE-2019-1130)\n\n - An information disclosure vulnerability exists when Unistore.dll fails to properly handle objects in memory.\n An attacker who successfully exploited the vulnerability could potentially disclose memory contents of an elevated process. (CVE-2019-1091)\n\n - A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory. (CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128) \n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. (CVE-2019-1125)", "cvss3": {}, "published": "2019-07-09T00:00:00", "type": "nessus", "title": "KB4507453: Windows 10 Version 1903 July 2019 Security Update (SWAPGS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0865", "CVE-2019-0880", "CVE-2019-0887", "CVE-2019-0966", "CVE-2019-1001", "CVE-2019-1004", "CVE-2019-1006", "CVE-2019-1037", "CVE-2019-1056", "CVE-2019-1059", "CVE-2019-1062", "CVE-2019-1063", "CVE-2019-1067", "CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1074", "CVE-2019-1083", "CVE-2019-1085", "CVE-2019-1086", "CVE-2019-1087", "CVE-2019-1088", "CVE-2019-1089", "CVE-2019-1090", "CVE-2019-1091", "CVE-2019-1092", "CVE-2019-1093", "CVE-2019-1094", "CVE-2019-1095", "CVE-2019-1096", "CVE-2019-1097", "CVE-2019-1102", "CVE-2019-1103", "CVE-2019-1104", "CVE-2019-1106", "CVE-2019-1107", "CVE-2019-1108", "CVE-2019-1113", "CVE-2019-1117", "CVE-2019-1118", "CVE-2019-1119", "CVE-2019-1120", "CVE-2019-1121", "CVE-2019-1122", "CVE-2019-1123", "CVE-2019-1124", "CVE-2019-1125", "CVE-2019-1127", "CVE-2019-1128", "CVE-2019-1129", "CVE-2019-1130"], "modified": "2022-05-25T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS19_JUL_4507453.NASL", "href": "https://www.tenable.com/plugins/nessus/126574", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126574);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2019-0865\",\n \"CVE-2019-0880\",\n \"CVE-2019-0887\",\n \"CVE-2019-0966\",\n \"CVE-2019-1001\",\n \"CVE-2019-1004\",\n \"CVE-2019-1006\",\n \"CVE-2019-1037\",\n \"CVE-2019-1056\",\n \"CVE-2019-1059\",\n \"CVE-2019-1062\",\n \"CVE-2019-1063\",\n \"CVE-2019-1067\",\n \"CVE-2019-1071\",\n \"CVE-2019-1073\",\n \"CVE-2019-1074\",\n \"CVE-2019-1083\",\n \"CVE-2019-1085\",\n \"CVE-2019-1086\",\n \"CVE-2019-1087\",\n \"CVE-2019-1088\",\n \"CVE-2019-1089\",\n \"CVE-2019-1090\",\n \"CVE-2019-1091\",\n \"CVE-2019-1092\",\n \"CVE-2019-1093\",\n \"CVE-2019-1094\",\n \"CVE-2019-1095\",\n \"CVE-2019-1096\",\n \"CVE-2019-1097\",\n \"CVE-2019-1102\",\n \"CVE-2019-1103\",\n \"CVE-2019-1104\",\n \"CVE-2019-1106\",\n \"CVE-2019-1107\",\n \"CVE-2019-1108\",\n \"CVE-2019-1113\",\n \"CVE-2019-1117\",\n \"CVE-2019-1118\",\n \"CVE-2019-1119\",\n \"CVE-2019-1120\",\n \"CVE-2019-1121\",\n \"CVE-2019-1122\",\n \"CVE-2019-1123\",\n \"CVE-2019-1124\",\n \"CVE-2019-1125\",\n \"CVE-2019-1127\",\n \"CVE-2019-1128\",\n \"CVE-2019-1129\",\n \"CVE-2019-1130\"\n );\n script_xref(name:\"MSKB\", value:\"4507453\");\n script_xref(name:\"MSFT\", value:\"MS19-4507453\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/05\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"KB4507453: Windows 10 Version 1903 July 2019 Security Update (SWAPGS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4507453.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-1113)\n\n - A local elevation of privilege vulnerability exists in\n how splwow64.exe handles certain calls. An attacker who\n successfully exploited the vulnerability could elevate\n privileges on an affected system from low-integrity to\n medium-integrity. This vulnerability by itself does not\n allow arbitrary code execution; however, it could allow\n arbitrary code to be run if the attacker uses it in\n combination with another vulnerability (such as a remote\n code execution vulnerability or another elevation of\n privilege vulnerability) that is capable of leveraging\n the elevated privileges when code execution is\n attempted. (CVE-2019-0880)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V on a host server fails to properly validate\n input from a privileged user on a guest operating\n system. (CVE-2019-0966)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2019-1062, CVE-2019-1092,\n CVE-2019-1103, CVE-2019-1106, CVE-2019-1107)\n\n - An information disclosure vulnerability exists when the\n Windows RDP client improperly discloses the contents of\n its memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1108)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1096)\n\n - An elevation of privilege vulnerability exists in the\n way Windows Error Reporting (WER) handles files. An\n attacker who successfully exploited this vulnerability\n could run arbitrary code in kernel mode. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with administrator\n privileges. (CVE-2019-1037)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1001)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1063)\n\n - An elevation of privilege vulnerability exists in\n Microsoft Windows where certain folders, with local\n service privilege, are vulnerable to symbolic link\n attack. An attacker who successfully exploited this\n vulnerability could potentially access unauthorized\n information. The update addresses this vulnerability by\n not allowing symbolic links in these scenarios.\n (CVE-2019-1074)\n\n - An elevation of privilege vulnerability exists in the\n way that the dnsrslvr.dll handles objects in memory. An\n attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2019-1090)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1104)\n\n - An information disclosure vulnerability exists when\n DirectWrite improperly discloses the contents of its\n memory. An attacker who successfully exploited the\n vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how DirectWrite handles objects in memory.\n (CVE-2019-1093, CVE-2019-1097)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1094, CVE-2019-1095)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. An authenticated attacker could exploit this\n vulnerability by running a specially crafted\n application. The update addresses the vulnerability by\n correcting how the Windows kernel handles objects in\n memory. (CVE-2019-1071)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2019-1067)\n\n - An elevation of privilege exists in Windows Audio\n Service. An attacker who successfully exploited the\n vulnerability could run arbitrary code with elevated\n privileges. (CVE-2019-1086, CVE-2019-1087,\n CVE-2019-1088)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1004, CVE-2019-1056, CVE-2019-1059)\n\n - A remote code execution vulnerability exists in Remote\n Desktop Services formerly known as Terminal Services\n when an authenticated attacker abuses clipboard\n redirection. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on the victim\n system. An attacker could then install programs; view,\n change, or delete data; or create new accounts with full\n user rights. (CVE-2019-0887)\n\n - An elevation of privilege vulnerability exists in the\n way that the wlansvc.dll handles objects in memory. An\n attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2019-1085)\n\n - A denial of service vulnerability exists when Microsoft\n Common Object Runtime Library improperly handles web\n requests. An attacker who successfully exploited this\n vulnerability could cause a denial of service against a\n .NET web application. A remote unauthenticated attacker\n could exploit this vulnerability by issuing specially\n crafted requests to the .NET application. The update\n addresses the vulnerability by correcting how the .NET\n web application handles web requests. (CVE-2019-1083)\n\n - An elevation of privilege vulnerability exists in\n rpcss.dll when the RPC service Activation Kernel\n improperly handles an RPC request. (CVE-2019-1089)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1073)\n\n - A denial of service vulnerability exists when SymCrypt\n improperly handles a specially crafted digital\n signature. An attacker could exploit the vulnerability\n by creating a specially crafted connection or message.\n The security update addresses the vulnerability by\n correcting the way SymCrypt handles digital signatures.\n (CVE-2019-0865)\n\n - A remote code execution vulnerability exists in the way\n that the Windows Graphics Device Interface (GDI) handles\n objects in the memory. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-1102)\n\n - An authentication bypass vulnerability exists in Windows\n Communication Foundation (WCF) and Windows Identity\n Foundation (WIF), allowing signing of SAML tokens with\n arbitrary symmetric keys. This vulnerability allows an\n attacker to impersonate another user, which can lead to\n elevation of privileges. The vulnerability exists in\n WCF, WIF 3.5 and above in .NET Framework, WIF 1.0\n component in Windows, WIF Nuget package, and WIF\n implementation in SharePoint. An unauthenticated\n attacker can exploit this by signing a SAML token with\n any arbitrary symmetric key. This security update\n addresses the issue by ensuring all versions of WCF and\n WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006)\n\n - An elevation of privilege vulnerability exists when\n Windows AppX Deployment Service (AppXSVC) improperly\n handles hard links. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1129,\n CVE-2019-1130)\n\n - An information disclosure vulnerability exists when\n Unistore.dll fails to properly handle objects in memory.\n An attacker who successfully exploited the vulnerability\n could potentially disclose memory contents of an\n elevated process. (CVE-2019-1091)\n\n - A remote code execution vulnerability exists in the way\n that DirectWrite handles objects in memory. An attacker\n who successfully exploited this vulnerability could take\n control of the affected system. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights. There are\n multiple ways an attacker could exploit the\n vulnerability, such as by convincing a user to open a\n specially crafted document, or by convincing a user to\n visit an untrusted webpage. The security update\n addresses the vulnerability by correcting how\n DirectWrite handles objects in memory. (CVE-2019-1117,\n CVE-2019-1118, CVE-2019-1119, CVE-2019-1120,\n CVE-2019-1121, CVE-2019-1122, CVE-2019-1123,\n CVE-2019-1124, CVE-2019-1127, CVE-2019-1128)\n \n - An information disclosure vulnerability exists when\n certain central processing units (CPU) speculatively\n access memory. An attacker who successfully exploited\n the vulnerability could read privileged data across\n trust boundaries. (CVE-2019-1125)\");\n # https://support.microsoft.com/en-us/help/4507453/windows-10-update-kb4507453\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?29fe0038\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4507453.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1128\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-07\";\nkbs = make_list('4507453');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"18362\",\n rollup_date:\"07_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4507453])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-24T15:07:18", "description": "The remote Windows host is missing security update 4507435.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-0999)\n\n - A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-1113)\n\n - A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted. (CVE-2019-0880)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-0966)\n\n - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107)\n\n - An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1108)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1096)\n\n - An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with administrator privileges. (CVE-2019-1037)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1001)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1063)\n\n - An elevation of privilege vulnerability exists in Microsoft Windows where certain folders, with local service privilege, are vulnerable to symbolic link attack. An attacker who successfully exploited this vulnerability could potentially access unauthorized information. The update addresses this vulnerability by not allowing symbolic links in these scenarios.\n (CVE-2019-1074)\n\n - An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2019-1090)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1104)\n\n - An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory.\n (CVE-2019-1093, CVE-2019-1097)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1094, CVE-2019-1095)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. (CVE-2019-1071)\n\n - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1067)\n\n - An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1086, CVE-2019-1087, CVE-2019-1088)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1004, CVE-2019-1056, CVE-2019-1059)\n\n - A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an authenticated attacker abuses clipboard redirection. An attacker who successfully exploited this vulnerability could execute arbitrary code on the victim system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-0887)\n\n - An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2019-1085)\n\n - A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET web application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the .NET application. The update addresses the vulnerability by correcting how the .NET web application handles web requests. (CVE-2019-1083)\n\n - An elevation of privilege vulnerability exists in rpcss.dll when the RPC service Activation Kernel improperly handles an RPC request. (CVE-2019-1089)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1073)\n\n - A denial of service vulnerability exists when SymCrypt improperly handles a specially crafted digital signature. An attacker could exploit the vulnerability by creating a specially crafted connection or message.\n The security update addresses the vulnerability by correcting the way SymCrypt handles digital signatures.\n (CVE-2019-0865)\n\n - A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1102)\n\n - An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user, which can lead to elevation of privileges. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in SharePoint. An unauthenticated attacker can exploit this by signing a SAML token with any arbitrary symmetric key. This security update addresses the issue by ensuring all versions of WCF and WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006)\n\n - An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1129, CVE-2019-1130)\n\n - An information disclosure vulnerability exists when Unistore.dll fails to properly handle objects in memory.\n An attacker who successfully exploited the vulnerability could potentially disclose memory contents of an elevated process. (CVE-2019-1091)\n\n - A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory. (CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128) \n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. (CVE-2019-1125)", "cvss3": {}, "published": "2019-07-09T00:00:00", "type": "nessus", "title": "KB4507435: Windows 10 Version 1803 July 2019 Security Update (SWAPGS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0865", "CVE-2019-0880", "CVE-2019-0887", "CVE-2019-0966", "CVE-2019-0999", "CVE-2019-1001", "CVE-2019-1004", "CVE-2019-1006", "CVE-2019-1037", "CVE-2019-1056", "CVE-2019-1059", "CVE-2019-1062", "CVE-2019-1063", "CVE-2019-1067", "CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1074", "CVE-2019-1083", "CVE-2019-1085", "CVE-2019-1086", "CVE-2019-1087", "CVE-2019-1088", "CVE-2019-1089", "CVE-2019-1090", "CVE-2019-1091", "CVE-2019-1092", "CVE-2019-1093", "CVE-2019-1094", "CVE-2019-1095", "CVE-2019-1096", "CVE-2019-1097", "CVE-2019-1102", "CVE-2019-1103", "CVE-2019-1104", "CVE-2019-1106", "CVE-2019-1107", "CVE-2019-1108", "CVE-2019-1113", "CVE-2019-1117", "CVE-2019-1118", "CVE-2019-1119", "CVE-2019-1120", "CVE-2019-1121", "CVE-2019-1122", "CVE-2019-1123", "CVE-2019-1124", "CVE-2019-1125", "CVE-2019-1127", "CVE-2019-1128", "CVE-2019-1129", "CVE-2019-1130"], "modified": "2022-05-25T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS19_JUL_4507435.NASL", "href": "https://www.tenable.com/plugins/nessus/126569", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126569);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2019-0865\",\n \"CVE-2019-0880\",\n \"CVE-2019-0887\",\n \"CVE-2019-0966\",\n \"CVE-2019-0999\",\n \"CVE-2019-1001\",\n \"CVE-2019-1004\",\n \"CVE-2019-1006\",\n \"CVE-2019-1037\",\n \"CVE-2019-1056\",\n \"CVE-2019-1059\",\n \"CVE-2019-1062\",\n \"CVE-2019-1063\",\n \"CVE-2019-1067\",\n \"CVE-2019-1071\",\n \"CVE-2019-1073\",\n \"CVE-2019-1074\",\n \"CVE-2019-1083\",\n \"CVE-2019-1085\",\n \"CVE-2019-1086\",\n \"CVE-2019-1087\",\n \"CVE-2019-1088\",\n \"CVE-2019-1089\",\n \"CVE-2019-1090\",\n \"CVE-2019-1091\",\n \"CVE-2019-1092\",\n \"CVE-2019-1093\",\n \"CVE-2019-1094\",\n \"CVE-2019-1095\",\n \"CVE-2019-1096\",\n \"CVE-2019-1097\",\n \"CVE-2019-1102\",\n \"CVE-2019-1103\",\n \"CVE-2019-1104\",\n \"CVE-2019-1106\",\n \"CVE-2019-1107\",\n \"CVE-2019-1108\",\n \"CVE-2019-1113\",\n \"CVE-2019-1117\",\n \"CVE-2019-1118\",\n \"CVE-2019-1119\",\n \"CVE-2019-1120\",\n \"CVE-2019-1121\",\n \"CVE-2019-1122\",\n \"CVE-2019-1123\",\n \"CVE-2019-1124\",\n \"CVE-2019-1125\",\n \"CVE-2019-1127\",\n \"CVE-2019-1128\",\n \"CVE-2019-1129\",\n \"CVE-2019-1130\"\n );\n script_xref(name:\"MSKB\", value:\"4507435\");\n script_xref(name:\"MSFT\", value:\"MS19-4507435\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/05\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"KB4507435: Windows 10 Version 1803 July 2019 Security Update (SWAPGS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4507435.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when\n DirectX improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could run arbitrary code in kernel mode. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-0999)\n\n - A remote code execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-1113)\n\n - A local elevation of privilege vulnerability exists in\n how splwow64.exe handles certain calls. An attacker who\n successfully exploited the vulnerability could elevate\n privileges on an affected system from low-integrity to\n medium-integrity. This vulnerability by itself does not\n allow arbitrary code execution; however, it could allow\n arbitrary code to be run if the attacker uses it in\n combination with another vulnerability (such as a remote\n code execution vulnerability or another elevation of\n privilege vulnerability) that is capable of leveraging\n the elevated privileges when code execution is\n attempted. (CVE-2019-0880)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V on a host server fails to properly validate\n input from a privileged user on a guest operating\n system. (CVE-2019-0966)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2019-1062, CVE-2019-1092,\n CVE-2019-1103, CVE-2019-1106, CVE-2019-1107)\n\n - An information disclosure vulnerability exists when the\n Windows RDP client improperly discloses the contents of\n its memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1108)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1096)\n\n - An elevation of privilege vulnerability exists in the\n way Windows Error Reporting (WER) handles files. An\n attacker who successfully exploited this vulnerability\n could run arbitrary code in kernel mode. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with administrator\n privileges. (CVE-2019-1037)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1001)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1063)\n\n - An elevation of privilege vulnerability exists in\n Microsoft Windows where certain folders, with local\n service privilege, are vulnerable to symbolic link\n attack. An attacker who successfully exploited this\n vulnerability could potentially access unauthorized\n information. The update addresses this vulnerability by\n not allowing symbolic links in these scenarios.\n (CVE-2019-1074)\n\n - An elevation of privilege vulnerability exists in the\n way that the dnsrslvr.dll handles objects in memory. An\n attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2019-1090)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1104)\n\n - An information disclosure vulnerability exists when\n DirectWrite improperly discloses the contents of its\n memory. An attacker who successfully exploited the\n vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how DirectWrite handles objects in memory.\n (CVE-2019-1093, CVE-2019-1097)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1094, CVE-2019-1095)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. An authenticated attacker could exploit this\n vulnerability by running a specially crafted\n application. The update addresses the vulnerability by\n correcting how the Windows kernel handles objects in\n memory. (CVE-2019-1071)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2019-1067)\n\n - An elevation of privilege exists in Windows Audio\n Service. An attacker who successfully exploited the\n vulnerability could run arbitrary code with elevated\n privileges. (CVE-2019-1086, CVE-2019-1087,\n CVE-2019-1088)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1004, CVE-2019-1056, CVE-2019-1059)\n\n - A remote code execution vulnerability exists in Remote\n Desktop Services formerly known as Terminal Services\n when an authenticated attacker abuses clipboard\n redirection. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on the victim\n system. An attacker could then install programs; view,\n change, or delete data; or create new accounts with full\n user rights. (CVE-2019-0887)\n\n - An elevation of privilege vulnerability exists in the\n way that the wlansvc.dll handles objects in memory. An\n attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2019-1085)\n\n - A denial of service vulnerability exists when Microsoft\n Common Object Runtime Library improperly handles web\n requests. An attacker who successfully exploited this\n vulnerability could cause a denial of service against a\n .NET web application. A remote unauthenticated attacker\n could exploit this vulnerability by issuing specially\n crafted requests to the .NET application. The update\n addresses the vulnerability by correcting how the .NET\n web application handles web requests. (CVE-2019-1083)\n\n - An elevation of privilege vulnerability exists in\n rpcss.dll when the RPC service Activation Kernel\n improperly handles an RPC request. (CVE-2019-1089)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1073)\n\n - A denial of service vulnerability exists when SymCrypt\n improperly handles a specially crafted digital\n signature. An attacker could exploit the vulnerability\n by creating a specially crafted connection or message.\n The security update addresses the vulnerability by\n correcting the way SymCrypt handles digital signatures.\n (CVE-2019-0865)\n\n - A remote code execution vulnerability exists in the way\n that the Windows Graphics Device Interface (GDI) handles\n objects in the memory. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-1102)\n\n - An authentication bypass vulnerability exists in Windows\n Communication Foundation (WCF) and Windows Identity\n Foundation (WIF), allowing signing of SAML tokens with\n arbitrary symmetric keys. This vulnerability allows an\n attacker to impersonate another user, which can lead to\n elevation of privileges. The vulnerability exists in\n WCF, WIF 3.5 and above in .NET Framework, WIF 1.0\n component in Windows, WIF Nuget package, and WIF\n implementation in SharePoint. An unauthenticated\n attacker can exploit this by signing a SAML token with\n any arbitrary symmetric key. This security update\n addresses the issue by ensuring all versions of WCF and\n WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006)\n\n - An elevation of privilege vulnerability exists when\n Windows AppX Deployment Service (AppXSVC) improperly\n handles hard links. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1129,\n CVE-2019-1130)\n\n - An information disclosure vulnerability exists when\n Unistore.dll fails to properly handle objects in memory.\n An attacker who successfully exploited the vulnerability\n could potentially disclose memory contents of an\n elevated process. (CVE-2019-1091)\n\n - A remote code execution vulnerability exists in the way\n that DirectWrite handles objects in memory. An attacker\n who successfully exploited this vulnerability could take\n control of the affected system. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights. There are\n multiple ways an attacker could exploit the\n vulnerability, such as by convincing a user to open a\n specially crafted document, or by convincing a user to\n visit an untrusted webpage. The security update\n addresses the vulnerability by correcting how\n DirectWrite handles objects in memory. (CVE-2019-1117,\n CVE-2019-1118, CVE-2019-1119, CVE-2019-1120,\n CVE-2019-1121, CVE-2019-1122, CVE-2019-1123,\n CVE-2019-1124, CVE-2019-1127, CVE-2019-1128)\n \n - An information disclosure vulnerability exists when\n certain central processing units (CPU) speculatively\n access memory. An attacker who successfully exploited\n the vulnerability could read privileged data across\n trust boundaries. (CVE-2019-1125)\");\n # https://support.microsoft.com/en-us/help/4507435/windows-10-update-kb4507435\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3bfac69e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4507435.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1128\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-07\";\nkbs = make_list('4507435');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"17134\",\n rollup_date:\"07_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4507435])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-24T15:05:42", "description": "The remote Windows host is missing security update 4507469.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-1113)\n\n - A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted. (CVE-2019-0880)\n\n - An elevation of privilege vulnerability exists in rpcss.dll when the RPC service Activation Kernel improperly handles an RPC request. (CVE-2019-1089)\n\n - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107)\n\n - An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1108)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1096)\n\n - An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with administrator privileges. (CVE-2019-1037)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1001)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1063)\n\n - An elevation of privilege vulnerability exists in Microsoft Windows where certain folders, with local service privilege, are vulnerable to symbolic link attack. An attacker who successfully exploited this vulnerability could potentially access unauthorized information. The update addresses this vulnerability by not allowing symbolic links in these scenarios.\n (CVE-2019-1074)\n\n - An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2019-1090)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1104)\n\n - An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory.\n (CVE-2019-1093, CVE-2019-1097)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1094, CVE-2019-1095)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. (CVE-2019-1071)\n\n - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1067)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-0966)\n\n - An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1086, CVE-2019-1087, CVE-2019-1088)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1004, CVE-2019-1056, CVE-2019-1059)\n\n - A security feature bypass vulnerability exists in Active Directory Federation Services (ADFS) which could allow an attacker to bypass the extranet lockout policy.\n (CVE-2019-1126)\n\n - A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an authenticated attacker abuses clipboard redirection. An attacker who successfully exploited this vulnerability could execute arbitrary code on the victim system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-0887)\n\n - An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2019-1085)\n\n - A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET web application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the .NET application. The update addresses the vulnerability by correcting how the .NET web application handles web requests. (CVE-2019-1083)\n\n - A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server. An attacker who successfully exploited the vulnerability could either run arbitrary code on the DHCP failover server or cause the DHCP service to become nonresponsive.\n (CVE-2019-0785)\n\n - A security feature bypass vulnerability exists when Active Directory Federation Services (ADFS) improperly updates its list of banned IP addresses.\n (CVE-2019-0975)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1073)\n\n - A denial of service vulnerability exists when SymCrypt improperly handles a specially crafted digital signature. An attacker could exploit the vulnerability by creating a specially crafted connection or message.\n The security update addresses the vulnerability by correcting the way SymCrypt handles digital signatures.\n (CVE-2019-0865)\n\n - A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1102)\n\n - An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user, which can lead to elevation of privileges. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in SharePoint. An unauthenticated attacker can exploit this by signing a SAML token with any arbitrary symmetric key. This security update addresses the issue by ensuring all versions of WCF and WIF validate the key used to sign SAML tokens correctly.\n (CVE-2019-1006)\n\n - An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1129, CVE-2019-1130)\n\n - An information disclosure vulnerability exists when Unistore.dll fails to properly handle objects in memory.\n An attacker who successfully exploited the vulnerability could potentially disclose memory contents of an elevated process. (CVE-2019-1091)\n\n - A denial of service vulnerability exists in Windows DNS Server when it fails to properly handle DNS queries. An attacker who successfully exploited this vulnerability could cause the DNS Server service to become nonresponsive. (CVE-2019-0811)\n\n - A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory. (CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128) \n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. (CVE-2019-1125)", "cvss3": {}, "published": "2019-07-09T00:00:00", "type": "nessus", "title": "KB4507469: Windows 10 Version 1809 and Windows Server 2019 July 2019 Security Update (SWAPGS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0785", "CVE-2019-0811", "CVE-2019-0865", "CVE-2019-0880", "CVE-2019-0887", "CVE-2019-0966", "CVE-2019-0975", "CVE-2019-1001", "CVE-2019-1004", "CVE-2019-1006", "CVE-2019-1037", "CVE-2019-1056", "CVE-2019-1059", "CVE-2019-1062", "CVE-2019-1063", "CVE-2019-1067", "CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1074", "CVE-2019-1083", "CVE-2019-1085", "CVE-2019-1086", "CVE-2019-1087", "CVE-2019-1088", "CVE-2019-1089", "CVE-2019-1090", "CVE-2019-1091", "CVE-2019-1092", "CVE-2019-1093", "CVE-2019-1094", "CVE-2019-1095", "CVE-2019-1096", "CVE-2019-1097", "CVE-2019-1102", "CVE-2019-1103", "CVE-2019-1104", "CVE-2019-1106", "CVE-2019-1107", "CVE-2019-1108", "CVE-2019-1113", "CVE-2019-1117", "CVE-2019-1118", "CVE-2019-1119", "CVE-2019-1120", "CVE-2019-1121", "CVE-2019-1122", "CVE-2019-1123", "CVE-2019-1124", "CVE-2019-1125", "CVE-2019-1126", "CVE-2019-1127", "CVE-2019-1128", "CVE-2019-1129", "CVE-2019-1130"], "modified": "2022-05-25T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS19_JUL_4507469.NASL", "href": "https://www.tenable.com/plugins/nessus/126579", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126579);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2019-0785\",\
CVE-2019-1006
