{"id": "OPENVAS:1361412562310812865", "vendorId": null, "type": "openvas", "bulletinFamily": "scanner", "title": "Microsoft Windows Multiple Vulnerabilities (KB4093114)", "description": "This host is missing a critical security\n update according to Microsoft KB4093114", "published": "2018-04-11T00:00:00", "modified": "2019-12-20T00:00:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {}, "cvss3": {}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812865", "reporter": "Copyright (C) 2018 Greenbone Networks GmbH", "references": ["https://support.microsoft.com/en-us/help/4093114"], "cvelist": ["CVE-2018-1020", "CVE-2018-0969", "CVE-2018-1013", "CVE-2018-8116", "CVE-2018-0997", "CVE-2018-0981", "CVE-2018-0870", "CVE-2018-1012", "CVE-2018-1000", "CVE-2018-0989", "CVE-2018-1010", "CVE-2018-0987", "CVE-2018-0960", "CVE-2018-0971", "CVE-2018-0957", "CVE-2018-0975", "CVE-2018-0988", "CVE-2018-0967", "CVE-2018-0970", "CVE-2018-1018", "CVE-2018-0887", "CVE-2018-0972", "CVE-2018-0976", "CVE-2018-1015", "CVE-2018-1008", "CVE-2018-1003", "CVE-2018-1001", "CVE-2018-0968", "CVE-2018-0974", "CVE-2018-1016", "CVE-2018-0996", "CVE-2018-0991", "CVE-2018-1004", "CVE-2018-0973", "CVE-2018-1009"], "immutableFields": [], "lastseen": "2020-01-08T13:28:54", "viewCount": 126, "enchantments": {"dependencies": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2018-0198", "CPAI-2018-0199", "CPAI-2018-0203", "CPAI-2018-0206", "CPAI-2018-0207", "CPAI-2018-0208", "CPAI-2018-0209", "CPAI-2018-0211", "CPAI-2018-0212", "CPAI-2018-0213", "CPAI-2018-0215", "CPAI-2018-0218", "CPAI-2018-0221", "CPAI-2018-0222", "CPAI-2018-0356"]}, {"type": "cve", "idList": ["CVE-2018-0870", "CVE-2018-0887", "CVE-2018-0957", "CVE-2018-0960", "CVE-2018-0964", "CVE-2018-0967", "CVE-2018-0968", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975", "CVE-2018-0976", "CVE-2018-0981", "CVE-2018-0987", "CVE-2018-0988", "CVE-2018-0989", "CVE-2018-0991", "CVE-2018-0996", "CVE-2018-0997", "CVE-2018-1000", "CVE-2018-1001", "CVE-2018-1003", "CVE-2018-1004", "CVE-2018-1008", "CVE-2018-1009", "CVE-2018-1010", "CVE-2018-1012", "CVE-2018-1013", "CVE-2018-1015", "CVE-2018-1016", "CVE-2018-1018", "CVE-2018-1020", "CVE-2018-8116"]}, {"type": "fedora", "idList": ["FEDORA:676C7606FD7A", "FEDORA:6D50D6076A0D", "FEDORA:BEBCC6092710"]}, {"type": "kaspersky", "idList": ["KLA11221", "KLA11222", "KLA11896"]}, {"type": "mscve", "idList": ["MS:CVE-2018-0870", "MS:CVE-2018-0887", "MS:CVE-2018-0957", "MS:CVE-2018-0960", "MS:CVE-2018-0967", "MS:CVE-2018-0968", "MS:CVE-2018-0969", "MS:CVE-2018-0970", "MS:CVE-2018-0971", "MS:CVE-2018-0972", "MS:CVE-2018-0973", "MS:CVE-2018-0974", "MS:CVE-2018-0975", "MS:CVE-2018-0976", "MS:CVE-2018-0981", "MS:CVE-2018-0987", "MS:CVE-2018-0988", "MS:CVE-2018-0989", "MS:CVE-2018-0991", "MS:CVE-2018-0996", "MS:CVE-2018-0997", "MS:CVE-2018-1000", "MS:CVE-2018-1001", "MS:CVE-2018-1003", "MS:CVE-2018-1004", "MS:CVE-2018-1008", "MS:CVE-2018-1009", "MS:CVE-2018-1010", "MS:CVE-2018-1012", "MS:CVE-2018-1013", "MS:CVE-2018-1015", "MS:CVE-2018-1016", "MS:CVE-2018-1018", "MS:CVE-2018-1020", "MS:CVE-2018-8116"]}, {"type": "mskb", "idList": ["KB4091756", "KB4092946", "KB4093108", "KB4093109", "KB4093111", "KB4093114", "KB4093115", "KB4093118", "KB4093122", "KB4093123", "KB4093223", "KB4093224", "KB4093227", "KB4093257", "KB4093478"]}, {"type": "nessus", "idList": ["EULEROS_SA-2019-2099.NASL", "EULEROS_SA-2019-2349.NASL", "EULEROS_SA-2019-2455.NASL", "EULEROS_SA-2019-2580.NASL", "EULEROS_SA-2020-1074.NASL", "EULEROS_SA-2020-1126.NASL", "EULEROS_SA-2020-1427.NASL", "EULEROS_SA-2020-1472.NASL", "EULEROS_SA-2020-1516.NASL", "EULEROS_SA-2020-1646.NASL", "SMB_NT_MS18_APR_4093107.NASL", "SMB_NT_MS18_APR_4093109.NASL", "SMB_NT_MS18_APR_4093111.NASL", "SMB_NT_MS18_APR_4093112.NASL", "SMB_NT_MS18_APR_4093114.NASL", "SMB_NT_MS18_APR_4093118.NASL", "SMB_NT_MS18_APR_4093119.NASL", "SMB_NT_MS18_APR_4093123.NASL", "SMB_NT_MS18_APR_INTERNET_EXPLORER.NASL", "SMB_NT_MS18_APR_WIN2008.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310812586", "OPENVAS:1361412562310812863", "OPENVAS:1361412562310813072", "OPENVAS:1361412562310813073", "OPENVAS:1361412562310813078", "OPENVAS:1361412562310813079", "OPENVAS:1361412562310813080", "OPENVAS:1361412562310813530", "OPENVAS:1361412562310843509"]}, {"type": "symantec", "idList": ["SMNTC-103594", "SMNTC-103595", "SMNTC-103597", "SMNTC-103599", "SMNTC-103600", "SMNTC-103601", "SMNTC-103602", "SMNTC-103603", "SMNTC-103609", "SMNTC-103610", "SMNTC-103612", "SMNTC-103614", "SMNTC-103615", "SMNTC-103618", "SMNTC-103621", "SMNTC-103623", "SMNTC-103624", "SMNTC-103628", "SMNTC-103629", "SMNTC-103643", "SMNTC-103644", "SMNTC-103645", "SMNTC-103648", "SMNTC-103651", "SMNTC-103652", "SMNTC-103654", "SMNTC-103655", "SMNTC-103657", "SMNTC-103658", "SMNTC-103659", "SMNTC-103660", "SMNTC-103661", "SMNTC-103662", "SMNTC-103663", "SMNTC-103705"]}, {"type": "talosblog", "idList": ["TALOSBLOG:76829FABFE02C32CB6E07FE9D9A8F09B"]}, {"type": "thn", "idList": ["THN:52F43ACF40533829284F1BC84F164B3B"]}, {"type": "threatpost", "idList": ["THREATPOST:4A749C6BAE245B913C6360FD1697CE7C"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:CA6E4ACCDF2EEC642B7D6E90848F2DB0"]}, {"type": "zdi", "idList": ["ZDI-18-291", "ZDI-18-293", "ZDI-18-294", "ZDI-18-295", "ZDI-18-296", "ZDI-18-297", "ZDI-18-298"]}, {"type": "zdt", "idList": ["1337DAY-ID-30189", "1337DAY-ID-30191", "1337DAY-ID-30192", "1337DAY-ID-30193", "1337DAY-ID-30194", "1337DAY-ID-30195", "1337DAY-ID-30196", "1337DAY-ID-30197"]}]}, "score": {"value": 0.1, "vector": "NONE"}, "backreferences": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2018-0198", "CPAI-2018-0199", "CPAI-2018-0203", "CPAI-2018-0207", "CPAI-2018-0208", "CPAI-2018-0209", "CPAI-2018-0211", "CPAI-2018-0212", "CPAI-2018-0213", "CPAI-2018-0215", "CPAI-2018-0221", "CPAI-2018-0222", "CPAI-2018-0356"]}, {"type": "cve", "idList": ["CVE-2018-0870", "CVE-2018-0887", "CVE-2018-0957", "CVE-2018-0960", "CVE-2018-0967", "CVE-2018-0968", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975", "CVE-2018-0976", "CVE-2018-0981", "CVE-2018-0987", "CVE-2018-0988", "CVE-2018-0989", "CVE-2018-0991", "CVE-2018-0996", "CVE-2018-0997", "CVE-2018-1000", "CVE-2018-1001", "CVE-2018-1003", "CVE-2018-1004", "CVE-2018-1008", "CVE-2018-1009", "CVE-2018-1010", "CVE-2018-1012", "CVE-2018-1013", "CVE-2018-1015", "CVE-2018-1016", "CVE-2018-1018", "CVE-2018-1020", "CVE-2018-8116"]}, {"type": "fedora", "idList": ["FEDORA:676C7606FD7A", "FEDORA:6D50D6076A0D", "FEDORA:BEBCC6092710"]}, {"type": "kaspersky", "idList": ["KLA11221", "KLA11222"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/MSFT-CVE-2018-0988/", "MSF:ILITIES/MSFT-CVE-2018-1008/", "MSF:ILITIES/MSFT-CVE-2018-1009/", "MSF:ILITIES/MSFT-CVE-2018-1010/", "MSF:ILITIES/MSFT-CVE-2018-1020/"]}, {"type": "mscve", "idList": ["MS:CVE-2018-0870", "MS:CVE-2018-0887", "MS:CVE-2018-0957", "MS:CVE-2018-0960", "MS:CVE-2018-0967", "MS:CVE-2018-0968", "MS:CVE-2018-0969", "MS:CVE-2018-0970", "MS:CVE-2018-0971", "MS:CVE-2018-0972", "MS:CVE-2018-0973", "MS:CVE-2018-0974", "MS:CVE-2018-0975", "MS:CVE-2018-0976", "MS:CVE-2018-0981", "MS:CVE-2018-0987", "MS:CVE-2018-0988", "MS:CVE-2018-0989", "MS:CVE-2018-0991", "MS:CVE-2018-0996", "MS:CVE-2018-0997", "MS:CVE-2018-1000", "MS:CVE-2018-1001", "MS:CVE-2018-1003", "MS:CVE-2018-1004", "MS:CVE-2018-1008", "MS:CVE-2018-1009", "MS:CVE-2018-1010", "MS:CVE-2018-1012", "MS:CVE-2018-1013", "MS:CVE-2018-1015", "MS:CVE-2018-1016", "MS:CVE-2018-1018", "MS:CVE-2018-1020", "MS:CVE-2018-8116"]}, {"type": "mskb", "idList": ["KB4092946"]}, {"type": "nessus", "idList": ["SMB_NT_MS18_APR_4093107.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310812586", "OPENVAS:1361412562310812863", "OPENVAS:1361412562310813072", "OPENVAS:1361412562310813073", "OPENVAS:1361412562310813078", "OPENVAS:1361412562310813079", "OPENVAS:1361412562310813080", "OPENVAS:1361412562310843509"]}, {"type": "symantec", "idList": ["SMNTC-103629", "SMNTC-103661"]}, {"type": "talosblog", "idList": ["TALOSBLOG:76829FABFE02C32CB6E07FE9D9A8F09B"]}, {"type": "thn", "idList": ["THN:52F43ACF40533829284F1BC84F164B3B"]}, {"type": "threatpost", "idList": ["THREATPOST:4A749C6BAE245B913C6360FD1697CE7C"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:CA6E4ACCDF2EEC642B7D6E90848F2DB0"]}, {"type": "zdi", "idList": ["ZDI-18-298"]}, {"type": "zdt", "idList": ["1337DAY-ID-30189", "1337DAY-ID-30191", "1337DAY-ID-30192", "1337DAY-ID-30193", "1337DAY-ID-30194", "1337DAY-ID-30195", "1337DAY-ID-30196", "1337DAY-ID-30197"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2018-1020", "epss": "0.042170000", "percentile": "0.909090000", "modified": "2023-03-15"}, {"cve": "CVE-2018-0969", "epss": "0.000450000", "percentile": "0.118900000", "modified": "2023-03-15"}, {"cve": "CVE-2018-1013", "epss": "0.466870000", "percentile": "0.968230000", "modified": "2023-03-15"}, {"cve": "CVE-2018-8116", "epss": "0.000480000", "percentile": "0.150670000", "modified": "2023-03-15"}, {"cve": "CVE-2018-0997", "epss": "0.042170000", "percentile": "0.909090000", "modified": "2023-03-15"}, {"cve": "CVE-2018-0981", "epss": "0.009660000", "percentile": "0.809930000", "modified": "2023-03-15"}, {"cve": "CVE-2018-0870", "epss": "0.042170000", "percentile": "0.909090000", "modified": "2023-03-15"}, {"cve": "CVE-2018-1012", "epss": "0.466870000", "percentile": "0.968230000", "modified": "2023-03-15"}, {"cve": "CVE-2018-1000", "epss": "0.005560000", "percentile": "0.741540000", "modified": "2023-03-15"}, {"cve": "CVE-2018-0989", "epss": "0.008380000", "percentile": "0.794930000", "modified": "2023-03-15"}, {"cve": "CVE-2018-1010", "epss": "0.185270000", "percentile": "0.953790000", "modified": "2023-03-15"}, {"cve": "CVE-2018-0987", "epss": "0.004630000", "percentile": "0.715610000", "modified": "2023-03-15"}, {"cve": "CVE-2018-0960", "epss": "0.000520000", "percentile": "0.185190000", "modified": "2023-03-15"}, {"cve": "CVE-2018-0971", "epss": "0.000450000", "percentile": "0.118900000", "modified": "2023-03-15"}, {"cve": "CVE-2018-0957", "epss": "0.000540000", "percentile": "0.195990000", "modified": "2023-03-15"}, {"cve": "CVE-2018-0975", "epss": "0.000770000", "percentile": "0.311730000", "modified": "2023-03-15"}, {"cve": "CVE-2018-0988", "epss": "0.042170000", "percentile": "0.909090000", "modified": "2023-03-15"}, {"cve": "CVE-2018-0967", "epss": "0.795760000", "percentile": "0.977190000", "modified": "2023-03-15"}, {"cve": "CVE-2018-0970", "epss": "0.000450000", "percentile": "0.118900000", "modified": "2023-03-15"}, {"cve": "CVE-2018-1018", "epss": "0.042170000", "percentile": "0.909090000", "modified": "2023-03-15"}, {"cve": "CVE-2018-0887", "epss": "0.000620000", "percentile": "0.246350000", "modified": "2023-03-15"}, {"cve": "CVE-2018-0972", "epss": "0.000450000", "percentile": "0.118900000", "modified": "2023-03-15"}, {"cve": "CVE-2018-0976", "epss": "0.018100000", "percentile": "0.862820000", "modified": "2023-03-15"}, {"cve": "CVE-2018-1015", "epss": "0.466870000", "percentile": "0.968230000", "modified": "2023-03-15"}, {"cve": "CVE-2018-1008", "epss": "0.001000000", "percentile": "0.398370000", "modified": "2023-03-15"}, {"cve": "CVE-2018-1003", "epss": "0.120400000", "percentile": "0.944260000", "modified": "2023-03-15"}, {"cve": "CVE-2018-1001", "epss": "0.088410000", "percentile": "0.935200000", "modified": "2023-03-15"}, {"cve": "CVE-2018-0968", "epss": "0.000450000", "percentile": "0.118900000", "modified": "2023-03-15"}, {"cve": "CVE-2018-0974", "epss": "0.000450000", "percentile": "0.118900000", "modified": "2023-03-15"}, {"cve": "CVE-2018-1016", "epss": "0.466870000", "percentile": "0.968230000", "modified": "2023-03-15"}, {"cve": "CVE-2018-0996", "epss": "0.088410000", "percentile": "0.935200000", "modified": "2023-03-15"}, {"cve": "CVE-2018-0991", "epss": "0.042170000", "percentile": "0.909090000", "modified": "2023-03-15"}, {"cve": "CVE-2018-1004", "epss": "0.109600000", "percentile": "0.941750000", "modified": "2023-03-15"}, {"cve": "CVE-2018-0973", "epss": "0.000450000", "percentile": "0.118900000", "modified": "2023-03-15"}, {"cve": "CVE-2018-1009", "epss": "0.001260000", "percentile": "0.455770000", "modified": "2023-03-15"}], "vulnersScore": 0.1}, "_state": {"dependencies": 1678917980, "score": 1678916296, "epss": 1678938645}, "_internal": {"score_hash": "c75749e5e7b5170a6f19f003f6619b1a"}, "pluginID": "1361412562310812865", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Windows Multiple Vulnerabilities (KB4093114)\n#\n# Authors:\n# Rajat Mishra <rajatm@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812865\");\n script_version(\"2019-12-20T10:24:46+0000\");\n script_cve_id(\"CVE-2018-0870\", \"CVE-2018-0887\", \"CVE-2018-8116\", \"CVE-2018-0957\",\n \"CVE-2018-0960\", \"CVE-2018-0967\", \"CVE-2018-0968\", \"CVE-2018-0969\",\n \"CVE-2018-0970\", \"CVE-2018-0971\", \"CVE-2018-0972\", \"CVE-2018-0973\",\n \"CVE-2018-0974\", \"CVE-2018-0975\", \"CVE-2018-0976\", \"CVE-2018-0981\",\n \"CVE-2018-0987\", \"CVE-2018-0988\", \"CVE-2018-0989\", \"CVE-2018-0991\",\n \"CVE-2018-1003\", \"CVE-2018-1004\", \"CVE-2018-1008\", \"CVE-2018-1009\",\n \"CVE-2018-1010\", \"CVE-2018-1012\", \"CVE-2018-1013\", \"CVE-2018-1015\",\n \"CVE-2018-1016\", \"CVE-2018-1018\", \"CVE-2018-1020\", \"CVE-2018-0996\",\n \"CVE-2018-0997\", \"CVE-2018-1000\", \"CVE-2018-1001\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-12-20 10:24:46 +0000 (Fri, 20 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-04-11 09:29:12 +0530 (Wed, 11 Apr 2018)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4093114)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4093114\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaw exists due to errors,\n\n - When the Windows font library improperly handles specially crafted embedded\n fonts.\n\n - When Internet Explorer improperly accesses objects in memory.\n\n - When the Windows kernel fails to properly initialize a memory address.\n\n - When the scripting engine does not properly handle objects in memory in\n Internet Explorer.\n\n - In Windows Adobe Type Manager Font Driver (ATMFD).\n\n - In the Windows kernel that could allow an attacker to retrieve information\n that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass.\n\n - In the way that Windows SNMP Service handles malformed SNMP traps.\n\n - In the way that the VBScript engine handles objects in memory.\n\n - When Windows improperly handles objects in memory and incorrectly maps kernel\n memory.\n\n - In the way that Windows handles objects in memory.\n\n - In Remote Desktop Protocol (RDP) when an attacker connects to the target\n system using RDP and sends specially crafted requests.\n\n - When Windows Hyper-V on a host operating system fails to properly validate\n input from an authenticated user on a guest operating system.\n\n - In the Microsoft JET Database Engine that could allow remote code execution on\n an affected system.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to take control of the affected system, obtain information to further compromise\n the user's system, execute arbitrary code, retrieve the memory address of a\n kernel object, cause a target system to stop responding.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 8.1 for 32-bit/x64\n\n - Microsoft Windows Server 2012 R2\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4093114\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win8_1:1, win8_1x64:1, win2012R2:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nfileVer = fetch_file_version(sysPath:sysPath, file_name:\"urlmon.dll\");\nif(!fileVer){\n exit(0);\n}\n\nif(version_is_less(version:fileVer, test_version:\"11.0.9600.18978\"))\n{\n report = report_fixed_ver(file_checked:sysPath + \"\\urlmon.dll\",\n file_version:fileVer, vulnerable_range:\"Less than 11.0.9600.18978\");\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "naslFamily": "Windows : Microsoft Bulletins"}
{"nessus": [{"lastseen": "2023-01-11T14:45:09", "description": "The remote Windows host is missing security update 4093115 or cumulative update 4093114. It is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory. (CVE-2018-1009)\n\n - An elevation of privilege vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code and take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-1008)\n\n - An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. (CVE-2018-0957)\n\n - An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Internet Explorer. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.\n (CVE-2018-0987)\n\n - A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. (CVE-2018-1003)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-0870, CVE-2018-0991, CVE-2018-0997, CVE-2018-1018, CVE-2018-1020)\n\n - An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object. (CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975)\n\n - A denial of service vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges. However, the denial of service condition could prevent authorized users from using system resources. The security update addresses the vulnerability by correcting how Windows handles objects in memory. (CVE-2018-8116)\n\n - A denial of service vulnerability exists in the way that Windows SNMP Service handles malformed SNMP traps. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges.\n However, the denial of service condition could prevent authorized users from using system resources. The security update addresses the vulnerability by correcting how Windows SNMP Service processes SNMP traps. (CVE-2018-0967)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-1004)\n\n - An information disclosure vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could provide an attacker with information to further compromise the user's computer or data. (CVE-2018-0981, CVE-2018-0989, CVE-2018-1000)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-0960)\n\n - A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. (CVE-2018-0976)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-1010, CVE-2018-1012, CVE-2018-1013, CVE-2018-1015, CVE-2018-1016)\n\n - An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-0887)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-0988, CVE-2018-0996, CVE-2018-1001)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-10T00:00:00", "type": "nessus", "title": "KB4093115: Windows 8.1 and Windows Server 2012 R2 April 2018 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0870", "CVE-2018-0887", "CVE-2018-0957", "CVE-2018-0960", "CVE-2018-0967", "CVE-2018-0968", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975", "CVE-2018-0976", "CVE-2018-0981", "CVE-2018-0987", "CVE-2018-0988", "CVE-2018-0989", "CVE-2018-0991", "CVE-2018-0996", "CVE-2018-0997", "CVE-2018-1000", "CVE-2018-1001", "CVE-2018-1003", "CVE-2018-1004", "CVE-2018-1008", "CVE-2018-1009", "CVE-2018-1010", "CVE-2018-1012", "CVE-2018-1013", "CVE-2018-1015", "CVE-2018-1016", "CVE-2018-1018", "CVE-2018-1020", "CVE-2018-8116"], "modified": "2019-11-08T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS18_APR_4093114.NASL", "href": "https://www.tenable.com/plugins/nessus/108965", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108965);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/11/08\");\n\n script_cve_id(\n \"CVE-2018-0870\",\n \"CVE-2018-0887\",\n \"CVE-2018-0957\",\n \"CVE-2018-0960\",\n \"CVE-2018-0967\",\n \"CVE-2018-0968\",\n \"CVE-2018-0969\",\n \"CVE-2018-0970\",\n \"CVE-2018-0971\",\n \"CVE-2018-0972\",\n \"CVE-2018-0973\",\n \"CVE-2018-0974\",\n \"CVE-2018-0975\",\n \"CVE-2018-0976\",\n \"CVE-2018-0981\",\n \"CVE-2018-0987\",\n \"CVE-2018-0988\",\n \"CVE-2018-0989\",\n \"CVE-2018-0991\",\n \"CVE-2018-0996\",\n \"CVE-2018-0997\",\n \"CVE-2018-1000\",\n \"CVE-2018-1001\",\n \"CVE-2018-1003\",\n \"CVE-2018-1004\",\n \"CVE-2018-1008\",\n \"CVE-2018-1009\",\n \"CVE-2018-1010\",\n \"CVE-2018-1012\",\n \"CVE-2018-1013\",\n \"CVE-2018-1015\",\n \"CVE-2018-1016\",\n \"CVE-2018-1018\",\n \"CVE-2018-1020\",\n \"CVE-2018-8116\"\n );\n script_xref(name:\"MSKB\", value:\"4093115\");\n script_xref(name:\"MSKB\", value:\"4093114\");\n script_xref(name:\"MSFT\", value:\"MS18-4093115\");\n script_xref(name:\"MSFT\", value:\"MS18-4093114\");\n\n script_name(english:\"KB4093115: Windows 8.1 and Windows Server 2012 R2 April 2018 Security Update\");\n script_summary(english:\"Checks for rollup.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4093115\nor cumulative update 4093114. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when\n Windows improperly handles objects in memory and\n incorrectly maps kernel memory. (CVE-2018-1009)\n\n - An elevation of privilege vulnerability exists in\n Windows Adobe Type Manager Font Driver (ATMFD.dll) when\n it fails to properly handle objects in memory. An\n attacker who successfully exploited this vulnerability\n could execute arbitrary code and take control of an\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-1008)\n\n - An information disclosure vulnerability exists when\n Windows Hyper-V on a host operating system fails to\n properly validate input from an authenticated user on a\n guest operating system. (CVE-2018-0957)\n\n - An information disclosure vulnerability exists when the\n scripting engine does not properly handle objects in\n memory in Internet Explorer. An attacker who\n successfully exploited the vulnerability could obtain\n information to further compromise the users system.\n (CVE-2018-0987)\n\n - A buffer overflow vulnerability exists in the Microsoft\n JET Database Engine that could allow remote code\n execution on an affected system. An attacker who\n successfully exploited this vulnerability could take\n control of an affected system. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights. Users whose\n accounts are configured to have fewer user rights on the\n system could be less impacted than users who operate\n with administrative user rights. (CVE-2018-1003)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-0870,\n CVE-2018-0991, CVE-2018-0997, CVE-2018-1018,\n CVE-2018-1020)\n\n - An information disclosure vulnerability exists in the\n Windows kernel that could allow an attacker to retrieve\n information that could lead to a Kernel Address Space\n Layout Randomization (ASLR) bypass. An attacker who\n successfully exploited the vulnerability could retrieve\n the memory address of a kernel object. (CVE-2018-0968,\n CVE-2018-0969, CVE-2018-0970, CVE-2018-0971,\n CVE-2018-0972, CVE-2018-0973, CVE-2018-0974,\n CVE-2018-0975)\n\n - A denial of service vulnerability exists in the way that\n Windows handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. Note that the denial\n of service condition would not allow an attacker to\n execute code or to elevate user privileges. However, the\n denial of service condition could prevent authorized\n users from using system resources. The security update\n addresses the vulnerability by correcting how Windows\n handles objects in memory. (CVE-2018-8116)\n\n - A denial of service vulnerability exists in the way that\n Windows SNMP Service handles malformed SNMP traps. An\n attacker who successfully exploited the vulnerability\n could cause a target system to stop responding. Note\n that the denial of service condition would not allow an\n attacker to execute code or to elevate user privileges.\n However, the denial of service condition could prevent\n authorized users from using system resources. The\n security update addresses the vulnerability by\n correcting how Windows SNMP Service processes SNMP\n traps. (CVE-2018-0967)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2018-1004)\n\n - An information disclosure vulnerability exists in the\n way that the scripting engine handles objects in memory\n in Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could provide an\n attacker with information to further compromise the\n user's computer or data. (CVE-2018-0981, CVE-2018-0989,\n CVE-2018-1000)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-0960)\n\n - A denial of service vulnerability exists in Remote\n Desktop Protocol (RDP) when an attacker connects to the\n target system using RDP and sends specially crafted\n requests. An attacker who successfully exploited this\n vulnerability could cause the RDP service on the target\n system to stop responding. (CVE-2018-0976)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited the vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-1010,\n CVE-2018-1012, CVE-2018-1013, CVE-2018-1015,\n CVE-2018-1016)\n\n - An information disclosure vulnerability exists when the\n Windows kernel fails to properly initialize a memory\n address. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2018-0887)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-0988, CVE-2018-0996, CVE-2018-1001)\");\n # https://support.microsoft.com/en-us/help/4093115/windows-81-update-kb4093115\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?98d37603\");\n # https://support.microsoft.com/en-us/help/4093114/windows-81-update-kb4093114\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b665658e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4093115 or Cumulative Update KB4093114.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1016\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS18-04\";\nkbs = make_list('4093115', '4093114');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\n# Windows 8 EOL\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname && \"8.1\" >!< productname)\n audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.3\",\n sp:0,\n rollup_date:\"04_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4093115, 4093114])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:45:09", "description": "The remote Windows host is missing security update 4093122 or cumulative update 4093123. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-0991, CVE-2018-1020)\n\n - An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory. (CVE-2018-1009)\n\n - An elevation of privilege vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code and take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-1008)\n\n - An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Internet Explorer. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.\n (CVE-2018-0987)\n\n - A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. (CVE-2018-1003)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-0960)\n\n - A denial of service vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges. However, the denial of service condition could prevent authorized users from using system resources. The security update addresses the vulnerability by correcting how Windows handles objects in memory. (CVE-2018-8116)\n\n - A denial of service vulnerability exists in the way that Windows SNMP Service handles malformed SNMP traps. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges.\n However, the denial of service condition could prevent authorized users from using system resources. The security update addresses the vulnerability by correcting how Windows SNMP Service processes SNMP traps. (CVE-2018-0967)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-1004)\n\n - An information disclosure vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could provide an attacker with information to further compromise the user's computer or data. (CVE-2018-0981, CVE-2018-0989, CVE-2018-1000)\n\n - An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object. (CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975)\n\n - A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. (CVE-2018-0976)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-1010, CVE-2018-1012, CVE-2018-1013, CVE-2018-1015, CVE-2018-1016)\n\n - An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-0887)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-0988, CVE-2018-0996, CVE-2018-1001)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-10T00:00:00", "type": "nessus", "title": "KB4093122: Windows Server 2012 April 2018 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0887", "CVE-2018-0960", "CVE-2018-0967", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975", "CVE-2018-0976", "CVE-2018-0981", "CVE-2018-0987", "CVE-2018-0988", "CVE-2018-0989", "CVE-2018-0991", "CVE-2018-0996", "CVE-2018-1000", "CVE-2018-1001", "CVE-2018-1003", "CVE-2018-1004", "CVE-2018-1008", "CVE-2018-1009", "CVE-2018-1010", "CVE-2018-1012", "CVE-2018-1013", "CVE-2018-1015", "CVE-2018-1016", "CVE-2018-1020", "CVE-2018-8116"], "modified": "2019-11-08T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS18_APR_4093123.NASL", "href": "https://www.tenable.com/plugins/nessus/108968", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108968);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/11/08\");\n\n script_cve_id(\n \"CVE-2018-0887\",\n \"CVE-2018-0960\",\n \"CVE-2018-0967\",\n \"CVE-2018-0969\",\n \"CVE-2018-0970\",\n \"CVE-2018-0971\",\n \"CVE-2018-0972\",\n \"CVE-2018-0973\",\n \"CVE-2018-0974\",\n \"CVE-2018-0975\",\n \"CVE-2018-0976\",\n \"CVE-2018-0981\",\n \"CVE-2018-0987\",\n \"CVE-2018-0988\",\n \"CVE-2018-0989\",\n \"CVE-2018-0991\",\n \"CVE-2018-0996\",\n \"CVE-2018-1000\",\n \"CVE-2018-1001\",\n \"CVE-2018-1003\",\n \"CVE-2018-1004\",\n \"CVE-2018-1008\",\n \"CVE-2018-1009\",\n \"CVE-2018-1010\",\n \"CVE-2018-1012\",\n \"CVE-2018-1013\",\n \"CVE-2018-1015\",\n \"CVE-2018-1016\",\n \"CVE-2018-1020\",\n \"CVE-2018-8116\"\n );\n script_xref(name:\"MSKB\", value:\"4093122\");\n script_xref(name:\"MSKB\", value:\"4093123\");\n script_xref(name:\"MSFT\", value:\"MS18-4093122\");\n script_xref(name:\"MSFT\", value:\"MS18-4093123\");\n\n script_name(english:\"KB4093122: Windows Server 2012 April 2018 Security Update\");\n script_summary(english:\"Checks for rollup.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4093122\nor cumulative update 4093123. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-0991,\n CVE-2018-1020)\n\n - An elevation of privilege vulnerability exists when\n Windows improperly handles objects in memory and\n incorrectly maps kernel memory. (CVE-2018-1009)\n\n - An elevation of privilege vulnerability exists in\n Windows Adobe Type Manager Font Driver (ATMFD.dll) when\n it fails to properly handle objects in memory. An\n attacker who successfully exploited this vulnerability\n could execute arbitrary code and take control of an\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-1008)\n\n - An information disclosure vulnerability exists when the\n scripting engine does not properly handle objects in\n memory in Internet Explorer. An attacker who\n successfully exploited the vulnerability could obtain\n information to further compromise the users system.\n (CVE-2018-0987)\n\n - A buffer overflow vulnerability exists in the Microsoft\n JET Database Engine that could allow remote code\n execution on an affected system. An attacker who\n successfully exploited this vulnerability could take\n control of an affected system. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights. Users whose\n accounts are configured to have fewer user rights on the\n system could be less impacted than users who operate\n with administrative user rights. (CVE-2018-1003)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-0960)\n\n - A denial of service vulnerability exists in the way that\n Windows handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. Note that the denial\n of service condition would not allow an attacker to\n execute code or to elevate user privileges. However, the\n denial of service condition could prevent authorized\n users from using system resources. The security update\n addresses the vulnerability by correcting how Windows\n handles objects in memory. (CVE-2018-8116)\n\n - A denial of service vulnerability exists in the way that\n Windows SNMP Service handles malformed SNMP traps. An\n attacker who successfully exploited the vulnerability\n could cause a target system to stop responding. Note\n that the denial of service condition would not allow an\n attacker to execute code or to elevate user privileges.\n However, the denial of service condition could prevent\n authorized users from using system resources. The\n security update addresses the vulnerability by\n correcting how Windows SNMP Service processes SNMP\n traps. (CVE-2018-0967)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2018-1004)\n\n - An information disclosure vulnerability exists in the\n way that the scripting engine handles objects in memory\n in Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could provide an\n attacker with information to further compromise the\n user's computer or data. (CVE-2018-0981, CVE-2018-0989,\n CVE-2018-1000)\n\n - An information disclosure vulnerability exists in the\n Windows kernel that could allow an attacker to retrieve\n information that could lead to a Kernel Address Space\n Layout Randomization (ASLR) bypass. An attacker who\n successfully exploited the vulnerability could retrieve\n the memory address of a kernel object. (CVE-2018-0969,\n CVE-2018-0970, CVE-2018-0971, CVE-2018-0972,\n CVE-2018-0973, CVE-2018-0974, CVE-2018-0975)\n\n - A denial of service vulnerability exists in Remote\n Desktop Protocol (RDP) when an attacker connects to the\n target system using RDP and sends specially crafted\n requests. An attacker who successfully exploited this\n vulnerability could cause the RDP service on the target\n system to stop responding. (CVE-2018-0976)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited the vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-1010,\n CVE-2018-1012, CVE-2018-1013, CVE-2018-1015,\n CVE-2018-1016)\n\n - An information disclosure vulnerability exists when the\n Windows kernel fails to properly initialize a memory\n address. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2018-0887)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-0988, CVE-2018-0996, CVE-2018-1001)\");\n # https://support.microsoft.com/en-us/help/4093122/windows-server-2012-update-kb4093122\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?399c68ba\");\n # https://support.microsoft.com/en-us/help/4093123/windows-server-2012-update-kb4093123\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e474951c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4093122 or Cumulative Update KB4093123.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1016\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS18-04\";\nkbs = make_list('4093122', '4093123');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win8:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\n# Windows 8 EOL\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.2\",\n sp:0,\n rollup_date:\"04_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4093122, 4093123])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:44:29", "description": "The remote Windows host is missing security update 4093108 or cumulative update 4093118. It is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code and take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-1008)\n\n - An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Internet Explorer. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.\n (CVE-2018-0987)\n\n - A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. (CVE-2018-1003)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-0870, CVE-2018-0991, CVE-2018-0997, CVE-2018-1018, CVE-2018-1020)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-0960)\n\n - A denial of service vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges. However, the denial of service condition could prevent authorized users from using system resources. The security update addresses the vulnerability by correcting how Windows handles objects in memory. (CVE-2018-8116)\n\n - A denial of service vulnerability exists in the way that Windows SNMP Service handles malformed SNMP traps. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges.\n However, the denial of service condition could prevent authorized users from using system resources. The security update addresses the vulnerability by correcting how Windows SNMP Service processes SNMP traps. (CVE-2018-0967)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-1004)\n\n - An information disclosure vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could provide an attacker with information to further compromise the user's computer or data. (CVE-2018-0981, CVE-2018-0989, CVE-2018-1000)\n\n - An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object. (CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975)\n\n - A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. (CVE-2018-0976)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-1010, CVE-2018-1012, CVE-2018-1013, CVE-2018-1015, CVE-2018-1016)\n\n - An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-0887)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-0988, CVE-2018-0996, CVE-2018-1001)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-10T00:00:00", "type": "nessus", "title": "KB4093108: Windows 7 and Windows Server 2008 R2 April 2018 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0870", "CVE-2018-0887", "CVE-2018-0960", "CVE-2018-0967", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975", "CVE-2018-0976", "CVE-2018-0981", "CVE-2018-0987", "CVE-2018-0988", "CVE-2018-0989", "CVE-2018-0991", "CVE-2018-0996", "CVE-2018-0997", "CVE-2018-1000", "CVE-2018-1001", "CVE-2018-1003", "CVE-2018-1004", "CVE-2018-1008", "CVE-2018-1010", "CVE-2018-1012", "CVE-2018-1013", "CVE-2018-1015", "CVE-2018-1016", "CVE-2018-1018", "CVE-2018-1020", "CVE-2018-8116"], "modified": "2019-11-08T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS18_APR_4093118.NASL", "href": "https://www.tenable.com/plugins/nessus/108966", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108966);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/11/08\");\n\n script_cve_id(\n \"CVE-2018-0870\",\n \"CVE-2018-0887\",\n \"CVE-2018-0960\",\n \"CVE-2018-0967\",\n \"CVE-2018-0969\",\n \"CVE-2018-0970\",\n \"CVE-2018-0971\",\n \"CVE-2018-0972\",\n \"CVE-2018-0973\",\n \"CVE-2018-0974\",\n \"CVE-2018-0975\",\n \"CVE-2018-0976\",\n \"CVE-2018-0981\",\n \"CVE-2018-0987\",\n \"CVE-2018-0988\",\n \"CVE-2018-0989\",\n \"CVE-2018-0991\",\n \"CVE-2018-0996\",\n \"CVE-2018-0997\",\n \"CVE-2018-1000\",\n \"CVE-2018-1001\",\n \"CVE-2018-1003\",\n \"CVE-2018-1004\",\n \"CVE-2018-1008\",\n \"CVE-2018-1010\",\n \"CVE-2018-1012\",\n \"CVE-2018-1013\",\n \"CVE-2018-1015\",\n \"CVE-2018-1016\",\n \"CVE-2018-1018\",\n \"CVE-2018-1020\",\n \"CVE-2018-8116\"\n );\n script_xref(name:\"MSKB\", value:\"4093108\");\n script_xref(name:\"MSKB\", value:\"4093118\");\n script_xref(name:\"MSFT\", value:\"MS18-4093108\");\n script_xref(name:\"MSFT\", value:\"MS18-4093118\");\n\n script_name(english:\"KB4093108: Windows 7 and Windows Server 2008 R2 April 2018 Security Update\");\n script_summary(english:\"Checks for rollup.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4093108\nor cumulative update 4093118. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists in\n Windows Adobe Type Manager Font Driver (ATMFD.dll) when\n it fails to properly handle objects in memory. An\n attacker who successfully exploited this vulnerability\n could execute arbitrary code and take control of an\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-1008)\n\n - An information disclosure vulnerability exists when the\n scripting engine does not properly handle objects in\n memory in Internet Explorer. An attacker who\n successfully exploited the vulnerability could obtain\n information to further compromise the users system.\n (CVE-2018-0987)\n\n - A buffer overflow vulnerability exists in the Microsoft\n JET Database Engine that could allow remote code\n execution on an affected system. An attacker who\n successfully exploited this vulnerability could take\n control of an affected system. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights. Users whose\n accounts are configured to have fewer user rights on the\n system could be less impacted than users who operate\n with administrative user rights. (CVE-2018-1003)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-0870,\n CVE-2018-0991, CVE-2018-0997, CVE-2018-1018,\n CVE-2018-1020)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-0960)\n\n - A denial of service vulnerability exists in the way that\n Windows handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. Note that the denial\n of service condition would not allow an attacker to\n execute code or to elevate user privileges. However, the\n denial of service condition could prevent authorized\n users from using system resources. The security update\n addresses the vulnerability by correcting how Windows\n handles objects in memory. (CVE-2018-8116)\n\n - A denial of service vulnerability exists in the way that\n Windows SNMP Service handles malformed SNMP traps. An\n attacker who successfully exploited the vulnerability\n could cause a target system to stop responding. Note\n that the denial of service condition would not allow an\n attacker to execute code or to elevate user privileges.\n However, the denial of service condition could prevent\n authorized users from using system resources. The\n security update addresses the vulnerability by\n correcting how Windows SNMP Service processes SNMP\n traps. (CVE-2018-0967)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2018-1004)\n\n - An information disclosure vulnerability exists in the\n way that the scripting engine handles objects in memory\n in Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could provide an\n attacker with information to further compromise the\n user's computer or data. (CVE-2018-0981, CVE-2018-0989,\n CVE-2018-1000)\n\n - An information disclosure vulnerability exists in the\n Windows kernel that could allow an attacker to retrieve\n information that could lead to a Kernel Address Space\n Layout Randomization (ASLR) bypass. An attacker who\n successfully exploited the vulnerability could retrieve\n the memory address of a kernel object. (CVE-2018-0969,\n CVE-2018-0970, CVE-2018-0971, CVE-2018-0972,\n CVE-2018-0973, CVE-2018-0974, CVE-2018-0975)\n\n - A denial of service vulnerability exists in Remote\n Desktop Protocol (RDP) when an attacker connects to the\n target system using RDP and sends specially crafted\n requests. An attacker who successfully exploited this\n vulnerability could cause the RDP service on the target\n system to stop responding. (CVE-2018-0976)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited the vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-1010,\n CVE-2018-1012, CVE-2018-1013, CVE-2018-1015,\n CVE-2018-1016)\n\n - An information disclosure vulnerability exists when the\n Windows kernel fails to properly initialize a memory\n address. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2018-0887)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-0988, CVE-2018-0996, CVE-2018-1001)\");\n # https://support.microsoft.com/en-us/help/4093108/windows-7-update-kb4093108\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?94754d1f\");\n # https://support.microsoft.com/en-us/help/4093118/windows-7-update-kb4093118\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2d3b2bb1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4093108 or Cumulative Update KB4093118.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1016\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS18-04\";\nkbs = make_list('4093108', '4093118');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win7:'1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.1\",\n sp:1,\n rollup_date:\"04_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4093108, 4093118])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:45:10", "description": "The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code and take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-1008)\n\n - A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. (CVE-2018-1003)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-0960)\n\n - A denial of service vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges. However, the denial of service condition could prevent authorized users from using system resources. The security update addresses the vulnerability by correcting how Windows handles objects in memory. (CVE-2018-8116)\n\n - A denial of service vulnerability exists in the way that Windows SNMP Service handles malformed SNMP traps. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges.\n However, the denial of service condition could prevent authorized users from using system resources. The security update addresses the vulnerability by correcting how Windows SNMP Service processes SNMP traps. (CVE-2018-0967)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-1004)\n\n - An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object. (CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975)\n\n - A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. (CVE-2018-0976)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-1010, CVE-2018-1012, CVE-2018-1013, CVE-2018-1015, CVE-2018-1016)\n\n - An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-0887)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-10T00:00:00", "type": "nessus", "title": "Security Updates for Windows Server 2008 (April 2018)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0887", "CVE-2018-0960", "CVE-2018-0967", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975", "CVE-2018-0976", "CVE-2018-1003", "CVE-2018-1004", "CVE-2018-1008", "CVE-2018-1010", "CVE-2018-1012", "CVE-2018-1013", "CVE-2018-1015", "CVE-2018-1016", "CVE-2018-8116"], "modified": "2020-09-04T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS18_APR_WIN2008.NASL", "href": "https://www.tenable.com/plugins/nessus/108975", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108975);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/04\");\n\n script_cve_id(\n \"CVE-2018-0887\",\n \"CVE-2018-0960\",\n \"CVE-2018-0967\",\n \"CVE-2018-0969\",\n \"CVE-2018-0970\",\n \"CVE-2018-0971\",\n \"CVE-2018-0972\",\n \"CVE-2018-0973\",\n \"CVE-2018-0974\",\n \"CVE-2018-0975\",\n \"CVE-2018-0976\",\n \"CVE-2018-1003\",\n \"CVE-2018-1008\",\n \"CVE-2018-1010\",\n \"CVE-2018-1012\",\n \"CVE-2018-1013\",\n \"CVE-2018-1015\",\n \"CVE-2018-1016\",\n \"CVE-2018-8116\"\n );\n script_xref(name:\"MSKB\", value:\"4093478\");\n script_xref(name:\"MSKB\", value:\"4093227\");\n script_xref(name:\"MSKB\", value:\"4093224\");\n script_xref(name:\"MSKB\", value:\"4093223\");\n script_xref(name:\"MSKB\", value:\"4093257\");\n script_xref(name:\"MSKB\", value:\"4091756\");\n script_xref(name:\"MSFT\", value:\"MS18-4093478\");\n script_xref(name:\"MSFT\", value:\"MS18-4093227\");\n script_xref(name:\"MSFT\", value:\"MS18-4093224\");\n script_xref(name:\"MSFT\", value:\"MS18-4093223\");\n script_xref(name:\"MSFT\", value:\"MS18-4093257\");\n script_xref(name:\"MSFT\", value:\"MS18-4091756\");\n\n script_name(english:\"Security Updates for Windows Server 2008 (April 2018)\");\n script_summary(english:\"Checks for Microsoft security updates.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security updates. It is,\ntherefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists in\n Windows Adobe Type Manager Font Driver (ATMFD.dll) when\n it fails to properly handle objects in memory. An\n attacker who successfully exploited this vulnerability\n could execute arbitrary code and take control of an\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-1008)\n\n - A buffer overflow vulnerability exists in the Microsoft\n JET Database Engine that could allow remote code\n execution on an affected system. An attacker who\n successfully exploited this vulnerability could take\n control of an affected system. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights. Users whose\n accounts are configured to have fewer user rights on the\n system could be less impacted than users who operate\n with administrative user rights. (CVE-2018-1003)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-0960)\n\n - A denial of service vulnerability exists in the way that\n Windows handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. Note that the denial\n of service condition would not allow an attacker to\n execute code or to elevate user privileges. However, the\n denial of service condition could prevent authorized\n users from using system resources. The security update\n addresses the vulnerability by correcting how Windows\n handles objects in memory. (CVE-2018-8116)\n\n - A denial of service vulnerability exists in the way that\n Windows SNMP Service handles malformed SNMP traps. An\n attacker who successfully exploited the vulnerability\n could cause a target system to stop responding. Note\n that the denial of service condition would not allow an\n attacker to execute code or to elevate user privileges.\n However, the denial of service condition could prevent\n authorized users from using system resources. The\n security update addresses the vulnerability by\n correcting how Windows SNMP Service processes SNMP\n traps. (CVE-2018-0967)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2018-1004)\n\n - An information disclosure vulnerability exists in the\n Windows kernel that could allow an attacker to retrieve\n information that could lead to a Kernel Address Space\n Layout Randomization (ASLR) bypass. An attacker who\n successfully exploited the vulnerability could retrieve\n the memory address of a kernel object. (CVE-2018-0969,\n CVE-2018-0970, CVE-2018-0971, CVE-2018-0972,\n CVE-2018-0973, CVE-2018-0974, CVE-2018-0975)\n\n - A denial of service vulnerability exists in Remote\n Desktop Protocol (RDP) when an attacker connects to the\n target system using RDP and sends specially crafted\n requests. An attacker who successfully exploited this\n vulnerability could cause the RDP service on the target\n system to stop responding. (CVE-2018-0976)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited the vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-1010,\n CVE-2018-1012, CVE-2018-1013, CVE-2018-1015,\n CVE-2018-1016)\n\n - An information disclosure vulnerability exists when the\n Windows kernel fails to properly initialize a memory\n address. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2018-0887)\");\n # https://support.microsoft.com/en-us/help/4093478/security-update-for-vulnerabilities-in-windows-server-2008\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?eec22067\");\n # https://support.microsoft.com/en-us/help/4093227/security-update-for-vulnerabilities-in-windows-server-2008\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d3bb84fc\");\n # https://support.microsoft.com/en-us/help/4093224/security-update-for-vulnerabilities-in-windows-server-2008\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c1dd4c1c\");\n # https://support.microsoft.com/en-us/help/4093223/security-update-for-vulnerabilities-in-windows-server-2008\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c271e994\");\n # https://support.microsoft.com/en-us/help/4093257/security-update-for-vulnerabilities-in-windows-server-2008-and-windows\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?33481565\");\n # https://support.microsoft.com/en-us/help/4091756/security-update-for-vulnerabilities-in-windows-server-2008-and-windows\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0058adf3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released the following security updates to address this issue: \n -KB4093478\n -KB4093227\n -KB4093224\n -KB4093223\n -KB4093257\n -KB4091756\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1016\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS18-04';\n\nkbs = make_list(\n \"4091756\",\n \"4093223\",\n \"4093224\",\n \"4093227\",\n \"4093257\",\n \"4093478\"\n);\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\n# KBs only apply to Windows 2008\nif (hotfix_check_sp_range(vista:'2') <= 0)\n audit(AUDIT_OS_SP_NOT_VULN);\n\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Vista\" >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nsystemroot = hotfix_get_systemroot();\nif (!systemroot) audit(AUDIT_PATH_NOT_DETERMINED, 'system root');\n\narch = get_kb_item_or_exit('SMB/ARCH', exit_code:1);\n\nport = kb_smb_transport();\nlogin = kb_smb_login();\npass = kb_smb_password();\ndomain = kb_smb_domain();\n\nif(! smb_session_init()) audit(AUDIT_FN_FAIL, 'smb_session_init');\n\nwinsxs = ereg_replace(pattern:'^[A-Za-z]:(.*)', replace:\"\\1\\WinSxS\", string:systemroot);\nwinsxs_share = hotfix_path2share(path:systemroot);\n\nrc = NetUseAdd(login:login, password:pass, domain:domain, share:winsxs_share);\nif (rc != 1)\n{\n NetUseDel();\n audit(AUDIT_SHARE_FAIL, winsxs_share);\n}\n\nthe_session = make_array(\n 'login', login,\n 'password', pass,\n 'domain', domain,\n 'share', winsxs_share\n);\n\nvuln = 0;\n\n# KB4091756\nfiles = list_dir(basedir:winsxs, level:0, dir_pat:\"snmp-winsnmp-api_31bf3856ad364e35\", file_pat:\"^wsnmp32\\.dll$\", max_recurse:1);\nvuln += hotfix_check_winsxs(os:'6.0',\n sp:2,\n files:files,\n versions:make_list('6.0.6002.24329'),\n max_versions:make_list('6.0.6003.99999'),\n bulletin:bulletin,\n kb:\"4091756\", session:the_session);\n\n# KB4093223\nfiles = list_dir(basedir:winsxs, level:0, dir_pat:\"font-embedding_31bf3856ad364e35\", file_pat:\"^t2embed\\.dll$\", max_recurse:1);\nvuln += hotfix_check_winsxs(os:'6.0',\n sp:2,\n files:files,\n versions:make_list('6.0.6002.24311'),\n max_versions:make_list('6.0.6003.99999'),\n bulletin:bulletin,\n kb:\"4093223\", session:the_session);\n\n# KB4093224\nfiles = list_dir(basedir:winsxs, level:0, dir_pat:\"win32k_31bf3856ad364e35\", file_pat:\"^win32k\\.sys$\", max_recurse:1);\nvuln += hotfix_check_winsxs(os:'6.0',\n sp:2,\n files:files,\n versions:make_list('6.0.6002.24344'),\n max_versions:make_list('6.0.6003.99999'),\n bulletin:bulletin,\n kb:\"4093224\", session:the_session);\n\n# KB4093227\nfiles = list_dir(basedir:winsxs, level:0, dir_pat:\"smartcardksp_31bf3856ad364e35\", file_pat:\"^scksp\\.dll$\", max_recurse:1);\nvuln += hotfix_check_winsxs(os:'6.0',\n sp:2,\n files:files,\n versions:make_list('6.0.6002.24329'),\n max_versions:make_list('6.0.6003.99999'),\n bulletin:bulletin,\n kb:\"4093227\", session:the_session);\n\n# KB4093257\nfiles = list_dir(basedir:winsxs, level:0, dir_pat:\"components-jetexcel_31bf3856ad364e35\", file_pat:\"^msexcl40\\.dll$\", max_recurse:1);\nvuln += hotfix_check_winsxs(os:'6.0',\n sp:2,\n files:files,\n versions:make_list('4.0.9801.3'),\n max_versions:make_list('4.0.9801.99999'),\n bulletin:bulletin,\n kb:\"4093257\", session:the_session);\n\n# KB4093478\nfiles = list_dir(basedir:winsxs, level:0, dir_pat:\"blackbox-driver_31bf3856ad364e35\", file_pat:\"^spsys\\.sys$\", max_recurse:1);\nvuln += hotfix_check_winsxs(os:'6.0',\n sp:2,\n files:files,\n versions:make_list('6.0.6002.24298'),\n max_versions:make_list('6.0.6003.99999'),\n bulletin:bulletin,\n kb:\"4093478\", session:the_session);\n\nif (vuln > 0)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, 'affected');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:45:09", "description": "The Internet Explorer installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-1004)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-0870, CVE-2018-0991, CVE-2018-0997, CVE-2018-1018, CVE-2018-1020)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-0988, CVE-2018-0996, CVE-2018-1001)\n\n - An information disclosure vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could provide an attacker with information to further compromise the user's computer or data. (CVE-2018-0981, CVE-2018-0989, CVE-2018-1000)\n\n - An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Internet Explorer. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.\n (CVE-2018-0987)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-10T00:00:00", "type": "nessus", "title": "Security Updates for Internet Explorer (April 2018)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0870", "CVE-2018-0981", "CVE-2018-0987", "CVE-2018-0988", "CVE-2018-0989", "CVE-2018-0991", "CVE-2018-0996", "CVE-2018-0997", "CVE-2018-1000", "CVE-2018-1001", "CVE-2018-1004", "CVE-2018-1018", "CVE-2018-1020"], "modified": "2019-11-08T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS18_APR_INTERNET_EXPLORER.NASL", "href": "https://www.tenable.com/plugins/nessus/108971", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108971);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/11/08\");\n\n script_cve_id(\n \"CVE-2018-0870\",\n \"CVE-2018-0981\",\n \"CVE-2018-0987\",\n \"CVE-2018-0988\",\n \"CVE-2018-0989\",\n \"CVE-2018-0991\",\n \"CVE-2018-0996\",\n \"CVE-2018-0997\",\n \"CVE-2018-1000\",\n \"CVE-2018-1001\",\n \"CVE-2018-1004\",\n \"CVE-2018-1018\",\n \"CVE-2018-1020\"\n );\n script_xref(name:\"MSKB\", value:\"4093114\");\n script_xref(name:\"MSKB\", value:\"4093123\");\n script_xref(name:\"MSKB\", value:\"4093118\");\n script_xref(name:\"MSKB\", value:\"4092946\");\n script_xref(name:\"MSFT\", value:\"MS18-4093114\");\n script_xref(name:\"MSFT\", value:\"MS18-4093123\");\n script_xref(name:\"MSFT\", value:\"MS18-4093118\");\n script_xref(name:\"MSFT\", value:\"MS18-4092946\");\n\n script_name(english:\"Security Updates for Internet Explorer (April 2018)\");\n script_summary(english:\"Checks for Microsoft security updates.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Internet Explorer installation on the remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Internet Explorer installation on the remote host is\nmissing security updates. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2018-1004)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-0870,\n CVE-2018-0991, CVE-2018-0997, CVE-2018-1018,\n CVE-2018-1020)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-0988, CVE-2018-0996, CVE-2018-1001)\n\n - An information disclosure vulnerability exists in the\n way that the scripting engine handles objects in memory\n in Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could provide an\n attacker with information to further compromise the\n user's computer or data. (CVE-2018-0981, CVE-2018-0989,\n CVE-2018-1000)\n\n - An information disclosure vulnerability exists when the\n scripting engine does not properly handle objects in\n memory in Internet Explorer. An attacker who\n successfully exploited the vulnerability could obtain\n information to further compromise the users system.\n (CVE-2018-0987)\");\n # https://support.microsoft.com/en-us/help/4093114/windows-81-update-kb4093114\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b665658e\");\n # https://support.microsoft.com/en-us/help/4093123/windows-server-2012-update-kb4093123\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e474951c\");\n # https://support.microsoft.com/en-us/help/4093118/windows-7-update-kb4093118\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2d3b2bb1\");\n # https://support.microsoft.com/en-us/help/4092946/cumulative-security-update-for-internet-explorer\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cf0e57cc\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released the following security updates to address this issue: \n -KB4093114\n -KB4093123\n -KB4093118\n -KB4092946\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1004\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS18-04';\nkbs = make_list(\n '4093123',\n '4088876',\n '4093118',\n '4092946'\n);\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nos = get_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2', win7:'1', win8:'0', win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname && \"8.1\" >!< productname)\n audit(AUDIT_OS_SP_NOT_VULN);\nif (\"Vista\" >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nif (hotfix_check_server_core() == 1) audit(AUDIT_WIN_SERVER_CORE);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n # Windows 8.1 / Windows Server 2012 R2\n # Internet Explorer 11\n hotfix_is_vulnerable(os:\"6.3\", sp:0, file:\"mshtml.dll\", version:\"11.0.9600.18978\", min_version:\"11.0.9600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"4092946\") ||\n\n # Windows Server 2012\n # Internet Explorer 10\n hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"mshtml.dll\", version:\"10.0.9200.22411\", min_version:\"10.0.9200.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"4092946\") ||\n\n # Windows 7 / Server 2008 R2\n # Internet Explorer 11\n hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"mshtml.dll\", version:\"11.0.9600.18978\", min_version:\"11.0.9600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"4092946\") ||\n\n # Windows Server 2008\n # Internet Explorer 9\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"mshtml.dll\", version:\"9.0.8112.21213\", min_version:\"9.0.8112.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"4092946\")\n)\n{\n report = '\\nNote: The fix for this issue is available in either of the following updates:\\n';\n report += ' - KB4092946 : Cumulative Security Update for Internet Explorer\\n';\n if(os == \"6.3\")\n {\n report += ' - KB4093114 : Windows 8.1 / Server 2012 R2 Monthly Rollup\\n';\n hotfix_add_report(bulletin:'MS18-04', kb:'4093114', report);\n }\n else if(os == \"6.2\")\n {\n report += ' - KB4093123 : Windows Server 2012 Monthly Rollup\\n';\n hotfix_add_report(bulletin:'MS18-04', kb:'4093123', report);\n }\n else if(os == \"6.1\")\n {\n report += ' - KB4093118 : Windows 7 / Server 2008 R2 Monthly Rollup\\n';\n hotfix_add_report(bulletin:'MS18-04', kb:'4093118', report);\n }\n set_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:44:18", "description": "The remote Windows host is missing security update 4093109.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A security feature bypass exists when Device Guard incorrectly validates an untrusted file. An attacker who successfully exploited this vulnerability could make an unsigned file appear to be signed. Because Device Guard relies on the signature to determine the file is non- malicious, Device Guard could then allow a malicious file to execute. In an attack scenario, an attacker could make an untrusted file appear to be a trusted file. The update addresses the vulnerability by correcting how Device Guard handles untrusted files.\n (CVE-2018-0966)\n\n - A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. (CVE-2018-0956)\n\n - An elevation of privilege vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code and take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-1008)\n\n - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995)\n\n - An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. (CVE-2018-0957)\n\n - An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Internet Explorer. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.\n (CVE-2018-0987)\n\n - An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-0887)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-0870, CVE-2018-0991, CVE-2018-0997, CVE-2018-1018, CVE-2018-1020)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-1023)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-0960)\n\n - An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object. (CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975)\n\n - A denial of service vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges. However, the denial of service condition could prevent authorized users from using system resources. The security update addresses the vulnerability by correcting how Windows handles objects in memory. (CVE-2018-8116)\n\n - A denial of service vulnerability exists in the way that Windows SNMP Service handles malformed SNMP traps. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges.\n However, the denial of service condition could prevent authorized users from using system resources. The security update addresses the vulnerability by correcting how Windows SNMP Service processes SNMP traps. (CVE-2018-0967)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-1004)\n\n - An information disclosure vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could provide an attacker with information to further compromise the user's computer or data. (CVE-2018-0981, CVE-2018-0989, CVE-2018-1000)\n\n - A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. (CVE-2018-1003)\n\n - A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. (CVE-2018-0976)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-1010, CVE-2018-1012, CVE-2018-1013, CVE-2018-1015, CVE-2018-1016)\n\n - An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2018-0892)\n\n - An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory. (CVE-2018-1009)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-0988, CVE-2018-0996, CVE-2018-1001)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-10T00:00:00", "type": "nessus", "title": "KB4093109: Windows 10 Version 1511 April 2018 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0870", "CVE-2018-0887", "CVE-2018-0892", "CVE-2018-0956", "CVE-2018-0957", "CVE-2018-0960", "CVE-2018-0966", "CVE-2018-0967", "CVE-2018-0968", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975", "CVE-2018-0976", "CVE-2018-0979", "CVE-2018-0980", "CVE-2018-0981", "CVE-2018-0987", "CVE-2018-0988", "CVE-2018-0989", "CVE-2018-0990", "CVE-2018-0991", "CVE-2018-0993", "CVE-2018-0994", "CVE-2018-0995", "CVE-2018-0996", "CVE-2018-0997", "CVE-2018-1000", "CVE-2018-1001", "CVE-2018-1003", "CVE-2018-1004", "CVE-2018-1008", "CVE-2018-1009", "CVE-2018-1010", "CVE-2018-1012", "CVE-2018-1013", "CVE-2018-1015", "CVE-2018-1016", "CVE-2018-1018", "CVE-2018-1020", "CVE-2018-1023", "CVE-2018-8116"], "modified": "2020-08-18T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS18_APR_4093109.NASL", "href": "https://www.tenable.com/plugins/nessus/108961", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108961);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/18\");\n\n script_cve_id(\n \"CVE-2018-0870\",\n \"CVE-2018-0887\",\n \"CVE-2018-0892\",\n \"CVE-2018-0956\",\n \"CVE-2018-0957\",\n \"CVE-2018-0960\",\n \"CVE-2018-0966\",\n \"CVE-2018-0967\",\n \"CVE-2018-0968\",\n \"CVE-2018-0969\",\n \"CVE-2018-0970\",\n \"CVE-2018-0971\",\n \"CVE-2018-0972\",\n \"CVE-2018-0973\",\n \"CVE-2018-0974\",\n \"CVE-2018-0975\",\n \"CVE-2018-0976\",\n \"CVE-2018-0979\",\n \"CVE-2018-0980\",\n \"CVE-2018-0981\",\n \"CVE-2018-0987\",\n \"CVE-2018-0988\",\n \"CVE-2018-0989\",\n \"CVE-2018-0990\",\n \"CVE-2018-0991\",\n \"CVE-2018-0993\",\n \"CVE-2018-0994\",\n \"CVE-2018-0995\",\n \"CVE-2018-0996\",\n \"CVE-2018-0997\",\n \"CVE-2018-1000\",\n \"CVE-2018-1001\",\n \"CVE-2018-1003\",\n \"CVE-2018-1004\",\n \"CVE-2018-1008\",\n \"CVE-2018-1009\",\n \"CVE-2018-1010\",\n \"CVE-2018-1012\",\n \"CVE-2018-1013\",\n \"CVE-2018-1015\",\n \"CVE-2018-1016\",\n \"CVE-2018-1018\",\n \"CVE-2018-1020\",\n \"CVE-2018-1023\",\n \"CVE-2018-8116\"\n );\n script_xref(name:\"MSKB\", value:\"4093109\");\n script_xref(name:\"MSFT\", value:\"MS18-4093109\");\n\n script_name(english:\"KB4093109: Windows 10 Version 1511 April 2018 Security Update\");\n script_summary(english:\"Checks for rollup.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4093109.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A security feature bypass exists when Device Guard\n incorrectly validates an untrusted file. An attacker who\n successfully exploited this vulnerability could make an\n unsigned file appear to be signed. Because Device Guard\n relies on the signature to determine the file is non-\n malicious, Device Guard could then allow a malicious\n file to execute. In an attack scenario, an attacker\n could make an untrusted file appear to be a trusted\n file. The update addresses the vulnerability by\n correcting how Device Guard handles untrusted files.\n (CVE-2018-0966)\n\n - A denial of service vulnerability exists in the HTTP 2.0\n protocol stack (HTTP.sys) when HTTP.sys improperly\n parses specially crafted HTTP 2.0 requests. An attacker\n who successfully exploited the vulnerability could\n create a denial of service condition, causing the target\n system to become unresponsive. (CVE-2018-0956)\n\n - An elevation of privilege vulnerability exists in\n Windows Adobe Type Manager Font Driver (ATMFD.dll) when\n it fails to properly handle objects in memory. An\n attacker who successfully exploited this vulnerability\n could execute arbitrary code and take control of an\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-1008)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2018-0979, CVE-2018-0980,\n CVE-2018-0990, CVE-2018-0993, CVE-2018-0994,\n CVE-2018-0995)\n\n - An information disclosure vulnerability exists when\n Windows Hyper-V on a host operating system fails to\n properly validate input from an authenticated user on a\n guest operating system. (CVE-2018-0957)\n\n - An information disclosure vulnerability exists when the\n scripting engine does not properly handle objects in\n memory in Internet Explorer. An attacker who\n successfully exploited the vulnerability could obtain\n information to further compromise the users system.\n (CVE-2018-0987)\n\n - An information disclosure vulnerability exists when the\n Windows kernel fails to properly initialize a memory\n address. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2018-0887)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-0870,\n CVE-2018-0991, CVE-2018-0997, CVE-2018-1018,\n CVE-2018-1020)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-1023)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-0960)\n\n - An information disclosure vulnerability exists in the\n Windows kernel that could allow an attacker to retrieve\n information that could lead to a Kernel Address Space\n Layout Randomization (ASLR) bypass. An attacker who\n successfully exploited the vulnerability could retrieve\n the memory address of a kernel object. (CVE-2018-0968,\n CVE-2018-0969, CVE-2018-0970, CVE-2018-0971,\n CVE-2018-0972, CVE-2018-0973, CVE-2018-0974,\n CVE-2018-0975)\n\n - A denial of service vulnerability exists in the way that\n Windows handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. Note that the denial\n of service condition would not allow an attacker to\n execute code or to elevate user privileges. However, the\n denial of service condition could prevent authorized\n users from using system resources. The security update\n addresses the vulnerability by correcting how Windows\n handles objects in memory. (CVE-2018-8116)\n\n - A denial of service vulnerability exists in the way that\n Windows SNMP Service handles malformed SNMP traps. An\n attacker who successfully exploited the vulnerability\n could cause a target system to stop responding. Note\n that the denial of service condition would not allow an\n attacker to execute code or to elevate user privileges.\n However, the denial of service condition could prevent\n authorized users from using system resources. The\n security update addresses the vulnerability by\n correcting how Windows SNMP Service processes SNMP\n traps. (CVE-2018-0967)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2018-1004)\n\n - An information disclosure vulnerability exists in the\n way that the scripting engine handles objects in memory\n in Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could provide an\n attacker with information to further compromise the\n user's computer or data. (CVE-2018-0981, CVE-2018-0989,\n CVE-2018-1000)\n\n - A buffer overflow vulnerability exists in the Microsoft\n JET Database Engine that could allow remote code\n execution on an affected system. An attacker who\n successfully exploited this vulnerability could take\n control of an affected system. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights. Users whose\n accounts are configured to have fewer user rights on the\n system could be less impacted than users who operate\n with administrative user rights. (CVE-2018-1003)\n\n - A denial of service vulnerability exists in Remote\n Desktop Protocol (RDP) when an attacker connects to the\n target system using RDP and sends specially crafted\n requests. An attacker who successfully exploited this\n vulnerability could cause the RDP service on the target\n system to stop responding. (CVE-2018-0976)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited the vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-1010,\n CVE-2018-1012, CVE-2018-1013, CVE-2018-1015,\n CVE-2018-1016)\n\n - An information disclosure vulnerability exists when\n Microsoft Edge improperly handles objects in memory. An\n attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-0892)\n\n - An elevation of privilege vulnerability exists when\n Windows improperly handles objects in memory and\n incorrectly maps kernel memory. (CVE-2018-1009)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-0988, CVE-2018-0996, CVE-2018-1001)\");\n # https://support.microsoft.com/en-us/help/4093109/windows-10-update-kb4093109\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?67fe3f7a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4093109.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1016\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS18-04\";\nkbs = make_list('4093109');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"10586\",\n rollup_date:\"04_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4093109])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:44:28", "description": "The remote Windows host is missing security update 4093111.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A security feature bypass exists when Device Guard incorrectly validates an untrusted file. An attacker who successfully exploited this vulnerability could make an unsigned file appear to be signed. Because Device Guard relies on the signature to determine the file is non- malicious, Device Guard could then allow a malicious file to execute. In an attack scenario, an attacker could make an untrusted file appear to be a trusted file. The update addresses the vulnerability by correcting how Device Guard handles untrusted files.\n (CVE-2018-0966)\n\n - An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-0887)\n\n - An elevation of privilege vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code and take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-1008)\n\n - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995)\n\n - An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. (CVE-2018-0957)\n\n - An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Internet Explorer. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.\n (CVE-2018-0987)\n\n - A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. (CVE-2018-1003)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-0870, CVE-2018-0991, CVE-2018-0997, CVE-2018-1018, CVE-2018-1020)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-1023)\n\n - An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory. (CVE-2018-1009)\n\n - An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object. (CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975)\n\n - A denial of service vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges. However, the denial of service condition could prevent authorized users from using system resources. The security update addresses the vulnerability by correcting how Windows handles objects in memory. (CVE-2018-8116)\n\n - A denial of service vulnerability exists in the way that Windows SNMP Service handles malformed SNMP traps. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges.\n However, the denial of service condition could prevent authorized users from using system resources. The security update addresses the vulnerability by correcting how Windows SNMP Service processes SNMP traps. (CVE-2018-0967)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-1004)\n\n - An information disclosure vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could provide an attacker with information to further compromise the user's computer or data. (CVE-2018-0981, CVE-2018-0989, CVE-2018-1000)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-0960)\n\n - A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. (CVE-2018-0976)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-1010, CVE-2018-1012, CVE-2018-1013, CVE-2018-1015, CVE-2018-1016)\n\n - A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. (CVE-2018-0956)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-0988, CVE-2018-0996, CVE-2018-1001)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-10T00:00:00", "type": "nessus", "title": "KB4093111: Windows 10 April 2018 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0870", "CVE-2018-0887", "CVE-2018-0956", "CVE-2018-0957", "CVE-2018-0960", "CVE-2018-0966", "CVE-2018-0967", "CVE-2018-0968", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975", "CVE-2018-0976", "CVE-2018-0979", "CVE-2018-0980", "CVE-2018-0981", "CVE-2018-0987", "CVE-2018-0988", "CVE-2018-0989", "CVE-2018-0990", "CVE-2018-0991", "CVE-2018-0993", "CVE-2018-0994", "CVE-2018-0995", "CVE-2018-0996", "CVE-2018-0997", "CVE-2018-1000", "CVE-2018-1001", "CVE-2018-1003", "CVE-2018-1004", "CVE-2018-1008", "CVE-2018-1009", "CVE-2018-1010", "CVE-2018-1012", "CVE-2018-1013", "CVE-2018-1015", "CVE-2018-1016", "CVE-2018-1018", "CVE-2018-1020", "CVE-2018-1023", "CVE-2018-8116"], "modified": "2020-08-18T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS18_APR_4093111.NASL", "href": "https://www.tenable.com/plugins/nessus/108963", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108963);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/18\");\n\n script_cve_id(\n \"CVE-2018-0870\",\n \"CVE-2018-0887\",\n \"CVE-2018-0956\",\n \"CVE-2018-0957\",\n \"CVE-2018-0960\",\n \"CVE-2018-0966\",\n \"CVE-2018-0967\",\n \"CVE-2018-0968\",\n \"CVE-2018-0969\",\n \"CVE-2018-0970\",\n \"CVE-2018-0971\",\n \"CVE-2018-0972\",\n \"CVE-2018-0973\",\n \"CVE-2018-0974\",\n \"CVE-2018-0975\",\n \"CVE-2018-0976\",\n \"CVE-2018-0979\",\n \"CVE-2018-0980\",\n \"CVE-2018-0981\",\n \"CVE-2018-0987\",\n \"CVE-2018-0988\",\n \"CVE-2018-0989\",\n \"CVE-2018-0990\",\n \"CVE-2018-0991\",\n \"CVE-2018-0993\",\n \"CVE-2018-0994\",\n \"CVE-2018-0995\",\n \"CVE-2018-0996\",\n \"CVE-2018-0997\",\n \"CVE-2018-1000\",\n \"CVE-2018-1001\",\n \"CVE-2018-1003\",\n \"CVE-2018-1004\",\n \"CVE-2018-1008\",\n \"CVE-2018-1009\",\n \"CVE-2018-1010\",\n \"CVE-2018-1012\",\n \"CVE-2018-1013\",\n \"CVE-2018-1015\",\n \"CVE-2018-1016\",\n \"CVE-2018-1018\",\n \"CVE-2018-1020\",\n \"CVE-2018-1023\",\n \"CVE-2018-8116\"\n );\n script_xref(name:\"MSKB\", value:\"4093111\");\n script_xref(name:\"MSFT\", value:\"MS18-4093111\");\n\n script_name(english:\"KB4093111: Windows 10 April 2018 Security Update\");\n script_summary(english:\"Checks for rollup.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4093111.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A security feature bypass exists when Device Guard\n incorrectly validates an untrusted file. An attacker who\n successfully exploited this vulnerability could make an\n unsigned file appear to be signed. Because Device Guard\n relies on the signature to determine the file is non-\n malicious, Device Guard could then allow a malicious\n file to execute. In an attack scenario, an attacker\n could make an untrusted file appear to be a trusted\n file. The update addresses the vulnerability by\n correcting how Device Guard handles untrusted files.\n (CVE-2018-0966)\n\n - An information disclosure vulnerability exists when the\n Windows kernel fails to properly initialize a memory\n address. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2018-0887)\n\n - An elevation of privilege vulnerability exists in\n Windows Adobe Type Manager Font Driver (ATMFD.dll) when\n it fails to properly handle objects in memory. An\n attacker who successfully exploited this vulnerability\n could execute arbitrary code and take control of an\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-1008)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2018-0979, CVE-2018-0980,\n CVE-2018-0990, CVE-2018-0993, CVE-2018-0994,\n CVE-2018-0995)\n\n - An information disclosure vulnerability exists when\n Windows Hyper-V on a host operating system fails to\n properly validate input from an authenticated user on a\n guest operating system. (CVE-2018-0957)\n\n - An information disclosure vulnerability exists when the\n scripting engine does not properly handle objects in\n memory in Internet Explorer. An attacker who\n successfully exploited the vulnerability could obtain\n information to further compromise the users system.\n (CVE-2018-0987)\n\n - A buffer overflow vulnerability exists in the Microsoft\n JET Database Engine that could allow remote code\n execution on an affected system. An attacker who\n successfully exploited this vulnerability could take\n control of an affected system. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights. Users whose\n accounts are configured to have fewer user rights on the\n system could be less impacted than users who operate\n with administrative user rights. (CVE-2018-1003)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-0870,\n CVE-2018-0991, CVE-2018-0997, CVE-2018-1018,\n CVE-2018-1020)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-1023)\n\n - An elevation of privilege vulnerability exists when\n Windows improperly handles objects in memory and\n incorrectly maps kernel memory. (CVE-2018-1009)\n\n - An information disclosure vulnerability exists in the\n Windows kernel that could allow an attacker to retrieve\n information that could lead to a Kernel Address Space\n Layout Randomization (ASLR) bypass. An attacker who\n successfully exploited the vulnerability could retrieve\n the memory address of a kernel object. (CVE-2018-0968,\n CVE-2018-0969, CVE-2018-0970, CVE-2018-0971,\n CVE-2018-0972, CVE-2018-0973, CVE-2018-0974,\n CVE-2018-0975)\n\n - A denial of service vulnerability exists in the way that\n Windows handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. Note that the denial\n of service condition would not allow an attacker to\n execute code or to elevate user privileges. However, the\n denial of service condition could prevent authorized\n users from using system resources. The security update\n addresses the vulnerability by correcting how Windows\n handles objects in memory. (CVE-2018-8116)\n\n - A denial of service vulnerability exists in the way that\n Windows SNMP Service handles malformed SNMP traps. An\n attacker who successfully exploited the vulnerability\n could cause a target system to stop responding. Note\n that the denial of service condition would not allow an\n attacker to execute code or to elevate user privileges.\n However, the denial of service condition could prevent\n authorized users from using system resources. The\n security update addresses the vulnerability by\n correcting how Windows SNMP Service processes SNMP\n traps. (CVE-2018-0967)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2018-1004)\n\n - An information disclosure vulnerability exists in the\n way that the scripting engine handles objects in memory\n in Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could provide an\n attacker with information to further compromise the\n user's computer or data. (CVE-2018-0981, CVE-2018-0989,\n CVE-2018-1000)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-0960)\n\n - A denial of service vulnerability exists in Remote\n Desktop Protocol (RDP) when an attacker connects to the\n target system using RDP and sends specially crafted\n requests. An attacker who successfully exploited this\n vulnerability could cause the RDP service on the target\n system to stop responding. (CVE-2018-0976)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited the vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-1010,\n CVE-2018-1012, CVE-2018-1013, CVE-2018-1015,\n CVE-2018-1016)\n\n - A denial of service vulnerability exists in the HTTP 2.0\n protocol stack (HTTP.sys) when HTTP.sys improperly\n parses specially crafted HTTP 2.0 requests. An attacker\n who successfully exploited the vulnerability could\n create a denial of service condition, causing the target\n system to become unresponsive. (CVE-2018-0956)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-0988, CVE-2018-0996, CVE-2018-1001)\");\n # https://support.microsoft.com/en-us/help/4093111/windows-10-update-kb4093111\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?09eb0963\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4093111.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1016\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS18-04\";\nkbs = make_list('4093111');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"10240\",\n rollup_date:\"04_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4093111])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:44:18", "description": "The remote Windows host is missing security update 4093119.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory. (CVE-2018-1009)\n\n - A security feature bypass exists when Device Guard incorrectly validates an untrusted file. An attacker who successfully exploited this vulnerability could make an unsigned file appear to be signed. Because Device Guard relies on the signature to determine the file is non- malicious, Device Guard could then allow a malicious file to execute. In an attack scenario, an attacker could make an untrusted file appear to be a trusted file. The update addresses the vulnerability by correcting how Device Guard handles untrusted files.\n (CVE-2018-0966)\n\n - A denial of service vulnerability exists in the way that Windows SNMP Service handles malformed SNMP traps. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges.\n However, the denial of service condition could prevent authorized users from using system resources. The security update addresses the vulnerability by correcting how Windows SNMP Service processes SNMP traps. (CVE-2018-0967)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-0960)\n\n - An elevation of privilege vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code and take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-1008)\n\n - An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2018-0892)\n\n - An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. (CVE-2018-0957)\n\n - An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Internet Explorer. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.\n (CVE-2018-0987)\n\n - A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. (CVE-2018-1003)\n\n - An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory.\n An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2018-0963)\n\n - A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. (CVE-2018-0976)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-0988, CVE-2018-0996, CVE-2018-1001)\n\n - A security feature bypass vulnerability exists when Active Directory incorrectly applies Network Isolation settings. (CVE-2018-0890)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-1010, CVE-2018-1012, CVE-2018-1013, CVE-2018-1015, CVE-2018-1016)\n\n - An information disclosure vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could provide an attacker with information to further compromise the user's computer or data. (CVE-2018-0981, CVE-2018-0989, CVE-2018-1000)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-0870, CVE-2018-0991, CVE-2018-0997, CVE-2018-1018, CVE-2018-1020)\n\n - An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2018-0998)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-1023)\n\n - An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object. (CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975)\n\n - A denial of service vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges. However, the denial of service condition could prevent authorized users from using system resources. The security update addresses the vulnerability by correcting how Windows handles objects in memory. (CVE-2018-8116)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-1004)\n\n - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995)\n\n - A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. (CVE-2018-0956)\n\n - An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-0887)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-10T00:00:00", "type": "nessus", "title": "KB4093119: Windows 10 Version 1607 and Windows Server 2016 April 2018 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0870", "CVE-2018-0887", "CVE-2018-0890", "CVE-2018-0892", "CVE-2018-0956", "CVE-2018-0957", "CVE-2018-0960", "CVE-2018-0963", "CVE-2018-0966", "CVE-2018-0967", "CVE-2018-0968", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975", "CVE-2018-0976", "CVE-2018-0979", "CVE-2018-0980", "CVE-2018-0981", "CVE-2018-0987", "CVE-2018-0988", "CVE-2018-0989", "CVE-2018-0990", "CVE-2018-0991", "CVE-2018-0993", "CVE-2018-0994", "CVE-2018-0995", "CVE-2018-0996", "CVE-2018-0997", "CVE-2018-0998", "CVE-2018-1000", "CVE-2018-1001", "CVE-2018-1003", "CVE-2018-1004", "CVE-2018-1008", "CVE-2018-1009", "CVE-2018-1010", "CVE-2018-1012", "CVE-2018-1013", "CVE-2018-1015", "CVE-2018-1016", "CVE-2018-1018", "CVE-2018-1020", "CVE-2018-1023", "CVE-2018-8116", "CVE-2018-8142"], "modified": "2020-08-18T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS18_APR_4093119.NASL", "href": "https://www.tenable.com/plugins/nessus/108967", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108967);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/18\");\n\n script_cve_id(\n \"CVE-2018-0870\",\n \"CVE-2018-0887\",\n \"CVE-2018-0890\",\n \"CVE-2018-0892\",\n \"CVE-2018-0956\",\n \"CVE-2018-0957\",\n \"CVE-2018-0960\",\n \"CVE-2018-0963\",\n \"CVE-2018-0966\",\n \"CVE-2018-0967\",\n \"CVE-2018-0968\",\n \"CVE-2018-0969\",\n \"CVE-2018-0970\",\n \"CVE-2018-0971\",\n \"CVE-2018-0972\",\n \"CVE-2018-0973\",\n \"CVE-2018-0974\",\n \"CVE-2018-0975\",\n \"CVE-2018-0976\",\n \"CVE-2018-0979\",\n \"CVE-2018-0980\",\n \"CVE-2018-0981\",\n \"CVE-2018-0987\",\n \"CVE-2018-0988\",\n \"CVE-2018-0989\",\n \"CVE-2018-0990\",\n \"CVE-2018-0991\",\n \"CVE-2018-0993\",\n \"CVE-2018-0994\",\n \"CVE-2018-0995\",\n \"CVE-2018-0996\",\n \"CVE-2018-0997\",\n \"CVE-2018-0998\",\n \"CVE-2018-1000\",\n \"CVE-2018-1001\",\n \"CVE-2018-1003\",\n \"CVE-2018-1004\",\n \"CVE-2018-1008\",\n \"CVE-2018-1009\",\n \"CVE-2018-1010\",\n \"CVE-2018-1012\",\n \"CVE-2018-1013\",\n \"CVE-2018-1015\",\n \"CVE-2018-1016\",\n \"CVE-2018-1018\",\n \"CVE-2018-1020\",\n \"CVE-2018-1023\",\n \"CVE-2018-8116\",\n \"CVE-2018-8142\"\n );\n script_xref(name:\"MSKB\", value:\"4093119\");\n script_xref(name:\"MSFT\", value:\"MS18-4093119\");\n\n script_name(english:\"KB4093119: Windows 10 Version 1607 and Windows Server 2016 April 2018 Security Update\");\n script_summary(english:\"Checks for rollup.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4093119.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when\n Windows improperly handles objects in memory and\n incorrectly maps kernel memory. (CVE-2018-1009)\n\n - A security feature bypass exists when Device Guard\n incorrectly validates an untrusted file. An attacker who\n successfully exploited this vulnerability could make an\n unsigned file appear to be signed. Because Device Guard\n relies on the signature to determine the file is non-\n malicious, Device Guard could then allow a malicious\n file to execute. In an attack scenario, an attacker\n could make an untrusted file appear to be a trusted\n file. The update addresses the vulnerability by\n correcting how Device Guard handles untrusted files.\n (CVE-2018-0966)\n\n - A denial of service vulnerability exists in the way that\n Windows SNMP Service handles malformed SNMP traps. An\n attacker who successfully exploited the vulnerability\n could cause a target system to stop responding. Note\n that the denial of service condition would not allow an\n attacker to execute code or to elevate user privileges.\n However, the denial of service condition could prevent\n authorized users from using system resources. The\n security update addresses the vulnerability by\n correcting how Windows SNMP Service processes SNMP\n traps. (CVE-2018-0967)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-0960)\n\n - An elevation of privilege vulnerability exists in\n Windows Adobe Type Manager Font Driver (ATMFD.dll) when\n it fails to properly handle objects in memory. An\n attacker who successfully exploited this vulnerability\n could execute arbitrary code and take control of an\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-1008)\n\n - An information disclosure vulnerability exists when\n Microsoft Edge improperly handles objects in memory. An\n attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-0892)\n\n - An information disclosure vulnerability exists when\n Windows Hyper-V on a host operating system fails to\n properly validate input from an authenticated user on a\n guest operating system. (CVE-2018-0957)\n\n - An information disclosure vulnerability exists when the\n scripting engine does not properly handle objects in\n memory in Internet Explorer. An attacker who\n successfully exploited the vulnerability could obtain\n information to further compromise the users system.\n (CVE-2018-0987)\n\n - A buffer overflow vulnerability exists in the Microsoft\n JET Database Engine that could allow remote code\n execution on an affected system. An attacker who\n successfully exploited this vulnerability could take\n control of an affected system. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights. Users whose\n accounts are configured to have fewer user rights on the\n system could be less impacted than users who operate\n with administrative user rights. (CVE-2018-1003)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Kernel handles objects in memory.\n An attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2018-0963)\n\n - A denial of service vulnerability exists in Remote\n Desktop Protocol (RDP) when an attacker connects to the\n target system using RDP and sends specially crafted\n requests. An attacker who successfully exploited this\n vulnerability could cause the RDP service on the target\n system to stop responding. (CVE-2018-0976)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-0988, CVE-2018-0996, CVE-2018-1001)\n\n - A security feature bypass vulnerability exists when\n Active Directory incorrectly applies Network Isolation\n settings. (CVE-2018-0890)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited the vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-1010,\n CVE-2018-1012, CVE-2018-1013, CVE-2018-1015,\n CVE-2018-1016)\n\n - An information disclosure vulnerability exists in the\n way that the scripting engine handles objects in memory\n in Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could provide an\n attacker with information to further compromise the\n user's computer or data. (CVE-2018-0981, CVE-2018-0989,\n CVE-2018-1000)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-0870,\n CVE-2018-0991, CVE-2018-0997, CVE-2018-1018,\n CVE-2018-1020)\n\n - An information disclosure vulnerability exists when\n Microsoft Edge PDF Reader improperly handles objects in\n memory. An attacker who successfully exploited the\n vulnerability could obtain information to further\n compromise the users system. (CVE-2018-0998)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-1023)\n\n - An information disclosure vulnerability exists in the\n Windows kernel that could allow an attacker to retrieve\n information that could lead to a Kernel Address Space\n Layout Randomization (ASLR) bypass. An attacker who\n successfully exploited the vulnerability could retrieve\n the memory address of a kernel object. (CVE-2018-0968,\n CVE-2018-0969, CVE-2018-0970, CVE-2018-0971,\n CVE-2018-0972, CVE-2018-0973, CVE-2018-0974,\n CVE-2018-0975)\n\n - A denial of service vulnerability exists in the way that\n Windows handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. Note that the denial\n of service condition would not allow an attacker to\n execute code or to elevate user privileges. However, the\n denial of service condition could prevent authorized\n users from using system resources. The security update\n addresses the vulnerability by correcting how Windows\n handles objects in memory. (CVE-2018-8116)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2018-1004)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2018-0979, CVE-2018-0980,\n CVE-2018-0990, CVE-2018-0993, CVE-2018-0994,\n CVE-2018-0995)\n\n - A denial of service vulnerability exists in the HTTP 2.0\n protocol stack (HTTP.sys) when HTTP.sys improperly\n parses specially crafted HTTP 2.0 requests. An attacker\n who successfully exploited the vulnerability could\n create a denial of service condition, causing the target\n system to become unresponsive. (CVE-2018-0956)\n\n - An information disclosure vulnerability exists when the\n Windows kernel fails to properly initialize a memory\n address. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2018-0887)\");\n # https://support.microsoft.com/en-us/help/4093119/windows-10-update-kb4093119\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2553c1b5\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4093119.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1016\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS18-04\";\nkbs = make_list('4093119');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"14393\",\n rollup_date:\"04_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4093119])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:44:28", "description": "The remote Windows host is missing security update 4093107.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory. (CVE-2018-1009)\n\n - A security feature bypass exists when Device Guard incorrectly validates an untrusted file. An attacker who successfully exploited this vulnerability could make an unsigned file appear to be signed. Because Device Guard relies on the signature to determine the file is non- malicious, Device Guard could then allow a malicious file to execute. In an attack scenario, an attacker could make an untrusted file appear to be a trusted file. The update addresses the vulnerability by correcting how Device Guard handles untrusted files.\n (CVE-2018-0966)\n\n - A denial of service vulnerability exists in the way that Windows SNMP Service handles malformed SNMP traps. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges.\n However, the denial of service condition could prevent authorized users from using system resources. The security update addresses the vulnerability by correcting how Windows SNMP Service processes SNMP traps. (CVE-2018-0967)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-0960)\n\n - An elevation of privilege vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code and take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-1008)\n\n - An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Internet Explorer. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.\n (CVE-2018-0987)\n\n - A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. (CVE-2018-1003)\n\n - An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory.\n An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2018-0963)\n\n - A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. (CVE-2018-0976)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-0988, CVE-2018-0996, CVE-2018-1001)\n\n - A security feature bypass vulnerability exists when Active Directory incorrectly applies Network Isolation settings. (CVE-2018-0890)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-1010, CVE-2018-1012, CVE-2018-1013, CVE-2018-1015, CVE-2018-1016)\n\n - An information disclosure vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could provide an attacker with information to further compromise the user's computer or data. (CVE-2018-0981, CVE-2018-0989, CVE-2018-1000)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-0870, CVE-2018-0991, CVE-2018-0997, CVE-2018-1018, CVE-2018-1020)\n\n - An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2018-0998)\n\n - An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object. (CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975)\n\n - An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2018-0892)\n\n - An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. (CVE-2018-0957, CVE-2018-0964)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-1023)\n\n - A denial of service vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges. However, the denial of service condition could prevent authorized users from using system resources. The security update addresses the vulnerability by correcting how Windows handles objects in memory. (CVE-2018-8116)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-1004)\n\n - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995)\n\n - A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. (CVE-2018-0956)\n\n - An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-0887)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-10T00:00:00", "type": "nessus", "title": "KB4093107: Windows 10 Version 1703 April 2018 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0870", "CVE-2018-0887", "CVE-2018-0890", "CVE-2018-0892", "CVE-2018-0956", "CVE-2018-0957", "CVE-2018-0960", "CVE-2018-0963", "CVE-2018-0964", "CVE-2018-0966", "CVE-2018-0967", "CVE-2018-0968", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975", "CVE-2018-0976", "CVE-2018-0979", "CVE-2018-0980", "CVE-2018-0981", "CVE-2018-0987", "CVE-2018-0988", "CVE-2018-0989", "CVE-2018-0990", "CVE-2018-0991", "CVE-2018-0993", "CVE-2018-0994", "CVE-2018-0995", "CVE-2018-0996", "CVE-2018-0997", "CVE-2018-0998", "CVE-2018-1000", "CVE-2018-1001", "CVE-2018-1003", "CVE-2018-1004", "CVE-2018-1008", "CVE-2018-1009", "CVE-2018-1010", "CVE-2018-1012", "CVE-2018-1013", "CVE-2018-1015", "CVE-2018-1016", "CVE-2018-1018", "CVE-2018-1020", "CVE-2018-1023", "CVE-2018-8116", "CVE-2018-8142"], "modified": "2020-08-18T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS18_APR_4093107.NASL", "href": "https://www.tenable.com/plugins/nessus/108960", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108960);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/18\");\n\n script_cve_id(\n \"CVE-2018-0870\",\n \"CVE-2018-0887\",\n \"CVE-2018-0890\",\n \"CVE-2018-0892\",\n \"CVE-2018-0956\",\n \"CVE-2018-0957\",\n \"CVE-2018-0960\",\n \"CVE-2018-0963\",\n \"CVE-2018-0964\",\n \"CVE-2018-0966\",\n \"CVE-2018-0967\",\n \"CVE-2018-0968\",\n \"CVE-2018-0969\",\n \"CVE-2018-0970\",\n \"CVE-2018-0971\",\n \"CVE-2018-0972\",\n \"CVE-2018-0973\",\n \"CVE-2018-0974\",\n \"CVE-2018-0975\",\n \"CVE-2018-0976\",\n \"CVE-2018-0979\",\n \"CVE-2018-0980\",\n \"CVE-2018-0981\",\n \"CVE-2018-0987\",\n \"CVE-2018-0988\",\n \"CVE-2018-0989\",\n \"CVE-2018-0990\",\n \"CVE-2018-0991\",\n \"CVE-2018-0993\",\n \"CVE-2018-0994\",\n \"CVE-2018-0995\",\n \"CVE-2018-0996\",\n \"CVE-2018-0997\",\n \"CVE-2018-0998\",\n \"CVE-2018-1000\",\n \"CVE-2018-1001\",\n \"CVE-2018-1003\",\n \"CVE-2018-1004\",\n \"CVE-2018-1008\",\n \"CVE-2018-1009\",\n \"CVE-2018-1010\",\n \"CVE-2018-1012\",\n \"CVE-2018-1013\",\n \"CVE-2018-1015\",\n \"CVE-2018-1016\",\n \"CVE-2018-1018\",\n \"CVE-2018-1020\",\n \"CVE-2018-1023\",\n \"CVE-2018-8116\",\n \"CVE-2018-8142\"\n );\n script_xref(name:\"MSKB\", value:\"4093107\");\n script_xref(name:\"MSFT\", value:\"MS18-4093107\");\n\n script_name(english:\"KB4093107: Windows 10 Version 1703 April 2018 Security Update\");\n script_summary(english:\"Checks for rollup.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4093107.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when\n Windows improperly handles objects in memory and\n incorrectly maps kernel memory. (CVE-2018-1009)\n\n - A security feature bypass exists when Device Guard\n incorrectly validates an untrusted file. An attacker who\n successfully exploited this vulnerability could make an\n unsigned file appear to be signed. Because Device Guard\n relies on the signature to determine the file is non-\n malicious, Device Guard could then allow a malicious\n file to execute. In an attack scenario, an attacker\n could make an untrusted file appear to be a trusted\n file. The update addresses the vulnerability by\n correcting how Device Guard handles untrusted files.\n (CVE-2018-0966)\n\n - A denial of service vulnerability exists in the way that\n Windows SNMP Service handles malformed SNMP traps. An\n attacker who successfully exploited the vulnerability\n could cause a target system to stop responding. Note\n that the denial of service condition would not allow an\n attacker to execute code or to elevate user privileges.\n However, the denial of service condition could prevent\n authorized users from using system resources. The\n security update addresses the vulnerability by\n correcting how Windows SNMP Service processes SNMP\n traps. (CVE-2018-0967)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-0960)\n\n - An elevation of privilege vulnerability exists in\n Windows Adobe Type Manager Font Driver (ATMFD.dll) when\n it fails to properly handle objects in memory. An\n attacker who successfully exploited this vulnerability\n could execute arbitrary code and take control of an\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-1008)\n\n - An information disclosure vulnerability exists when the\n scripting engine does not properly handle objects in\n memory in Internet Explorer. An attacker who\n successfully exploited the vulnerability could obtain\n information to further compromise the users system.\n (CVE-2018-0987)\n\n - A buffer overflow vulnerability exists in the Microsoft\n JET Database Engine that could allow remote code\n execution on an affected system. An attacker who\n successfully exploited this vulnerability could take\n control of an affected system. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights. Users whose\n accounts are configured to have fewer user rights on the\n system could be less impacted than users who operate\n with administrative user rights. (CVE-2018-1003)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Kernel handles objects in memory.\n An attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2018-0963)\n\n - A denial of service vulnerability exists in Remote\n Desktop Protocol (RDP) when an attacker connects to the\n target system using RDP and sends specially crafted\n requests. An attacker who successfully exploited this\n vulnerability could cause the RDP service on the target\n system to stop responding. (CVE-2018-0976)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-0988, CVE-2018-0996, CVE-2018-1001)\n\n - A security feature bypass vulnerability exists when\n Active Directory incorrectly applies Network Isolation\n settings. (CVE-2018-0890)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited the vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-1010,\n CVE-2018-1012, CVE-2018-1013, CVE-2018-1015,\n CVE-2018-1016)\n\n - An information disclosure vulnerability exists in the\n way that the scripting engine handles objects in memory\n in Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could provide an\n attacker with information to further compromise the\n user's computer or data. (CVE-2018-0981, CVE-2018-0989,\n CVE-2018-1000)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-0870,\n CVE-2018-0991, CVE-2018-0997, CVE-2018-1018,\n CVE-2018-1020)\n\n - An information disclosure vulnerability exists when\n Microsoft Edge PDF Reader improperly handles objects in\n memory. An attacker who successfully exploited the\n vulnerability could obtain information to further\n compromise the users system. (CVE-2018-0998)\n\n - An information disclosure vulnerability exists in the\n Windows kernel that could allow an attacker to retrieve\n information that could lead to a Kernel Address Space\n Layout Randomization (ASLR) bypass. An attacker who\n successfully exploited the vulnerability could retrieve\n the memory address of a kernel object. (CVE-2018-0968,\n CVE-2018-0969, CVE-2018-0970, CVE-2018-0971,\n CVE-2018-0972, CVE-2018-0973, CVE-2018-0974,\n CVE-2018-0975)\n\n - An information disclosure vulnerability exists when\n Microsoft Edge improperly handles objects in memory. An\n attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-0892)\n\n - An information disclosure vulnerability exists when\n Windows Hyper-V on a host operating system fails to\n properly validate input from an authenticated user on a\n guest operating system. (CVE-2018-0957, CVE-2018-0964)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-1023)\n\n - A denial of service vulnerability exists in the way that\n Windows handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. Note that the denial\n of service condition would not allow an attacker to\n execute code or to elevate user privileges. However, the\n denial of service condition could prevent authorized\n users from using system resources. The security update\n addresses the vulnerability by correcting how Windows\n handles objects in memory. (CVE-2018-8116)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2018-1004)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2018-0979, CVE-2018-0980,\n CVE-2018-0990, CVE-2018-0993, CVE-2018-0994,\n CVE-2018-0995)\n\n - A denial of service vulnerability exists in the HTTP 2.0\n protocol stack (HTTP.sys) when HTTP.sys improperly\n parses specially crafted HTTP 2.0 requests. An attacker\n who successfully exploited the vulnerability could\n create a denial of service condition, causing the target\n system to become unresponsive. (CVE-2018-0956)\n\n - An information disclosure vulnerability exists when the\n Windows kernel fails to properly initialize a memory\n address. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2018-0887)\");\n # https://support.microsoft.com/en-us/help/4093107/windows-10-update-kb4093107\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d125849e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4093107.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1016\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS18-04\";\nkbs = make_list('4093107');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"15063\",\n rollup_date:\"04_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4093107])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:44:18", "description": "The remote Windows host is missing security update 4093112.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local user access to disclose information via a side-channel analysis.\n (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)\n\n - An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory. (CVE-2018-1009)\n\n - A security feature bypass exists when Device Guard incorrectly validates an untrusted file. An attacker who successfully exploited this vulnerability could make an unsigned file appear to be signed. Because Device Guard relies on the signature to determine the file is non- malicious, Device Guard could then allow a malicious file to execute. In an attack scenario, an attacker could make an untrusted file appear to be a trusted file. The update addresses the vulnerability by correcting how Device Guard handles untrusted files.\n (CVE-2018-0966, CVE-2018-1035)\n\n - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019)\n\n - A denial of service vulnerability exists in the way that Windows SNMP Service handles malformed SNMP traps. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges.\n However, the denial of service condition could prevent authorized users from using system resources. The security update addresses the vulnerability by correcting how Windows SNMP Service processes SNMP traps. (CVE-2018-0967)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-0960)\n\n - An elevation of privilege vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code and take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-1008)\n\n - An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Internet Explorer. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.\n (CVE-2018-0987)\n\n - A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. (CVE-2018-1003)\n\n - An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory.\n An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2018-0963)\n\n - A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. (CVE-2018-0976)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-0988, CVE-2018-0996, CVE-2018-1001)\n\n - A security feature bypass vulnerability exists when Active Directory incorrectly applies Network Isolation settings. (CVE-2018-0890)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-1010, CVE-2018-1012, CVE-2018-1013, CVE-2018-1015, CVE-2018-1016)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-0870, CVE-2018-0991, CVE-2018-0997, CVE-2018-1018, CVE-2018-1020)\n\n - An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2018-0998)\n\n - An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object. (CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975)\n\n - An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2018-0892)\n\n - An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. (CVE-2018-0957, CVE-2018-0964)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-1023)\n\n - A denial of service vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges. However, the denial of service condition could prevent authorized users from using system resources. The security update addresses the vulnerability by correcting how Windows handles objects in memory. (CVE-2018-8116)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-1004)\n\n - An information disclosure vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could provide an attacker with information to further compromise the user's computer or data. (CVE-2018-0981, CVE-2018-0989, CVE-2018-1000)\n\n - A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. (CVE-2018-0956)\n\n - An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-0887)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-10T00:00:00", "type": "nessus", "title": "KB4093112: Windows 10 Version 1709 and Windows Server Version 1709 April 2018 Security Update (Meltdown)(Spectre)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5715", "CVE-2017-5753", "CVE-2017-5754", "CVE-2018-0870", "CVE-2018-0887", "CVE-2018-0890", "CVE-2018-0892", "CVE-2018-0956", "CVE-2018-0957", "CVE-2018-0960", "CVE-2018-0963", "CVE-2018-0964", "CVE-2018-0966", "CVE-2018-0967", "CVE-2018-0968", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975", "CVE-2018-0976", "CVE-2018-0979", "CVE-2018-0980", "CVE-2018-0981", "CVE-2018-0987", "CVE-2018-0988", "CVE-2018-0989", "CVE-2018-0990", "CVE-2018-0991", "CVE-2018-0993", "CVE-2018-0994", "CVE-2018-0995", "CVE-2018-0996", "CVE-2018-0997", "CVE-2018-0998", "CVE-2018-1000", "CVE-2018-1001", "CVE-2018-1003", "CVE-2018-1004", "CVE-2018-1008", "CVE-2018-1009", "CVE-2018-1010", "CVE-2018-1012", "CVE-2018-1013", "CVE-2018-1015", "CVE-2018-1016", "CVE-2018-1018", "CVE-2018-1019", "CVE-2018-1020", "CVE-2018-1023", "CVE-2018-1035", "CVE-2018-8116", "CVE-2018-8142"], "modified": "2020-08-18T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS18_APR_4093112.NASL", "href": "https://www.tenable.com/plugins/nessus/108964", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108964);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/18\");\n\n script_cve_id(\n \"CVE-2017-5715\",\n \"CVE-2017-5753\",\n \"CVE-2017-5754\",\n \"CVE-2018-0870\",\n \"CVE-2018-0887\",\n \"CVE-2018-0890\",\n \"CVE-2018-0892\",\n \"CVE-2018-0956\",\n \"CVE-2018-0957\",\n \"CVE-2018-0960\",\n \"CVE-2018-0963\",\n \"CVE-2018-0964\",\n \"CVE-2018-0966\",\n \"CVE-2018-0967\",\n \"CVE-2018-0968\",\n \"CVE-2018-0969\",\n \"CVE-2018-0970\",\n \"CVE-2018-0971\",\n \"CVE-2018-0972\",\n \"CVE-2018-0973\",\n \"CVE-2018-0974\",\n \"CVE-2018-0975\",\n \"CVE-2018-0976\",\n \"CVE-2018-0979\",\n \"CVE-2018-0980\",\n \"CVE-2018-0981\",\n \"CVE-2018-0987\",\n \"CVE-2018-0988\",\n \"CVE-2018-0989\",\n \"CVE-2018-0990\",\n \"CVE-2018-0991\",\n \"CVE-2018-0993\",\n \"CVE-2018-0994\",\n \"CVE-2018-0995\",\n \"CVE-2018-0996\",\n \"CVE-2018-0997\",\n \"CVE-2018-0998\",\n \"CVE-2018-1000\",\n \"CVE-2018-1001\",\n \"CVE-2018-1003\",\n \"CVE-2018-1004\",\n \"CVE-2018-1008\",\n \"CVE-2018-1009\",\n \"CVE-2018-1010\",\n \"CVE-2018-1012\",\n \"CVE-2018-1013\",\n \"CVE-2018-1015\",\n \"CVE-2018-1016\",\n \"CVE-2018-1018\",\n \"CVE-2018-1019\",\n \"CVE-2018-1020\",\n \"CVE-2018-1023\",\n \"CVE-2018-1035\",\n \"CVE-2018-8116\",\n \"CVE-2018-8142\"\n );\n script_xref(name:\"MSKB\", value:\"4093112\");\n script_xref(name:\"IAVA\", value:\"2018-A-0019\");\n script_xref(name:\"IAVA\", value:\"2018-A-0020\");\n script_xref(name:\"MSFT\", value:\"MS18-4093112\");\n\n script_name(english:\"KB4093112: Windows 10 Version 1709 and Windows Server Version 1709 April 2018 Security Update (Meltdown)(Spectre)\");\n script_summary(english:\"Checks for rollup.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4093112.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An vulnerability exists within microprocessors utilizing\n speculative execution and indirect branch prediction,\n which may allow an attacker with local user access to\n disclose information via a side-channel analysis.\n (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)\n\n - An elevation of privilege vulnerability exists when\n Windows improperly handles objects in memory and\n incorrectly maps kernel memory. (CVE-2018-1009)\n\n - A security feature bypass exists when Device Guard\n incorrectly validates an untrusted file. An attacker who\n successfully exploited this vulnerability could make an\n unsigned file appear to be signed. Because Device Guard\n relies on the signature to determine the file is non-\n malicious, Device Guard could then allow a malicious\n file to execute. In an attack scenario, an attacker\n could make an untrusted file appear to be a trusted\n file. The update addresses the vulnerability by\n correcting how Device Guard handles untrusted files.\n (CVE-2018-0966, CVE-2018-1035)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2018-0979, CVE-2018-0980,\n CVE-2018-0990, CVE-2018-0993, CVE-2018-0994,\n CVE-2018-0995, CVE-2018-1019)\n\n - A denial of service vulnerability exists in the way that\n Windows SNMP Service handles malformed SNMP traps. An\n attacker who successfully exploited the vulnerability\n could cause a target system to stop responding. Note\n that the denial of service condition would not allow an\n attacker to execute code or to elevate user privileges.\n However, the denial of service condition could prevent\n authorized users from using system resources. The\n security update addresses the vulnerability by\n correcting how Windows SNMP Service processes SNMP\n traps. (CVE-2018-0967)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-0960)\n\n - An elevation of privilege vulnerability exists in\n Windows Adobe Type Manager Font Driver (ATMFD.dll) when\n it fails to properly handle objects in memory. An\n attacker who successfully exploited this vulnerability\n could execute arbitrary code and take control of an\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-1008)\n\n - An information disclosure vulnerability exists when the\n scripting engine does not properly handle objects in\n memory in Internet Explorer. An attacker who\n successfully exploited the vulnerability could obtain\n information to further compromise the users system.\n (CVE-2018-0987)\n\n - A buffer overflow vulnerability exists in the Microsoft\n JET Database Engine that could allow remote code\n execution on an affected system. An attacker who\n successfully exploited this vulnerability could take\n control of an affected system. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights. Users whose\n accounts are configured to have fewer user rights on the\n system could be less impacted than users who operate\n with administrative user rights. (CVE-2018-1003)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Kernel handles objects in memory.\n An attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2018-0963)\n\n - A denial of service vulnerability exists in Remote\n Desktop Protocol (RDP) when an attacker connects to the\n target system using RDP and sends specially crafted\n requests. An attacker who successfully exploited this\n vulnerability could cause the RDP service on the target\n system to stop responding. (CVE-2018-0976)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-0988, CVE-2018-0996, CVE-2018-1001)\n\n - A security feature bypass vulnerability exists when\n Active Directory incorrectly applies Network Isolation\n settings. (CVE-2018-0890)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited the vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-1010,\n CVE-2018-1012, CVE-2018-1013, CVE-2018-1015,\n CVE-2018-1016)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-0870,\n CVE-2018-0991, CVE-2018-0997, CVE-2018-1018,\n CVE-2018-1020)\n\n - An information disclosure vulnerability exists when\n Microsoft Edge PDF Reader improperly handles objects in\n memory. An attacker who successfully exploited the\n vulnerability could obtain information to further\n compromise the users system. (CVE-2018-0998)\n\n - An information disclosure vulnerability exists in the\n Windows kernel that could allow an attacker to retrieve\n information that could lead to a Kernel Address Space\n Layout Randomization (ASLR) bypass. An attacker who\n successfully exploited the vulnerability could retrieve\n the memory address of a kernel object. (CVE-2018-0968,\n CVE-2018-0969, CVE-2018-0970, CVE-2018-0971,\n CVE-2018-0972, CVE-2018-0973, CVE-2018-0974,\n CVE-2018-0975)\n\n - An information disclosure vulnerability exists when\n Microsoft Edge improperly handles objects in memory. An\n attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-0892)\n\n - An information disclosure vulnerability exists when\n Windows Hyper-V on a host operating system fails to\n properly validate input from an authenticated user on a\n guest operating system. (CVE-2018-0957, CVE-2018-0964)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-1023)\n\n - A denial of service vulnerability exists in the way that\n Windows handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. Note that the denial\n of service condition would not allow an attacker to\n execute code or to elevate user privileges. However, the\n denial of service condition could prevent authorized\n users from using system resources. The security update\n addresses the vulnerability by correcting how Windows\n handles objects in memory. (CVE-2018-8116)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2018-1004)\n\n - An information disclosure vulnerability exists in the\n way that the scripting engine handles objects in memory\n in Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could provide an\n attacker with information to further compromise the\n user's computer or data. (CVE-2018-0981, CVE-2018-0989,\n CVE-2018-1000)\n\n - A denial of service vulnerability exists in the HTTP 2.0\n protocol stack (HTTP.sys) when HTTP.sys improperly\n parses specially crafted HTTP 2.0 requests. An attacker\n who successfully exploited the vulnerability could\n create a denial of service condition, causing the target\n system to become unresponsive. (CVE-2018-0956)\n\n - An information disclosure vulnerability exists when the\n Windows kernel fails to properly initialize a memory\n address. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2018-0887)\");\n # https://support.microsoft.com/en-us/help/4093112/windows-10-update-kb4093112\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?19dc0635\");\n # https://support.microsoft.com/en-us/help/4072698/windows-server-speculative-execution-side-channel-vulnerabilities-prot\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8902cebb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4093112 as well as refer to the KB article for additional information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1016\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\", \"smb_enum_services.nasl\", \"microsoft_windows_env_vars.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"smb_reg_query.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\n\nbulletin = \"MS18-04\";\nkbs = make_list('4093112');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"16299\",\n rollup_date:\"04_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4093112])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-02T15:16:18", "description": "According to the version of the gnupg2 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability :\n\n - GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery (CSRF) vulnerability in dirmngr that can result in Attacker controlled CSRF, Information Disclosure, DoS. This attack appear to be exploitable via Victim must perform a WKD request, e.g. enter an email address in the composer window of Thunderbird/Enigmail. This vulnerability appears to have been fixed in after commit 4a4bb874f63741026bd26264c43bb32b1099f060.(CVE-2018-1000 858)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-03T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.3.0 : gnupg2 (EulerOS-SA-2019-2349)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000", "CVE-2018-1000858"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:gnupg2", "cpe:/o:huawei:euleros:uvp:3.0.3.0"], "id": "EULEROS_SA-2019-2349.NASL", "href": "https://www.tenable.com/plugins/nessus/131514", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131514);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-1000858\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.3.0 : gnupg2 (EulerOS-SA-2019-2349)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the gnupg2 package installed, the EulerOS\nVirtualization for ARM 64 installation on the remote host is affected\nby the following vulnerability :\n\n - GnuPG version 2.1.12 - 2.2.11 contains a Cross ite\n Request Forgery (CSRF) vulnerability in dirmngr that\n can result in Attacker controlled CSRF, Information\n Disclosure, DoS. This attack appear to be exploitable\n via Victim must perform a WKD request, e.g. enter an\n email address in the composer window of\n Thunderbird/Enigmail. This vulnerability appears to\n have been fixed in after commit\n 4a4bb874f63741026bd26264c43bb32b1099f060.(CVE-2018-1000\n 858)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2349\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?87726927\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected gnupg2 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:gnupg2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.3.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.3.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.3.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"gnupg2-2.2.9-1.h2.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnupg2\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-20T15:42:10", "description": "According to the versions of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.(CVE-2019-9674)\n\n - Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.(CVE-2018-1000 802)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-02-24T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : python (EulerOS-SA-2020-1126)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000", "CVE-2018-1000802", "CVE-2019-9674"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:python", "p-cpe:/a:huawei:euleros:python-devel", "p-cpe:/a:huawei:euleros:python-libs", "p-cpe:/a:huawei:euleros:tkinter", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1126.NASL", "href": "https://www.tenable.com/plugins/nessus/133927", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133927);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-1000802\", \"CVE-2019-9674\");\n script_xref(name:\"IAVA\", value:\"2020-A-0103-S\");\n\n script_name(english:\"EulerOS 2.0 SP5 : python (EulerOS-SA-2020-1126)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the python packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Lib/zipfile.py in Python through 3.7.2 allows remote\n attackers to cause a denial of service (resource\n consumption) via a ZIP bomb.(CVE-2019-9674)\n\n - Python Software Foundation Python (CPython) version 2.7\n contains a CWE-77: Improper Neutralization of Special\n Elements used in a Command ('Command Injection')\n vulnerability in shutil module (make_archive function)\n that can result in Denial of service, Information gain\n via injection of arbitrary files on the system or\n entire drive. This attack appear to be exploitable via\n Passage of unfiltered user input to the function. This\n vulnerability appears to have been fixed in after\n commit\n add531a1e55b0a739b0f42582f1c9747e5649ace.(CVE-2018-1000\n 802)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1126\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?411205f1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"python-2.7.5-69.h28.eulerosv2r7\",\n \"python-devel-2.7.5-69.h28.eulerosv2r7\",\n \"python-libs-2.7.5-69.h28.eulerosv2r7\",\n \"tkinter-2.7.5-69.h28.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-20T15:46:27", "description": "According to the versions of the python packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.(CVE-2018-1000 802)\n\n - Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.(CVE-2019-9674)\n\n - Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.(CVE-2020-8492)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-05-01T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : python (EulerOS-SA-2020-1516)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000", "CVE-2018-1000802", "CVE-2019-9674", "CVE-2020-8492"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:python", "p-cpe:/a:huawei:euleros:python-devel", "p-cpe:/a:huawei:euleros:python-libs", "p-cpe:/a:huawei:euleros:python-tools", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2020-1516.NASL", "href": "https://www.tenable.com/plugins/nessus/136219", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136219);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-1000802\",\n \"CVE-2019-9674\",\n \"CVE-2020-8492\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : python (EulerOS-SA-2020-1516)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the python packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - Python Software Foundation Python (CPython) version 2.7\n contains a CWE-77: Improper Neutralization of Special\n Elements used in a Command ('Command Injection')\n vulnerability in shutil module (make_archive function)\n that can result in Denial of service, Information gain\n via injection of arbitrary files on the system or\n entire drive. This attack appear to be exploitable via\n Passage of unfiltered user input to the function. This\n vulnerability appears to have been fixed in after\n commit\n add531a1e55b0a739b0f42582f1c9747e5649ace.(CVE-2018-1000\n 802)\n\n - Lib/zipfile.py in Python through 3.7.2 allows remote\n attackers to cause a denial of service (resource\n consumption) via a ZIP bomb.(CVE-2019-9674)\n\n - Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6\n through 3.6.10, 3.7 through 3.7.6, and 3.8 through\n 3.8.1 allows an HTTP server to conduct Regular\n Expression Denial of Service (ReDoS) attacks against a\n client because of\n urllib.request.AbstractBasicAuthHandler catastrophic\n backtracking.(CVE-2020-8492)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1516\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f58e0148\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"python-2.7.5-69.h29\",\n \"python-devel-2.7.5-69.h29\",\n \"python-libs-2.7.5-69.h29\",\n \"python-tools-2.7.5-69.h29\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-20T15:46:27", "description": "According to the versions of the python packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.(CVE-2018-1000 802)\n\n - Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.(CVE-2019-9674)\n\n - Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.(CVE-2020-8492)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-04-16T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.2 : python (EulerOS-SA-2020-1472)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000", "CVE-2018-1000802", "CVE-2019-9674", "CVE-2020-8492"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:python", "p-cpe:/a:huawei:euleros:python-devel", "p-cpe:/a:huawei:euleros:python-libs", "p-cpe:/a:huawei:euleros:python-tools", "p-cpe:/a:huawei:euleros:tkinter", "cpe:/o:huawei:euleros:uvp:3.0.2.2"], "id": "EULEROS_SA-2020-1472.NASL", "href": "https://www.tenable.com/plugins/nessus/135634", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135634);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-1000802\",\n \"CVE-2019-9674\",\n \"CVE-2020-8492\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.2.2 : python (EulerOS-SA-2020-1472)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the python packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - Python Software Foundation Python (CPython) version 2.7\n contains a CWE-77: Improper Neutralization of Special\n Elements used in a Command ('Command Injection')\n vulnerability in shutil module (make_archive function)\n that can result in Denial of service, Information gain\n via injection of arbitrary files on the system or\n entire drive. This attack appear to be exploitable via\n Passage of unfiltered user input to the function. This\n vulnerability appears to have been fixed in after\n commit\n add531a1e55b0a739b0f42582f1c9747e5649ace.(CVE-2018-1000\n 802)\n\n - Lib/zipfile.py in Python through 3.7.2 allows remote\n attackers to cause a denial of service (resource\n consumption) via a ZIP bomb.(CVE-2019-9674)\n\n - Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6\n through 3.6.10, 3.7 through 3.7.6, and 3.8 through\n 3.8.1 allows an HTTP server to conduct Regular\n Expression Denial of Service (ReDoS) attacks against a\n client because of\n urllib.request.AbstractBasicAuthHandler catastrophic\n backtracking.(CVE-2020-8492)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1472\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b560e0fd\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.2\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.2\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"python-2.7.5-69.h24\",\n \"python-devel-2.7.5-69.h24\",\n \"python-libs-2.7.5-69.h24\",\n \"python-tools-2.7.5-69.h24\",\n \"tkinter-2.7.5-69.h24\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-19T14:43:01", "description": "According to the versions of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service (divide-by-zero and exception) via a crafted wav format audio file. NOTE: the vendor disputes this issue because Python applications 'need to be prepared to handle a wide variety of exceptions.'(CVE-2017-18207)\n\n - Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.(CVE-2018-1000 802)\n\n - Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.(CVE-2020-8492)\n\n - Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.(CVE-2019-9674)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-04-15T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : python (EulerOS-SA-2020-1427)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18207", "CVE-2018-1000", "CVE-2018-1000802", "CVE-2019-9674", "CVE-2020-8492"], "modified": "2021-01-12T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:python", "p-cpe:/a:huawei:euleros:python-devel", "p-cpe:/a:huawei:euleros:python-libs", "p-cpe:/a:huawei:euleros:tkinter", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1427.NASL", "href": "https://www.tenable.com/plugins/nessus/135556", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135556);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/12\");\n\n script_cve_id(\n \"CVE-2017-18207\",\n \"CVE-2018-1000802\",\n \"CVE-2019-9674\",\n \"CVE-2020-8492\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : python (EulerOS-SA-2020-1427)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the python packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - The Wave_read._read_fmt_chunk function in Lib/wave.py\n in Python through 3.6.4 does not ensure a nonzero\n channel value, which allows attackers to cause a denial\n of service (divide-by-zero and exception) via a crafted\n wav format audio file. NOTE: the vendor disputes this\n issue because Python applications 'need to be prepared\n to handle a wide variety of\n exceptions.'(CVE-2017-18207)\n\n - Python Software Foundation Python (CPython) version 2.7\n contains a CWE-77: Improper Neutralization of Special\n Elements used in a Command ('Command Injection')\n vulnerability in shutil module (make_archive function)\n that can result in Denial of service, Information gain\n via injection of arbitrary files on the system or\n entire drive. This attack appear to be exploitable via\n Passage of unfiltered user input to the function. This\n vulnerability appears to have been fixed in after\n commit\n add531a1e55b0a739b0f42582f1c9747e5649ace.(CVE-2018-1000\n 802)\n\n - Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6\n through 3.6.10, 3.7 through 3.7.6, and 3.8 through\n 3.8.1 allows an HTTP server to conduct Regular\n Expression Denial of Service (ReDoS) attacks against a\n client because of\n urllib.request.AbstractBasicAuthHandler catastrophic\n backtracking.(CVE-2020-8492)\n\n - Lib/zipfile.py in Python through 3.7.2 allows remote\n attackers to cause a denial of service (resource\n consumption) via a ZIP bomb.(CVE-2019-9674)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1427\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a20facb0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"python-2.7.5-58.h26\",\n \"python-devel-2.7.5-58.h26\",\n \"python-libs-2.7.5-58.h26\",\n \"tkinter-2.7.5-58.h26\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-20T15:49:55", "description": "According to the versions of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.(CVE-2020-8492)\n\n - Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.(CVE-2019-9674)\n\n - ** DISPUTED ** The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service (divide-by-zero and exception) via a crafted wav format audio file. NOTE:\n the vendor disputes this issue because Python applications 'need to be prepared to handle a wide variety of exceptions.'(CVE-2017-18207)\n\n - Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.(CVE-2018-1000 802)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-06-17T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : python (EulerOS-SA-2020-1646)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18207", "CVE-2018-1000", "CVE-2018-1000802", "CVE-2019-9674", "CVE-2020-8492"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:python", "p-cpe:/a:huawei:euleros:python-devel", "p-cpe:/a:huawei:euleros:python-libs", "p-cpe:/a:huawei:euleros:tkinter", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1646.NASL", "href": "https://www.tenable.com/plugins/nessus/137488", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137488);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-18207\",\n \"CVE-2018-1000802\",\n \"CVE-2019-9674\",\n \"CVE-2020-8492\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : python (EulerOS-SA-2020-1646)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the python packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6\n through 3.6.10, 3.7 through 3.7.6, and 3.8 through\n 3.8.1 allows an HTTP server to conduct Regular\n Expression Denial of Service (ReDoS) attacks against a\n client because of\n urllib.request.AbstractBasicAuthHandler catastrophic\n backtracking.(CVE-2020-8492)\n\n - Lib/zipfile.py in Python through 3.7.2 allows remote\n attackers to cause a denial of service (resource\n consumption) via a ZIP bomb.(CVE-2019-9674)\n\n - ** DISPUTED ** The Wave_read._read_fmt_chunk function\n in Lib/wave.py in Python through 3.6.4 does not ensure\n a nonzero channel value, which allows attackers to\n cause a denial of service (divide-by-zero and\n exception) via a crafted wav format audio file. NOTE:\n the vendor disputes this issue because Python\n applications 'need to be prepared to handle a wide\n variety of exceptions.'(CVE-2017-18207)\n\n - Python Software Foundation Python (CPython) version 2.7\n contains a CWE-77: Improper Neutralization of Special\n Elements used in a Command ('Command Injection')\n vulnerability in shutil module (make_archive function)\n that can result in Denial of service, Information gain\n via injection of arbitrary files on the system or\n entire drive. This attack appear to be exploitable via\n Passage of unfiltered user input to the function. This\n vulnerability appears to have been fixed in after\n commit\n add531a1e55b0a739b0f42582f1c9747e5649ace.(CVE-2018-1000\n 802)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1646\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1771f22a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"python-2.7.5-58.h21\",\n \"python-devel-2.7.5-58.h21\",\n \"python-libs-2.7.5-58.h21\",\n \"tkinter-2.7.5-58.h21\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-12T15:31:09", "description": "According to the versions of the freerdp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle to trigger this vulnerability.(CVE-2017-2835)\n\n - An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability.(CVE-2017-2838)\n\n - An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability.(CVE-2017-2839)\n\n - An exploitable denial of service vulnerability exists within the handling of security data in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability.(CVE-2017-2837)\n\n - An exploitable denial of service vulnerability exists within the reading of proprietary server certificates in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability.(CVE-2017-2836)\n\n - FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3.(CVE-2018-1000 852)\n\n - Integer overflow in the license_read_scope_list function in libfreerdp/core/license.c in FreeRDP through 1.0.2 allows remote RDP servers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ScopeCount value in a Scope List in a Server License Request packet.(CVE-2014-0791)\n\n - Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress function, which causes an incorrect amount of memory to be allocated.(CVE-2014-0250)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-12-19T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : freerdp (EulerOS-SA-2019-2580)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0250", "CVE-2014-0791", "CVE-2017-2835", "CVE-2017-2836", "CVE-2017-2837", "CVE-2017-2838", "CVE-2017-2839", "CVE-2018-1000", "CVE-2018-1000852"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:freerdp", "p-cpe:/a:huawei:euleros:freerdp-libs", "p-cpe:/a:huawei:euleros:freerdp-plugins", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2580.NASL", "href": "https://www.tenable.com/plugins/nessus/132297", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132297);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\n \"CVE-2014-0250\",\n \"CVE-2014-0791\",\n \"CVE-2017-2835\",\n \"CVE-2017-2836\",\n \"CVE-2017-2837\",\n \"CVE-2017-2838\",\n \"CVE-2017-2839\",\n \"CVE-2018-1000852\"\n );\n script_bugtraq_id(64689, 67670);\n\n script_name(english:\"EulerOS 2.0 SP3 : freerdp (EulerOS-SA-2019-2580)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the freerdp packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - An exploitable code execution vulnerability exists in\n the RDP receive functionality of FreeRDP\n 2.0.0-beta1+android11. A specially crafted server\n response can cause an out-of-bounds write resulting in\n an exploitable condition. An attacker can compromise\n the server or use a man in the middle to trigger this\n vulnerability.(CVE-2017-2835)\n\n - An exploitable denial of service vulnerability exists\n within the handling of challenge packets in FreeRDP\n 2.0.0-beta1+android11. A specially crafted challenge\n packet can cause the program termination leading to a\n denial of service condition. An attacker can compromise\n the server or use man in the middle to trigger this\n vulnerability.(CVE-2017-2838)\n\n - An exploitable denial of service vulnerability exists\n within the handling of challenge packets in FreeRDP\n 2.0.0-beta1+android11. A specially crafted challenge\n packet can cause the program termination leading to a\n denial of service condition. An attacker can compromise\n the server or use man in the middle to trigger this\n vulnerability.(CVE-2017-2839)\n\n - An exploitable denial of service vulnerability exists\n within the handling of security data in FreeRDP\n 2.0.0-beta1+android11. A specially crafted challenge\n packet can cause the program termination leading to a\n denial of service condition. An attacker can compromise\n the server or use man in the middle to trigger this\n vulnerability.(CVE-2017-2837)\n\n - An exploitable denial of service vulnerability exists\n within the reading of proprietary server certificates\n in FreeRDP 2.0.0-beta1+android11. A specially crafted\n challenge packet can cause the program termination\n leading to a denial of service condition. An attacker\n can compromise the server or use man in the middle to\n trigger this vulnerability.(CVE-2017-2836)\n\n - FreeRDP FreeRDP 2.0.0-rc3 released version before\n commit 205c612820dac644d665b5bb1cdf437dc5ca01e3\n contains a Other/Unknown vulnerability in\n channels/drdynvc/client/drdynvc_main.c,\n drdynvc_process_capability_request that can result in\n The RDP server can read the client's memory.. This\n attack appear to be exploitable via RDPClient must\n connect the rdp server with echo option. This\n vulnerability appears to have been fixed in after\n commit\n 205c612820dac644d665b5bb1cdf437dc5ca01e3.(CVE-2018-1000\n 852)\n\n - Integer overflow in the license_read_scope_list\n function in libfreerdp/core/license.c in FreeRDP\n through 1.0.2 allows remote RDP servers to cause a\n denial of service (application crash) or possibly have\n unspecified other impact via a large ScopeCount value\n in a Scope List in a Server License Request\n packet.(CVE-2014-0791)\n\n - Multiple integer overflows in client/X11/xf_graphics.c\n in FreeRDP allow remote attackers to have an\n unspecified impact via the width and height to the (1)\n xf_Pointer_New or (2) xf_Bitmap_Decompress function,\n which causes an incorrect amount of memory to be\n allocated.(CVE-2014-0250)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2580\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7777099f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected freerdp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0250\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2017-2835\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:freerdp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:freerdp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:freerdp-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"freerdp-1.0.2-6.1.h4\",\n \"freerdp-libs-1.0.2-6.1.h4\",\n \"freerdp-plugins-1.0.2-6.1.h4\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"freerdp\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-02T15:14:17", "description": "According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing\n _bfd_clear_contents bounds checking.(CVE-2018-18309)\n\n - A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because\n _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.(CVE-2018-18605)\n\n - An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.\n There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.(CVE-2018-18607)\n\n - An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.\n There is a NULL pointer dereference in\n _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.(CVE-2018-18606)\n\n - binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dyna mic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.(CVE-2018-1000 876)\n\n - The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.(CVE-2018-20002)\n\n - GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.(CVE-2019-1010180)\n\n - apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.(CVE-2019-14444)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-12T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : binutils (EulerOS-SA-2019-2099)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000", "CVE-2018-1000876", "CVE-2018-18309", "CVE-2018-18605", "CVE-2018-18606", "CVE-2018-18607", "CVE-2018-20002", "CVE-2019-1010180", "CVE-2019-14444"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:binutils", "p-cpe:/a:huawei:euleros:binutils-devel", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2099.NASL", "href": "https://www.tenable.com/plugins/nessus/130808", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130808);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-1000876\",\n \"CVE-2018-18309\",\n \"CVE-2018-18605\",\n \"CVE-2018-18606\",\n \"CVE-2018-18607\",\n \"CVE-2018-20002\",\n \"CVE-2019-1010180\",\n \"CVE-2019-14444\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : binutils (EulerOS-SA-2019-2099)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the binutils packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - An issue was discovered in the Binary File Descriptor\n (BFD) library (aka libbfd), as distributed in GNU\n Binutils 2.31. An invalid memory address dereference\n was discovered in read_reloc in reloc.c. The\n vulnerability causes a segmentation fault and\n application crash, which leads to denial of service, as\n demonstrated by objdump, because of missing\n _bfd_clear_contents bounds checking.(CVE-2018-18309)\n\n - A heap-based buffer over-read issue was discovered in\n the function sec_merge_hash_lookup in merge.c in the\n Binary File Descriptor (BFD) library (aka libbfd), as\n distributed in GNU Binutils 2.31, because\n _bfd_add_merge_section mishandles section merges when\n size is not a multiple of entsize. A specially crafted\n ELF allows remote attackers to cause a denial of\n service, as demonstrated by ld.(CVE-2018-18605)\n\n - An issue was discovered in elf_link_input_bfd in\n elflink.c in the Binary File Descriptor (BFD) library\n (aka libbfd), as distributed in GNU Binutils 2.31.\n There is a NULL pointer dereference in\n elf_link_input_bfd when used for finding STT_TLS\n symbols without any TLS section. A specially crafted\n ELF allows remote attackers to cause a denial of\n service, as demonstrated by ld.(CVE-2018-18607)\n\n - An issue was discovered in the merge_strings function\n in merge.c in the Binary File Descriptor (BFD) library\n (aka libbfd), as distributed in GNU Binutils 2.31.\n There is a NULL pointer dereference in\n _bfd_add_merge_section when attempting to merge\n sections with large alignments. A specially crafted ELF\n allows remote attackers to cause a denial of service,\n as demonstrated by ld.(CVE-2018-18606)\n\n - binutils version 2.32 and earlier contains a Integer\n Overflow vulnerability in objdump,\n bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dyna\n mic_reloc that can result in Integer overflow trigger\n heap overflow. Successful exploitation allows execution\n of arbitrary code.. This attack appear to be\n exploitable via Local. This vulnerability appears to\n have been fixed in after commit\n 3a551c7a1b80fca579461774860574eabfd7f18f.(CVE-2018-1000\n 876)\n\n - The _bfd_generic_read_minisymbols function in syms.c in\n the Binary File Descriptor (BFD) library (aka libbfd),\n as distributed in GNU Binutils 2.31, has a memory leak\n via a crafted ELF file, leading to a denial of service\n (memory consumption), as demonstrated by\n nm.(CVE-2018-20002)\n\n - GNU gdb All versions is affected by: Buffer Overflow -\n Out of bound memory access. The impact is: Deny of\n Service, Memory Disclosure, and Possible Code\n Execution. The component is: The main gdb module. The\n attack vector is: Open an ELF for debugging. The fixed\n version is: Not fixed yet.(CVE-2019-1010180)\n\n - apply_relocations in readelf.c in GNU Binutils 2.32\n contains an integer overflow that allows attackers to\n trigger a write access violation (in\n byte_put_little_endian function in elfcomm.c) via an\n ELF file, as demonstrated by readelf.(CVE-2019-14444)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2099\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?225bde2c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected binutils packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:binutils-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"binutils-2.31.1-13.h7.eulerosv2r8\",\n \"binutils-devel-2.31.1-13.h7.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"binutils\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-12T15:32:01", "description": "According to the versions of the freerdp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - FreeRDP before 1.1.0-beta+2013071101 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by disconnecting before authentication has finished.(CVE-2013-4119)\n\n - FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3.(CVE-2018-1000 852)\n\n - FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors.(CVE-2013-4118)\n\n - Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress function, which causes an incorrect amount of memory to be allocated.(CVE-2014-0250)\n\n - Integer overflow in the license_read_scope_list function in libfreerdp/core/license.c in FreeRDP through 1.0.2 allows remote RDP servers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ScopeCount value in a Scope List in a Server License Request packet.(CVE-2014-0791)\n\n - An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle to trigger this vulnerability.(CVE-2017-2835)\n\n - An exploitable denial of service vulnerability exists within the reading of proprietary server certificates in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability.(CVE-2017-2836)\n\n - An exploitable denial of service vulnerability exists within the handling of security data in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability.(CVE-2017-2837)\n\n - An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability.(CVE-2017-2838)\n\n - An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability.(CVE-2017-2839)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-12-04T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : freerdp (EulerOS-SA-2019-2455)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4118", "CVE-2013-4119", "CVE-2014-0250", "CVE-2014-0791", "CVE-2017-2835", "CVE-2017-2836", "CVE-2017-2837", "CVE-2017-2838", "CVE-2017-2839", "CVE-2018-1000", "CVE-2018-1000852"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:freerdp", "p-cpe:/a:huawei:euleros:freerdp-libs", "p-cpe:/a:huawei:euleros:freerdp-plugins", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2455.NASL", "href": "https://www.tenable.com/plugins/nessus/131609", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131609);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\n \"CVE-2013-4118\",\n \"CVE-2013-4119\",\n \"CVE-2014-0250\",\n \"CVE-2014-0791\",\n \"CVE-2017-2835\",\n \"CVE-2017-2836\",\n \"CVE-2017-2837\",\n \"CVE-2017-2838\",\n \"CVE-2017-2839\",\n \"CVE-2018-1000852\"\n );\n script_bugtraq_id(61072, 64689, 67670);\n\n script_name(english:\"EulerOS 2.0 SP2 : freerdp (EulerOS-SA-2019-2455)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the freerdp packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - FreeRDP before 1.1.0-beta+2013071101 allows remote\n attackers to cause a denial of service (NULL pointer\n dereference and application crash) by disconnecting\n before authentication has finished.(CVE-2013-4119)\n\n - FreeRDP FreeRDP 2.0.0-rc3 released version before\n commit 205c612820dac644d665b5bb1cdf437dc5ca01e3\n contains a Other/Unknown vulnerability in\n channels/drdynvc/client/drdynvc_main.c,\n drdynvc_process_capability_request that can result in\n The RDP server can read the client's memory.. This\n attack appear to be exploitable via RDPClient must\n connect the rdp server with echo option. This\n vulnerability appears to have been fixed in after\n commit\n 205c612820dac644d665b5bb1cdf437dc5ca01e3.(CVE-2018-1000\n 852)\n\n - FreeRDP before 1.1.0-beta1 allows remote attackers to\n cause a denial of service (NULL pointer dereference and\n application crash) via unspecified\n vectors.(CVE-2013-4118)\n\n - Multiple integer overflows in client/X11/xf_graphics.c\n in FreeRDP allow remote attackers to have an\n unspecified impact via the width and height to the (1)\n xf_Pointer_New or (2) xf_Bitmap_Decompress function,\n which causes an incorrect amount of memory to be\n allocated.(CVE-2014-0250)\n\n - Integer overflow in the license_read_scope_list\n function in libfreerdp/core/license.c in FreeRDP\n through 1.0.2 allows remote RDP servers to cause a\n denial of service (application crash) or possibly have\n unspecified other impact via a large ScopeCount value\n in a Scope List in a Server License Request\n packet.(CVE-2014-0791)\n\n - An exploitable code execution vulnerability exists in\n the RDP receive functionality of FreeRDP\n 2.0.0-beta1+android11. A specially crafted server\n response can cause an out-of-bounds write resulting in\n an exploitable condition. An attacker can compromise\n the server or use a man in the middle to trigger this\n vulnerability.(CVE-2017-2835)\n\n - An exploitable denial of service vulnerability exists\n within the reading of proprietary server certificates\n in FreeRDP 2.0.0-beta1+android11. A specially crafted\n challenge packet can cause the program termination\n leading to a denial of service condition. An attacker\n can compromise the server or use man in the middle to\n trigger this vulnerability.(CVE-2017-2836)\n\n - An exploitable denial of service vulnerability exists\n within the handling of security data in FreeRDP\n 2.0.0-beta1+android11. A specially crafted challenge\n packet can cause the program termination leading to a\n denial of service condition. An attacker can compromise\n the server or use man in the middle to trigger this\n vulnerability.(CVE-2017-2837)\n\n - An exploitable denial of service vulnerability exists\n within the handling of challenge packets in FreeRDP\n 2.0.0-beta1+android11. A specially crafted challenge\n packet can cause the program termination leading to a\n denial of service condition. An attacker can compromise\n the server or use man in the middle to trigger this\n vulnerability.(CVE-2017-2838)\n\n - An exploitable denial of service vulnerability exists\n within the handling of challenge packets in FreeRDP\n 2.0.0-beta1+android11. A specially crafted challenge\n packet can cause the program termination leading to a\n denial of service condition. An attacker can compromise\n the server or use man in the middle to trigger this\n vulnerability.(CVE-2017-2839)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2455\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dfdccb93\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected freerdp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0250\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2017-2835\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:freerdp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:freerdp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:freerdp-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"freerdp-1.0.2-6.1.h4\",\n \"freerdp-libs-1.0.2-6.1.h4\",\n \"freerdp-plugins-1.0.2-6.1.h4\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"freerdp\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-01T14:17:59", "description": "According to the versions of the binutils package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.(CVE-2019-1010180)\n\n - The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.(CVE-2018-20002)\n\n - binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dyna mic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.(CVE-2018-1000 876)\n\n - An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.\n There is a NULL pointer dereference in\n _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.(CVE-2018-18606)\n\n - An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.\n There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.(CVE-2018-18607)\n\n - A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because\n _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.(CVE-2018-18605)\n\n - An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing\n _bfd_clear_contents bounds checking.(CVE-2018-18309)\n\n - An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm.(CVE-2019-17451)\n\n - find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.(CVE-2019-17450)\n\n - An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\\0' character.(CVE-2019-12972)\n\n - load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.(CVE-2018-20671)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-13T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.5.0 : binutils (EulerOS-SA-2020-1074)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000", "CVE-2018-1000876", "CVE-2018-18309", "CVE-2018-18605", "CVE-2018-18606", "CVE-2018-18607", "CVE-2018-20002", "CVE-2018-20671", "CVE-2019-1010180", "CVE-2019-12972", "CVE-2019-17450", "CVE-2019-17451"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:binutils", "cpe:/o:huawei:euleros:uvp:3.0.5.0"], "id": "EULEROS_SA-2020-1074.NASL", "href": "https://www.tenable.com/plugins/nessus/132828", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132828);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-1000876\",\n \"CVE-2018-18309\",\n \"CVE-2018-18605\",\n \"CVE-2018-18606\",\n \"CVE-2018-18607\",\n \"CVE-2018-20002\",\n \"CVE-2018-20671\",\n \"CVE-2019-1010180\",\n \"CVE-2019-12972\",\n \"CVE-2019-17450\",\n \"CVE-2019-17451\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.5.0 : binutils (EulerOS-SA-2020-1074)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the binutils package installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - GNU gdb All versions is affected by: Buffer Overflow -\n Out of bound memory access. The impact is: Deny of\n Service, Memory Disclosure, and Possible Code\n Execution. The component is: The main gdb module. The\n attack vector is: Open an ELF for debugging. The fixed\n version is: Not fixed yet.(CVE-2019-1010180)\n\n - The _bfd_generic_read_minisymbols function in syms.c in\n the Binary File Descriptor (BFD) library (aka libbfd),\n as distributed in GNU Binutils 2.31, has a memory leak\n via a crafted ELF file, leading to a denial of service\n (memory consumption), as demonstrated by\n nm.(CVE-2018-20002)\n\n - binutils version 2.32 and earlier contains a Integer\n Overflow vulnerability in objdump,\n bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dyna\n mic_reloc that can result in Integer overflow trigger\n heap overflow. Successful exploitation allows execution\n of arbitrary code.. This attack appear to be\n exploitable via Local. This vulnerability appears to\n have been fixed in after commit\n 3a551c7a1b80fca579461774860574eabfd7f18f.(CVE-2018-1000\n 876)\n\n - An issue was discovered in the merge_strings function\n in merge.c in the Binary File Descriptor (BFD) library\n (aka libbfd), as distributed in GNU Binutils 2.31.\n There is a NULL pointer dereference in\n _bfd_add_merge_section when attempting to merge\n sections with large alignments. A specially crafted ELF\n allows remote attackers to cause a denial of service,\n as demonstrated by ld.(CVE-2018-18606)\n\n - An issue was discovered in elf_link_input_bfd in\n elflink.c in the Binary File Descriptor (BFD) library\n (aka libbfd), as distributed in GNU Binutils 2.31.\n There is a NULL pointer dereference in\n elf_link_input_bfd when used for finding STT_TLS\n symbols without any TLS section. A specially crafted\n ELF allows remote attackers to cause a denial of\n service, as demonstrated by ld.(CVE-2018-18607)\n\n - A heap-based buffer over-read issue was discovered in\n the function sec_merge_hash_lookup in merge.c in the\n Binary File Descriptor (BFD) library (aka libbfd), as\n distributed in GNU Binutils 2.31, because\n _bfd_add_merge_section mishandles section merges when\n size is not a multiple of entsize. A specially crafted\n ELF allows remote attackers to cause a denial of\n service, as demonstrated by ld.(CVE-2018-18605)\n\n - An issue was discovered in the Binary File Descriptor\n (BFD) library (aka libbfd), as distributed in GNU\n Binutils 2.31. An invalid memory address dereference\n was discovered in read_reloc in reloc.c. The\n vulnerability causes a segmentation fault and\n application crash, which leads to denial of service, as\n demonstrated by objdump, because of missing\n _bfd_clear_contents bounds checking.(CVE-2018-18309)\n\n - An issue was discovered in the Binary File Descriptor\n (BFD) library (aka libbfd), as distributed in GNU\n Binutils 2.32. It is an integer overflow leading to a\n SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as\n demonstrated by nm.(CVE-2019-17451)\n\n - find_abstract_instance in dwarf2.c in the Binary File\n Descriptor (BFD) library (aka libbfd), as distributed\n in GNU Binutils 2.32, allows remote attackers to cause\n a denial of service (infinite recursion and application\n crash) via a crafted ELF file.(CVE-2019-17450)\n\n - An issue was discovered in the Binary File Descriptor\n (BFD) library (aka libbfd), as distributed in GNU\n Binutils 2.32. There is a heap-based buffer over-read\n in _bfd_doprnt in bfd.c because elf_object_p in\n elfcode.h mishandles an e_shstrndx section of type\n SHT_GROUP by omitting a trailing '\\0'\n character.(CVE-2019-12972)\n\n - load_specific_debug_section in objdump.c in GNU\n Binutils through 2.31.1 contains an integer overflow\n vulnerability that can trigger a heap-based buffer\n overflow via a crafted section size.(CVE-2018-20671)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1074\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?043d6f7a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected binutils packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.5.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.5.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.5.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"binutils-2.31.1-13.h12.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"binutils\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2020-06-08T23:06:18", "description": "This host is missing a critical security\n update according to Microsoft KB4093118", "cvss3": {}, "published": "2018-04-11T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4093118)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1020", "CVE-2018-0969", "CVE-2018-1013", "CVE-2018-8116", "CVE-2018-0997", "CVE-2018-0981", "CVE-2018-0870", "CVE-2018-1012", "CVE-2018-1000", "CVE-2018-0989", "CVE-2018-1010", "CVE-2018-0987", "CVE-2018-0960", "CVE-2018-0971", "CVE-2018-0975", "CVE-2018-0988", "CVE-2018-0967", "CVE-2018-0970", "CVE-2018-1018", "CVE-2018-0887", "CVE-2018-0972", "CVE-2018-0976", "CVE-2018-1015", "CVE-2018-1008", "CVE-2018-1003", "CVE-2018-1001", "CVE-2018-0974", "CVE-2018-1016", "CVE-2018-0996", "CVE-2018-0991", "CVE-2018-1004", "CVE-2018-0973"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310812863", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812863", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Windows Multiple Vulnerabilities (KB4093118)\n#\n# Authors:\n# Rajat Mishra <rajatm@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812863\");\n script_version(\"2020-06-04T11:13:22+0000\");\n script_cve_id(\"CVE-2018-0870\", \"CVE-2018-0887\", \"CVE-2018-8116\", \"CVE-2018-0960\",\n \"CVE-2018-0967\", \"CVE-2018-0969\", \"CVE-2018-0970\", \"CVE-2018-0971\",\n \"CVE-2018-0972\", \"CVE-2018-0973\", \"CVE-2018-0974\", \"CVE-2018-0975\",\n \"CVE-2018-0976\", \"CVE-2018-0981\", \"CVE-2018-0987\", \"CVE-2018-0988\",\n \"CVE-2018-0989\", \"CVE-2018-0991\", \"CVE-2018-1003\", \"CVE-2018-1004\",\n \"CVE-2018-1008\", \"CVE-2018-1010\", \"CVE-2018-1012\", \"CVE-2018-1013\",\n \"CVE-2018-1015\", \"CVE-2018-1016\", \"CVE-2018-1018\", \"CVE-2018-1020\",\n \"CVE-2018-0996\", \"CVE-2018-0997\", \"CVE-2018-1000\", \"CVE-2018-1001\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 11:13:22 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-04-11 09:19:32 +0530 (Wed, 11 Apr 2018)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4093118)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4093118\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaw exists due to,\n\n - When the Windows font library improperly handles specially crafted embedded\n fonts.\n\n - When Internet Explorer improperly accesses objects in memory.\n\n - When the Windows kernel fails to properly initialize a memory address.\n\n - When the scripting engine does not properly handle objects in memory in\n Internet Explorer.\n\n - In Windows Adobe Type Manager Font Driver (ATMFD.\n\n - In the Windows kernel that could allow an attacker to retrieve information\n that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass.\n\n - In the way that Windows SNMP Service handles malformed SNMP traps.\n\n - When the Windows kernel improperly handles objects in memory.\n\n - In the way that the VBScript engine handles objects in memory.\n\n - In the way that Windows handles objects in memory.\n\n - In Remote Desktop Protocol (RDP) when an attacker connects to the target\n system using RDP and sends specially crafted requests.\n\n - In the Microsoft JET Database Engine that could allow remote code execution on\n an affected system.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to take control of the affected system, obtain information to further compromise\n the user's system, execute arbitrary code, retrieve the memory address of a\n kernel object, cause a target system to stop responding.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1\n\n - Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4093118\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win7:2, win7x64:2, win2008r2:2) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nfileVer = fetch_file_version(sysPath:sysPath, file_name:\"mshtml.dll\");\nif(!fileVer){\n exit(0);\n}\n\nif(version_is_less(version:fileVer, test_version:\"11.0.9600.18978\"))\n{\n report = 'File checked: ' + sysPath + \"\\mshtml.dll\" + '\\n' +\n 'File version: ' + fileVer + '\\n' +\n 'Vulnerable range: Less than 11.0.9600.18978\\n' ;\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-08T23:06:06", "description": "This host is missing a critical security\n update according to Microsoft KB4093109", "cvss3": {}, "published": "2018-04-11T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4093109)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1020", "CVE-2018-0969", "CVE-2018-1023", "CVE-2018-0956", "CVE-2018-0966", "CVE-2018-1013", "CVE-2018-8116", "CVE-2018-0997", "CVE-2018-0981", "CVE-2018-0990", "CVE-2018-0870", "CVE-2018-1012", "CVE-2018-1000", "CVE-2018-0989", "CVE-2018-0993", "CVE-2018-1010", "CVE-2018-0987", "CVE-2018-0960", "CVE-2018-0971", "CVE-2018-0957", "CVE-2018-0975", "CVE-2018-0988", "CVE-2018-0967", "CVE-2018-0970", "CVE-2018-1018", "CVE-2018-0887", "CVE-2018-0979", "CVE-2018-0972", "CVE-2018-0976", "CVE-2018-1015", "CVE-2018-1008", "CVE-2018-1003", "CVE-2018-1001", "CVE-2018-0968", "CVE-2018-0974", "CVE-2018-0980", "CVE-2018-0994", "CVE-2018-1016", "CVE-2018-0996", "CVE-2018-0991", "CVE-2018-0892", "CVE-2018-1004", "CVE-2018-0973", "CVE-2018-1009", "CVE-2018-0995"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310813072", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813072", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Windows Multiple Vulnerabilities (KB4093109)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813072\");\n script_version(\"2020-06-04T11:13:22+0000\");\n script_cve_id(\"CVE-2018-0870\", \"CVE-2018-0887\", \"CVE-2018-8116\", \"CVE-2018-0892\",\n \"CVE-2018-0956\", \"CVE-2018-0957\", \"CVE-2018-0960\", \"CVE-2018-0966\",\n \"CVE-2018-0967\", \"CVE-2018-0968\", \"CVE-2018-0969\", \"CVE-2018-0970\",\n \"CVE-2018-0971\", \"CVE-2018-0972\", \"CVE-2018-0973\", \"CVE-2018-0974\",\n \"CVE-2018-0975\", \"CVE-2018-0976\", \"CVE-2018-0979\", \"CVE-2018-0980\",\n \"CVE-2018-0981\", \"CVE-2018-0987\", \"CVE-2018-0988\", \"CVE-2018-0989\",\n \"CVE-2018-0990\", \"CVE-2018-0991\", \"CVE-2018-0993\", \"CVE-2018-0994\",\n \"CVE-2018-0995\", \"CVE-2018-0996\", \"CVE-2018-0997\", \"CVE-2018-1000\",\n \"CVE-2018-1001\", \"CVE-2018-1010\", \"CVE-2018-1012\", \"CVE-2018-1013\",\n \"CVE-2018-1015\", \"CVE-2018-1016\", \"CVE-2018-1018\", \"CVE-2018-1020\",\n \"CVE-2018-1023\", \"CVE-2018-1003\", \"CVE-2018-1004\", \"CVE-2018-1008\",\n \"CVE-2018-1009\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 11:13:22 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-04-11 08:56:10 +0530 (Wed, 11 Apr 2018)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4093109)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4093109\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaw exists due to,\n\n - Windows font library improperly handles specially crafted embedded fonts.\n\n - Internet Explorer improperly accesses objects in memory.\n\n - Windows kernel fails to properly initialize a memory address.\n\n - Scripting engine does not properly handle objects in memory in Internet Explorer.\n\n - An error in Windows Adobe Type Manager Font Driver (ATMFD).\n\n - Chakra scripting engine improperly handles objects in memory in Microsoft Edge.\n\n - A Kernel Address Space Layout Randomization (ASLR) bypass error in windows.\n\n - Windows SNMP Service improperly handles malformed SNMP traps.\n\n - A security feature bypass exists when Device Guard incorrectly validates an\n untrusted file.\n\n - Microsoft browsers improperly access objects in memory.\n\n - Windows kernel improperly handles objects in memory and incorrectly maps kernel\n memory.\n\n - VBScript engine improperly handles objects in memory.\n\n - An error in Remote Desktop Protocol (RDP).\n\n - Windows Hyper-V on a host operating system fails to properly validate\n input from an authenticated user on a guest operating system.\n\n - An error in the Microsoft JET Database Engine.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to conduct arbitrary code execution, disclose sensitive information and bypass\n security restrictions.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Windows 10 Version 1511 x32/x64.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4093109\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.10586.0\", test_version2:\"11.0.10586.1539\"))\n{\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.10586 - 11.0.10586.1539\");\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-08T23:05:59", "description": "This host is missing a critical security\n update according to Microsoft KB4093111", "cvss3": {}, "published": "2018-04-11T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4093111)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1020", "CVE-2018-0969", "CVE-2018-1023", "CVE-2018-0956", "CVE-2018-0966", "CVE-2018-1013", "CVE-2018-8116", "CVE-2018-0997", "CVE-2018-0981", "CVE-2018-0990", "CVE-2018-0870", "CVE-2018-1012", "CVE-2018-1000", "CVE-2018-0989", "CVE-2018-0993", "CVE-2018-1010", "CVE-2018-0987", "CVE-2018-0960", "CVE-2018-0971", "CVE-2018-0957", "CVE-2018-0975", "CVE-2018-0988", "CVE-2018-0967", "CVE-2018-0970", "CVE-2018-1018", "CVE-2018-0887", "CVE-2018-0979", "CVE-2018-0972", "CVE-2018-0976", "CVE-2018-1015", "CVE-2018-1008", "CVE-2018-1003", "CVE-2018-1001", "CVE-2018-0968", "CVE-2018-0974", "CVE-2018-0980", "CVE-2018-0994", "CVE-2018-1016", "CVE-2018-0996", "CVE-2018-0991", "CVE-2018-1004", "CVE-2018-0973", "CVE-2018-1009", "CVE-2018-0995"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310813078", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813078", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Windows Multiple Vulnerabilities (KB4093111)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813078\");\n script_version(\"2020-06-04T11:13:22+0000\");\n script_cve_id(\"CVE-2018-0870\", \"CVE-2018-0887\", \"CVE-2018-8116\", \"CVE-2018-0956\",\n \"CVE-2018-0957\", \"CVE-2018-0960\", \"CVE-2018-0966\", \"CVE-2018-0967\",\n \"CVE-2018-0968\", \"CVE-2018-0969\", \"CVE-2018-0970\", \"CVE-2018-0971\",\n \"CVE-2018-0972\", \"CVE-2018-0973\", \"CVE-2018-0974\", \"CVE-2018-0975\",\n \"CVE-2018-0976\", \"CVE-2018-0979\", \"CVE-2018-0980\", \"CVE-2018-0981\",\n \"CVE-2018-0987\", \"CVE-2018-0988\", \"CVE-2018-0989\", \"CVE-2018-0990\",\n \"CVE-2018-0991\", \"CVE-2018-0993\", \"CVE-2018-0994\", \"CVE-2018-0995\",\n \"CVE-2018-0996\", \"CVE-2018-0997\", \"CVE-2018-1000\", \"CVE-2018-1001\",\n \"CVE-2018-1009\", \"CVE-2018-1010\", \"CVE-2018-1012\", \"CVE-2018-1013\",\n \"CVE-2018-1015\", \"CVE-2018-1016\", \"CVE-2018-1018\", \"CVE-2018-1020\",\n \"CVE-2018-1023\", \"CVE-2018-1003\", \"CVE-2018-1004\", \"CVE-2018-1008\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 11:13:22 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-04-11 10:29:16 +0530 (Wed, 11 Apr 2018)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4093111)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4093111\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaw exists due to,\n\n - Windows font library improperly handles specially crafted embedded fonts.\n\n - Internet Explorer improperly accesses objects in memory.\n\n - Windows kernel fails to properly initialize a memory address.\n\n - Scripting engine does not properly handle objects in memory in Internet Explorer.\n\n - An error in Windows Adobe Type Manager Font Driver (ATMFD).\n\n - Scripting engine handles objects in memory in Internet Explorer.\n\n - Chakra scripting engine handles objects in memory in Microsoft Edge.\n\n - A Kernel Address Space Layout Randomization (ASLR) bypass error in windows.\n\n - Windows SNMP Service improperly handles malformed SNMP traps.\n\n - A security feature bypass exists when Device Guard incorrectly validates an\n untrusted file.\n\n - Microsoft browsers improperly access objects in memory.\n\n - Windows kernel improperly handles objects in memory.\n\n - VBScript engine improperly handles objects in memory.\n\n - An error in Remote Desktop Protocol (RDP).\n\n - An error in HTTP 2.\n\n - Windows Hyper-V on a host operating system fails to properly validate\n input from an authenticated user on a guest operating system.\n\n - An error in in the Microsoft JET Database Engine.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to conduct arbitrary code execution, disclose sensitive information, escalate\n privileges, bypass security and cause denial of service condition.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 for 32-bit Systems\n\n - Microsoft Windows 10 for x64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4093111\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.10240.0\", test_version2:\"11.0.10240.17830\"))\n{\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.10240.0 - 11.0.10240.17830\");\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-08T23:06:19", "description": "This host is missing a critical security\n update according to Microsoft KB4093107", "cvss3": {}, "published": "2018-04-11T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4093107)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1020", "CVE-2018-0969", "CVE-2018-1023", "CVE-2018-0956", "CVE-2018-0966", "CVE-2018-1013", "CVE-2018-8116", "CVE-2018-0997", "CVE-2018-0981", "CVE-2018-0990", "CVE-2018-0870", "CVE-2018-0963", "CVE-2018-1012", "CVE-2018-1000", "CVE-2018-0989", "CVE-2018-0993", "CVE-2018-1010", "CVE-2018-0987", "CVE-2018-0998", "CVE-2018-0960", "CVE-2018-0971", "CVE-2018-0964", "CVE-2018-0957", "CVE-2018-0975", "CVE-2018-0988", "CVE-2018-0967", "CVE-2018-0970", "CVE-2018-0890", "CVE-2018-1018", "CVE-2018-0887", "CVE-2018-0979", "CVE-2018-0972", "CVE-2018-0976", "CVE-2018-1015", "CVE-2018-1008", "CVE-2018-1003", "CVE-2018-1001", "CVE-2018-0968", "CVE-2018-0974", "CVE-2018-0980", "CVE-2018-0994", "CVE-2018-1016", "CVE-2018-0996", "CVE-2018-0991", "CVE-2018-0892", "CVE-2018-1004", "CVE-2018-0973", "CVE-2018-1009", "CVE-2018-0995"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310813073", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813073", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Windows Multiple Vulnerabilities (KB4093107)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813073\");\n script_version(\"2020-06-04T11:13:22+0000\");\n script_cve_id(\"CVE-2018-0870\", \"CVE-2018-0887\", \"CVE-2018-8116\", \"CVE-2018-0890\",\n \"CVE-2018-0892\", \"CVE-2018-0956\", \"CVE-2018-0957\", \"CVE-2018-0960\",\n \"CVE-2018-0963\", \"CVE-2018-0964\", \"CVE-2018-0966\", \"CVE-2018-0967\",\n \"CVE-2018-0968\", \"CVE-2018-0969\", \"CVE-2018-0970\", \"CVE-2018-0971\",\n \"CVE-2018-0972\", \"CVE-2018-0973\", \"CVE-2018-0974\", \"CVE-2018-0975\",\n \"CVE-2018-0976\", \"CVE-2018-0979\", \"CVE-2018-0980\", \"CVE-2018-0981\",\n \"CVE-2018-0987\", \"CVE-2018-0988\", \"CVE-2018-0989\", \"CVE-2018-0990\",\n \"CVE-2018-0991\", \"CVE-2018-0993\", \"CVE-2018-0994\", \"CVE-2018-0995\",\n \"CVE-2018-0996\", \"CVE-2018-0997\", \"CVE-2018-0998\", \"CVE-2018-1000\",\n \"CVE-2018-1001\", \"CVE-2018-1009\", \"CVE-2018-1010\", \"CVE-2018-1012\",\n \"CVE-2018-1013\", \"CVE-2018-1015\", \"CVE-2018-1016\", \"CVE-2018-1018\",\n \"CVE-2018-1020\", \"CVE-2018-1023\", \"CVE-2018-1003\", \"CVE-2018-1004\",\n \"CVE-2018-1008\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 11:13:22 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-04-11 09:08:45 +0530 (Wed, 11 Apr 2018)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4093107)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4093107\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaw exists due to,\n\n - Internet Explorer improperly accesses objects in memory.\n\n - Scripting engine improperly handles objects in memory in Internet Explorer.\n\n - Windows font library improperly handles specially crafted embedded fonts.\n\n - Microsoft Edge PDF Reader improperly handles objects in memory.\n\n - Windows kernel fails to properly initialize a memory address.\n\n - An error in Windows Adobe Type Manager Font Driver (ATMFD.\n\n - Chakra scripting engine improperly handles objects in memory in Microsoft Edge.\n\n - A Kernel Address Space Layout Randomization (ASLR) bypass error in windows.\n\n - An error in Windows SNMP Service handles malformed SNMP traps.\n\n - A security feature bypass exists when Device Guard incorrectly validates an\n untrusted file.\n\n - Windows Hyper-V on a host operating system fails to properly validate input\n from an authenticated user on a guest operating system.\n\n - Windows Kernel improperly handles objects in memory.\n\n - Microsoft browsers improperly access objects in memory.\n\n - VBScript engine improperly handles objects in memory.\n\n - Microsoft Edge improperly handles objects in memory.\n\n - An error when Active Directory incorrectly applies Network Isolation settings.\n\n - An error in Remote Desktop Protocol (RDP).\n\n - An error in the HTTP 2.\n\n - An error in Microsoft JET Database Engine.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to conduct arbitrary code execution, disclose sensitive information, escalate\n privileges, bypass security and cause denial of service condition.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Windows 10 Version 1703 x32/x64.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4093107\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.15063.0\", test_version2:\"11.0.15063.1028\"))\n{\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.15063.0 - 11.0.15063.1028\");\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-08T13:29:07", "description": "This host is missing a critical security\n update according to Microsoft KB4093119", "cvss3": {}, "published": "2018-04-11T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4093119)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1020", "CVE-2018-0969", "CVE-2018-1023", "CVE-2018-0956", "CVE-2018-0966", "CVE-2018-1013", "CVE-2018-8116", "CVE-2018-0997", "CVE-2018-0981", "CVE-2018-0990", "CVE-2018-0870", "CVE-2018-0963", "CVE-2018-1012", "CVE-2018-1000", "CVE-2018-0989", "CVE-2018-0993", "CVE-2018-1010", "CVE-2018-0987", "CVE-2018-0998", "CVE-2018-0960", "CVE-2018-0971", "CVE-2018-0957", "CVE-2018-0975", "CVE-2018-0988", "CVE-2018-0967", "CVE-2018-0970", "CVE-2018-0890", "CVE-2018-1018", "CVE-2018-0887", "CVE-2018-0979", "CVE-2018-0972", "CVE-2018-0976", "CVE-2018-1015", "CVE-2018-1008", "CVE-2018-1003", "CVE-2018-1001", "CVE-2018-0968", "CVE-2018-0974", "CVE-2018-0980", "CVE-2018-0994", "CVE-2018-1016", "CVE-2018-0996", "CVE-2018-0991", "CVE-2018-0892", "CVE-2018-1004", "CVE-2018-0973", "CVE-2018-1009", "CVE-2018-0995"], "modified": "2019-12-20T00:00:00", "id": "OPENVAS:1361412562310813080", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813080", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Windows Multiple Vulnerabilities (KB4093119)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813080\");\n script_version(\"2019-12-20T10:24:46+0000\");\n script_cve_id(\"CVE-2018-0870\", \"CVE-2018-0887\", \"CVE-2018-8116\", \"CVE-2018-0890\",\n \"CVE-2018-0892\", \"CVE-2018-0956\", \"CVE-2018-0957\", \"CVE-2018-0960\",\n \"CVE-2018-0963\", \"CVE-2018-0966\", \"CVE-2018-0967\", \"CVE-2018-0968\",\n \"CVE-2018-0969\", \"CVE-2018-0970\", \"CVE-2018-0971\", \"CVE-2018-0972\",\n \"CVE-2018-0973\", \"CVE-2018-0974\", \"CVE-2018-0975\", \"CVE-2018-0976\",\n \"CVE-2018-0979\", \"CVE-2018-0980\", \"CVE-2018-0981\", \"CVE-2018-0987\",\n \"CVE-2018-0988\", \"CVE-2018-0989\", \"CVE-2018-0990\", \"CVE-2018-0991\",\n \"CVE-2018-0993\", \"CVE-2018-0994\", \"CVE-2018-0995\", \"CVE-2018-0996\",\n \"CVE-2018-0997\", \"CVE-2018-0998\", \"CVE-2018-1000\", \"CVE-2018-1001\",\n \"CVE-2018-1009\", \"CVE-2018-1010\", \"CVE-2018-1012\", \"CVE-2018-1013\",\n \"CVE-2018-1015\", \"CVE-2018-1016\", \"CVE-2018-1018\", \"CVE-2018-1020\",\n \"CVE-2018-1023\", \"CVE-2018-1003\", \"CVE-2018-1004\", \"CVE-2018-1008\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-12-20 10:24:46 +0000 (Fri, 20 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-04-11 10:50:56 +0530 (Wed, 11 Apr 2018)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4093119)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4093119\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaw exists due to,\n\n - Internet Explorer improperly accesses objects in memory.\n\n - Windows font library improperly handles specially crafted embedded fonts.\n\n - Scripting engine handles objects in memory in Internet Explorer.\n\n - Microsoft Edge PDF Reader improperly handles objects in memory.\n\n - Windows kernel fails to properly initialize a memory address.\n\n - An error in Windows Adobe Type Manager Font Driver (ATMFD).\n\n - Chakra scripting engine handles objects in memory in Microsoft Edge.\n\n - A Kernel Address Space Layout Randomization (ASLR) bypass error in windows.\n\n - Windows SNMP Service improperly handles malformed SNMP traps.\n\n - A security feature bypass exists when Device Guard incorrectly validates an\n untrusted file.\n\n - Microsoft browsers improperly access objects in memory.\n\n - Windows kernel improperly handles objects in memory.\n\n - VBScript engine improperly handles objects in memory.\n\n - Microsoft Edge improperly handles objects in memory.\n\n - An error when Active Directory incorrectly applies Network Isolation settings.\n\n - An error in Remote Desktop Protocol (RDP).\n\n - An error in the HTTP 2.\n\n - Windows Hyper-V on a host operating system fails to properly validate\n input from an authenticated user on a guest operating system.\n\n - An error in the Microsoft JET Database Engine.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to conduct arbitrary code execution, disclose sensitive information, escalate\n privileges, bypass security and cause denial of service condition.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1607 x32/x64\n\n - Microsoft Windows Server 2016\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4093119\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1, win2016:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.14393.0\", test_version2:\"11.0.14393.2188\"))\n{\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.14393.0 - 11.0.14393.2188\");\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-08T23:06:10", "description": "This host is missing a critical security\n update according to Microsoft KB4093112", "cvss3": {}, "published": "2018-04-11T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4093112)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1020", "CVE-2018-0969", "CVE-2018-1023", "CVE-2018-0956", "CVE-2018-0966", "CVE-2018-1013", "CVE-2018-8116", "CVE-2018-0997", "CVE-2018-0981", "CVE-2018-1019", "CVE-2018-0990", "CVE-2018-0870", "CVE-2018-0963", "CVE-2018-1012", "CVE-2018-1000", "CVE-2018-0989", "CVE-2018-0993", "CVE-2018-1010", "CVE-2018-0987", "CVE-2018-0998", "CVE-2018-0960", "CVE-2018-0971", "CVE-2018-0964", "CVE-2018-0957", "CVE-2018-0975", "CVE-2018-0988", "CVE-2018-1035", "CVE-2018-0967", "CVE-2018-0970", "CVE-2018-0890", "CVE-2018-1018", "CVE-2018-0887", "CVE-2018-0979", "CVE-2018-0972", "CVE-2018-0976", "CVE-2018-1015", "CVE-2018-1008", "CVE-2018-1003", "CVE-2018-1001", "CVE-2018-0968", "CVE-2018-0974", "CVE-2018-0980", "CVE-2018-0994", "CVE-2018-1016", "CVE-2018-0996", "CVE-2018-0991", "CVE-2018-0892", "CVE-2018-1004", "CVE-2018-0973", "CVE-2018-1009", "CVE-2018-0995"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310813079", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813079", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Windows Multiple Vulnerabilities (KB4093112)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813079\");\n script_version(\"2020-06-04T11:13:22+0000\");\n script_cve_id(\"CVE-2018-0870\", \"CVE-2018-8116\", \"CVE-2018-0887\", \"CVE-2018-0890\",\n \"CVE-2018-0892\", \"CVE-2018-0956\", \"CVE-2018-0957\", \"CVE-2018-0960\",\n \"CVE-2018-0963\", \"CVE-2018-0964\", \"CVE-2018-0966\", \"CVE-2018-0967\",\n \"CVE-2018-0968\", \"CVE-2018-0969\", \"CVE-2018-0970\", \"CVE-2018-0971\",\n \"CVE-2018-0972\", \"CVE-2018-0973\", \"CVE-2018-0974\", \"CVE-2018-0975\",\n \"CVE-2018-0976\", \"CVE-2018-0979\", \"CVE-2018-0980\", \"CVE-2018-0981\",\n \"CVE-2018-0987\", \"CVE-2018-0988\", \"CVE-2018-0989\", \"CVE-2018-0990\",\n \"CVE-2018-0991\", \"CVE-2018-0993\", \"CVE-2018-0994\", \"CVE-2018-0995\",\n \"CVE-2018-0996\", \"CVE-2018-0997\", \"CVE-2018-0998\", \"CVE-2018-1000\",\n \"CVE-2018-1001\", \"CVE-2018-1009\", \"CVE-2018-1010\", \"CVE-2018-1012\",\n \"CVE-2018-1013\", \"CVE-2018-1015\", \"CVE-2018-1016\", \"CVE-2018-1018\",\n \"CVE-2018-1019\", \"CVE-2018-1020\", \"CVE-2018-1023\", \"CVE-2018-1003\",\n \"CVE-2018-1004\", \"CVE-2018-1008\", \"CVE-2018-1035\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 11:13:22 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-04-11 10:41:02 +0530 (Wed, 11 Apr 2018)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4093112)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4093112\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaw exists due to,\n\n - Internet Explorer improperly accesses objects in memory.\n\n - Scripting engine handles objects in memory in Internet Explorer.\n\n - Windows font library improperly handles specially crafted embedded\n fonts.\n\n - Chakra scripting engine improperly handles objects in memory in Microsoft Edge.\n\n - Microsoft Edge PDF Reader improperly handles objects in memory.\n\n - Windows kernel fails to properly initialize a memory address.\n\n - An error in Windows Adobe Type Manager Font Driver (ATMFD).\n\n - A Kernel Address Space Layout Randomization (ASLR) bypass error.\n\n - Windows SNMP Service improperly handles malformed SNMP traps.\n\n - A security feature bypass exists when Device Guard incorrectly validates an\n untrusted file.\n\n - Windows Hyper-V on a host operating system fails to properly validate\n input from an authenticated user on a guest operating system.\n\n - Windows Kernel improperly handles objects in memory.\n\n - VBScript engine improperly handles objects in memory.\n\n - Microsoft Edge improperly handles objects in memory.\n\n - An error when Active Directory incorrectly applies Network Isolation settings.\n\n - An error in Remote Desktop Protocol (RDP).\n\n - An error in the HTTP 2.\n\n - An error in Microsoft JET Database Engine.\n\n - A security bypass error related to Device Guard.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to conduct arbitrary code execution, disclose sensitive information, escalate\n privileges, bypass security and cause denial of service condition.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1709 for 32-bit Systems\n\n - Microsoft Windows 10 Version 1709 for 64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4093112\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.16299.0\", test_version2:\"11.0.16299.370\"))\n{\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.16299.0 - 11.0.16299.370\");\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-08T23:06:10", "description": "This host is missing an important security\n update according to Microsoft KB4093227", "cvss3": {}, "published": "2018-04-11T00:00:00", "type": "openvas", "title": "Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability (KB4093227)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0976"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310812586", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812586", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability (KB4093227)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812586\");\n script_version(\"2020-06-04T11:13:22+0000\");\n script_cve_id(\"CVE-2018-0976\");\n script_tag(name:\"cvss_base\", value:\"3.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 11:13:22 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-04-11 10:10:51 +0530 (Wed, 11 Apr 2018)\");\n script_name(\"Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability (KB4093227)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security\n update according to Microsoft KB4093227\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists in Remote Desktop\n Protocol (RDP) when an attacker connects to the target system using\n RDP and sends specially crafted requests.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attackers to cause the RDP service on the target system to stop\n responding.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4093227\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win2008:3, win2008x64:3) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nfileVer = fetch_file_version(sysPath:sysPath, file_name:\"scksp.dll\");\nif(!fileVer){\n exit(0);\n}\n\nif(version_is_less(version:fileVer, test_version:\"6.0.6002.24329\"))\n{\n report = report_fixed_ver(file_checked:sysPath + \"\\scksp.dll\",\n file_version:fileVer, vulnerable_range:\"Less than 6.0.6002.24329\");\n security_message(data:report);\n}\nexit(0);\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:33:21", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-04-25T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-azure USN-3632-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8043", "CVE-2017-17450", "CVE-2018-5333", "CVE-2017-17741", "CVE-2017-0861", "CVE-2017-17805", "CVE-2018-1000", "CVE-2018-5344", "CVE-2017-15129", "CVE-2017-16994", "CVE-2017-17448", "CVE-2017-1000407", "CVE-2018-5332", "CVE-2017-17807", "CVE-2018-1000026", "CVE-2017-17806"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843509", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843509", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3632_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-azure USN-3632-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843509\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-04-25 08:37:19 +0200 (Wed, 25 Apr 2018)\");\n script_cve_id(\"CVE-2017-0861\", \"CVE-2017-1000407\", \"CVE-2017-15129\", \"CVE-2017-16994\",\n \"CVE-2017-17448\", \"CVE-2017-17450\", \"CVE-2017-17741\", \"CVE-2017-17805\",\n \"CVE-2017-17806\", \"CVE-2017-17807\", \"CVE-2018-1000026\", \"CVE-2018-5332\",\n \"CVE-2018-5333\", \"CVE-2018-5344\", \"CVE-2018-8043\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-azure USN-3632-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-azure'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that a race condition\n leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of\n the Linux kernel. A local attacker could use this to cause a denial of service\n (system crash) or possibly execute arbitrary code. (CVE-2017-0861) It was\n discovered that the KVM implementation in the Linux kernel allowed passthrough\n of the diagnostic I/O port 0x80. An attacker in a guest VM could use this to\n cause a denial of service (system crash) in the host OS. (CVE-2017-1000407) It\n was discovered that a use-after-free vulnerability existed in the network\n namespaces implementation in the Linux kernel. A local attacker could use this\n to cause a denial of service (system crash) or possibly execute arbitrary code.\n (CVE-2017-15129) It was discovered that the HugeTLB component of the Linux\n kernel did not properly handle holes in hugetlb ranges. A local attacker could\n use this to expose sensitive information (kernel memory). (CVE-2017-16994) It\n was discovered that the netfilter component of the Linux did not properly\n restrict access to the connection tracking helpers list. A local attacker could\n use this to bypass intended access restrictions. (CVE-2017-17448) It was\n discovered that the netfilter passive OS fingerprinting (xt_osf) module did not\n properly perform access control checks. A local attacker could improperly modify\n the system-wide OS fingerprint list. (CVE-2017-17450) Dmitry Vyukov discovered\n that the KVM implementation in the Linux kernel contained an out-of-bounds read\n when handling memory-mapped I/O. A local attacker could use this to expose\n sensitive information. (CVE-2017-17741) It was discovered that the Salsa20\n encryption algorithm implementations in the Linux kernel did not properly handle\n zero-length inputs. A local attacker could use this to cause a denial of service\n (system crash). (CVE-2017-17805) It was discovered that the HMAC implementation\n did not validate the state of the underlying cryptographic hash algorithm. A\n local attacker could use this to cause a denial of service (system crash) or\n possibly execute arbitrary code. (CVE-2017-17806) It was discovered that the\n keyring implementation in the Linux kernel did not properly check permissions\n when a key request was performed on a task's default keyring. A local attacker\n could use this to add keys to unauthorized keyrings. (CVE-2017-17807) It was\n discovered that the Broadcom NetXtremeII ethernet driver in the Linux kernel did\n not properly validate Generic Segment Offload (GSO) packet sizes. An attacker\n could use this to cause a denial of service (interface unavailability).\n (CVE-2018-1000 ... Description truncated, for more information please check the\n Reference URL\");\n script_tag(name:\"affected\", value:\"linux-azure on Ubuntu 16.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3632-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3632-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.13.0-1014-azure\", ver:\"4.13.0-1014.17\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-azure\", ver:\"4.13.0.1014.16\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-08T23:06:05", "description": "This host is missing a critical security\n update according to Microsoft KB4284835", "cvss3": {}, "published": "2018-06-13T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4284835)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8205", "CVE-2018-1036", "CVE-2018-0982", "CVE-2018-1040", "CVE-2018-8212", "CVE-2018-8211", "CVE-2018-8215", "CVE-2018-8229", "CVE-2018-8239", "CVE-2018-8219", "CVE-2018-8169", "CVE-2018-8233", "CVE-2018-0978", "CVE-2018-8208", "CVE-2018-8226", "CVE-2018-8235", "CVE-2018-8236", "CVE-2018-8110", "CVE-2018-8221", "CVE-2018-8213", "CVE-2018-8234", "CVE-2018-8121", "CVE-2018-8113", "CVE-2018-8207", "CVE-2018-8210", "CVE-2018-8267", "CVE-2018-8251", "CVE-2018-8140", "CVE-2018-8231", "CVE-2018-8201", "CVE-2018-8227", "CVE-2018-8214", "CVE-2018-1003", "CVE-2018-8225", "CVE-2018-0871", "CVE-2018-8175"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310813530", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813530", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Windows Multiple Vulnerabilities (KB4284835)\n#\n# Authors:\n# Rajat Mishra <rajatm@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813530\");\n script_version(\"2020-06-04T11:13:22+0000\");\n script_cve_id(\"CVE-2018-0871\", \"CVE-2018-0978\", \"CVE-2018-0982\", \"CVE-2018-1036\",\n \"CVE-2018-1040\", \"CVE-2018-8110\", \"CVE-2018-8113\", \"CVE-2018-8121\",\n \"CVE-2018-8140\", \"CVE-2018-8169\", \"CVE-2018-8175\", \"CVE-2018-8201\",\n \"CVE-2018-8205\", \"CVE-2018-8207\", \"CVE-2018-8208\", \"CVE-2018-8210\",\n \"CVE-2018-8211\", \"CVE-2018-8212\", \"CVE-2018-8213\", \"CVE-2018-8214\",\n \"CVE-2018-8215\", \"CVE-2018-8219\", \"CVE-2018-8221\", \"CVE-2018-8225\",\n \"CVE-2018-8226\", \"CVE-2018-8227\", \"CVE-2018-8229\", \"CVE-2018-8231\",\n \"CVE-2018-8233\", \"CVE-2018-8234\", \"CVE-2018-8235\", \"CVE-2018-8236\",\n \"CVE-2018-8239\", \"CVE-2018-8251\", \"CVE-2018-8267\", \"CVE-2018-1003\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 11:13:22 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-06-13 09:09:57 +0530 (Wed, 13 Jun 2018)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4284835)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4284835\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaw exists due to errors,\n\n - When the Windows kernel improperly handles objects in memory.\n\n - When Windows improperly handles objects in memory.\n\n - When the (Human Interface Device) HID Parser Library driver improperly handles\n objects in memory.\n\n - In Device Guard that could allow an attacker to inject malicious code into a\n Windows PowerShell session.\n\n - In Windows when Desktop Bridge does not properly manage the virtual registry.\n\n - When Cortana retrieves data from user input services without consideration for\n status.\n\n - When the Windows kernel improperly initializes objects in memory.\n\n - In Windows when the Win32k component fails to properly handle objects in\n memory.\n\n - In the way that the Windows Code Integrity Module performs hashing.\n\n - When Microsoft Edge improperly handles requests of different origins.\n\n - In the way that the Windows Kernel API enforces permissions.\n\n - When Microsoft Edge improperly handles objects in memory.\n\n - When Microsoft Edge improperly accesses objects in memory.\n\n - When Windows Media Foundation improperly handles objects in memory.\n\n - When the Windows GDI component improperly discloses the contents of its\n memory.\n\n - When Windows Hyper-V instruction emulation fails to properly enforce privilege\n levels.\n\n - When Windows NT WEBDAV Minirdr attempts to query a WEBDAV directory.\n\n - In Internet Explorer that allows for bypassing Mark of the Web Tagging (MOTW).\n\n - When Internet Explorer improperly accesses objects in memory.\n\n - When NTFS improperly checks access.\n\n - When Edge improperly marks files.\n\n - In the way that the Chakra scripting engine handles objects in memory in\n Microsoft Edge.\n\n - In the way that the scripting engine handles objects in memory in Internet\n Explorer.\n\n - In Windows Domain Name System (DNS) DNSAPI.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to obtain information to further compromise the user's system, run processes in\n an elevated context, inject code into a trusted PowerShell process, execute\n arbitrary code, read privileged data, force the browser to send restricted data,\n interject cross-process communication, install programs, view, change, or delete\n data or create new accounts with full user rights and create a denial of service\n condition.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Windows 10 Version 1803 x32/x64-bit Systems.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4284835\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.17134.0\", test_version2:\"11.0.17134.111\"))\n{\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.17134.0 - 11.0.17134.111\");\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2023-02-08T15:51:29", "description": "### *Detect date*:\n04/10/2018\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, cause denial of service.\n\n### *Exploitation*:\nThe following public exploits exists for this vulnerability:\n\n### *Affected products*:\nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows 10 for 32-bit Systems \nWindows Server, version 1803 (Server Core Installation) \nInternet Explorer 9 \nWindows 10 for x64-based Systems \nWindows Server 2012 (Server Core installation) \nWindows Server 2016 (Server Core installation) \nWindows 7 for x64-based Systems Service Pack 1 \nWindows 8.1 for 32-bit systems \nWindows 8.1 for x64-based systems \nWindows Server 2012 \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nInternet Explorer 11 \nWindows Server 2008 for x64-based Systems Service Pack 2 \nWindows Server 2016 \nWindows 10 Version 1709 for x64-based Systems \nWindows RT 8.1 \nWindows Server 2008 for Itanium-Based Systems Service Pack 2 \nWindows 10 Version 1703 for x64-based Systems \nWindows Server 2012 R2 (Server Core installation) \nWindows Server 2008 R2 for Itanium-Based Systems Service Pack 1 \nWindows 10 Version 1511 for 32-bit Systems \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nWindows 10 Version 1803 for x64-based Systems \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nWindows 10 Version 1511 for x64-based Systems \nWindows 10 Version 1607 for 32-bit Systems \nWindows 10 Version 1607 for x64-based Systems \nWindows 7 for 32-bit Systems Service Pack 1 \nInternet Explorer 10 \nWindows 10 Version 1709 for 32-bit Systems \nWindows 10 Version 1703 for 32-bit Systems \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nWindows Server 2012 R2 \nWindows 10 Version 1803 for 32-bit Systems\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2018-1020](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-1020>) \n[CVE-2018-1004](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-1004>) \n[CVE-2018-0987](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0987>) \n[CVE-2018-1008](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-1008>) \n[CVE-2018-0981](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0981>) \n[CVE-2018-0969](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0969>) \n[CVE-2018-0967](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0967>) \n[CVE-2018-1001](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-1001>) \n[CVE-2018-1000](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-1000>) \n[CVE-2018-0989](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0989>) \n[CVE-2018-0988](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0988>) \n[CVE-2018-0960](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0960>) \n[CVE-2018-0887](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0887>) \n[CVE-2018-8116](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8116>) \n[CVE-2018-0996](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0996>) \n[CVE-2018-1015](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-1015>) \n[CVE-2018-1016](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-1016>) \n[CVE-2018-1010](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-1010>) \n[CVE-2018-1012](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-1012>) \n[CVE-2018-1013](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-1013>) \n[CVE-2018-0970](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0970>) \n[CVE-2018-0971](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0971>) \n[CVE-2018-0972](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0972>) \n[CVE-2018-0973](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0973>) \n[CVE-2018-0974](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0974>) \n[CVE-2018-0975](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0975>) \n[CVE-2018-0976](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0976>) \n[CVE-2018-1003](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-1003>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Internet Explorer](<https://threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/>)\n\n### *CVE-IDS*:\n[CVE-2018-0887](<https://vulners.com/cve/CVE-2018-0887>)2.1Warning \n[CVE-2018-0960](<https://vulners.com/cve/CVE-2018-0960>)2.1Warning \n[CVE-2018-0967](<https://vulners.com/cve/CVE-2018-0967>)6.3High \n[CVE-2018-0969](<https://vulners.com/cve/CVE-2018-0969>)2.1Warning \n[CVE-2018-0970](<https://vulners.com/cve/CVE-2018-0970>)2.1Warning \n[CVE-2018-0971](<https://vulners.com/cve/CVE-2018-0971>)2.1Warning \n[CVE-2018-0972](<https://vulners.com/cve/CVE-2018-0972>)2.1Warning \n[CVE-2018-0973](<https://vulners.com/cve/CVE-2018-0973>)2.1Warning \n[CVE-2018-0974](<https://vulners.com/cve/CVE-2018-0974>)2.1Warning \n[CVE-2018-0975](<https://vulners.com/cve/CVE-2018-0975>)2.1Warning \n[CVE-2018-0976](<https://vulners.com/cve/CVE-2018-0976>)3.5Warning \n[CVE-2018-1003](<https://vulners.com/cve/CVE-2018-1003>)9.3Critical \n[CVE-2018-1004](<https://vulners.com/cve/CVE-2018-1004>)9.3Critical \n[CVE-2018-1008](<https://vulners.com/cve/CVE-2018-1008>)6.9High \n[CVE-2018-1010](<https://vulners.com/cve/CVE-2018-1010>)9.3Critical \n[CVE-2018-1012](<https://vulners.com/cve/CVE-2018-1012>)9.3Critical \n[CVE-2018-1013](<https://vulners.com/cve/CVE-2018-1013>)9.3Critical \n[CVE-2018-1015](<https://vulners.com/cve/CVE-2018-1015>)9.3Critical \n[CVE-2018-1016](<https://vulners.com/cve/CVE-2018-1016>)9.3Critical \n[CVE-2018-8116](<https://vulners.com/cve/CVE-2018-8116>)2.1Warning \n[CVE-2018-0981](<https://vulners.com/cve/CVE-2018-0981>)2.6Warning \n[CVE-2018-1000](<https://vulners.com/cve/CVE-2018-1000>)2.6Warning \n[CVE-2018-1001](<https://vulners.com/cve/CVE-2018-1001>)7.6Critical \n[CVE-2018-1020](<https://vulners.com/cve/CVE-2018-1020>)7.6Critical \n[CVE-2018-0988](<https://vulners.com/cve/CVE-2018-0988>)7.6Critical \n[CVE-2018-0987](<https://vulners.com/cve/CVE-2018-0987>)4.3Warning \n[CVE-2018-0989](<https://vulners.com/cve/CVE-2018-0989>)4.3Warning \n[CVE-2018-0996](<https://vulners.com/cve/CVE-2018-0996>)7.6Critical\n\n### *KB list*:\n[4093478](<http://support.microsoft.com/kb/4093478>) \n[4093224](<http://support.microsoft.com/kb/4093224>) \n[4093227](<http://support.microsoft.com/kb/4093227>) \n[4093223](<http://support.microsoft.com/kb/4093223>) \n[4093108](<http://support.microsoft.com/kb/4093108>) \n[4093118](<http://support.microsoft.com/kb/4093118>) \n[4093257](<http://support.microsoft.com/kb/4093257>) \n[4091756](<http://support.microsoft.com/kb/4091756>) \n[4092946](<http://support.microsoft.com/kb/4092946>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-10T00:00:00", "type": "kaspersky", "title": "KLA11896 Multiple vulnerabilities in Microsoft Products (ESU)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0887", "CVE-2018-0960", "CVE-2018-0967", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975", "CVE-2018-0976", "CVE-2018-0981", "CVE-2018-0987", "CVE-2018-0988", "CVE-2018-0989", "CVE-2018-0996", "CVE-2018-1000", "CVE-2018-1001", "CVE-2018-1003", "CVE-2018-1004", "CVE-2018-1008", "CVE-2018-1010", "CVE-2018-1012", "CVE-2018-1013", "CVE-2018-1015", "CVE-2018-1016", "CVE-2018-1020", "CVE-2018-8116"], "modified": "2020-07-22T00:00:00", "id": "KLA11896", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11896/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-08T16:03:37", "description": "### *Detect date*:\n04/10/2018\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Microsoft Windows . Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information, cause denial of service and possibly to bypass security restrictions.\n\n### *Affected products*:\nWindows 10 Version 1511 for 32-bit Systems \nWindows 10 Version 1511 for x64-based Systems \nWindows 10 Version 1607 for 32-bit Systems \nWindows 10 Version 1607 for x64-based Systems \nWindows 10 Version 1703 for 32-bit Systems \nWindows 10 Version 1703 for x64-based Systems \nWindows 10 Version 1709 for 32-bit Systems \nWindows 10 Version 1709 for 64-based Systems \nWindows 10 for 32-bit Systems \nWindows 10 for x64-based Systems \nWindows 7 for 32-bit Systems Service Pack 1 \nWindows 7 for x64-based Systems Service Pack 1 \nWindows 8.1 for 32-bit systems \nWindows 8.1 for x64-based systems \nWindows Defender \nWindows Intune Endpoint Protection \nWindows RT 8.1 \nWindows Server 2008 R2 for Itanium-Based Systems Service Pack 1 \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nWindows Server 2008 for Itanium-Based Systems Service Pack 2 \nWindows Server 2008 for x64-based Systems Service Pack 2 \nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows Server 2012 \nWindows Server 2012 (Server Core installation) \nWindows Server 2012 R2 \nWindows Server 2012 R2 (Server Core installation) \nWindows Server 2016 \nWindows Server 2016 (Server Core installation) \nWindows Server, version 1709 (Server Core Installation)\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2018-0887](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0887>) \n[CVE-2018-0890](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0890>) \n[CVE-2018-0956](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0956>) \n[CVE-2018-0957](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0957>) \n[CVE-2018-0960](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0960>) \n[CVE-2018-0963](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0963>) \n[CVE-2018-0964](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0964>) \n[CVE-2018-0966](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0966>) \n[CVE-2018-0967](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0967>) \n[CVE-2018-0968](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0968>) \n[CVE-2018-0969](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0969>) \n[CVE-2018-0970](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0970>) \n[CVE-2018-0971](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0971>) \n[CVE-2018-0972](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0972>) \n[CVE-2018-0973](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0973>) \n[CVE-2018-0974](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0974>) \n[CVE-2018-0975](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0975>) \n[CVE-2018-0976](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0976>) \n[CVE-2018-1003](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1003>) \n[CVE-2018-1004](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1004>) \n[CVE-2018-1008](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1008>) \n[CVE-2018-1009](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1009>) \n[CVE-2018-1010](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1010>) \n[CVE-2018-1012](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1012>) \n[CVE-2018-1013](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1013>) \n[CVE-2018-1015](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1015>) \n[CVE-2018-1016](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1016>) \n[CVE-2018-8116](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8116>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Windows](<https://threats.kaspersky.com/en/product/Microsoft-Windows/>)\n\n### *CVE-IDS*:\n[CVE-2018-0887](<https://vulners.com/cve/CVE-2018-0887>)2.1Warning \n[CVE-2018-0890](<https://vulners.com/cve/CVE-2018-0890>)3.5Warning \n[CVE-2018-0956](<https://vulners.com/cve/CVE-2018-0956>)7.8Critical \n[CVE-2018-0957](<https://vulners.com/cve/CVE-2018-0957>)1.9Warning \n[CVE-2018-0960](<https://vulners.com/cve/CVE-2018-0960>)2.1Warning \n[CVE-2018-0963](<https://vulners.com/cve/CVE-2018-0963>)4.6Warning \n[CVE-2018-0964](<https://vulners.com/cve/CVE-2018-0964>)1.9Warning \n[CVE-2018-0966](<https://vulners.com/cve/CVE-2018-0966>)2.1Warning \n[CVE-2018-0967](<https://vulners.com/cve/CVE-2018-0967>)6.3High \n[CVE-2018-0968](<https://vulners.com/cve/CVE-2018-0968>)2.1Warning \n[CVE-2018-0969](<https://vulners.com/cve/CVE-2018-0969>)2.1Warning \n[CVE-2018-0970](<https://vulners.com/cve/CVE-2018-0970>)2.1Warning \n[CVE-2018-0971](<https://vulners.com/cve/CVE-2018-0971>)2.1Warning \n[CVE-2018-0972](<https://vulners.com/cve/CVE-2018-0972>)2.1Warning \n[CVE-2018-0973](<https://vulners.com/cve/CVE-2018-0973>)2.1Warning \n[CVE-2018-0974](<https://vulners.com/cve/CVE-2018-0974>)2.1Warning \n[CVE-2018-0975](<https://vulners.com/cve/CVE-2018-0975>)2.1Warning \n[CVE-2018-0976](<https://vulners.com/cve/CVE-2018-0976>)3.5Warning \n[CVE-2018-1003](<https://vulners.com/cve/CVE-2018-1003>)9.3Critical \n[CVE-2018-1004](<https://vulners.com/cve/CVE-2018-1004>)9.3Critical \n[CVE-2018-1008](<https://vulners.com/cve/CVE-2018-1008>)6.9High \n[CVE-2018-1009](<https://vulners.com/cve/CVE-2018-1009>)7.2High \n[CVE-2018-1010](<https://vulners.com/cve/CVE-2018-1010>)9.3Critical \n[CVE-2018-1012](<https://vulners.com/cve/CVE-2018-1012>)9.3Critical \n[CVE-2018-1013](<https://vulners.com/cve/CVE-2018-1013>)9.3Critical \n[CVE-2018-1015](<https://vulners.com/cve/CVE-2018-1015>)9.3Critical \n[CVE-2018-1016](<https://vulners.com/cve/CVE-2018-1016>)9.3Critical \n[CVE-2018-8116](<https://vulners.com/cve/CVE-2018-8116>)2.1Warning\n\n### *Microsoft official advisories*:\n\n\n### *KB list*:\n[4093112](<http://support.microsoft.com/kb/4093112>) \n[4103727](<http://support.microsoft.com/kb/4103727>) \n[4093114](<http://support.microsoft.com/kb/4093114>) \n[4093111](<http://support.microsoft.com/kb/4093111>) \n[4093107](<http://support.microsoft.com/kb/4093107>) \n[4093109](<http://support.microsoft.com/kb/4093109>) \n[4093119](<http://support.microsoft.com/kb/4093119>) \n[4093115](<http://support.microsoft.com/kb/4093115>) \n[4093122](<http://support.microsoft.com/kb/4093122>) \n[4093123](<http://support.microsoft.com/kb/4093123>) \n[4284835](<http://support.microsoft.com/kb/4284835>)\n\n### *Exploitation*:\nThe following public exploits exists for this vulnerability:", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-10T00:00:00", "type": "kaspersky", "title": "KLA11221 Multiple vulnerabilities in Microsoft Windows", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0887", "CVE-2018-0890", "CVE-2018-0956", "CVE-2018-0957", "CVE-2018-0960", "CVE-2018-0963", "CVE-2018-0964", "CVE-2018-0966", "CVE-2018-0967", "CVE-2018-0968", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975", "CVE-2018-0976", "CVE-2018-1003", "CVE-2018-1004", "CVE-2018-1008", "CVE-2018-1009", "CVE-2018-1010", "CVE-2018-1012", "CVE-2018-1013", "CVE-2018-1015", "CVE-2018-1016", "CVE-2018-8116"], "modified": "2020-07-22T00:00:00", "id": "KLA11221", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11221/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-08T16:03:36", "description": "### *Detect date*:\n04/10/2018\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code.\n\n### *Affected products*:\nMicrosoft Edge (EdgeHTML-based) \nInternet Explorer 9 \nInternet Explorer 10 \nChakraCore \nInternet Explorer 11\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2018-0981](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0981>) \n[CVE-2018-0994](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0994>) \n[CVE-2018-0997](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0997>) \n[CVE-2018-0990](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0990>) \n[CVE-2018-1023](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-1023>) \n[CVE-2018-1000](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-1000>) \n[CVE-2018-0892](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0892>) \n[CVE-2018-1001](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-1001>) \n[CVE-2018-1019](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-1019>) \n[CVE-2018-1018](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-1018>) \n[CVE-2018-0998](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0998>) \n[CVE-2018-1020](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-1020>) \n[CVE-2018-0988](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0988>) \n[CVE-2018-0979](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0979>) \n[CVE-2018-0980](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0980>) \n[CVE-2018-0987](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0987>) \n[CVE-2018-0995](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0995>) \n[CVE-2018-0989](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0989>) \n[CVE-2018-0870](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0870>) \n[CVE-2018-0991](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0991>) \n[CVE-2018-0993](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0993>) \n[CVE-2018-0996](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0996>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Internet Explorer](<https://threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/>)\n\n### *CVE-IDS*:\n[CVE-2018-0981](<https://vulners.com/cve/CVE-2018-0981>)2.6Warning \n[CVE-2018-0994](<https://vulners.com/cve/CVE-2018-0994>)7.6Critical \n[CVE-2018-0997](<https://vulners.com/cve/CVE-2018-0997>)7.6Critical \n[CVE-2018-0990](<https://vulners.com/cve/CVE-2018-0990>)7.6Critical \n[CVE-2018-1023](<https://vulners.com/cve/CVE-2018-1023>)7.6Critical \n[CVE-2018-1000](<https://vulners.com/cve/CVE-2018-1000>)2.6Warning \n[CVE-2018-0892](<https://vulners.com/cve/CVE-2018-0892>)4.3Warning \n[CVE-2018-1001](<https://vulners.com/cve/CVE-2018-1001>)7.6Critical \n[CVE-2018-1019](<https://vulners.com/cve/CVE-2018-1019>)7.6Critical \n[CVE-2018-1018](<https://vulners.com/cve/CVE-2018-1018>)7.6Critical \n[CVE-2018-0998](<https://vulners.com/cve/CVE-2018-0998>)4.3Warning \n[CVE-2018-1020](<https://vulners.com/cve/CVE-2018-1020>)7.6Critical \n[CVE-2018-0988](<https://vulners.com/cve/CVE-2018-0988>)7.6Critical \n[CVE-2018-0979](<https://vulners.com/cve/CVE-2018-0979>)7.6Critical \n[CVE-2018-0980](<https://vulners.com/cve/CVE-2018-0980>)7.6Critical \n[CVE-2018-0987](<https://vulners.com/cve/CVE-2018-0987>)4.3Warning \n[CVE-2018-0995](<https://vulners.com/cve/CVE-2018-0995>)7.6Critical \n[CVE-2018-0989](<https://vulners.com/cve/CVE-2018-0989>)4.3Warning \n[CVE-2018-0870](<https://vulners.com/cve/CVE-2018-0870>)7.6Critical \n[CVE-2018-0991](<https://vulners.com/cve/CVE-2018-0991>)7.6Critical \n[CVE-2018-0993](<https://vulners.com/cve/CVE-2018-0993>)7.6Critical \n[CVE-2018-0996](<https://vulners.com/cve/CVE-2018-0996>)7.6Critical\n\n### *Microsoft official advisories*:\n\n\n### *KB list*:\n[4093112](<http://support.microsoft.com/kb/4093112>) \n[4093114](<http://support.microsoft.com/kb/4093114>) \n[4093111](<http://support.microsoft.com/kb/4093111>) \n[4093107](<http://support.microsoft.com/kb/4093107>) \n[4093109](<http://support.microsoft.com/kb/4093109>) \n[4093119](<http://support.microsoft.com/kb/4093119>) \n[4093118](<http://support.microsoft.com/kb/4093118>) \n[4093123](<http://support.microsoft.com/kb/4093123>) \n[4092946](<http://support.microsoft.com/kb/4092946>)\n\n### *Exploitation*:\nThe following public exploits exists for this vulnerability:", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-10T00:00:00", "type": "kaspersky", "title": "KLA11222 Multiple vulnerabilities in Microsoft Browsers", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0870", "CVE-2018-0892", "CVE-2018-0979", "CVE-2018-0980", "CVE-2018-0981", "CVE-2018-0987", "CVE-2018-0988", "CVE-2018-0989", "CVE-2018-0990", "CVE-2018-0991", "CVE-2018-0993", "CVE-2018-0994", "CVE-2018-0995", "CVE-2018-0996", "CVE-2018-0997", "CVE-2018-0998", "CVE-2018-1000", "CVE-2018-1001", "CVE-2018-1018", "CVE-2018-1019", "CVE-2018-1020", "CVE-2018-1023"], "modified": "2020-07-22T00:00:00", "id": "KLA11222", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11222/", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2023-02-09T14:01:03", "description": "An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka \"Windows Kernel Information Disclosure Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0960, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-0887", "cwe": ["CWE-665"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0887", "CVE-2018-0960", "CVE-2018-0968", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_8.1:*", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:*", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2016:*", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:-"], "id": "CVE-2018-0887", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0887", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:01:11", "description": "An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka \"Windows Kernel Information Disclosure Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-0960", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0887", "CVE-2018-0960", "CVE-2018-0968", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_8.1:*", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:*", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2016:*", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:-"], "id": "CVE-2018-0960", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0960", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:01:12", "description": "An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka \"Windows Kernel Information Disclosure Vulnerability.\" This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-0968", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0887", "CVE-2018-0960", "CVE-2018-0968", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_8.1:*", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:*", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2016:*", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:-"], "id": "CVE-2018-0968", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0968", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:01:12", "description": "An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka \"Windows Kernel Information Disclosure Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0968, CVE-2018-0969, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-0970", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0887", "CVE-2018-0960", "CVE-2018-0968", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_8.1:*", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:*", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2016:*", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:-"], "id": "CVE-2018-0970", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0970", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:01:13", "description": "An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka \"Windows Kernel Information Disclosure Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-0972", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0887", "CVE-2018-0960", "CVE-2018-0968", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_8.1:*", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:*", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2016:*", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:-"], "id": "CVE-2018-0972", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0972", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:01:13", "description": "An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka \"Windows Kernel Information Disclosure Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0975.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-0974", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0887", "CVE-2018-0960", "CVE-2018-0968", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_8.1:*", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:*", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2016:*", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:-"], "id": "CVE-2018-0974", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0974", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:01:17", "description": "An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka \"Windows Kernel Information Disclosure Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-0975", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0887", "CVE-2018-0960", "CVE-2018-0968", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_8.1:*", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:*", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2016:*", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:-"], "id": "CVE-2018-0975", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0975", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:01:12", "description": "An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka \"Windows Kernel Information Disclosure Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0968, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-0969", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0887", "CVE-2018-0960", "CVE-2018-0968", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_8.1:*", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:*", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2016:*", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:-"], "id": "CVE-2018-0969", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0969", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:01:13", "description": "An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka \"Windows Kernel Information Disclosure Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-0971", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0887", "CVE-2018-0960", "CVE-2018-0968", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_8.1:*", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:*", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2016:*", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:-"], "id": "CVE-2018-0971", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0971", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:01:13", "description": "An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka \"Windows Kernel Information Disclosure Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0974, CVE-2018-0975.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-0973", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0887", "CVE-2018-0960", "CVE-2018-0968", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_8.1:*", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:*", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2016:*", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:-"], "id": "CVE-2018-0973", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0973", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:01:03", "description": "A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka \"Internet Explorer Memory Corruption Vulnerability.\" This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-0991, CVE-2018-0997, CVE-2018-1018, CVE-2018-1020.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-0870", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0870", "CVE-2018-0991", "CVE-2018-0997", "CVE-2018-1018", "CVE-2018-1020"], "modified": "2020-09-28T12:58:00", "cpe": ["cpe:/a:microsoft:internet_explorer:11"], "id": "CVE-2018-0870", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0870", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:02:46", "description": "A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka \"Internet Explorer Memory Corruption Vulnerability.\" This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-0870, CVE-2018-0991, CVE-2018-0997, CVE-2018-1020.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-1018", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0870", "CVE-2018-0991", "CVE-2018-0997", "CVE-2018-1018", "CVE-2018-1020"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:internet_explorer:11"], "id": "CVE-2018-1018", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1018", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:01:15", "description": "A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka \"Internet Explorer Memory Corruption Vulnerability.\" This affects Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0870, CVE-2018-0997, CVE-2018-1018, CVE-2018-1020.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-0991", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0870", "CVE-2018-0991", "CVE-2018-0997", "CVE-2018-1018", "CVE-2018-1020"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:internet_explorer:11", "cpe:/a:microsoft:internet_explorer:10"], "id": "CVE-2018-0991", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0991", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:01:18", "description": "A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka \"Internet Explorer Memory Corruption Vulnerability.\" This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-0870, CVE-2018-0991, CVE-2018-1018, CVE-2018-1020.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-0997", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0870", "CVE-2018-0991", "CVE-2018-0997", "CVE-2018-1018", "CVE-2018-1020"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:internet_explorer:11"], "id": "CVE-2018-0997", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0997", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:02:48", "description": "A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka \"Internet Explorer Memory Corruption Vulnerability.\" This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0870, CVE-2018-0991, CVE-2018-0997, CVE-2018-1018.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-1020", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0870", "CVE-2018-0991", "CVE-2018-0997", "CVE-2018-1018", "CVE-2018-1020"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:internet_explorer:11", "cpe:/a:microsoft:internet_explorer:10", "cpe:/a:microsoft:internet_explorer:9"], "id": "CVE-2018-1020", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1020", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:02:35", "description": "A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka \"Microsoft Graphics Remote Code Execution Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-1012, CVE-2018-1013, CVE-2018-1015, CVE-2018-1016.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-1010", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1010", "CVE-2018-1012", "CVE-2018-1013", "CVE-2018-1015", "CVE-2018-1016"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1709", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_8.1:*", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2008:-"], "id": "CVE-2018-1010", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1010", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:02:40", "description": "A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka \"Microsoft Graphics Remote Code Execution Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-1010, CVE-2018-1013, CVE-2018-1015, CVE-2018-1016.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-1012", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1010", "CVE-2018-1012", "CVE-2018-1013", "CVE-2018-1015", "CVE-2018-1016"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1709", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_8.1:*", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2008:-"], "id": "CVE-2018-1012", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1012", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:02:39", "description": "A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka \"Microsoft Graphics Remote Code Execution Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-1010, CVE-2018-1012, CVE-2018-1015, CVE-2018-1016.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-1013", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1010", "CVE-2018-1012", "CVE-2018-1013", "CVE-2018-1015", "CVE-2018-1016"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1709", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_8.1:*", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2008:-"], "id": "CVE-2018-1013", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1013", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:02:43", "description": "A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka \"Microsoft Graphics Remote Code Execution Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-1010, CVE-2018-1012, CVE-2018-1013, CVE-2018-1015.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-1016", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1010", "CVE-2018-1012", "CVE-2018-1013", "CVE-2018-1015", "CVE-2018-1016"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1709", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_8.1:*", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2008:-"], "id": "CVE-2018-1016", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1016", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:02:42", "description": "A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka \"Microsoft Graphics Remote Code Execution Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-1010, CVE-2018-1012, CVE-2018-1013, CVE-2018-1016.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-1015", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1010", "CVE-2018-1012", "CVE-2018-1013", "CVE-2018-1015", "CVE-2018-1016"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1709", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_8.1:*", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2008:-"], "id": "CVE-2018-1015", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1015", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:01:15", "description": "An information disclosure vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka \"Scripting Engine Information Disclosure Vulnerability.\" This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0981, CVE-2018-0987, CVE-2018-1000.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-0989", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0981", "CVE-2018-0987", "CVE-2018-0989", "CVE-2018-1000"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:internet_explorer:11", "cpe:/a:microsoft:internet_explorer:10", "cpe:/a:microsoft:internet_explorer:9"], "id": "CVE-2018-0989", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0989", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:01:14", "description": "An information disclosure vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka \"Scripting Engine Information Disclosure Vulnerability.\" This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0987, CVE-2018-0989, CVE-2018-1000.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-0981", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0981", "CVE-2018-0987", "CVE-2018-0989", "CVE-2018-1000"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:internet_explorer:11", "cpe:/a:microsoft:internet_explorer:10", "cpe:/a:microsoft:internet_explorer:9"], "id": "CVE-2018-0981", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0981", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:01:14", "description": "An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Internet Explorer, aka \"Scripting Engine Information Disclosure Vulnerability.\" This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0981, CVE-2018-0989, CVE-2018-1000.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-0987", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0981", "CVE-2018-0987", "CVE-2018-0989", "CVE-2018-1000"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:internet_explorer:11", "cpe:/a:microsoft:internet_explorer:10", "cpe:/a:microsoft:internet_explorer:9"], "id": "CVE-2018-0987", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0987", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:01:18", "description": "An information disclosure vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka \"Scripting Engine Information Disclosure Vulnerability.\" This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0981, CVE-2018-0987, CVE-2018-0989.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-1000", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0981", "CVE-2018-0987", "CVE-2018-0989", "CVE-2018-1000"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:internet_explorer:11", "cpe:/a:microsoft:internet_explorer:10", "cpe:/a:microsoft:internet_explorer:9"], "id": "CVE-2018-1000", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1000", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:01:18", "description": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0996, CVE-2018-1001.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-0988", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0988", "CVE-2018-0996", "CVE-2018-1001"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:internet_explorer:11", "cpe:/a:microsoft:internet_explorer:10", "cpe:/a:microsoft:internet_explorer:9"], "id": "CVE-2018-0988", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0988", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:02:24", "description": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0988, CVE-2018-0996.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-1001", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0988", "CVE-2018-0996", "CVE-2018-1001"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:internet_explorer:11", "cpe:/a:microsoft:internet_explorer:10", "cpe:/a:microsoft:internet_explorer:9"], "id": "CVE-2018-1001", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1001", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:01:18", "description": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0988, CVE-2018-1001.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-0996", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0988", "CVE-2018-0996", "CVE-2018-1001"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:internet_explorer:11", "cpe:/a:microsoft:internet_explorer:10", "cpe:/a:microsoft:internet_explorer:9"], "id": "CVE-2018-0996", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0996", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:32:20", "description": "A denial of service vulnerability exists in the way that Windows handles objects in memory, aka \"Microsoft Graphics Component Denial of Service Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-8116", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8116"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_server_2008:*", "cpe:/o:microsoft:windows_server_2012:*", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_8.1:*", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1703"], "id": "CVE-2018-8116", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8116", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:02:32", "description": "An elevation of privilege vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory, aka \"OpenType Font Driver Elevation of Privilege Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-1008", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1008"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:*", "cpe:/o:microsoft:windows_server_2008:*", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_7:*", "cpe:/o:microsoft:windows_8.1:*", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2016:*", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1703"], "id": "CVE-2018-1008", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1008", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:02:34", "description": "An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory, aka \"Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability.\" This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-1009", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1009"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:*", "cpe:/o:microsoft:windows_server_2012:*", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_8.1:*", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2016:*", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1703"], "id": "CVE-2018-1009", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1009", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:01:13", "description": "A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka \"Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-0976", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0976"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1709", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_8.1:*", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2008:-"], "id": "CVE-2018-0976", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0976", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:01:13", "description": "A denial of service vulnerability exists in the way that Windows SNMP Service handles malformed SNMP traps, aka \"Windows SNMP Service Denial of Service Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-0967", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 6.3, "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0967"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1709", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_8.1:*", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2008:-"], "id": "CVE-2018-0967", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0967", "cvss": {"score": 6.3, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:02:31", "description": "A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka \"Windows VBScript Engine Remote Code Execution Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Internet Explorer 9, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-1004", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1004"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/a:microsoft:internet_explorer:9", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1703"], "id": "CVE-2018-1004", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1004", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:02:29", "description": "A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system, aka \"Microsoft JET Database Engine Remote Code Execution Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-1003", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1003"], "modified": "2018-05-17T17:44:00", "cpe": ["cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_8.1:*", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2008:-"], "id": "CVE-2018-1003", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1003", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:01:12", "description": "An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka \"Hyper-V Information Disclosure Vulnerability.\" This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0964.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-0957", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0957", "CVE-2018-0964"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_server_2016:1709", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_8.1:*", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1703"], "id": "CVE-2018-0957", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0957", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:01:14", "description": "An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka \"Hyper-V Information Disclosure Vulnerability.\" This affects Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0957.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.7}, "published": "2018-04-12T01:29:00", "type": "cve", "title": "CVE-2018-0964", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0957", "CVE-2018-0964"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_server_2016:1709", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_10:1703"], "id": "CVE-2018-0964", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0964", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"]}], "mskb": [{"lastseen": "2023-03-15T10:22:15", "description": "None\n## Summary\n\nAn information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An additional information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a [Kernel Address Space Layout Randomization (ASLR)](<https://technet.microsoft.com/library/security/dn848375.aspx#ASLR>) bypass. \n \nTo learn more about the vulnerabilities, see the following Common Vulnerabilities and Exposures (CVE): \n\n\n * [CVE-2018-0887](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-0887>)\n * [CVE-2018-0960](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-0960>)\n * [CVE-2018-0969](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-0969>)\n * [CVE-2018-0970](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-0970>)\n * [CVE-2018-0971](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-0971>)\n * [CVE-2018-0972](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-0972>)\n * [CVE-2018-0973](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-0973>)\n * [CVE-2018-0974](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-0974>)\n * [CVE-2018-0975](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-0975>)\n\n## Improvements and fixes\n\nAddressed a stop error that was occurring when the prior month\u2019s update was applied to a 32-bit (x86) computer with a Physical Address Extension (PAE) mode disabled.\n\n## More Information\n\n**Important **If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## How to obtain and install the update \n\n### Method 1: Windows Update\n\nThis update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see [Windows Update: FAQ](<https://www.microsoft.com/en-us/safety/pc-security/updates.aspx>).\n\n### Method 2: Microsoft Update Catalog\n\nTo get the stand-alone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/search.aspx?q=4093478>) website. \n**Note** Windows Update and Windows Server Update Services (WSUS) will offer this update to applicable Windows client and server operating systems, regardless of the existence or value of the following registry setting:HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\QualityCompat\\cadca5fe-87d3-4b96-b7fb-a231484277ccThis change has been made to protect user data.\n\n## Deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base: \n[Security update deployment information: April 10, 2018](<http://support.microsoft.com/en-us/help/20180410>)\n\n## More Information\n\n \n**File information** \n \nThe English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.\n\n**Note: **The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.\n\n## How to obtain help and support for this security update\n\nHelp for installing updates: [Windows Update: FAQ](<http://support.microsoft.com/ph/6527>) \n \nSecurity solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>) \n \nHelp for protecting your Windows-based computer from viruses and malware: [Microsoft Secure](<http://support.microsoft.com/contactus/cu_sc_virsec_master>) \n \nLocal support according to your country: [International Support](<https://www.microsoft.com/en-us/locale.aspx>) \n\n\n## Windows Server 2008 file information\n\n## File hash information\n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows6.0-KB4093478-ia64.msu| F0AF1EF79AC04CEF5CA4BB1670A2D9978A0BEC28| 36D264224B6FAA3756E48132A917AC23BB62B03D2F8EC8BD14892C5F8D806368 \nWindows6.0-KB4093478-x86.msu| B1CBB59CDA44E2D5479E36FA83FAC487F9A82B85| 8C44F5BFCB05AA4BA6FAC3D9B006F444859936A979E54961D0C138E23B996FA9 \nWindows6.0-KB4093478-x64.msu| 08C916B45EFEEEA94AB6AAE2C9CE900B2631BEE5| 315CB330B27A3EFEB0B942FA3D9D8D908BAEB67CFAE62BEBB62FB7C6FE60B5B4 \n \n## For all supported ia64-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform**| **Service branch** \n---|---|---|---|---|---|--- \nHal.dll| 6.0.6002.24335| 427,712| 18-Mar-2018| 20:32| IA-64| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 373,760| 18-Mar-2018| 23:15| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 255,488| 18-Mar-2018| 20:14| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 385,536| 18-Mar-2018| 23:33| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 352,768| 18-Mar-2018| 23:25| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 349,696| 18-Mar-2018| 23:31| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 346,624| 18-Mar-2018| 23:19| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 338,944| 18-Mar-2018| 23:12| Not applicable| Not applicable \nAdvapi32.dll| 6.0.6002.24335| 1,980,416| 18-Mar-2018| 20:09| IA-64| Not applicable \nSetbcdlocale.dll| 6.0.6002.24335| 143,360| 18-Mar-2018| 20:09| IA-64| Not applicable \nWinload.efi| 6.0.6002.24335| 1,980,096| 18-Mar-2018| 20:32| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 27,136| 18-Mar-2018| 23:12| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 26,112| 18-Mar-2018| 20:12| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 23:31| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 25,600| 18-Mar-2018| 23:22| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 25,600| 18-Mar-2018| 23:29| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 25,088| 18-Mar-2018| 23:17| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 25,088| 18-Mar-2018| 23:11| Not applicable| Not applicable \nWinload.efi| 6.0.6002.24335| 1,980,096| 18-Mar-2018| 20:32| Not applicable| Not applicable \nCi.dll.mui| 6.0.6002.24335| 9,728| 18-Mar-2018| 23:13| Not applicable| Not applicable \nCi.dll.mui| 6.0.6002.24335| 9,216| 18-Mar-2018| 20:12| Not applicable| Not applicable \nCi.dll.mui| 6.0.6002.24335| 9,728| 18-Mar-2018| 23:31| Not applicable| Not applicable \nCi.dll.mui| 6.0.6002.24335| 7,680| 18-Mar-2018| 23:24| Not applicable| Not applicable \nCi.dll| 6.0.6002.24259| 215,784| 11-Dec-2017| 21:46| IA-64| Not applicable \nDriver.stl| Not applicable| 4,349| 05-Dec-2017| 14:06| Not applicable| Not applicable \nCsrsrv.dll| 6.0.6002.24335| 150,016| 18-Mar-2018| 20:09| IA-64| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 250,880| 18-Mar-2018| 23:11| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 23,552| 18-Mar-2018| 23:14| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 160,256| 18-Mar-2018| 23:14| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 71,680| 18-Mar-2018| 23:09| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 224,256| 18-Mar-2018| 20:11| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 20,480| 18-Mar-2018| 20:13| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 146,432| 18-Mar-2018| 20:13| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 58,880| 18-Mar-2018| 20:09| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 281,088| 18-Mar-2018| 23:30| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 23,040| 18-Mar-2018| 23:32| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 181,248| 18-Mar-2018| 23:33| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 67,584| 18-Mar-2018| 23:27| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 158,720| 18-Mar-2018| 23:24| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 16,384| 18-Mar-2018| 23:25| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 110,080| 18-Mar-2018| 23:25| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 42,496| 18-Mar-2018| 23:23| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 143,360| 18-Mar-2018| 23:28| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 15,360| 18-Mar-2018| 23:30| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 101,376| 18-Mar-2018| 23:31| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 41,984| 18-Mar-2018| 23:26| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 121,344| 18-Mar-2018| 23:16| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 13,312| 18-Mar-2018| 23:18| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 87,040| 18-Mar-2018| 23:19| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 23:14| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 126,976| 18-Mar-2018| 23:10| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 13,312| 18-Mar-2018| 23:12| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 89,600| 18-Mar-2018| 23:12| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 35,840| 18-Mar-2018| 23:08| Not applicable| Not applicable \nAdtschema.dll| 6.0.6002.24335| 620,032| 18-Mar-2018| 19:37| IA-64| Not applicable \nAuditpol.exe| 6.0.6002.24335| 121,344| 18-Mar-2018| 19:43| IA-64| Not applicable \nMsaudite.dll| 6.0.6002.24335| 146,432| 18-Mar-2018| 20:09| IA-64| Not applicable \nMsobjs.dll| 6.0.6002.24335| 58,880| 18-Mar-2018| 20:09| IA-64| Not applicable \nNtdll.dll| 6.0.6002.24335| 2,542,440| 18-Mar-2018| 20:09| IA-64| Not applicable \nNtoskrnl.exe| 6.0.6002.24335| 9,427,648| 18-Mar-2018| 20:32| IA-64| Not applicable \nRpcrt4.dll| 6.0.6002.24335| 3,289,088| 18-Mar-2018| 20:09| IA-64| Not applicable \nSpsys.sys| 6.0.6002.24298| 702,464| 01-Feb-2018| 14:06| IA-64| Not applicable \nSmss.exe| 6.0.6002.24335| 159,232| 18-Mar-2018| 19:39| IA-64| Not applicable \nIa32exec.bin| 6.5.6524.0| 8,262,048| 16-Nov-2017| 03:20| Not applicable| IA64_MICROSOFT-WINDOWS-WOW \nNtvdm64.dll| 6.0.6002.24335| 27,648| 18-Mar-2018| 20:09| IA-64| IA64_MICROSOFT-WINDOWS-WOW \nWow64.dll| 6.0.6002.24335| 523,776| 18-Mar-2018| 20:09| IA-64| IA64_MICROSOFT-WINDOWS-WOW \nWow64cpu.dll| 6.0.6002.24335| 43,008| 18-Mar-2018| 20:09| IA-64| IA64_MICROSOFT-WINDOWS-WOW \nWow64win.dll| 6.0.6002.24335| 620,544| 18-Mar-2018| 20:09| IA-64| IA64_MICROSOFT-WINDOWS-WOW \nWowia32x.dll| 6.5.6563.0| 88,576| 18-Mar-2018| 20:09| IA-64| IA64_MICROSOFT-WINDOWS-WOW \nNtdll.dll| 6.0.6002.24335| 1,159,528| 18-Mar-2018| 20:23| x86| Not applicable \nRpcrt4.dll| 6.0.6002.24335| 679,424| 18-Mar-2018| 20:23| x86| Not applicable \nAcwow64.dll| 6.0.6002.24335| 43,008| 18-Mar-2018| 20:23| x86| WOW64_MICROSOFT-WINDOWS-WOW \nInstnm.exe| 6.0.6002.24335| 7,680| 18-Mar-2018| 19:27| x86| WOW64_MICROSOFT-WINDOWS-WOW \nNtvdm64.dll| 6.0.6002.24335| 14,336| 18-Mar-2018| 20:23| x86| WOW64_MICROSOFT-WINDOWS-WOW \nSetup16.exe| 3.1.0.1918| 26,112| 18-Mar-2018| 19:27| x86| WOW64_MICROSOFT-WINDOWS-WOW \nUser.exe| 6.0.6002.24335| 2,560| 18-Mar-2018| 19:27| x86| WOW64_MICROSOFT-WINDOWS-WOW \nWow32.dll| 6.0.6002.24335| 5,120| 18-Mar-2018| 20:23| x86| WOW64_MICROSOFT-WINDOWS-WOW \nAdvapi32.dll.mui| 6.0.6002.24335| 385,024| 18-Mar-2018| 23:01| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 266,240| 18-Mar-2018| 20:28| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 393,216| 18-Mar-2018| 22:54| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 360,448| 18-Mar-2018| 23:04| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 360,448| 18-Mar-2018| 22:57| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 356,352| 18-Mar-2018| 22:58| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 348,160| 18-Mar-2018| 22:58| Not applicable| Not applicable \nAdvapi32.dll| 6.0.6002.24335| 823,808| 18-Mar-2018| 20:23| x86| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 262,144| 18-Mar-2018| 22:59| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 23:01| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 167,936| 18-Mar-2018| 23:01| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 81,920| 18-Mar-2018| 22:58| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 233,472| 18-Mar-2018| 20:27| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 28,672| 18-Mar-2018| 20:28| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 155,648| 18-Mar-2018| 20:28| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 69,632| 18-Mar-2018| 20:26| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 290,816| 18-Mar-2018| 22:52| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 22:53| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 192,512| 18-Mar-2018| 22:54| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 77,824| 18-Mar-2018| 22:50| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 167,936| 18-Mar-2018| 23:02| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 24,576| 18-Mar-2018| 23:03| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 118,784| 18-Mar-2018| 23:04| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 53,248| 18-Mar-2018| 23:01| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 151,552| 18-Mar-2018| 22:55| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 24,576| 18-Mar-2018| 22:56| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 110,592| 18-Mar-2018| 22:57| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 53,248| 18-Mar-2018| 22:54| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 131,072| 18-Mar-2018| 22:56| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 24,576| 18-Mar-2018| 22:58| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 98,304| 18-Mar-2018| 22:58| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 40,960| 18-Mar-2018| 22:55| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 135,168| 18-Mar-2018| 22:56| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 24,576| 18-Mar-2018| 22:57| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 98,304| 18-Mar-2018| 22:58| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 45,056| 18-Mar-2018| 22:55| Not applicable| Not applicable \nAdtschema.dll| 6.0.6002.24335| 620,032| 18-Mar-2018| 19:27| x86| Not applicable \nAuditpol.exe| 6.0.6002.24335| 41,472| 18-Mar-2018| 19:29| x86| Not applicable \nMsaudite.dll| 6.0.6002.24335| 146,432| 18-Mar-2018| 20:23| x86| Not applicable \nMsobjs.dll| 6.0.6002.24335| 58,880| 18-Mar-2018| 20:23| x86| Not applicable \n \n## For all supported x86-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nHalacpi.dll| 6.0.6002.24335| 138,944| 18-Mar-2018| 20:46| x86 \nHalmacpi.dll| 6.0.6002.24335| 170,176| 18-Mar-2018| 20:46| x86 \nAdvapi32.dll.mui| 6.0.6002.24335| 380,928| 18-Mar-2018| 23:02| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 389,120| 18-Mar-2018| 22:52| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 385,024| 18-Mar-2018| 22:52| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 385,024| 18-Mar-2018| 23:01| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 401,408| 18-Mar-2018| 23:02| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 266,240| 18-Mar-2018| 20:28| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 393,216| 18-Mar-2018| 23:03| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 385,024| 18-Mar-2018| 23:00| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 393,216| 18-Mar-2018| 22:54| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 376,832| 18-Mar-2018| 23:06| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 393,216| 18-Mar-2018| 23:07| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 389,120| 18-Mar-2018| 22:52| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 360,448| 18-Mar-2018| 23:04| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 360,448| 18-Mar-2018| 22:57| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 385,024| 18-Mar-2018| 22:59| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 389,120| 18-Mar-2018| 22:53| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 393,216| 18-Mar-2018| 23:00| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 389,120| 18-Mar-2018| 23:02| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 389,120| 18-Mar-2018| 22:52| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 393,216| 18-Mar-2018| 22:54| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 385,024| 18-Mar-2018| 23:03| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 385,024| 18-Mar-2018| 23:04| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 356,352| 18-Mar-2018| 22:58| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 348,160| 18-Mar-2018| 22:58| Not applicable \nAdvapi32.dll| 6.0.6002.24335| 823,808| 18-Mar-2018| 20:23| x86 \nSetbcdlocale.dll| 6.0.6002.24335| 46,592| 18-Mar-2018| 20:23| x86 \nWinload.exe| 6.0.6002.24335| 1,016,512| 18-Mar-2018| 20:46| x86 \nWinresume.exe| 6.0.6002.24335| 931,520| 18-Mar-2018| 20:46| x86 \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 22:48| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:46| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 22:48| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:47| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 27,136| 18-Mar-2018| 22:57| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:55| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 27,136| 18-Mar-2018| 22:58| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:56| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,112| 18-Mar-2018| 20:25| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 20:24| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 22:59| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:57| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 22:56| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:55| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 22:50| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:48| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 23:03| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:01| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 22:48| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:46| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 25,600| 18-Mar-2018| 23:01| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:59| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 25,600| 18-Mar-2018| 22:54| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:52| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 22:55| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:53| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 22:49| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:47| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 27,136| 18-Mar-2018| 22:56| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:54| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 22:57| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:55| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 22:48| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:46| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 22:50| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:48| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 22:59| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:56| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,112| 18-Mar-2018| 22:59| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:57| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 25,088| 18-Mar-2018| 22:55| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:53| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 25,088| 18-Mar-2018| 22:47| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:46| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 25,088| 18-Mar-2018| 22:55| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:53| Not applicable \nWinload.exe| 6.0.6002.24332| 1,016,512| 15-Mar-2018| 13:07| x86 \nWinresume.exe| 6.0.6002.24259| 931,560| 11-Dec-2017| 21:46| x86 \nCi.dll.mui| 6.0.6002.24335| 10,240| 18-Mar-2018| 23:00| Not applicable \nCi.dll.mui| 6.0.6002.24335| 9,728| 18-Mar-2018| 20:27| Not applicable \nCi.dll.mui| 6.0.6002.24335| 10,240| 18-Mar-2018| 23:02| Not applicable \nCi.dll.mui| 6.0.6002.24335| 10,240| 18-Mar-2018| 22:53| Not applicable \nCi.dll.mui| 6.0.6002.24335| 10,752| 18-Mar-2018| 22:51| Not applicable \nCi.dll.mui| 6.0.6002.24335| 8,192| 18-Mar-2018| 23:03| Not applicable \nCi.dll.mui| 6.0.6002.24335| 9,728| 18-Mar-2018| 22:52| Not applicable \nCi.dll| 6.0.6002.24259| 650,984| 11-Dec-2017| 21:46| x86 \nDriver.stl| Not applicable| 4,349| 04-Dec-2017| 21:36| Not applicable \nCsrsrv.dll| 6.0.6002.24335| 49,664| 18-Mar-2018| 20:23| x86 \nAdtschema.dll.mui| 6.0.6002.24335| 229,376| 18-Mar-2018| 23:00| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 28,672| 18-Mar-2018| 23:01| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 159,744| 18-Mar-2018| 23:01| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 69,632| 18-Mar-2018| 22:58| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 245,760| 18-Mar-2018| 22:50| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 22:52| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 176,128| 18-Mar-2018| 22:52| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 81,920| 18-Mar-2018| 22:49| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 241,664| 18-Mar-2018| 22:50| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 22:52| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 167,936| 18-Mar-2018| 22:52| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 73,728| 18-Mar-2018| 22:49| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 262,144| 18-Mar-2018| 22:59| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 23:01| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 167,936| 18-Mar-2018| 23:01| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 81,920| 18-Mar-2018| 22:58| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 286,720| 18-Mar-2018| 22:59| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 23:01| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 196,608| 18-Mar-2018| 23:01| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 81,920| 18-Mar-2018| 22:58| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 233,472| 18-Mar-2018| 20:27| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 28,672| 18-Mar-2018| 20:28| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 155,648| 18-Mar-2018| 20:28| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 69,632| 18-Mar-2018| 20:26| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 274,432| 18-Mar-2018| 23:01| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 23:02| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 192,512| 18-Mar-2018| 23:03| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 77,824| 18-Mar-2018| 22:59| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 237,568| 18-Mar-2018| 22:58| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 23:00| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 172,032| 18-Mar-2018| 23:00| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 77,824| 18-Mar-2018| 22:57| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 290,816| 18-Mar-2018| 22:52| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 22:53| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 192,512| 18-Mar-2018| 22:54| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 77,824| 18-Mar-2018| 22:50| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 221,184| 18-Mar-2018| 23:04| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 28,672| 18-Mar-2018| 23:06| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 147,456| 18-Mar-2018| 23:06| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 69,632| 18-Mar-2018| 23:03| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 262,144| 18-Mar-2018| 23:05| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 23:06| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 180,224| 18-Mar-2018| 23:07| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 86,016| 18-Mar-2018| 23:03| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 262,144| 18-Mar-2018| 22:50| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 22:51| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 176,128| 18-Mar-2018| 22:52| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 81,920| 18-Mar-2018| 22:49| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 167,936| 18-Mar-2018| 23:02| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 24,576| 18-Mar-2018| 23:03| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 118,784| 18-Mar-2018| 23:04| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 53,248| 18-Mar-2018| 23:01| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 151,552| 18-Mar-2018| 22:55| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 24,576| 18-Mar-2018| 22:56| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 110,592| 18-Mar-2018| 22:57| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 53,248| 18-Mar-2018| 22:54| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 241,664| 18-Mar-2018| 22:57| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 22:58| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 163,840| 18-Mar-2018| 22:59| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 73,728| 18-Mar-2018| 22:56| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 253,952| 18-Mar-2018| 22:50| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 22:52| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 176,128| 18-Mar-2018| 22:52| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 81,920| 18-Mar-2018| 22:49| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 270,336| 18-Mar-2018| 22:58| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 23:00| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 188,416| 18-Mar-2018| 23:00| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 81,920| 18-Mar-2018| 22:56| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 274,432| 18-Mar-2018| 22:59| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 23:01| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 192,512| 18-Mar-2018| 23:01| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 77,824| 18-Mar-2018| 22:58| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 270,336| 18-Mar-2018| 22:50| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 22:52| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 192,512| 18-Mar-2018| 22:52| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 77,824| 18-Mar-2018| 22:49| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 266,240| 18-Mar-2018| 22:51| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 22:53| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 172,032| 18-Mar-2018| 22:54| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 86,016| 18-Mar-2018| 22:50| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 241,664| 18-Mar-2018| 23:01| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 23:02| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 172,032| 18-Mar-2018| 23:03| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 73,728| 18-Mar-2018| 22:59| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 241,664| 18-Mar-2018| 23:01| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 28,672| 18-Mar-2018| 23:03| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 167,936| 18-Mar-2018| 23:03| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 69,632| 18-Mar-2018| 23:00| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 131,072| 18-Mar-2018| 22:56| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 24,576| 18-Mar-2018| 22:58| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 98,304| 18-Mar-2018| 22:58| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 40,960| 18-Mar-2018| 22:55| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 135,168| 18-Mar-2018| 22:56| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 24,576| 18-Mar-2018| 22:57| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 98,304| 18-Mar-2018| 22:58| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 45,056| 18-Mar-2018| 22:55| Not applicable \nAdtschema.dll| 6.0.6002.24335| 620,032| 18-Mar-2018| 19:27| x86 \nAuditpol.exe| 6.0.6002.24335| 41,472| 18-Mar-2018| 19:29| x86 \nMsaudite.dll| 6.0.6002.24335| 146,432| 18-Mar-2018| 20:23| x86 \nMsobjs.dll| 6.0.6002.24335| 58,880| 18-Mar-2018| 20:23| x86 \nNtdll.dll| 6.0.6002.24335| 1,200,488| 18-Mar-2018| 20:23| x86 \nNtkrnlpa.exe| 6.0.6002.24335| 3,582,144| 18-Mar-2018| 20:46| Not applicable \nNtoskrnl.exe| 6.0.6002.24335| 3,494,592| 18-Mar-2018| 20:46| Not applicable \nRpcrt4.dll| 6.0.6002.24335| 783,872| 18-Mar-2018| 20:23| x86 \nSpsys.sys| 6.0.6002.24298| 342,528| 18-Mar-2018| 19:00| x86 \nSmss.exe| 6.0.6002.24335| 64,512| 18-Mar-2018| 19:27| x86 \nVideoprt.sys| 6.0.6002.24335| 104,960| 18-Mar-2018| 19:31| x86 \n \n## For all supported x64-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform**| **Service branch** \n---|---|---|---|---|---|--- \nHal.dll| 6.0.6002.24335| 230,592| 18-Mar-2018| 20:35| x64| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 371,200| 18-Mar-2018| 23:09| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 379,392| 18-Mar-2018| 23:04| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 376,832| 18-Mar-2018| 23:10| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 373,760| 18-Mar-2018| 23:12| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 393,216| 18-Mar-2018| 23:10| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 255,488| 18-Mar-2018| 20:19| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 381,952| 18-Mar-2018| 23:02| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 375,808| 18-Mar-2018| 23:11| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 385,536| 18-Mar-2018| 23:03| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 366,080| 18-Mar-2018| 23:11| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 383,488| 18-Mar-2018| 23:04| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 380,928| 18-Mar-2018| 23:13| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 352,768| 18-Mar-2018| 23:09| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 349,696| 18-Mar-2018| 23:17| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 374,272| 18-Mar-2018| 23:11| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 380,416| 18-Mar-2018| 23:12| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 385,536| 18-Mar-2018| 23:03| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 379,392| 18-Mar-2018| 23:11| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 379,904| 18-Mar-2018| 23:12| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 385,536| 18-Mar-2018| 23:13| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 375,296| 18-Mar-2018| 23:11| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 375,296| 18-Mar-2018| 23:02| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 346,624| 18-Mar-2018| 23:07| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 338,944| 18-Mar-2018| 23:08| Not applicable| Not applicable \nAdvapi32.dll| 6.0.6002.24335| 1,079,808| 18-Mar-2018| 20:13| x64| Not applicable \nSetbcdlocale.dll| 6.0.6002.24335| 58,368| 18-Mar-2018| 20:13| x64| Not applicable \nWinload.efi| 6.0.6002.24335| 1,102,528| 18-Mar-2018| 20:35| Not applicable| Not applicable \nWinload.exe| 6.0.6002.24335| 1,089,216| 18-Mar-2018| 20:35| x64| Not applicable \nWinresume.efi| 6.0.6002.24335| 998,080| 18-Mar-2018| 20:35| Not applicable| Not applicable \nWinresume.exe| 6.0.6002.24335| 987,328| 18-Mar-2018| 20:35| x64| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 26,112| 18-Mar-2018| 22:58| Not applicable| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 22:59| Not applicable| Not applicable \nWinresume.efi.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:01| Not applicable| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:57| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 26,112| 18-Mar-2018| 23:04| Not applicable| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 23:06| Not applicable| Not applicable \nWinresume.efi.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:07| Not applicable| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:04| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 27,136| 18-Mar-2018| 23:06| Not applicable| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 27,136| 18-Mar-2018| 23:08| Not applicable| Not applicable \nWinresume.efi.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:09| Not applicable| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:06| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 26,112| 18-Mar-2018| 23:04| Not applicable| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 27,136| 18-Mar-2018| 23:06| Not applicable| Not applicable \nWinresume.efi.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:08| Not applicable| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:04| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 26,112| 18-Mar-2018| 20:14| Not applicable| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,112| 18-Mar-2018| 20:16| Not applicable| Not applicable \nWinresume.efi.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 20:17| Not applicable| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 20:14| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 26,112| 18-Mar-2018| 22:56| Not applicable| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 22:58| Not applicable| Not applicable \nWinresume.efi.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:59| Not applicable| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:56| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 26,112| 18-Mar-2018| 23:05| Not applicable| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 23:07| Not applicable| Not applicable \nWinresume.efi.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:08| Not applicable| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:05| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 22:57| Not applicable| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 22:59| Not applicable| Not applicable \nWinresume.efi.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:00| Not applicable| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:57| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 26,112| 18-Mar-2018| 22:58| Not applicable| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 23:00| Not applicable| Not applicable \nWinresume.efi.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:01| Not applicable| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:58| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 26,112| 18-Mar-2018| 23:06| Not applicable| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 23:08| Not applicable| Not applicable \nWinresume.efi.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:10| Not applicable| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:06| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 25,600| 18-Mar-2018| 23:04| Not applicable| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 25,600| 18-Mar-2018| 23:05| Not applicable| Not applicable \nWinresume.efi.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:07| Not applicable| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:04| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 25,600| 18-Mar-2018| 23:12| Not applicable| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 25,600| 18-Mar-2018| 23:14| Not applicable| Not applicable \nWinresume.efi.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:15| Not applicable| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:12| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 26,112| 18-Mar-2018| 23:05| Not applicable| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 23:07| Not applicable| Not applicable \nWinresume.efi.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:09| Not applicable| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:05| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 26,112| 18-Mar-2018| 23:05| Not applicable| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 23:07| Not applicable| Not applicable \nWinresume.efi.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:09| Not applicable| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:05| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 26,112| 18-Mar-2018| 22:57| Not applicable| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 27,136| 18-Mar-2018| 22:59| Not applicable| Not applicable \nWinresume.efi.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:00| Not applicable| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:57| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 26,112| 18-Mar-2018| 23:05| Not applicable| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 23:06| Not applicable| Not applicable \nWinresume.efi.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:08| Not applicable| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:04| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 26,112| 18-Mar-2018| 23:06| Not applicable| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 23:08| Not applicable| Not applicable \nWinresume.efi.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:10| Not applicable| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:06| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 26,112| 18-Mar-2018| 23:07| Not applicable| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 23:09| Not applicable| Not applicable \nWinresume.efi.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:11| Not applicable| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:07| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 26,112| 18-Mar-2018| 23:05| Not applicable| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,624| 18-Mar-2018| 23:07| Not applicable| Not applicable \nWinresume.efi.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:09| Not applicable| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:05| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 26,112| 18-Mar-2018| 22:56| Not applicable| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 26,112| 18-Mar-2018| 22:58| Not applicable| Not applicable \nWinresume.efi.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:59| Not applicable| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 22:56| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 25,088| 18-Mar-2018| 23:02| Not applicable| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 25,088| 18-Mar-2018| 23:04| Not applicable| Not applicable \nWinresume.efi.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:05| Not applicable| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:02| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 26,112| 18-Mar-2018| 23:07| Not applicable| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 25,088| 18-Mar-2018| 23:10| Not applicable| Not applicable \nWinresume.efi.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:05| Not applicable| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:06| Not applicable| Not applicable \nWinload.efi.mui| 6.0.6002.24335| 25,088| 18-Mar-2018| 23:03| Not applicable| Not applicable \nWinload.exe.mui| 6.0.6002.24335| 25,088| 18-Mar-2018| 23:04| Not applicable| Not applicable \nWinresume.efi.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:06| Not applicable| Not applicable \nWinresume.exe.mui| 6.0.6002.24335| 19,456| 18-Mar-2018| 23:03| Not applicable| Not applicable \nWinload.efi| 6.0.6002.24335| 1,102,528| 18-Mar-2018| 20:35| Not applicable| Not applicable \nWinload.exe| 6.0.6002.24332| 1,089,216| 15-Mar-2018| 13:07| x64| Not applicable \nWinresume.efi| 6.0.6002.24335| 998,080| 18-Mar-2018| 20:35| Not applicable| Not applicable \nWinresume.exe| 6.0.6002.24259| 986,856| 11-Dec-2017| 21:46| x64| Not applicable \nCi.dll.mui| 6.0.6002.24335| 9,728| 18-Mar-2018| 23:11| Not applicable| Not applicable \nCi.dll.mui| 6.0.6002.24335| 9,216| 18-Mar-2018| 20:18| Not applicable| Not applicable \nCi.dll.mui| 6.0.6002.24335| 9,728| 18-Mar-2018| 23:00| Not applicable| Not applicable \nCi.dll.mui| 6.0.6002.24335| 9,728| 18-Mar-2018| 23:02| Not applicable| Not applicable \nCi.dll.mui| 6.0.6002.24335| 10,240| 18-Mar-2018| 23:12| Not applicable| Not applicable \nCi.dll.mui| 6.0.6002.24335| 7,680| 18-Mar-2018| 23:08| Not applicable| Not applicable \nCi.dll.mui| 6.0.6002.24335| 9,216| 18-Mar-2018| 23:10| Not applicable| Not applicable \nCi.dll| 6.0.6002.24259| 411,368| 11-Dec-2017| 21:46| x64| Not applicable \nDriver.stl| Not applicable| 4,349| 05-Dec-2017| 14:06| Not applicable| Not applicable \nCsrsrv.dll| 6.0.6002.24335| 86,016| 18-Mar-2018| 20:13| x64| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 220,672| 18-Mar-2018| 23:07| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 20,480| 18-Mar-2018| 23:08| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 152,064| 18-Mar-2018| 23:09| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 60,928| 18-Mar-2018| 23:06| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 234,496| 18-Mar-2018| 23:01| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 22,016| 18-Mar-2018| 23:03| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 165,376| 18-Mar-2018| 23:03| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 71,680| 18-Mar-2018| 23:00| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 230,400| 18-Mar-2018| 23:08| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 22,016| 18-Mar-2018| 23:09| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 156,672| 18-Mar-2018| 23:09| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 66,048| 18-Mar-2018| 23:06| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 250,880| 18-Mar-2018| 23:10| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 23,552| 18-Mar-2018| 23:11| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 160,256| 18-Mar-2018| 23:11| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 71,680| 18-Mar-2018| 23:08| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 278,016| 18-Mar-2018| 23:08| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 23,552| 18-Mar-2018| 23:09| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 187,392| 18-Mar-2018| 23:10| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 74,240| 18-Mar-2018| 23:07| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 224,256| 18-Mar-2018| 20:17| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 20,480| 18-Mar-2018| 20:18| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 146,432| 18-Mar-2018| 20:19| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 58,880| 18-Mar-2018| 20:16| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 264,704| 18-Mar-2018| 22:59| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 23,040| 18-Mar-2018| 23:01| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 183,808| 18-Mar-2018| 23:01| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 67,584| 18-Mar-2018| 22:58| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 227,840| 18-Mar-2018| 23:09| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 21,504| 18-Mar-2018| 23:10| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 160,768| 18-Mar-2018| 23:11| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 68,608| 18-Mar-2018| 23:07| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 281,088| 18-Mar-2018| 23:01| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 23,040| 18-Mar-2018| 23:02| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 181,248| 18-Mar-2018| 23:03| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 67,584| 18-Mar-2018| 22:59| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 210,944| 18-Mar-2018| 23:09| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 20,480| 18-Mar-2018| 23:11| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 136,192| 18-Mar-2018| 23:11| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 61,440| 18-Mar-2018| 23:08| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 254,464| 18-Mar-2018| 23:02| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 22,528| 18-Mar-2018| 23:03| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 171,008| 18-Mar-2018| 23:04| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 76,288| 18-Mar-2018| 23:00| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 253,440| 18-Mar-2018| 23:11| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 23,040| 18-Mar-2018| 23:12| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 166,912| 18-Mar-2018| 23:13| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 70,656| 18-Mar-2018| 23:09| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 158,720| 18-Mar-2018| 23:07| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 16,384| 18-Mar-2018| 23:08| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 110,080| 18-Mar-2018| 23:08| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 42,496| 18-Mar-2018| 23:06| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 143,360| 18-Mar-2018| 23:15| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 15,360| 18-Mar-2018| 23:16| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 101,376| 18-Mar-2018| 23:17| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 41,984| 18-Mar-2018| 23:14| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 231,424| 18-Mar-2018| 23:09| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 22,016| 18-Mar-2018| 23:11| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 153,600| 18-Mar-2018| 23:11| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 65,024| 18-Mar-2018| 23:08| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 243,200| 18-Mar-2018| 23:09| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 22,528| 18-Mar-2018| 23:11| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 165,888| 18-Mar-2018| 23:11| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 70,656| 18-Mar-2018| 23:08| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 261,632| 18-Mar-2018| 23:01| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 22,528| 18-Mar-2018| 23:02| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 180,224| 18-Mar-2018| 23:03| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 72,192| 18-Mar-2018| 22:59| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 265,728| 18-Mar-2018| 23:08| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 22,528| 18-Mar-2018| 23:10| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 181,248| 18-Mar-2018| 23:10| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 68,096| 18-Mar-2018| 23:07| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 260,608| 18-Mar-2018| 23:10| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 23,552| 18-Mar-2018| 23:12| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 181,248| 18-Mar-2018| 23:12| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 67,584| 18-Mar-2018| 23:09| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 257,024| 18-Mar-2018| 23:11| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 22,528| 18-Mar-2018| 23:13| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 163,328| 18-Mar-2018| 23:13| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 74,752| 18-Mar-2018| 23:10| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 231,424| 18-Mar-2018| 23:09| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 21,504| 18-Mar-2018| 23:11| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 161,280| 18-Mar-2018| 23:11| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 65,024| 18-Mar-2018| 23:08| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 231,424| 18-Mar-2018| 23:00| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 20,992| 18-Mar-2018| 23:01| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 159,744| 18-Mar-2018| 23:02| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 60,416| 18-Mar-2018| 22:58| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 121,344| 18-Mar-2018| 23:05| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 13,312| 18-Mar-2018| 23:06| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 87,040| 18-Mar-2018| 23:07| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 23:04| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 126,976| 18-Mar-2018| 23:06| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 13,312| 18-Mar-2018| 23:07| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 89,600| 18-Mar-2018| 23:07| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 35,840| 18-Mar-2018| 23:05| Not applicable| Not applicable \nAdtschema.dll| 6.0.6002.24335| 620,032| 18-Mar-2018| 19:39| x64| Not applicable \nAuditpol.exe| 6.0.6002.24335| 53,248| 18-Mar-2018| 19:44| x64| Not applicable \nMsaudite.dll| 6.0.6002.24335| 146,432| 18-Mar-2018| 20:13| x64| Not applicable \nMsobjs.dll| 6.0.6002.24335| 58,880| 18-Mar-2018| 20:13| x64| Not applicable \nNtdll.dll| 6.0.6002.24335| 1,571,688| 18-Mar-2018| 20:13| x64| Not applicable \nNtoskrnl.exe| 6.0.6002.24335| 4,718,272| 18-Mar-2018| 20:35| x64| Not applicable \nRpcrt4.dll| 6.0.6002.24335| 1,308,160| 18-Mar-2018| 20:13| x64| Not applicable \nSpsys.sys| 6.0.6002.24298| 354,816| 01-Feb-2018| 14:06| x64| Not applicable \nSmss.exe| 6.0.6002.24335| 75,776| 18-Mar-2018| 19:40| x64| Not applicable \nNtvdm64.dll| 6.0.6002.24335| 16,896| 18-Mar-2018| 20:13| x64| AMD64_MICROSOFT-WINDOWS-WOW \nWow64.dll| 6.0.6002.24335| 234,496| 18-Mar-2018| 20:13| x64| AMD64_MICROSOFT-WINDOWS-WOW \nWow64cpu.dll| 6.0.6002.24335| 17,408| 18-Mar-2018| 20:13| x64| AMD64_MICROSOFT-WINDOWS-WOW \nWow64win.dll| 6.0.6002.24335| 301,568| 18-Mar-2018| 20:13| x64| AMD64_MICROSOFT-WINDOWS-WOW \nNtdll.dll| 6.0.6002.24335| 1,159,528| 18-Mar-2018| 20:23| x86| Not applicable \nRpcrt4.dll| 6.0.6002.24335| 679,424| 18-Mar-2018| 20:23| x86| Not applicable \nAcwow64.dll| 6.0.6002.24335| 43,008| 18-Mar-2018| 20:23| x86| WOW64_MICROSOFT-WINDOWS-WOW \nInstnm.exe| 6.0.6002.24335| 7,680| 18-Mar-2018| 19:27| x86| WOW64_MICROSOFT-WINDOWS-WOW \nNtvdm64.dll| 6.0.6002.24335| 14,336| 18-Mar-2018| 20:23| x86| WOW64_MICROSOFT-WINDOWS-WOW \nSetup16.exe| 3.1.0.1918| 26,112| 18-Mar-2018| 19:27| x86| WOW64_MICROSOFT-WINDOWS-WOW \nUser.exe| 6.0.6002.24335| 2,560| 18-Mar-2018| 19:27| x86| WOW64_MICROSOFT-WINDOWS-WOW \nWow32.dll| 6.0.6002.24335| 5,120| 18-Mar-2018| 20:23| x86| WOW64_MICROSOFT-WINDOWS-WOW \nAdvapi32.dll.mui| 6.0.6002.24335| 380,928| 18-Mar-2018| 23:02| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 389,120| 18-Mar-2018| 22:52| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 385,024| 18-Mar-2018| 22:52| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 385,024| 18-Mar-2018| 23:01| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 401,408| 18-Mar-2018| 23:02| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 266,240| 18-Mar-2018| 20:28| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 393,216| 18-Mar-2018| 23:03| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 385,024| 18-Mar-2018| 23:00| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 393,216| 18-Mar-2018| 22:54| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 376,832| 18-Mar-2018| 23:06| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 393,216| 18-Mar-2018| 23:07| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 389,120| 18-Mar-2018| 22:52| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 360,448| 18-Mar-2018| 23:04| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 360,448| 18-Mar-2018| 22:57| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 385,024| 18-Mar-2018| 22:59| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 389,120| 18-Mar-2018| 22:53| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 393,216| 18-Mar-2018| 23:00| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 389,120| 18-Mar-2018| 23:02| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 389,120| 18-Mar-2018| 22:52| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 393,216| 18-Mar-2018| 22:54| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 385,024| 18-Mar-2018| 23:03| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 385,024| 18-Mar-2018| 23:04| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 356,352| 18-Mar-2018| 22:58| Not applicable| Not applicable \nAdvapi32.dll.mui| 6.0.6002.24335| 348,160| 18-Mar-2018| 22:58| Not applicable| Not applicable \nAdvapi32.dll| 6.0.6002.24335| 823,808| 18-Mar-2018| 20:23| x86| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 229,376| 18-Mar-2018| 23:00| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 28,672| 18-Mar-2018| 23:01| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 159,744| 18-Mar-2018| 23:01| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 69,632| 18-Mar-2018| 22:58| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 245,760| 18-Mar-2018| 22:50| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 22:52| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 176,128| 18-Mar-2018| 22:52| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 81,920| 18-Mar-2018| 22:49| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 241,664| 18-Mar-2018| 22:50| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 22:52| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 167,936| 18-Mar-2018| 22:52| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 73,728| 18-Mar-2018| 22:49| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 262,144| 18-Mar-2018| 22:59| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 23:01| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 167,936| 18-Mar-2018| 23:01| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 81,920| 18-Mar-2018| 22:58| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 286,720| 18-Mar-2018| 22:59| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 23:01| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 196,608| 18-Mar-2018| 23:01| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 81,920| 18-Mar-2018| 22:58| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 233,472| 18-Mar-2018| 20:27| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 28,672| 18-Mar-2018| 20:28| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 155,648| 18-Mar-2018| 20:28| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 69,632| 18-Mar-2018| 20:26| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 274,432| 18-Mar-2018| 23:01| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 23:02| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 192,512| 18-Mar-2018| 23:03| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 77,824| 18-Mar-2018| 22:59| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 237,568| 18-Mar-2018| 22:58| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 23:00| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 172,032| 18-Mar-2018| 23:00| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 77,824| 18-Mar-2018| 22:57| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 290,816| 18-Mar-2018| 22:52| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 22:53| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 192,512| 18-Mar-2018| 22:54| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 77,824| 18-Mar-2018| 22:50| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 221,184| 18-Mar-2018| 23:04| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 28,672| 18-Mar-2018| 23:06| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 147,456| 18-Mar-2018| 23:06| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 69,632| 18-Mar-2018| 23:03| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 262,144| 18-Mar-2018| 23:05| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 23:06| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 180,224| 18-Mar-2018| 23:07| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 86,016| 18-Mar-2018| 23:03| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 262,144| 18-Mar-2018| 22:50| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 22:51| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 176,128| 18-Mar-2018| 22:52| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 81,920| 18-Mar-2018| 22:49| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 167,936| 18-Mar-2018| 23:02| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 24,576| 18-Mar-2018| 23:03| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 118,784| 18-Mar-2018| 23:04| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 53,248| 18-Mar-2018| 23:01| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 151,552| 18-Mar-2018| 22:55| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 24,576| 18-Mar-2018| 22:56| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 110,592| 18-Mar-2018| 22:57| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 53,248| 18-Mar-2018| 22:54| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 241,664| 18-Mar-2018| 22:57| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 22:58| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 163,840| 18-Mar-2018| 22:59| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 73,728| 18-Mar-2018| 22:56| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 253,952| 18-Mar-2018| 22:50| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 22:52| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 176,128| 18-Mar-2018| 22:52| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 81,920| 18-Mar-2018| 22:49| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 270,336| 18-Mar-2018| 22:58| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 23:00| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 188,416| 18-Mar-2018| 23:00| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 81,920| 18-Mar-2018| 22:56| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 274,432| 18-Mar-2018| 22:59| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 23:01| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 192,512| 18-Mar-2018| 23:01| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 77,824| 18-Mar-2018| 22:58| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 270,336| 18-Mar-2018| 22:50| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 22:52| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 192,512| 18-Mar-2018| 22:52| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 77,824| 18-Mar-2018| 22:49| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 266,240| 18-Mar-2018| 22:51| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 22:53| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 172,032| 18-Mar-2018| 22:54| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 86,016| 18-Mar-2018| 22:50| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 241,664| 18-Mar-2018| 23:01| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 32,768| 18-Mar-2018| 23:02| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 172,032| 18-Mar-2018| 23:03| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 73,728| 18-Mar-2018| 22:59| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 241,664| 18-Mar-2018| 23:01| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 28,672| 18-Mar-2018| 23:03| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 167,936| 18-Mar-2018| 23:03| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 69,632| 18-Mar-2018| 23:00| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 131,072| 18-Mar-2018| 22:56| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 24,576| 18-Mar-2018| 22:58| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 98,304| 18-Mar-2018| 22:58| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 40,960| 18-Mar-2018| 22:55| Not applicable| Not applicable \nAdtschema.dll.mui| 6.0.6002.24335| 135,168| 18-Mar-2018| 22:56| Not applicable| Not applicable \nAuditpol.exe.mui| 6.0.6002.24335| 24,576| 18-Mar-2018| 22:57| Not applicable| Not applicable \nMsaudite.dll.mui| 6.0.6002.24335| 98,304| 18-Mar-2018| 22:58| Not applicable| Not applicable \nMsobjs.dll.mui| 6.0.6002.24335| 45,056| 18-Mar-2018| 22:55| Not applicable| Not applicable \nAdtschema.dll| 6.0.6002.24335| 620,032| 18-Mar-2018| 19:27| x86| Not applicable \nAuditpol.exe| 6.0.6002.24335| 41,472| 18-Mar-2018| 19:29| x86| Not applicable \nMsaudite.dll| 6.0.6002.24335| 146,432| 18-Mar-2018| 20:23| x86| Not applicable \nMsobjs.dll| 6.0.6002.24335| 58,880| 18-Mar-2018| 20:23| x86| Not applicable\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-10T07:00:00", "type": "mskb", "title": "Description of the security update for the kernel information disclosure vulnerabilities in Windows Server 2008: April 10, 2018", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0887", "CVE-2018-0960", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975"], "modified": "2018-04-10T07:00:00", "id": "KB4093478", "href": "https://support.microsoft.com/en-us/help/4093478", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-03-15T10:22:13", "description": "None\n## Summary\n\nA remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. \n \nTo learn more about the vulnerabilities, see the following Common Vulnerabilities and Exposures (CVE).\n\n * [CVE-2018-1010](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-1010>)\n * [CVE-2018-1012](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-1012>)\n * [CVE-2018-1013](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-1013>)\n * [CVE-2018-1015](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-1015>)\n * [CVE-2018-1016](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-1016>)\n\n## More Information\n\nImportant \n\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## How to obtain and install the update \n\n### Method 1: Windows Update\n\nThis update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see [Windows Update: FAQ](<https://www.microsoft.com/en-us/safety/pc-security/updates.aspx>). \n\n### Method 2: Microsoft Update Catalog\n\nTo get the stand-alone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/search.aspx?q=4093223>) website. \n\n\n## Deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base: \n[Security update deployment information: April 10, 2018](<http://support.microsoft.com/en-us/help/20180410>)\n\n## More Information\n\n \n**File information** \n \nThe English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.\n\n**Note: **The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.\n\n \n**File information** \n \nThe English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files. \n\n## How to obtain help and support for this security update\n\nHelp for installing updates: [Windows Update: FAQ](<http://support.microsoft.com/ph/6527>) \n \nSecurity solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>) \n \nHelp for protecting your Windows-based computer from viruses and malware: [Microsoft Secure](<http://support.microsoft.com/contactus/cu_sc_virsec_master>) \n \nLocal support according to your country: [International Support](<https://www.microsoft.com/en-us/locale.aspx>) \n\n\n## Windows Server 2008 file information\n\n## File hash information\n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows6.0-KB4093223-x86.msu| 78CF60F05279EF69E67EB6D8536AF46EED9305B4| 586D714C576CD33BA0DE53ADF247A30069C7A4455F1942F2BFC1CA3A91D25821 \nWindows6.0-KB4093223-ia64.msu| FE74B041CEB5393BAE2E97BCE4FBE6FFA5A8ABDD| D1FFDF10963FAC7F787178DF59099DCD0923DC65D6003AA4D704B73B7C5FE217 \nWindows6.0-KB4093223-x64.msu| 1D87D84D1EC48BA2889D82E357BD8CA1CF4B94FE| 1368EBFDEAD62B3656C91AEFCFE66D1C1E3D5CA0EF1E90767D23C9C7F3804499 \n \n## For all supported x86-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nT2embed.dll| 6.0.6002.24331| 159,744| 09-Mar-2018| 20:35| x86 \nAtmfd.dll| 5.1.2.253| 306,880| 09-Mar-2018| 20:57| x86 \nAtmlib.dll| 5.1.2.253| 34,304| 09-Mar-2018| 20:35| x86 \nDciman32.dll| 6.0.6002.24331| 10,240| 09-Mar-2018| 20:35| x86 \nFontsub.dll| 6.0.6002.24331| 73,216| 09-Mar-2018| 20:35| x86 \nLpk.dll| 6.0.6002.24331| 23,552| 09-Mar-2018| 20:35| x86 \n \n## For all supported ia64-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nT2embed.dll| 6.0.6002.24331| 410,112| 09-Mar-2018| 20:13| IA-64 \nAtmfd.dll| 5.1.2.253| 795,328| 09-Mar-2018| 20:33| IA-64 \nAtmlib.dll| 5.1.2.253| 92,160| 09-Mar-2018| 20:13| IA-64 \nDciman32.dll| 6.0.6002.24331| 29,184| 09-Mar-2018| 20:13| IA-64 \nFontsub.dll| 6.0.6002.24331| 196,096| 09-Mar-2018| 20:13| IA-64 \nLpk.dll| 6.0.6002.24331| 68,608| 09-Mar-2018| 20:13| IA-64 \nAtmfd.dll| 5.1.2.253| 306,880| 09-Mar-2018| 20:57| x86 \nAtmlib.dll| 5.1.2.253| 34,304| 09-Mar-2018| 20:35| x86 \nDciman32.dll| 6.0.6002.24331| 10,240| 09-Mar-2018| 20:35| x86 \nFontsub.dll| 6.0.6002.24331| 73,216| 09-Mar-2018| 20:35| x86 \nLpk.dll| 6.0.6002.24331| 23,552| 09-Mar-2018| 20:35| x86 \nT2embed.dll| 6.0.6002.24331| 159,744| 09-Mar-2018| 20:35| x86 \n \n## For all supported x64-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nT2embed.dll| 6.0.6002.24331| 193,024| 09-Mar-2018| 20:18| x64 \nAtmfd.dll| 5.1.2.253| 384,704| 09-Mar-2018| 20:40| x64 \nAtmlib.dll| 5.1.2.253| 48,128| 09-Mar-2018| 20:18| x64 \nDciman32.dll| 6.0.6002.24331| 14,336| 09-Mar-2018| 20:18| x64 \nFontsub.dll| 6.0.6002.24331| 96,256| 09-Mar-2018| 20:18| x64 \nLpk.dll| 6.0.6002.24331| 32,768| 09-Mar-2018| 20:18| x64 \nAtmfd.dll| 5.1.2.253| 306,880| 09-Mar-2018| 20:57| x86 \nAtmlib.dll| 5.1.2.253| 34,304| 09-Mar-2018| 20:35| x86 \nDciman32.dll| 6.0.6002.24331| 10,240| 09-Mar-2018| 20:35| x86 \nFontsub.dll| 6.0.6002.24331| 73,216| 09-Mar-2018| 20:35| x86 \nLpk.dll| 6.0.6002.24331| 23,552| 09-Mar-2018| 20:35| x86 \nT2embed.dll| 6.0.6002.24331| 159,744| 09-Mar-2018| 20:35| x86 \n \n## Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009 file information\n\n## File hash information\n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindowsXP-KB4093223-x86-Embedded-ENU.exe| 3F5C77A133AAED66CB1DC3FFC1E60F2C61E12B52| 06259100F7BC62957950D652B2F007B8887739BDAA5DF0B66BE53F826967E590 \n \n## For all supported x86-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform**| **SP requirement**| **Service branch** \n---|---|---|---|---|---|---|--- \nFontsub.dll| 5.1.2600.7450| 82,432| 10-Mar-2018| 04:05| x86| SP3| SP3QFE \nT2embed.dll| 5.1.2600.7450| 122,880| 10-Mar-2018| 04:05| x86| SP3| SP3QFE \nUpdspapi.dll| 6.3.13.0| 382,840| 16-May-2014| 03:08| x86| None| Not applicable\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-10T07:00:00", "type": "mskb", "title": "Description of the security update for the Microsoft graphics remote code execution vulnerability in Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009: April 10, 2018", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1010", "CVE-2018-1012", "CVE-2018-1013", "CVE-2018-1015", "CVE-2018-1016"], "modified": "2018-04-10T07:00:00", "id": "KB4093223", "href": "https://support.microsoft.com/en-us/help/4093223", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-24T11:12:57", "description": "None\n## Summary\n\n * A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system.\n * An elevation of privilege vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory.\nTo learn more about the vulnerabilities, see the following Common Vulnerabilities and Exposures (CVE): \n\n\n * [CVE-2018-1003](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-1003>)\n * [CVE-2018-1008](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-1008>)\n\n## More Information\n\n**Important **\n\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## How to obtain and install the update \n\n### Method 1: Windows Update\n\nThis update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see [Windows Update: FAQ](<https://www.microsoft.com/en-us/safety/pc-security/updates.aspx>). \n\n### Method 2: Microsoft Update Catalog\n\nTo get the stand-alone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/search.aspx?q=4093257>) website. \n\n\n## Deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base: \n[Security update deployment information: April 10, 2018](<http://support.microsoft.com/en-us/help/20180410>)\n\n## More Information\n\n \n**File information** \n \nThe English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.\n\n**Note: **The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.\n\n \n**File information** \n \nThe English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files. \n\n## How to obtain help and support for this security update\n\nHelp for installing updates: [Windows Update: FAQ](<http://support.microsoft.com/ph/6527>) \n \nSecurity solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>) \n \nHelp for protecting your Windows-based computer from viruses and malware: [Microsoft Secure](<http://support.microsoft.com/contactus/cu_sc_virsec_master>) \n \nLocal support according to your country: [International Support](<https://www.microsoft.com/en-us/locale.aspx>) \n\n\n## Windows Server 2008 file information\n\n## File hash information\n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows6.0-KB4093257-x86.msu| 5F8E016967491F797547586D7569F513CAFFB760| 288636C68863D50097BB77D78E254F6D29BA6583EA2C54CAB198C84DE2B3DB9B \nWindows6.0-KB4093257-x64.msu| 7A3DB0BAF118AE22EE2046B80F51D93E74C03053| 6FC4A3522291CC4488E64C5948A214611D70A3C3F661877E6EF7A52525A787B7 \n \n## For all supported x86-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nMsexcl40.dll| 4.0.9801.3| 340,480| 09-Mar-2018| 19:06| x86 \n \n## For all supported x64-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nMsexcl40.dll| 4.0.9801.3| 340,480| 09-Mar-2018| 19:06| x86 \n \n## Windows Embedded POSReady 2009 and Windows Embedded Standard 2009 file information\n\n## File hash information\n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindowsXP-KB4093257-x86-Embedded-ENU.exe| 9C72FC51BE7A7EB68E2C603B309A9C0163949CB8| 83BEB058247FADDA8AABE50CF6C14F0A7FADE5B2A104C9DE57570BBB07DF1C84 \n \n## For all supported x86-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nMsexcl40.dll| 4.0.9801.3| 340,480| 10-Mar-2018| 15:01| x86 \nUpdspapi.dll| 6.3.13.0| 382,840| 16-May-2014| 03:08| x86\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-10T07:00:00", "type": "mskb", "title": "Description of the security update for vulnerabilities in Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009: April 10, 2018", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1003", "CVE-2018-1008"], "modified": "2018-04-10T07:00:00", "id": "KB4093257", "href": "https://support.microsoft.com/en-us/help/4093257", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-15T10:22:14", "description": "None\n## Summary\n\nA denial of service vulnerability exists in the way that Windows handles objects in memory. \n \nTo learn more about the vulnerability, go to [CVE-2018-8116](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8116>). \n\n## More Information\n\n**Important** If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## How to obtain and install the update \n\n### Method 1: Windows Update\n\nThis update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see [Windows Update: FAQ](<https://www.microsoft.com/en-us/safety/pc-security/updates.aspx>). \n\n### Method 2: Microsoft Update Catalog\n\nTo get the stand-alone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/search.aspx?q=4093224>) website. \n\n\n## Deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base: \n[Security update deployment information: April 10, 2018](<http://support.microsoft.com/en-us/help/20180410>)\n\n## More Information\n\n \n**File information** \n \nThe English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.\n\n**Note: **The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.\n\n \n**File information** \n \nThe English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files. \n\n## How to obtain help and support for this security update\n\nHelp for installing updates: [Windows Update: FAQ](<http://support.microsoft.com/ph/6527>) \n \nSecurity solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>) \n \nHelp for protecting your Windows-based computer from viruses and malware: [Microsoft Secure](<http://support.microsoft.com/contactus/cu_sc_virsec_master>) \n \nLocal support according to your country: [International Support](<https://www.microsoft.com/en-us/locale.aspx>) \n\n\n## Windows Server 2008 file information\n\n## File hash information\n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows6.0-KB4093224-ia64.msu| EC601B4254706F8E9E38C9BD6AA1BBF6CA1D7501| 318E360E76EBCF5ACE5321E859D9A71BBB060720EF9DF1071078F690BB2AD167 \nWindows6.0-KB4093224-x86.msu| 7E26BE41BC00C9F5E237EA4E7A7DCFA5E849ADC8| B5DD45055746FA2034022D397C5D50BACCABFA8774FEC1BBE37885042A12F2E7 \nWindows6.0-KB4093224-x64.msu| 6DDC083329DC5E3ABC3394A76DCE131E3E7A6C66| EA20BCF79D55E2B6802C5E3FFABC0741C79B73656C51091E5727F6672698CD6C \n \n## For all supported ia64-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nWin32k.sys| 6.0.6002.24344| 6,702,592| 24-Mar-2018| 14:07| IA-64 \n \n## For all supported x86-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nWin32k.sys| 6.0.6002.24344| 2,084,352| 24-Mar-2018| 13:57| x86 \n \n## For all supported x64-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nWin32k.sys| 6.0.6002.24344| 2,815,488| 24-Mar-2018| 14:08| x64 \n \n## Windows Embedded POSReady 2009 and Windows Embedded Standard 2009 file information\n\n## File hash information\n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindowsXP-KB4093224-x86-Embedded-ENU.exe| 832D011A2A213068C5438096B970C4AB7E830744| A26B51BE5A715226040FE803CA9D93AFA827128CB11895E02F9D990FE61AD5F0 \n \n## For all supported x86-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nWin32k.sys| 5.1.2600.7457| 1,907,200| 29-Mar-2018| 20:33| x86 \nUpdspapi.dll| 6.3.13.0| 382,840| 31-Jan-2018| 18:26| x86\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-10T07:00:00", "type": "mskb", "title": "Description of the security update for the Microsoft graphics component denial of service vulnerability in Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009: April 10, 2018", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8116"], "modified": "2018-04-10T07:00:00", "id": "KB4093224", "href": "https://support.microsoft.com/en-us/help/4093224", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-24T11:12:51", "description": "None\n## Improvements and fixes\n\nThis security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:\n\n * Windows Update and WSUS will offer this update to applicable Windows client and server operating systems regardless of the existence or value of the \"HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\QualityCompat\\cadca5fe-87d3-4b96-b7fb-a231484277cc\" registry setting. This change has been made to protect user data.\n * Security updates to Internet Explorer, Microsoft scripting engine, Microsoft graphics component, Windows Server, Windows kernel, Windows datacenter networking, Windows Hyper-V, Windows virtualization and kernel , and Windows app platform and frameworks.\nFor more information about the resolved security vulnerabilities, see the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\nMicrosoft is not currently aware of any issues with this update.\n\n## How to get this update\n\nThis update is now available for installation through WSUS. To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4093115>) website.**File information**For a list of the files that are provided in this update, download the [file information for update 4093115](<http://download.microsoft.com/download/B/8/2/B82CB834-83D4-4453-8551-D82045ADB757/4093115.csv>). \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-10T07:00:00", "type": "mskb", "title": "April 10, 2018\u2014KB4093115 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8116"], "modified": "2018-04-10T07:00:00", "id": "KB4093115", "href": "https://support.microsoft.com/en-us/help/4093115", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-24T11:12:55", "description": "None\n## Improvements and fixes\n\nThis security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:\n\n * Windows Update and WSUS will offer this update to applicable Windows client and server operating systems regardless of the existence or value of the \"HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\QualityCompat\\cadca5fe-87d3-4b96-b7fb-a231484277cc\" registry setting. This change has been made to protect user data.\n * Security updates to Microsoft scripting engine, Internet Explorer, Microsoft graphics component, Windows Server, Windows kernel, Windows datacenter networking, and Windows app platform and frameworks.\nFor more information about the resolved security vulnerabilities, see the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\nMicrosoft is not currently aware of any issues with this update.\n\n## How to get this update\n\nThis update is now available for installation through WSUS. To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4093122>) website.**File information**For a list of the files that are provided in this update, download the [file information for update 4093122](<http://download.microsoft.com/download/A/4/2/A420295A-174F-4C4C-BF3F-6203ACE9133E/4093122.csv>). \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-10T07:00:00", "type": "mskb", "title": "April 10, 2018\u2014KB4093122 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8116"], "modified": "2018-04-10T07:00:00", "id": "KB4093122", "href": "https://support.microsoft.com/en-us/help/4093122", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-24T11:12:57", "description": "None\n## Notice\n\nAn updated version of this security update was released June 12, 2018. \n\n## Summary\n\nA denial of service vulnerability exists in the Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. \n \nTo learn more about the vulnerability, see [CVE-2018-0976](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-0976>).\n\n## More Information\n\n**Important **If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## How to obtain and install the update \n\n### Method 1: Windows Update\n\nThis update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see [Windows Update: FAQ](<https://www.microsoft.com/en-us/safety/pc-security/updates.aspx>). \n\n### Method 2: Microsoft Update Catalog\n\nTo get the stand-alone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/search.aspx?q=4093227>) website. \n\n\n## Deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base: \n[Security update deployment information: April 10, 2018](<http://support.microsoft.com/en-us/help/20180410>)\n\n## More Information\n\n \n**File information** \nThe English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files. \n \n**Windows Vista and Windows Server 2008 file information** \n\n\n**Note: **The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.\n\n## How to obtain help and support for this security update\n\nHelp for installing updates: [Windows Update: FAQ](<http://support.microsoft.com/ph/6527>) \n \nSecurity solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>) \n \nHelp for protecting your Windows-based computer from viruses and malware: [Microsoft Secure](<http://support.microsoft.com/contactus/cu_sc_virsec_master>) \n \nLocal support according to your country: [International Support](<https://www.microsoft.com/en-us/locale.aspx>) \n\n\n## Windows Server 2008 file information\n\n## File hash information\n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows6.0-KB4093227-v2-ia64.msu| 19F47175565EC5E216DCFBC98AF924F50BA95151| 2713DC794FA3A3120CF8ED38A45EC3BB4D4489770D75CAB9A1BED9E22438575C \nWindows6.0-KB4093227-v2-x86.msu| 2658D1E45C14ED8B123DBFD24ED3FD5EA5E07814| 8AFEB437EB5AB54155AEDC64978C03AD831DB238B8B467050F1E81D0C29FF9ED \nWindows6.0-KB4093227-v2-x64.msu| AED3CDA3A6DD9DBA80C816D78617A5BCCF99495D| D8FBAB3E9FECDC1E8B9A6B0FF27792F304E0B8D2F7E5017FC2AE32FC625C5DE1 \n \n## For all supported ia64-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform**| **SP requirement**| **Service branch** \n---|---|---|---|---|---|---|--- \nBasecsp.dll| 6.0.6002.24398| 304,832| 23-May-2018| 04:52| IA-64| SP_| IA64_MICROSOFT-WINDOWS-SMARTCARDKSP \nScksp.dll| 6.0.6002.24398| 344,064| 23-May-2018| 04:33| IA-64| SP_| IA64_MICROSOFT-WINDOWS-SMARTCARDKSP \nBasecsp.dll| 6.0.6002.24398| 129,728| 23-May-2018| 05:19| x86| SP_| X86_MICROSOFT-WINDOWS-SMARTCARDKSP \nScksp.dll| 6.0.6002.24398| 141,824| 23-May-2018| 04:59| x86| SP_| X86_MICROSOFT-WINDOWS-SMARTCARDKSP \n \n## For all supported x86-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform**| **SP requirement**| **Service branch** \n---|---|---|---|---|---|---|--- \nBasecsp.dll| 6.0.6002.24398| 129,728| 23-May-2018| 05:19| x86| SP_| X86_MICROSOFT-WINDOWS-SMARTCARDKSP \nScksp.dll| 6.0.6002.24398| 141,824| 23-May-2018| 04:59| x86| SP_| X86_MICROSOFT-WINDOWS-SMARTCARDKSP \n \n## For all supported x64-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform**| **SP requirement**| **Service branch** \n---|---|---|---|---|---|---|--- \nBasecsp.dll| 6.0.6002.24398| 152,768| 23-May-2018| 05:12| x64| SP_| AMD64_MICROSOFT-WINDOWS-SMARTCARDKSP \nScksp.dll| 6.0.6002.24398| 188,928| 23-May-2018| 04:44| x64| SP_| AMD64_MICROSOFT-WINDOWS-SMARTCARDKSP \nBasecsp.dll| 6.0.6002.24398| 129,728| 23-May-2018| 05:19| x86| SP_| X86_MICROSOFT-WINDOWS-SMARTCARDKSP \nScksp.dll| 6.0.6002.24398| 141,824| 23-May-2018| 04:59| x86| SP_| X86_MICROSOFT-WINDOWS-SMARTCARDKSP\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-10T07:00:00", "type": "mskb", "title": "Description of the security update for the Windows Remote Desktop Protocol (RDP) denial of service vulnerability in Windows Server 2008: April 10, 2018", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0976"], "modified": "2018-04-10T07:00:00", "id": "KB4093227", "href": "https://support.microsoft.com/en-us/help/4093227", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2022-08-24T11:12:36", "description": "None\n## Summary\n\nA denial of service vulnerability exists in the way that Windows SNMP Service handles malformed SNMP traps. \n \nTo learn more about the vulnerability, see [CVE-2018-0967](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-0967>).\n\n## More Information\n\n**Important** If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## How to obtain and install the update \n\n### Method 1: Windows Update\n\nThis update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see [Windows Update: FAQ](<https://www.microsoft.com/en-us/safety/pc-security/updates.aspx>). \n\n### Method 2: Microsoft Update Catalog\n\nTo get the stand-alone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/search.aspx?q=4091756>) website. \n\n\n## Deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base: \n[Security update deployment information: April 10, 2018](<http://support.microsoft.com/en-us/help/20180410>)\n\n## More Information\n\n \n**File information** \n \nThe English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.\n\n**Note: **The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.\n\n \n**File information** \n \nThe English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files. \n\n\n## How to obtain help and support for this security update\n\nHelp for installing updates: [Windows Update: FAQ](<http://support.microsoft.com/ph/6527>) \n \nSecurity solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>) \n \nHelp for protecting your Windows-based computer from viruses and malware: [Microsoft Secure](<http://support.microsoft.com/contactus/cu_sc_virsec_master>) \n \nLocal support according to your country: [International Support](<https://www.microsoft.com/en-us/locale.aspx>) \n\n\n## Windows Server 2008 file information\n\n## File hash information\n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows6.0-KB4091756-ia64.msu| ED7292BDF7511A329A0F119EB7AD2E078807B0F0| 1CC52ADCC944B03940BE50B6191510E7E68ACC33EE971A358EE045F2B49F2F95 \nWindows6.0-KB4091756-x86.msu| 0BEDF35F5BAC779DE3DF9F27089F1367E549F98F| D6834218EC139064A4211A2DBA3E4AC70D4BA48E83C85386570BE429512F959E \nWindows6.0-KB4091756-x64.msu| 145F7D7B66DB576AFF928883F4AFF0DC1D142492| BBCAB93903930B3C81AC44E315AA73B39C4DAFA7ADEDB2465C139F2DF391B603 \n \n## For all supported ia64-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nWsnmp32.dll| 6.0.6002.24329| 139,264| 07-Mar-2018| 15:25| IA-64 \nWsnmp32.dll| 6.0.6002.24329| 50,688| 07-Mar-2018| 15:47| x86 \n \n## For all supported x86-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nWsnmp32.dll| 6.0.6002.24329| 50,688| 07-Mar-2018| 15:47| x86 \n \n## For all supported x64-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nWsnmp32.dll| 6.0.6002.24329| 61,952| 07-Mar-2018| 15:30| x64 \nWsnmp32.dll| 6.0.6002.24329| 50,688| 07-Mar-2018| 15:47| x86 \n \n## Windows Embedded POSReady 2009, and Windows Embedded Standard 2009 file information\n\n## File hash information\n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindowsXP-KB4091756-x86-Embedded-ENU.exe| 4084E5A3BF76E0A22D8D33B0C5E8FF3B57E3FAF3| 9E8559CD593937AFB634E2297B663BDFF39AE9A2E8A72FEA0B426CD6C6FD53F5 \n \n## For all supported x86-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nWsnmp32.dll| 5.1.2600.7450| 42,496| 09-Mar-2018| 18:15| x86 \nUpdspapi.dll| 6.3.13.0| 382,840| 16-May-2014| 03:08| x86\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-10T07:00:00", "type": "mskb", "title": "Description of the security update for the denial of service vulnerability in Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009: April 10, 2018", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 6.3, "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0967"], "modified": "2018-04-10T07:00:00", "id": "KB4091756", "href": "https://support.microsoft.com/en-us/help/4091756", "cvss": {"score": 6.3, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:C"}}, {"lastseen": "2023-02-16T10:40:35", "description": "None\n## Summary\n\nThis security update resolves several reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage in Internet Explorer. To learn more about these vulnerabilities, see [Microsoft Common Vulnerabilities and Exposures](<https://portal.msrc.microsoft.com/en-US/security-guidance/>). Additionally, see the following articles for more information about this cumulative update:\n\n * [Windows 7 SP1 and Windows Server 2008 R2 SP1 update history](<https://support.microsoft.com/help/4009469/windows-7-sp1-windows-server-2008-r2-sp1-update-history>)\n * [Windows Server 2012 update history](<https://support.microsoft.com/help/4009471/windows-server-2012-update-history>)\n * [Windows 8.1 and Windows Server 2012 R2 update history](<https://support.microsoft.com/help/4009470/windows-8-1-windows-server-2012-r2-update-history>)\n * [Windows 10 and Windows Server 2016 update history](<https://support.microsoft.com/help/4000825/windows-10-and-windows-server-2016-update-history>)\n**Important **\n\n * The fixes that are included in this Security Update for Internet Explorer 4092946 are also included in the April 2018 Security Monthly Quality Rollup. Installing either the Security Update for Internet Explorer or the Security Monthly Quality Rollup installs the fixes that are in this update.\n * If you use update management processes other than Windows Update and you automatically approve all security updates classifications for deployment, this Security Update for Internet Explorer (KB 4092946), the April 2018 Security Only Quality Update and the April 2018 Security Monthly Quality Rollup are deployed. We recommend that you review your update deployment rules to make sure that the desired updates are deployed.\n * This Security Update for Internet Explorer is not applicable for installation on a computer where the Security Monthly Quality Rollup or the Preview of Monthly Quality Rollup from April 2018 (or a later month) is already installed. This is because those updates contain all the fixes that are in this Security Update for Internet Explorer.\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Deployment information\n\nFor deployment details for this security update, see the following article in the Microsoft Knowledge Base:[Security update deployment information: April 10, 2018](<https://support.microsoft.com/en-us/help/20180410>)\n\n## How to get and install the update \n\n### Method 1: Microsoft Update\n\nThis update is available through Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically.For more information about how to get security updates automatically, see [Windows Update: FAQ](<http://support.microsoft.com/en-us/help/12373/windows-update-faq>).**Note** For Windows RT and Windows RT 8.1, this update is available through Microsoft Update only.\n\n### Method 2: Microsoft Update Catalog\n\nTo get the stand-alone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/search.aspx?q=KB4092946>) website.\n\n## More Information\n\n## \n\n__\n\nHow to get help and support for this security update\n\nHelp for installing updates: [Windows Update: FAQ](<http://support.microsoft.com/ph/6527>) \n \nSecurity solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>) \n \nHelp for protecting your Windows-based computer from viruses and malware: [Microsoft Secure](<http://support.microsoft.com/contactus/cu_sc_virsec_master>) \n \nLocal support according to your country: [International Support](<https://www.microsoft.com/en-us/locale.aspx>)\n\nFile informationFor a list of the files that are provided in this cumulative update, download the [file information for cumulative update KB 4092946](<http://download.microsoft.com/download/E/5/0/E503F1EB-0BF4-4BF2-9BD0-9D63AFF07C90/4092946.csv>).\n\n## File hash information\n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows8.1-KB4092946-x86.msu| 6FE42EBB6FE90A167773FFD67BE977E7DF064BEE| 88BB8A0895AABDEA72AF576FD2E6970648B110D9A650140D28036DF339C795A7 \nWindows8.1-KB4092946-x64.msu| D8E6DD8538FA274494042B95CFA20EC14BDE51E2| 5844A4BBD7DC8163DB74A92AB2FFC89FA46182FFC7D2055729DB18348DBC8F89 \nWindows8-RT-KB4092946-x64.msu| C49D6A9126D9521AF52B989F6BCE9270A820E257| 1BEEA7A36F578DB1A95FED82C69DF7872894FBA6106248404174892C13BEEF88 \nIE11-Windows6.1-KB4092946-X86.msu| 6E1424E3E554884866F0A47055437FF73B4E1400| 5FB6CE78F3B9211480BE2EC838E1CFF7064115214B8B74E3A473B65726336407 \nIE11-Windows6.1-KB4092946-X64.msu| E5A5B62500A3F24C335FC2D051E2EDF479A952D0| 9AAC3A1EF89DCC5B99B60834E387B7648195C0876300CC7F87F5B9C45A7CC025 \nIE9-Windows6.0-KB4092946-X64.msu| D0652864C29BB9C458C868B2914312F20446E18E| 941B82BEF117496C36B7A0774984C1C407010D0F73FB33527C251CA9A697C5CB \nIE9-Windows6.0-KB4092946-X86.msu| C60F6382B546DF6C80520E827E80182B8781AEFB| 708B8403DBBE4F22B9130B05E9C3F62270A84F85E09E027C5801ADD544C87A0E\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-10T07:00:00", "type": "mskb", "title": "Cumulative security update for Internet Explorer: April 10, 2018", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1020"], "modified": "2018-04-10T07:00:00", "id": "KB4092946", "href": "https://support.microsoft.com/en-us/help/4092946", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-15T10:22:10", "description": "None\n## Improvements and fixes\n\nThis update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:\n\n * Addresses an issue that generates an access violation on certain pages in Internet Explorer when it renders SVGs under a high load.\n * Addresses an issue with printing content generated by ActiveX in Internet Explorer.\n * Addresses additional issues with updated time zone information.\n * Addresses an issue where AppLocker publisher rules that are applied to MSI files don\u2019t match the files correctly.\n * Addresses an issue that prevents the system from booting when you enable LSA (lsass.exe) to run as a protected process by setting the \u201c[RunAsPPL](<https://docs.microsoft.com/en-us/windows-server/security/credentials-protection-and-management/configuring-additional-lsa-protection>)\u201d registry entry. Additionally, the Automatic Repair screen may appear.\n * Addresses an issue that blocks failed NTLM authentications instead of only logging them when using an authentication policy with Audit mode turned on. Netlogon.log may show the following:SamLogon: Transitive Network logon of <domain>\\<user> from <machine2> (via <machine1>) EnteredNlpVerifyAllowedToAuthenticate: AuthzAccessCheck failed for A2ATo 0x5. This can be due to the lack of claims and compound support in NTLMSamLogon: Transitive Network logon of <domain>\\<user> from <machine2> (via <machine1>) Returns 0xC0000413\n * Addresses an issue that generates a certificate validation error (0x800B0109 (CERT_E_UNTRUSTEDROOT)) from http.sys.\n * Addresses an issue that prevents PIV smart cards from being recognized.\n * Addresses an issue that, in some instances, prevents Internet Explorer from identifying custom controls.\n * Security updates to Internet Explorer, Windows app platform and frameworks, Microsoft scripting engine, Windows kernel, Windows graphics, Windows Server, Windows datacenter networking, Windows wireless hetworking, and Windows Hyper-V.\nIf you installed earlier updates, only the new fixes in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, see the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>)_._\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 Feature Update based on device compatibility and Windows Update for Business deferral policy. This does not apply to long-term servicing editions.\n\n## Known issues in this update\n\nMicrosoft is not currently aware of any issues with this update.\n\n## How to get this update\n\nThis update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4093111>) website.**Important** When installing both the servicing stack update (SSU) (KB4093430) and the latest cumulative update (LCU) from the Microsoft Update Catalog, install the SSU before installing the LCU.**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4093111](<http://download.microsoft.com/download/8/D/C/8DC5E53D-6307-4614-9334-5B4D501EBA22/4093111.csv>).\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-10T07:00:00", "type": "mskb", "title": "April 10, 2018\u2014KB4093111 (OS Build 10240.17831)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1020"], "modified": "2018-04-10T07:00:00", "id": "KB4093111", "href": "https://support.microsoft.com/en-us/help/4093111", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-24T11:12:49", "description": "None\nThis is the final update available for Windows 10 Enterprise and Windows 10 Education editions as part of the Windows 10, version 1511 additional servicing offer. _**IMPORTANT:**_Additional servicing for version 1511 will not extend beyond this update. To continue receiving quality updates, Microsoft recommends updating to the latest version of Windows 10.\n\n## Improvements and fixes\n\nThis update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:\n\n * Addresses additional issues with updated time zone information.\n * Addresses an issue that, in some instances, prevents Internet Explorer from identifying custom controls.\n * Security updates to Internet Explorer, Microsoft scripting engine, Windows RDP, Windows kernel, Windows IIS, Windows datacenter networking, Microsoft scripting engine, Microsoft Edge, Windows Hyper-V , and Windows virtualization and kernel.\nIf you installed earlier updates, only the new fixes in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, see the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 Feature Update based on device compatibility and Windows Update for Business deferral policy. This does not apply to long-term servicing editions.\n\n## Known issues in this update\n\nSymptom| Workaround \n---|--- \nAfter installing the March 13, 2018 or later Cumulative Update for Windows 10 version 1511, only the latest Windows 10 feature update is returned as applicable. This prevents the deployment of previously released feature updates using ConfigMgr (current branch) and Windows 10 servicing plans.| Microsoft recommends that you update to the latest, supported version of Windows 10, the Fall Creators Update (version 1709). \n \n## How to get this update\n\nThis update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4093109>) website.**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4093109](<http://download.microsoft.com/download/4/D/8/4D87198C-8159-4F66-832D-180BAAA78D5B/4093109.csv>). \n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-10T07:00:00", "type": "mskb", "title": "April 10, 2018\u2014KB4093109 (OS Build 10586.1540)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1020"], "modified": "2018-04-10T07:00:00", "id": "KB4093109", "href": "https://support.microsoft.com/en-us/help/4093109", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-15T10:22:10", "description": "None\n## Improvements and fixes\n\nThis security update includes improvements and fixes that were a part of update KB4088882 (released March 22, 2018) and addresses the following issues:\n\n * Windows Update and WSUS will offer this update to applicable Windows client and server operating systems regardless of the existence or value of the \"HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\QualityCompat\\cadca5fe-87d3-4b96-b7fb-a231484277cc\" registry setting. This change has been made to protect user data.\n * Addresses an issue with printing content generated by ActiveX in Internet Explorer.\n * Addresses an access violation on certain pages in Internet Explorer when it's rendering SVGs under high load.\n * Addresses an issue that, in some instances, prevents Internet Explorer from identifying custom controls.\n * Security updates to Internet Explorer, Microsoft scripting engine, Microsoft graphics component, Windows Server, Windows kernel, Windows datacenter networking, Windows Hyper-V, Windows virtualization and kernel, and Windows app platform and frameworks.\nFor more information about the resolved security vulnerabilities, see the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\nMicrosoft is not currently aware of any issues with this update.\n\n## How to get this update\n\nThis update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4093114>) website.**File information**For a list of the files that are provided in this update, download the [file information for update 4093114](<http://download.microsoft.com/download/E/0/E/E0E51CAA-2718-4739-A74D-075329A2B4C9/4093114.csv>). \n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-10T07:00:00", "type": "mskb", "title": "April 10, 2018\u2014KB4093114 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1020"], "modified": "2018-04-10T07:00:00", "id": "KB4093114", "href": "https://support.microsoft.com/en-us/help/4093114", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-15T10:22:13", "description": "None\n## Improvements and fixes\n\nThis security update includes improvements and fixes that were a part of update KB4088883 (released March 22, 2018) and addresses the following issues:\n\n * Windows Update and WSUS will offer this update to applicable Windows client and server operating systems regardless of the existence or value of the \"HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\QualityCompat\\cadca5fe-87d3-4b96-b7fb-a231484277cc\" registry setting. This change has been made to protect user data.\n * Addresses an issue that, in some instances, prevents Internet Explorer from identifying custom controls.\n * Security updates to Microsoft scripting engine, Internet Explorer, Microsoft graphics component, Windows Server, Windows kernel, Windows datacenter networking, and Windows app platform and frameworks.\nFor more information about the resolved security vulnerabilities, see the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\nMicrosoft is not currently aware of any issues with this update.\n\n## How to get this update\n\nThis update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4093123>) website.**File information**For a list of the files that are provided in this update, download the [file information for update 4093123](<http://download.microsoft.com/download/4/2/1/421AE107-1364-4DCD-A3C7-260397BFA401/4093123.csv>). \n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-10T07:00:00", "type": "mskb", "title": "April 10, 2018\u2014KB4093123 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1020"], "modified": "2018-04-10T07:00:00", "id": "KB4093123", "href": "https://support.microsoft.com/en-us/help/4093123", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-24T11:12:48", "description": "None\n## Improvements and fixes\n\nThis security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:\n\n * Windows Update and WSUS will offer this update to applicable Windows client and server operating systems, regardless of the existence or value of the \"HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\QualityCompat\\cadca5fe-87d3-4b96-b7fb-a231484277cc\" registry setting. This change has been made to protect user data. \n * Improves reliability in the kernel, and addresses an issue that can cause applications to have unexpected memory contents on multi-processor systems.\n * Addresses a stop error that occurred when the previous month\u2019s update was applied to a 32-bit (x86) computer with a Physical Address Extension (PAE) mode disabled.\n * Security updates to Internet Explorer, Microsoft scripting engine, Microsoft graphics component, Windows Server, Windows datacenter networking, Windows virtualization and kernel, and Windows app platform and frameworks.\nFor more information about the resolved security vulnerabilities, see the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).**Note: **This update supercedes update [4100480](<https://support.microsoft.com/help/4100480/>), Windows kernel update for CVE-2018-1038.\n\n## Known issues in this update\n\nSymptom| Workaround \n---|--- \nAfter installing KB4056897 or any other recent monthly updates, SMB servers may experience a memory leak for some scenarios. This occurs when the requested path traverses a symbolic link, mount point, or directory junction and the registry key is set to 1: HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\services\\LanManServer\\Parameters\\EnableEcp| This issue is resolved in KB4103718. \nA stop error occurs on computers that don't support Streaming Single Instructions Multiple Data (SIMD) Extensions 2 (SSE2).| Upgrade your machines with a processor that supports SSE2 or virtualize those machines. \n \n## How to get this update\n\nThis update is now available for installation through WSUS. To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4093108>) website.**File information**For a list of the files that are provided in this update, download the [file information for update 4093108](<http://download.microsoft.com/download/7/A/4/7A4CFA42-F311-4FDB-B2A1-B7664CFEA96F/4093108.csv>).\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-04-10T07:00:00", "type": "mskb", "title": "April 10, 2018\u2014KB4093108 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1038", "CVE-2018-8116"], "modified": "2018-04-10T07:00:00", "id": "KB4093108", "href": "https://support.microsoft.com/en-us/help/4093108", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-15T10:22:12", "description": "None\n## Improvements and fixes\n\nThis security update includes improvements and fixes that were a part of update KB4088881(released March 23, 2018) and addresses the following issues:\n\n * Addresses an issue where a new Ethernet Network Interface Card (NIC) that has default settings may replace the previously existing NIC, causing network issues\n * Addresses an issue where static IP address settings can be lost\n * Windows Update and WSUS will offer this update to applicable Windows client and server operating systems regardless of the existence or value of the \"HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\QualityCompat\\cadca5fe-87d3-4b96-b7fb-a231484277cc\" registry setting. This change has been made to protect user data. \n * Improves reliability in the kernel, and addresses an issue that can cause applications to have unexpected memory contents on multiprocessor systems.\n * Addresses an issue with printing content generated by ActiveX in Internet Explorer.\n * Addresses an access violation on certain pages in Internet Explorer when it renders SVGs under high load.\n * Addresses an issue that, in some instances, prevents Internet Explorer from identifying custom controls.\n * Addresses a stop error that occurred when the previous month\u2019s update was applied to a 32-bit (x86) computer with a Physical Address Extension (PAE) mode disabled.\n * Security updates to Internet Explorer, Microsoft scripting engine, Microsoft graphics component, Windows Server, Windows datacenter networking, Windows virtualization and kernel, and Windows app platform and frameworks.\nFor more information about the resolved security vulnerabilities, see the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).**Note:**\n\n * This update supercedes update [4100480](<https://support.microsoft.com/help/4100480/>), Windows kernel update for CVE-2018-1038.\n * Resync is required to get newer revision of this KB for WSUS environment\n\n## Known issues in this update\n\nSymptom| Workaround \n---|--- \nAfter installing KB4056897 or any other recent monthly updates, SMB servers may experience a memory leak for some scenarios. This occurs when the requested path traverses a symbolic link, mount point, or directory junction and the registry key is set to 1: HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\services\\LanManServer\\Parameters\\EnableEcp| This issue is resolved in KB4103718. \nA stop error occurs on computers that don't support Streaming Single Instructions Multiple Data (SIMD) Extensions 2 (SSE2).| Upgrade your machines with a processor that supports SSE2 or virtualize those machines. \nAfter you apply this update, the network interface controller may stop working on some client software configurations. This occurs because of an issue related to a missing file, oem<number>.inf. The exact problematic configurations are currently unknown.| \n\n 1. To locate the network device, launch devmgmt.msc; it may appear under **Other Devices**.\n 2. To automatically rediscover the NIC and install drivers, select **Scan for Hardware Changes** from the **Action** menu.\na. Alternatively, install the drivers for the network device by right-clicking the device and choosing **Update**. Then choose **Search automatically for updated driver software** or **Browse my computer for driver software**. \nAfter installing this update, some Windows 7.0 SP1 files reverted to older versions.| This issue is resolved in KB4103713. \n \n## How to get this update\n\nThis update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4093118>) website.**File information**For a list of the files that are provided in this update, download the [file information for update 4093118](<http://download.microsoft.com/download/B/6/4/B64EACD1-5783-49E5-9809-5C204D0924B5/4093118.csv>). \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-04-10T07:00:00", "type": "mskb", "title": "April 10, 2018\u2014KB4093118 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1020", "CVE-2018-1038"], "modified": "2018-04-10T07:00:00", "id": "KB4093118", "href": "https://support.microsoft.com/en-us/help/4093118", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "thn": [{"lastseen": "2022-05-09T12:40:37", "description": "[](<https://thehackernews.com/images/-m6AJ3EhzrCo/Ws0vKuUza6I/AAAAAAAAwLo/lr2t-vaiZdos0IzDfacN8NJsQuUOuJwfwCLcBGAs/s728-e100/microsoft-windows-update.png>)\n\nCan you get hacked just by clicking on a malicious link or opening a website? \u2014 **YES**. \n \nMicrosoft has just released its April month's Patch Tuesday security updates, which addresses multiple critical vulnerabilities in its Windows operating systems and other products, five of which could allow an attacker to hack your computer by just tricking you visit a website. \n \nMicrosoft has patched five critical vulnerabilities in Windows Graphics Component that reside due to improper handling of embedded fonts by the Windows font library and affects all versions of Windows operating systems to date, including Windows 10 / 8.1 / RT 8.1 / 7, Windows Server 2008 / 2012 / 2016. \n \nAn attacker can exploit these issues by tricking an unsuspecting user to open a malicious file or a specially crafted website with the malicious font, which if open in a web browser, would hand over control of the affected system to the attacker. \n \nAll these five vulnerabilities in Windows Microsoft Graphics were discovered and responsibly disclosed by Hossein Lotfi, a security researcher at Flexera Software. \n\n\n> CVE-2018-1010 \nCVE-2018-1012 \nCVE-2018-1013 \nCVE-2018-1015 \nCVE-2018-1016\n\nWindows Microsoft Graphics is also affected by a denial of service vulnerability that could allow an attacker to cause a targeted system to stop responding. This flaw exists in the way Windows handles objects in memory. \n \nMicrosoft has also disclosed details of another critical RCE vulnerability (CVE-2018-1004), which exists in Windows VBScript Engine and affects all versions of Windows. \n\n\n> \"In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website,\" Microsoft [explains](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1013>).\n\n> \"An attacker could also embed an ActiveX control marked 'safe for initialization' in an application or Microsoft Office document that hosts the IE rendering engine.\"\n\n \nBesides this, Microsoft has also patched multiple remote code execution vulnerabilities in Microsoft Office and Microsoft Excel, which could allow attackers to take control of the targeted systems. \n \nThe security updates also include patches for six flaws in Adobe Flash Player, three of which were rated critical. \n \nRest CVE-listed flaws has been addressed in Windows, Microsoft Office, Internet Explorer, Microsoft Edge, ChakraCore, Malware Protection Engine, Microsoft Visual Studio, and the Microsoft Azure IoT SDK, along with bugs in Adobe Flash Player. \n \nUsers are strongly advised to apply security patches as soon as possible to keep hackers and cybercriminals away from taking control of their computers. \n \nFor installing security updates, simply head on to Settings \u2192 Update & security \u2192 Windows Update \u2192 Check for updates, or you can install the updates.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-10T21:40:00", "type": "thn", "title": "Warning: Your Windows PC Can Get Hacked by Just Visiting a Site", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1004", "CVE-2018-1010", "CVE-2018-1012", "CVE-2018-1013", "CVE-2018-1015", "CVE-2018-1016"], "modified": "2018-04-10T21:41:41", "id": "THN:52F43ACF40533829284F1BC84F164B3B", "href": "https://thehackernews.com/2018/04/windows-patch-updates.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "talosblog": [{"lastseen": "2018-05-15T09:08:43", "description": "## Microsoft Patch Tuesday - April 2018\n\n \nToday, Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's advisory release addresses 65 new vulnerabilities and one advisory, with 25 of them rated critical, 39 of them rated important and one of them rated moderate. These vulnerabilities impact Microsoft Windows, Internet Explorer, Microsoft Edge, Microsoft Office, Windows kernel, Windows Hyper-V, Microsoft Scripting Engine and more. \n \nIn addition, an update for Adobe Flash Player was released. \n \n \n \n\n\n### Critical Vulnerabilities\n\n \nThis month, Microsoft is addressing 25 vulnerabilities that are rated \"critical\". \n \nThe vulnerabilities rated as \"critical\" are listed below: \n \n[CVE-2018-0870 - Internet Explorer Memory Corruption Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0870>) \n[CVE-2018-0959 - Hyper-V Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0959>) \n[CVE-2018-0979 - Chakra Scripting Engine Memory Corruption Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0979>) \n[CVE-2018-0980 - Chakra Scripting Engine Memory Corruption Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0980>) \n[CVE-2018-0981 - Scripting Engine Information Disclosure Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0981>) \n[CVE-2018-0986 - Microsoft Malware Protection Engine Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0986>) \n[CVE-2018-0988 - Scripting Engine Memory Corruption Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0988>) \n[CVE-2018-0990 - Chakra Scripting Engine Memory Corruption Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0990>) \n[CVE-2018-0991 - Internet Explorer Memory Corruption Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0991>) \n[CVE-2018-0993 - Chakra Scripting Engine Memory Corruption Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0993>) \n[CVE-2018-0994 - Chakra Scripting Engine Memory Corruption Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0994>) \n[CVE-2018-0995 - Chakra Scripting Engine Memory Corruption Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0995>) \n[CVE-2018-0996 - Scripting Engine Memory Corruption Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0996>) \n[CVE-2018-1000 - Scripting Engine Information Disclosure Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1000>) \n[CVE-2018-1004 - Windows VBScript Engine Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1004>) \n[CVE-2018-1010 - Microsoft Graphics Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1010>) \n[CVE-2018-1012 - Microsoft Graphics Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1012>) \n[CVE-2018-1013 - Microsoft Graphics Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1013>) \n[CVE-2018-1015 - Microsoft Graphics Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1015>) \n[CVE-2018-1016 - Microsoft Graphics Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1016>) \n[CVE-2018-1018 - Internet Explorer Memory Corruption Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1018>) \n[CVE-2018-1019 - Chakra Scripting Engine Memory Corruption Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1019>) \n[CVE-2018-1020 - Internet Explorer Memory Corruption Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1020>) \n[CVE-2018-1023 - Microsoft Browser Memory Corruption Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1023>) \n[ADV180007 - Adobe Flash Player April 2018 Adobe Flash Security Update](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180007>) \n \n\n\n### Important Vulnerabilities\n\n \nThis month, Microsoft is addressing 38 vulnerabilities that are rated \"important\". Talos believes six of these are notable and require prompt attention. \n \n[CVE-2018-1011 - Microsoft Excel Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1011>) \n \nA remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs, view, change, or delete data, or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative rights. \n \n \n[CVE-2018-1026 - Microsoft Office Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1026>) \n \nA remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploits the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs, view, change, or delete data, or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. \n \n \n[CVE-2018-1027 - Microsoft Excel Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1027>) \n \nA remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. \n \n \n[CVE-2018-1028 - Microsoft Office Graphics Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1028>) \n \nA remote code execution vulnerability exists when Office graphics improperly handles specially crafted embedded fonts. An attacker who successfully exploits this vulnerability could take control of the affected system. An attacker could then install programs, view, change, or delete data, or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. \n \n \n[CVE-2018-1029 - Microsoft Excel Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1029>) \n \nA remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploits the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs, view, change, or delete data, or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. \n \n \n[CVE-2018-1030 - Microsoft Office Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1030>) \n \nA remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs, view, change, or delete data, or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. \n \n \nOther vulnerabilities deemed \"important\" are listed below: \n \n[CVE-2018-0887 - Windows Kernel Information Disclosure Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0887>) \n[CVE-2018-0890 - Active Directory Security Feature Bypass Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0890>) \n[CVE-2018-0892 - Microsoft Edge Information Disclosure Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0892>) \n[CVE-2018-0920 - Microsoft Excel Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0920>) \n[CVE-2018-0950 - Microsoft Office Information Disclosure Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0950>) \n[CVE-2018-0956 - HTTP.sys Denial of Service Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0956>) \n[CVE-2018-0957 - Hyper-V Information Disclosure Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0957>) \n[CVE-2018-0960 - Windows Kernel Information Disclosure Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0960>) \n[CVE-2018-0963 - Windows Kernel Elevation of Privilege Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0963>) \n[CVE-2018-0964 - Hyper-V Information Disclosure Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0964>) \n[CVE-2018-0966 - Device Guard Security Feature Bypass Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0966>) \n[CVE-2018-0967 - Windows SNMP Service Denial of Service Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0967>) \n[CVE-2018-0968 - Windows Kernel Information Disclosure Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0968>) \n[CVE-2018-0969 - Windows Kernel Information Disclosure Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0969>) \n[CVE-2018-0970 - Windows Kernel Information Disclosure Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0970>) \n[CVE-2018-0971 - Windows Kernel Information Disclosure Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0971>) \n[CVE-2018-0972 - Windows Kernel Information Disclosure Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0972>) \n[CVE-2018-0973 - Windows Kernel Information Disclosure Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0973>) \n[CVE-2018-0974 - Windows Kernel Information Disclosure Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0974>) \n[CVE-2018-0975 - Windows Kernel Information Disclosure Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0975>) \n[CVE-2018-0976 - Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0976>) \n[CVE-2018-0987 - Scripting Engine Information Disclosure Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0987>) \n[CVE-2018-0989 - Scripting Engine Information Disclosure Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0989>) \n[CVE-2018-0997 - Internet Explorer Memory Corruption Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0997>) \n[CVE-2018-0998 - Microsoft Edge Information Disclosure Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0998>) \n[CVE-2018-1001 - Scripting Engine Memory Corruption Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1001>) \n[CVE-2018-1003 - Microsoft JET Database Engine Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1003>) \n[CVE-2018-1005 - Microsoft SharePoint Elevation of Privilege Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1005>) \n[CVE-2018-1008 - OpenType Font Driver Elevation of Privilege Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1008>) \n[CVE-2018-1009 - Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1009>) \n[CVE-2018-1014 - Microsoft SharePoint Elevation of Privilege Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1014>) \n[CVE-2018-1032 - Microsoft SharePoint Elevation of Privilege Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1032>) \n[CVE-2018-1034 - Microsoft SharePoint Elevation of Privilege Vulnerability](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1034>) \n \n\n\n### Coverage\n\nIn response to these vulnerability disclosures, Talos is releasing the following Snort rules that detect attempts to exploit them. Please note that additional rules may be released at a future date and current rules are subject to change pending additional information. Firepower customers should use the latest update to their ruleset by updating their SRU. Open Source Snort Subscriber Rule Set customers can stay up to date by downloading the latest rule pack available for purchase on Snort.org. \n \nSnort Rules: \n \n45628-45629 \n46163-46164 \n46176-46189 \n46192-46201 \n46204-46209 \n46212-46215 \n46218-36221 \n46226-46231 \n46233-46234 \n46243-46246 \n \n \n\n\n[](<http://feeds.feedburner.com/~ff/feedburner/Talos?a=9g_k4lM7D5g:n7sgYiCfxlI:yIl2AUoC8zA>)\n\n", "cvss3": {}, "published": "2018-04-10T13:13:00", "type": "talosblog", "title": "Microsoft Patch Tuesday - April 2018", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2018-0870", "CVE-2018-0887", "CVE-2018-0890", "CVE-2018-0892", "CVE-2018-0920", "CVE-2018-0950", "CVE-2018-0956", "CVE-2018-0957", "CVE-2018-0959", "CVE-2018-0960", "CVE-2018-0963", "CVE-2018-0964", "CVE-2018-0966", "CVE-2018-0967", "CVE-2018-0968", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975", "CVE-2018-0976", "CVE-2018-0979", "CVE-2018-0980", "CVE-2018-0981", "CVE-2018-0986", "CVE-2018-0987", "CVE-2018-0988", "CVE-2018-0989", "CVE-2018-0990", "CVE-2018-0991", "CVE-2018-0993", "CVE-2018-0994", "CVE-2018-0995", "CVE-2018-0996", "CVE-2018-0997", "CVE-2018-0998", "CVE-2018-1000", "CVE-2018-1001", "CVE-2018-1003", "CVE-2018-1004", "CVE-2018-1005", "CVE-2018-1008", "CVE-2018-1009", "CVE-2018-1010", "CVE-2018-1011", "CVE-2018-1012", "CVE-2018-1013", "CVE-2018-1014", "CVE-2018-1015", "CVE-2018-1016", "CVE-2018-1018", "CVE-2018-1019", "CVE-2018-1020", "CVE-2018-1023", "CVE-2018-1026", "CVE-2018-1027", "CVE-2018-1028", "CVE-2018-1029", "CVE-2018-1030", "CVE-2018-1032", "CVE-2018-1034"], "modified": "2018-04-10T22:53:51", "id": "TALOSBLOG:76829FABFE02C32CB6E07FE9D9A8F09B", "href": "http://feedproxy.google.com/~r/feedburner/Talos/~3/9g_k4lM7D5g/ms-tuesday.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "trendmicroblog": [{"lastseen": "2018-04-17T16:24:56", "description": "\n\nThe interviewing process can be mentally draining. You have to look your best, say the right things, and prove that you\u2019re the best person for the job. When I interview candidates, I love to come up with the one crazy question that isn\u2019t on the usual list of questions that might be asked. I probably won\u2019t be able to use it now since I\u2019m going to disclose it here, but here goes: \u201cIf you were a tree, what type of tree would you be and why?\u201d I don\u2019t expect candidates to be experts in forestry or dendrology because there is no right or wrong answer, but I do like to hear what people can come up with off the top of their head. If you think that question is weird, how about this one? \u201cIs it ever possible that (a== 1 && a ==2 && a==3) could evaluate to true in JavaScript?\u201d Jasiel Spelman from our Zero Day Initiative came across this question on a post he read that is being asked during interviews at major tech firms. He takes a stab at answering the question in his latest blog: Inverting Your Assumptions: A Guide to JIT Comparisons. You can read it here: <https://www.zerodayinitiative.com/blog/2018/4/12/inverting-your-assumptions-a-guide-to-jit-comparisons>. **Microsoft Security Updates** There are seven new zero-day filters covering four vendors in this week\u2019s Digital Vaccine (DV) package. Microsoft released 67 security patches covering Internet Explorer (IE), Edge, ChakraCore, Windows, Visual Studio, Microsoft Office and Office Services and Web Apps, and the Malware Protection Engine. Of these 67 CVEs, 24 are listed as Critical, 42 are rated Important, and one is listed as Moderate in severity. Seven of these CVEs came through the ZDI program. The following table maps Digital Vaccine filters to the Microsoft updates. You can get more detailed information on this month\u2019s security updates from Dustin Childs\u2019 [April 2018 Security Update Review](<https://www.zerodayinitiative.com/blog/2018/4/10/the-april-2018-security-update-review>) from the Zero Day Initiative: \n\n**CVE #** | **Digital Vaccine Filter #** | **Status** \n---|---|--- \nCVE-2018-0870 | 31038 | \nCVE-2018-0871 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0887 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0890 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0892 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0920 | 31039 | \nCVE-2018-0950 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0956 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0957 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0960 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0963 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0964 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0966 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0967 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0968 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0969 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0970 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0971 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0972 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0973 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0974 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0975 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0976 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0979 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0980 | 31040 | \nCVE-2018-0981 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0986 | 31136 | \nCVE-2018-0987 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0988 | 31041 | \nCVE-2018-0989 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-0990 | 31061 | \nCVE-2018-0991 | 31061 | \nCVE-2018-0993 | 31043 | \nCVE-2018-0994 | 31044 | \nCVE-2018-0995 | 31060 | \nCVE-2018-0996 | 31069 | \nCVE-2018-0997 | 31076 | \nCVE-2018-0998 | 31077 | \nCVE-2018-1000 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-1001 | 31075 | \nCVE-2018-1002 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-1003 | 31079 | \nCVE-2018-1004 | 31080 | \nCVE-2018-1005 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-1007 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-1008 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-1009 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-1010 | 31081 | \nCVE-2018-1011 | 31074 | \nCVE-2018-1012 | 31072 | \nCVE-2018-1013 | 31070 | \nCVE-2018-1014 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-1015 | 31067 | \nCVE-2018-1016 | 31064 | \nCVE-2018-1018 | 31060 | \nCVE-2018-1019 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-1020 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-1022 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-1023 | 31062 | \nCVE-2018-1026 | 31063 | \nCVE-2018-1027 | 31066 | \nCVE-2018-1028 | 31073 | \nCVE-2018-1029 | 31068 | \nCVE-2018-1030 | 31071 | \nCVE-2018-1032 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-1034 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-1037 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8116 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8117 | | Vendor Deemed Reproducibility or Exploitation Unlikely \n \n**Zero-Day Filters** There are nine new zero-day filters covering five vendors in this week\u2019s Digital Vaccine (DV) package. A number of existing filters in this week\u2019s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of [published advisories](<http://www.zerodayinitiative.com/advisories/published/>) and [upcoming advisories](<http://www.zerodayinitiative.com/advisories/upcoming/>) on the [Zero Day Initiative](<http://www.zerodayinitiative.com/>) website. You can also follow the Zero Day Initiative on Twitter [@thezdi](<https://twitter.com/thezdi>) and on their [blog](<https://www.zerodayinitiative.com/blog>).\n\n**_Apple (2)_**\n\n \n\n | \n\n * 31139: ZDI-CAN-5525: Zero Day Initiative Vulnerability (Apple Safari)\n * 31141: ZDI-CAN-5526: Zero Day Initiative Vulnerability (Apple Safari) \n---|--- \n| \n \n**_Foxit (3)_**\n\n| \n\n * 31143: ZDI-CAN-5527: Zero Day Initiative Vulnerability (Foxit Reader)\n * 31145: ZDI-CAN-5528,5331: Zero Day Initiative Vulnerability (Foxit Reader)\n * 31146: ZDI-CAN-5529: Zero Day Initiative Vulnerability (Foxit Reader) \n---|--- \n| \n \n**_Hewlett Packard (2)_**\n\n| \n\n * 30919: HTTP: HP Application Lifecycle Management ActiveX Insecure Method Exposure Vulnerability(ZDI-12-170)\n * 31036: HTTPS: HP iNode Management Center iNodeMngChecker.exe Buffer Overflow Vulnerability (ZDI-11-232) \n---|--- \n| \n \n**_Microsoft (1)_**\n\n| \n\n * 31048: HTTP: Microsoft Office Excel XLSX File Memory Corruption Vulnerability (ZDI-10-025) \n---|--- \n| \n \n**_Trend Micro (1)_**\n\n| \n\n * 31147: ZDI-CAN-5533,5534: Zero Day Initiative Vulnerability (Trend Micro Encryption for Email Gateway) \n---|--- \n| \n \n**Missed Last Week\u2019s News?** Catch up on last week\u2019s news in my [weekly recap](<https://blog.trendmicro.com/tippingpoint-threat-intelligence-and-zero-day-coverage-week-of-april-2-2018/>).\n\nThe post [TippingPoint Threat Intelligence and Zero-Day Coverage \u2013 Week of April 9, 2018](<https://blog.trendmicro.com/tippingpoint-threat-intelligence-and-zero-day-coverage-week-of-april-9-2018/>) appeared first on [](<https://blog.trendmicro.com>).", "cvss3": {}, "published": "2018-04-13T15:37:14", "type": "trendmicroblog", "title": "TippingPoint Threat Intelligence and Zero-Day Coverage \u2013 Week of April 9, 2018", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2018-0870", "CVE-2018-0871", "CVE-2018-0887", "CVE-2018-0890", "CVE-2018-0892", "CVE-2018-0920", "CVE-2018-0950", "CVE-2018-0956", "CVE-2018-0957", "CVE-2018-0960", "CVE-2018-0963", "CVE-2018-0964", "CVE-2018-0966", "CVE-2018-0967", "CVE-2018-0968", "CVE-2018-0969", "CVE-2018-0970", "CVE-2018-0971", "CVE-2018-0972", "CVE-2018-0973", "CVE-2018-0974", "CVE-2018-0975", "CVE-2018-0976", "CVE-2018-0979", "CVE-2018-0980", "CVE-2018-0981", "CVE-2018-0986", "CVE-2018-0987", "CVE-2018-0988", "CVE-2018-0989", "CVE-2018-0990", "CVE-2018-0991", "CVE-2018-0993", "CVE-2018-0994", "CVE-2018-0995", "CVE-2018-0996", "CVE-2018-0997", "CVE-2018-0998", "CVE-2018-1000", "CVE-2018-1001", "CVE-2018-1002", "CVE-2018-1003", "CVE-2018-1004", "CVE-2018-1005", "CVE-2018-1007", "CVE-2018-1008", "CVE-2018-1009", "CVE-2018-1010", "CVE-2018-1011", "CVE-2018-1012", "CVE-2018-1013", "CVE-2018-1014", "CVE-2018-1015", "CVE-2018-1016", "CVE-2018-1018", "CVE-2018-1019", "CVE-2018-1020", "CVE-2018-1022", "CVE-2018-1023", "CVE-2018-1026", "CVE-2018-1027", "CVE-2018-1028", "CVE-2018-1029", "CVE-2018-1030", "CVE-2018-1032", "CVE-2018-1034", "CVE-2018-1037", "CVE-2018-8116", "CVE-2018-8117"], "modified": "2018-04-13T15:37:14", "id": "TRENDMICROBLOG:CA6E4ACCDF2EEC642B7D6E90848F2DB0", "href": "https://blog.trendmicro.com/tippingpoint-threat-intelligence-and-zero-day-coverage-week-of-april-9-2018/", "cvss": {"score": 0.0, "vector": "NONE"}}], "threatpost": [{"lastseen": "2019-04-25T05:50:16", "description": "Microsoft\u2019s April Patch Tuesday release includes fixes for 66 bugs, 24 of which are rated critical. Notable is Microsoft\u2019s disclosure of a publicly known SharePoint elevation of privilege bug ([CVE-2018-1034](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1034>)), rated important, which has no fix but has not been publicly exploited.\n\nMicrosoft SharePoint Enterprise Server 2016 is the only version impacted by the vulnerability, according to Microsoft. \u201cAn elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server,\u201d Microsoft said.\n\n\u201cA public disclosure means that a vulnerability was discovered and enough detail about the vulnerability or concept code has been released to give attackers a jump start. It does not mean it has been used in the wild. Public disclosures are an indicator of risk. Enough information is out there to give the attacker an edge in creating an exploit to utilize this vulnerability,\u201d said Chris Goettl, product manager at Ivanti regarding the SharePoint vulnerability.\n\nThe April [Security Update Guide](<https://portal.msrc.microsoft.com/en-us/security-guidance>) also covers Internet Explorer, Edge, ChakraCore, Windows, Visual Studio, Microsoft Office and Office Services and Web Apps and Microsoft\u2019s Malware Protection Engine.\n\nSecurity experts say one of the most important patches rolled out Tuesday was actually identified in March ([CVE-2018-1038](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1038>)). That\u2019s when Microsoft [released an out-of-band fix](<https://threatpost.com/microsoft-fixes-bad-patch-that-left-windows-7-server-2008-open-to-attack/130871/>) for a Windows vulnerability introduced with the [January Patch Tuesday update](<https://threatpost.com/microsoft-january-patch-tuesday-update-fixes-16-critical-bugs/129378/>). If exploited, the bug could allow an authenticated attacker to install programs, access stored data or create new accounts with full user rights on Windows 7 and Server 2008 R2 machines.\n\n\u201cWhile this vulnerability was identified between March and April Patch Tuesday\u2019s, CVE-2018-1038 should be a top priority for anyone who has Windows 7 for x64-based Systems or Windows Server 2008 R2 for x64-based Systems, and you have installed any of the servicing updates released during or after January 2018, you need to install 4100480 immediately to be protected from this Elevation of Privilege vulnerability,\u201d Goettl said in his commentary on Patch Tuesday.\n\nAlso of note is a patch for a Microsoft Wireless Keyboard 850 Security Feature Bypass Vulnerability ([CVE-2018-8117](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8117>)).\n\n\u201cPatches for hardware are rare, and patches for keyboards are especially rare, so it was somewhat shocking to see this bug detailed. However, the severity of this bug should not be scoffed at,\u201d the Zero Day Initiative\u2019s (ZDI) Dustin Childs said in [an analysis of the vulnerability](<https://www.zerodayinitiative.com/blog/2018/4/10/the-april-2018-security-update-review>). \u201cThis vulnerability could affect you in two ways. First, an attacker could read your keystrokes \u2013 effectively turning your keyboard into a keystroke logger. Everything you type \u2013 passwords, account details, emails \u2013 could be viewed.\u201d\n\nAlternatively, an attacker could also inject keystrokes to an affected system by reusing the keyboard\u2019s AES encryption key.\n\nChilds also warns that a critical Windows VBScript Engine Remote Code Execution Vulnerability ([**CVE-2018-1004**](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1004>)) also presents a heightened security risk. \u201cThis critical-rated bug for the VBScript engine acts somewhat like a browser bug, but it\u2019s actually more impactful,\u201d he said. To exploit the vulnerability an attacker hosts a malicious website and tricks a victim to browse the site.\n\n\u201cAn attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,\u201d [according to Microsoft](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1004>).\n\nMicrosoft also alerted users to five Graphics Remote Code Execution Vulnerabilities ([**CVE-2018-1010**](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1010>)**, **[**-1012**](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1012>)**, **[**-1013**](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1013>)**, **[**-1015**](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1015>)**, **[**-1016**](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1016>)) tied to the Windows Font Library. \u201cEach of these patches covers a vulnerability in embedded fonts that could allow code execution at the logged-on user level. Since there are many ways to view fonts \u2013 web browsing, documents, attachments \u2013 it\u2019s a broad attack surface and attractive to attackers,\u201d ZDI noted.\n\nJimmy Graham, director of product management at Qualys, [noted in online commentary](<https://blog.qualys.com/laws-of-vulnerabilities/2018/04/10/april-patch-tuesday-63-microsoft-vulnerabilities-19-for-adobe>) that, \u201cThe majority of the Microsoft critical vulnerabilities are in browsers and browser-related technologies. It is recommended that these be prioritized for workstation-type devices. Any system that accesses the Internet via a browser should be patched.\u201d\n\nMicrosoft Malware Protection Engine was fixed last week in an out-of-band security update.\n\nEarlier on Tuesday,[ Adobe fixed four critical vulnerabilities](<https://threatpost.com/adobe-patches-four-critical-bugs-in-flash-indesign/131097/>) in its Flash Player and InDesign products as part of its regularly scheduled [April Security Bulletin](<https://threatpost.com/adobe-patches-four-critical-bugs-in-flash-indesign/131097/>). Patches for Adobe Flash Player for Microsoft Edge and IE 11 were part of that update. Adobe said Edge and IE users will each be automatically updated to the latest versions.\n", "cvss3": {}, "published": "2018-04-10T21:16:16", "type": "threatpost", "title": "Microsoft Fixes 66 Bugs in April Patch Tuesday Release", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2018-1004", "CVE-2018-1010", "CVE-2018-1012", "CVE-2018-1013", "CVE-2018-1015", "CVE-2018-1016", "CVE-2018-1034", "CVE-2018-1038", "CVE-2018-8117"], "modified": "2018-04-10T21:16:16", "id": "THREATPOST:4A749C6BAE245B913C6360FD1697CE7C", "href": "https://threatpost.com/microsoft-fixes-66-bugs-in-april-patch-tuesday-release/131127/", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "mscve": [{"lastseen": "2023-03-17T02:35:23", "description": "A denial of service vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges. However, the denial of service condition could prevent authorized users from using system resources.\n\nThe security update addresses the vulnerability by correcting how Windows handles objects in memory.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-10T07:00:00", "type": "mscve", "title": "Microsoft Graphics Component Denial of Service Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8116"], "modified": "2018-04-11T07:00:00", "id": "MS:CVE-2018-8116", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2018-8116", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-17T02:35:23", "description": "An elevation of privilege vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploits this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n\nTo exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.\n\nThe update addresses the vulnerability by correcting the way in which the Windows Graphics Component handles objects in memory, preventing unintended elevation from user mode.\n", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-04-10T07:00:00", "type": "mscve", "title": "Graphics Component Font Parsing Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1008"], "modified": "2018-04-11T07:00:00", "id": "MS:CVE-2018-1008", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2018-1008", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-17T02:35:23", "description": "An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a [Kernel Address Space Layout Randomization (ASLR)](<https://technet.microsoft.com/en-us/library/security/dn848375.aspx#ASLR>) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object.\n\nTo exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.\n\nThe security update addresses the vulnerability by correcting how the Windows kernel handles memory addresses.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-10T07:00:00", "type": "mscve", "title": "Windows Kernel Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0970"], "modified": "2018-04-10T07:00:00", "id": "MS:CVE-2018-0970", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2018-0970", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-03-17T02:35:23", "description": "An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a [Kernel Address Space Layout Randomization (ASLR)](<https://technet.microsoft.com/en-us/library/security/dn848375.aspx#ASLR>) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object.\n\nTo exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.\n\nThe security update addresses the vulnerability by correcting how the Windows kernel handles memory addresses.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-10T07:00:00", "type": "mscve", "title": "Windows Kernel Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0969"], "modified": "2018-04-10T07:00:00", "id": "MS:CVE-2018-0969", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2018-0969", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-03-17T02:35:23", "description": "An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to take control over the affected system.\n\nAn attacker who successfully exploited this vulnerability could run processes in an elevated context.\n\nThe update addresses the vulnerability by correcting the way the Microsoft DirectX graphics kernel subsystem (dxgkrnl.sys) handles certain calls and escapes, to preclude improper memory mapping and to prevent unintended elevation from user mode.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-04-10T07:00:00", "type": "mscve", "title": "Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1009"], "modified": "2018-04-10T07:00:00", "id": "MS:CVE-2018-1009", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2018-1009", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-17T02:35:23", "description": "A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding.\n\nTo exploit this vulnerability, an attacker would need to run a specially crafted application against a server which provides Remote Desktop Protocol (RDP) services.\n\nThe update addresses the vulnerability by correcting how RDP handles connection requests.\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-10T07:00:00", "type": "mscve", "title": "Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0976"], "modified": "2018-06-12T07:00:00", "id": "MS:CVE-2018-0976", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2018-0976", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2023-03-17T02:35:23", "description": "An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a [Kernel Address Space Layout Randomization (ASLR)](<https://technet.microsoft.com/en-us/library/security/dn848375.aspx#ASLR>) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object.\n\nTo exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.\n\nThe security update addresses the vulnerability by correcting how the Windows kernel handles memory addresses.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-10T07:00:00", "type": "mscve", "title": "Windows Kernel Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0971"], "modified": "2018-04-10T07:00:00", "id": "MS:CVE-2018-0971", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2018-0971", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-03-17T02:35:23", "description": "An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a [Kernel Address Space Layout Randomization (ASLR)](<https://technet.microsoft.com/en-us/library/security/dn848375.aspx#ASLR>) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object.\n\nTo exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.\n\nThe security update addresses the vulnerability by correcting how the Windows kernel handles memory addresses.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-10T07:00:00", "type": "mscve", "title": "Windows Kernel Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0974"], "modified": "2018-04-10T07:00:00", "id": "MS:CVE-2018-0974", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2018-0974", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-03-17T02:35:23", "description": "An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a [Kernel Address Space Layout Randomization (ASLR)](<https://technet.microsoft.com/en-us/library/security/dn848375.aspx#ASLR>) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object.\n\nTo exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.\n\nThe security update addresses the vulnerability by correcting how the Windows kernel handles memory addresses.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-10T07:00:00", "type": "mscve", "title": "Windows Kernel Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0975"], "modified": "2018-04-10T07:00:00", "id": "MS:CVE-2018-0975", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2018-0975", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-03-17T02:35:23", "description": "An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a [Kernel Address Space Layout Randomization (ASLR)](<https://technet.microsoft.com/en-us/library/security/dn848375.aspx#ASLR>) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object.\n\nTo exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.\n\nThe security update addresses the vulnerability by correcting how the Windows kernel handles memory addresses.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-10T07:00:00", "type": "mscve", "title": "Windows Kernel Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0968"], "modified": "2018-04-10T07:00:00", "id": "MS:CVE-2018-0968", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2018-0968", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-03-17T02:35:23", "description": "An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a [Kernel Address Space Layout Randomization (ASLR)](<https://technet.microsoft.com/en-us/library/security/dn848375.aspx#ASLR>) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object.\n\nTo exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.\n\nThe security update addresses the vulnerability by correcting how the Windows kernel handles memory addresses.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-10T07:00:00", "type": "mscve", "title": "Windows Kernel Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0972"], "modified": "2018-04-10T07:00:00", "id": "MS:CVE-2018-0972", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2018-0972", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-03-17T02:35:23", "description": "A denial of service vulnerability exists in the way that Windows SNMP Service handles malformed SNMP traps.\n\nAn attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges. However, the denial of service condition could prevent authorized users from using system resources.\n\nThe security update addresses the vulnerability by correcting how Windows SNMP Service processes SNMP traps.\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-10T07:00:00", "type": "mscve", "title": "Windows SNMP Service Denial of Service Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 6.3, "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0967"], "modified": "2018-04-10T07:00:00", "id": "MS:CVE-2018-0967", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2018-0967", "cvss": {"score": 6.3, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:C"}}, {"lastseen": "2023-03-17T02:35:23", "description": "A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\n\nThe security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-04-10T07:00:00", "type": "mscve", "title": "Windows VBScript Engine Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1004"], "modified": "2018-04-10T07:00:00", "id": "MS:CVE-2018-1004", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2018-1004", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-17T02:35:23", "description": "A buffer overflow vulnerability exists in t
Microsoft Windows Multiple Vulnerabilities (KB4093114)
