Microsoft Windows Multiple Vulnerabilities (KB4503284)

2019-06-12T00:00:00

Description

This host is missing a critical security update according to Microsoft KB4503284

{"id": "OPENVAS:1361412562310815087", "vendorId": null, "type": "openvas", "bulletinFamily": "scanner", "title": "Microsoft Windows Multiple Vulnerabilities (KB4503284)", "description": "This host is missing a critical security\n update according to Microsoft KB4503284", "published": "2019-06-12T00:00:00", "modified": "2020-07-17T00:00:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {}, "cvss3": {}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815087", "reporter": "Copyright (C) 2019 Greenbone Networks GmbH", "references": ["https://support.microsoft.com/en-us/help/4503284"], "cvelist": ["CVE-2019-1019", "CVE-2019-0943", "CVE-2019-1007", "CVE-2019-1018", "CVE-2019-0908", "CVE-2019-0998", "CVE-2019-0983", "CVE-2019-0989", "CVE-2019-0974", "CVE-2019-0906", "CVE-2019-0710", "CVE-2019-1039", "CVE-2019-1045", "CVE-2019-0948", "CVE-2019-0713", "CVE-2019-1005", "CVE-2019-1027", "CVE-2019-0905", "CVE-2019-1064", "CVE-2019-0909", "CVE-2019-1050", "CVE-2019-0709", "CVE-2019-0986", "CVE-2019-1003", "CVE-2019-0988", "CVE-2019-1055", "CVE-2019-1040", "CVE-2019-1021", "CVE-2019-1051", "CVE-2019-1038", "CVE-2019-0984", "CVE-2019-0888", "CVE-2019-0941", "CVE-2019-0620", "CVE-2019-1081", "CVE-2019-0972", "CVE-2019-1017", "CVE-2019-1080", "CVE-2019-0991", "CVE-2019-1069", "CVE-2019-1053", "CVE-2019-0907", "CVE-2019-1012", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-0920", "CVE-2019-0722", "CVE-2019-1043", "CVE-2019-1002", "CVE-2019-2102", "CVE-2019-1010", "CVE-2019-1046", "CVE-2019-1028", "CVE-2019-0904", "CVE-2019-0973", "CVE-2019-1025", "CVE-2019-0711", "CVE-2019-0990", "CVE-2019-1014", "CVE-2019-1023", "CVE-2019-1054", "CVE-2019-1024", "CVE-2019-1052"], "immutableFields": [], "lastseen": "2020-07-21T20:40:47", "viewCount": 96, "enchantments": {"dependencies": {"references": [{"type": "apple", "idList": ["APPLE:44EB82A038A5905A4FF1CA22BF548D8A", "APPLE:8C5416054DEFC022B2CEE91325E63CED", "APPLE:F140693073F19FD842C6915DBBBD6D8D", "APPLE:HT210118", "APPLE:HT210119", "APPLE:HT210120"]}, {"type": "attackerkb", "idList": ["AKB:3BA931B8-DB42-4AF0-BC61-E13EE6D69AB6", "AKB:3C8E7D16-AD89-4915-A999-2E3939F53AFF", "AKB:8CE70150-F954-40DE-8E58-D6B129E2C9CA", "AKB:A5FCF2BC-14F3-4118-9ED1-AC688DC8A4B4", "AKB:B4447AA8-BD5F-410D-A592-76FEEDA507EA"]}, {"type": "cert", "idList": ["VU:119704"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-0714", "CPAI-2019-0715", "CPAI-2019-0716", "CPAI-2019-0717", "CPAI-2019-0718", "CPAI-2019-0719", "CPAI-2019-0721", "CPAI-2019-0723", "CPAI-2019-0724", "CPAI-2019-0725", "CPAI-2019-0726", "CPAI-2019-0727", "CPAI-2019-0728", "CPAI-2019-0729", "CPAI-2019-0730", "CPAI-2019-0731", "CPAI-2019-0732", "CPAI-2019-0734", "CPAI-2019-0736", "CPAI-2019-0737", "CPAI-2019-0738", "CPAI-2019-0739", "CPAI-2019-1459", "CPAI-2019-1509", "CPAI-2019-1531", "CPAI-2019-2139"]}, {"type": "cisa", "idList": ["CISA:60BECD302CACD014F496544254DCB720"]}, {"type": "cisa_kev", "idList": ["CISA-KEV-CVE-2019-1064", "CISA-KEV-CVE-2019-1069"]}, {"type": "cve", "idList": ["CVE-2019-0620", "CVE-2019-0709", "CVE-2019-0710", "CVE-2019-0711", "CVE-2019-0713", "CVE-2019-0722", "CVE-2019-0888", "CVE-2019-0904", "CVE-2019-0905", "CVE-2019-0906", "CVE-2019-0907", "CVE-2019-0908", "CVE-2019-0909", "CVE-2019-0920", "CVE-2019-0941", "CVE-2019-0943", "CVE-2019-0948", "CVE-2019-0959", "CVE-2019-0960", "CVE-2019-0968", "CVE-2019-0972", "CVE-2019-0973", "CVE-2019-0974", "CVE-2019-0977", "CVE-2019-0983", "CVE-2019-0984", "CVE-2019-0986", "CVE-2019-0988", "CVE-2019-0989", "CVE-2019-0990", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-0998", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1005", "CVE-2019-1007", "CVE-2019-1009", "CVE-2019-1010", "CVE-2019-1011", "CVE-2019-1012", "CVE-2019-1013", "CVE-2019-1014", "CVE-2019-1015", "CVE-2019-1016", "CVE-2019-1017", "CVE-2019-1018", "CVE-2019-1019", "CVE-2019-1021", "CVE-2019-1022", "CVE-2019-1023", "CVE-2019-1024", "CVE-2019-1025", "CVE-2019-1026", "CVE-2019-1027", "CVE-2019-1028", "CVE-2019-1038", "CVE-2019-1039", "CVE-2019-1040", "CVE-2019-1043", "CVE-2019-1045", "CVE-2019-1046", "CVE-2019-1047", "CVE-2019-1048", "CVE-2019-1049", "CVE-2019-1050", "CVE-2019-1051", "CVE-2019-1052", "CVE-2019-1053", "CVE-2019-1054", "CVE-2019-1055", "CVE-2019-1064", "CVE-2019-1069", "CVE-2019-1080", "CVE-2019-1081", "CVE-2019-2102"]}, {"type": "exploitdb", "idList": ["EDB-ID:40863"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:13A5BB141ECA5CA8BCF5F91ACC56BA13"]}, {"type": "github", "idList": ["GHSA-2RFJ-2MWP-787V", "GHSA-53R4-H27G-RG3X", "GHSA-6973-94V8-5MGW", "GHSA-9824-RP6M-XX9W", "GHSA-W32P-76XR-88PC"]}, {"type": "githubexploit", "idList": ["1FEBEBF0-4E44-56B3-8111-2B2357BDD6B6", "28F899A8-D565-51D0-A9B5-5B2B631407EB", "57B37641-B730-5A1F-B4B5-1728366E36B9", "5A536F24-BD78-5071-8727-80AB3F4AB1CF", "6531DE99-76A6-5374-998A-30AC54C10711", "9CA0821B-A68F-559D-A2DC-1658BCCCC461", "9D170C46-A745-5692-BA84-67EBFEA037FF", "A839FA86-0873-592C-AA31-2C445B4C4F29", "AE9D3A7C-7BEB-54EA-9C61-A03C494D5EDD", "C82E0A5A-3070-5ED4-A0CF-B3E342C5E0C1", "DF0D0EC0-2878-5E37-A5C6-0C8FE794F7C7", "E49AB3DC-CC90-5210-8D8E-97BFBAEB2B5C", "F14831DC-287D-51D9-A831-971C21783F04", "FBA74A16-061A-5741-B662-B77D2C6DF28F"]}, {"type": "impervablog", "idList": ["IMPERVABLOG:A30E92D9B177CCFF9F5476DD34E25F51"]}, {"type": "kaspersky", "idList": ["KLA11493", "KLA11500", "KLA11874"]}, {"type": "kitploit", "idList": ["KITPLOIT:3386831261888925588", "KITPLOIT:3701426813255055656", "KITPLOIT:4761268611976240701"]}, {"type": "krebs", "idList": ["KREBS:72AD883B9D56B1738723ABBD656A0AED"]}, {"type": "mscve", "idList": ["MS:ADV190016", "MS:CVE-2019-0620", "MS:CVE-2019-0709", "MS:CVE-2019-0710", "MS:CVE-2019-0711", "MS:CVE-2019-0713", "MS:CVE-2019-0722", "MS:CVE-2019-0888", "MS:CVE-2019-0904", "MS:CVE-2019-0905", "MS:CVE-2019-0906", "MS:CVE-2019-0907", "MS:CVE-2019-0908", "MS:CVE-2019-0909", "MS:CVE-2019-0920", "MS:CVE-2019-0941", "MS:CVE-2019-0943", "MS:CVE-2019-0948", "MS:CVE-2019-0972", "MS:CVE-2019-0973", "MS:CVE-2019-0974", "MS:CVE-2019-0983", "MS:CVE-2019-0984", "MS:CVE-2019-0986", "MS:CVE-2019-0988", "MS:CVE-2019-0989", "MS:CVE-2019-0990", "MS:CVE-2019-0991", "MS:CVE-2019-0992", "MS:CVE-2019-0993", "MS:CVE-2019-0998", "MS:CVE-2019-1002", "MS:CVE-2019-1003", "MS:CVE-2019-1005", "MS:CVE-2019-1007", "MS:CVE-2019-1010", "MS:CVE-2019-1012", "MS:CVE-2019-1014", "MS:CVE-2019-1017", "MS:CVE-2019-1018", "MS:CVE-2019-1019", "MS:CVE-2019-1021", "MS:CVE-2019-1023", "MS:CVE-2019-1024", "MS:CVE-2019-1025", "MS:CVE-2019-1027", "MS:CVE-2019-1028", "MS:CVE-2019-1038", "MS:CVE-2019-1039", "MS:CVE-2019-1040", "MS:CVE-2019-1043", "MS:CVE-2019-1045", "MS:CVE-2019-1046", "MS:CVE-2019-1050", "MS:CVE-2019-1051", "MS:CVE-2019-1052", "MS:CVE-2019-1053", "MS:CVE-2019-1054", "MS:CVE-2019-1055", "MS:CVE-2019-1064", "MS:CVE-2019-1069", "MS:CVE-2019-1080", "MS:CVE-2019-1081"]}, {"type": "mskb", "idList": ["KB4503259", "KB4503263", "KB4503267", "KB4503269", "KB4503273", "KB4503276", "KB4503279", "KB4503284", "KB4503285", "KB4503286", "KB4503287", "KB4503290", "KB4503291", "KB4503292", "KB4503293", "KB4503327"]}, {"type": "myhack58", "idList": ["MYHACK58:62201994853"]}, {"type": "nessus", "idList": ["SMB_NT_MS19_JUN_4503267.NASL", "SMB_NT_MS19_JUN_4503273.NASL", "SMB_NT_MS19_JUN_4503276.NASL", "SMB_NT_MS19_JUN_4503279.NASL", "SMB_NT_MS19_JUN_4503284.NASL", "SMB_NT_MS19_JUN_4503285.NASL", "SMB_NT_MS19_JUN_4503286.NASL", "SMB_NT_MS19_JUN_4503291.NASL", "SMB_NT_MS19_JUN_4503292.NASL", "SMB_NT_MS19_JUN_4503293.NASL", "SMB_NT_MS19_JUN_4503327.NASL", "SMB_NT_MS19_JUN_INTERNET_EXPLORER.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310143217", "OPENVAS:1361412562310815085", "OPENVAS:1361412562310815086", "OPENVAS:1361412562310815088", "OPENVAS:1361412562310815205", "OPENVAS:1361412562310815206", "OPENVAS:1361412562310815207", "OPENVAS:1361412562310815208", "OPENVAS:1361412562310815210", "OPENVAS:1361412562310815410", "OPENVAS:1361412562310815431"]}, {"type": "osv", "idList": ["OSV:GHSA-2RFJ-2MWP-787V", "OSV:GHSA-53R4-H27G-RG3X", "OSV:GHSA-6973-94V8-5MGW", "OSV:GHSA-9824-RP6M-XX9W", "OSV:GHSA-W32P-76XR-88PC"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:548A2D8484377A20A276BF58474488F7", "QUALYSBLOG:DE1FEC2B9B661D42DAA0BA398DBFD24E"]}, {"type": "securelist", "idList": ["SECURELIST:78FB952921DD97BAF55DA33811CB6FE4"]}, {"type": "symantec", "idList": ["SMNTC-108567", "SMNTC-108570", "SMNTC-108577", "SMNTC-108581", "SMNTC-108583", "SMNTC-108584", "SMNTC-108585", "SMNTC-108586", "SMNTC-108587", "SMNTC-108588", "SMNTC-108591", "SMNTC-108592", "SMNTC-108594", "SMNTC-108596", "SMNTC-108597", "SMNTC-108598", "SMNTC-108599", "SMNTC-108600", "SMNTC-108603", "SMNTC-108604", "SMNTC-108606", "SMNTC-108607", "SMNTC-108609", "SMNTC-108612", "SMNTC-108613", "SMNTC-108614", "SMNTC-108620", "SMNTC-108621", "SMNTC-108624", "SMNTC-108630", "SMNTC-108632", "SMNTC-108633", "SMNTC-108638", "SMNTC-108641", "SMNTC-108644", "SMNTC-108646", "SMNTC-108647", "SMNTC-108648", "SMNTC-108650", "SMNTC-108651", "SMNTC-108652", "SMNTC-108653", "SMNTC-108654", "SMNTC-108655", "SMNTC-108656", "SMNTC-108657", "SMNTC-108658", "SMNTC-108659", "SMNTC-108660", "SMNTC-108661", "SMNTC-108662", "SMNTC-108663", "SMNTC-108664", "SMNTC-108665", "SMNTC-108666", "SMNTC-108667", "SMNTC-108668", "SMNTC-108669", "SMNTC-108670", "SMNTC-108671", "SMNTC-108708", "SMNTC-108709"]}, {"type": "talosblog", "idList": ["TALOSBLOG:07D81B04EFE21AC0E3C8DD9F1F76E7A4", "TALOSBLOG:A2A267E7C20665C55127A15BC5B9F7BD"]}, {"type": "thn", "idList": ["THN:9B966D7333226606F54AD717A81F6D7E", "THN:DE75CD7956BAB116B16CC505A5BB0C47"]}, {"type": "threatpost", "idList": ["THREATPOST:040A4A9D0367AA2E807A97FB83D00240", "THREATPOST:32543D9C50E016B8E5F07112935E35F8", "THREATPOST:93C6C6F1F74B11C3D7F109589684DAED", "THREATPOST:F8F0749C57FDD3CABE842BDFEAD33452"]}, {"type": "zdi", "idList": ["ZDI-19-544", "ZDI-19-554", "ZDI-19-555", "ZDI-19-556", "ZDI-19-557", "ZDI-19-559", "ZDI-19-624", "ZDI-19-625", "ZDI-19-626", "ZDI-19-627", "ZDI-19-638", "ZDI-19-639", "ZDI-19-641", "ZDI-19-723"]}, {"type": "zdt", "idList": ["1337DAY-ID-32897", "1337DAY-ID-32977"]}]}, "score": {"value": 0.1, "vector": "NONE"}, "backreferences": {"references": [{"type": "androidsecurity", "idList": ["ANDROID:2019-06-01"]}, {"type": "apple", "idList": ["APPLE:44EB82A038A5905A4FF1CA22BF548D8A", "APPLE:8C5416054DEFC022B2CEE91325E63CED", "APPLE:F140693073F19FD842C6915DBBBD6D8D", "APPLE:HT210118", "APPLE:HT210119", "APPLE:HT210120"]}, {"type": "attackerkb", "idList": ["AKB:3BA931B8-DB42-4AF0-BC61-E13EE6D69AB6", "AKB:8CE70150-F954-40DE-8E58-D6B129E2C9CA", "AKB:B4447AA8-BD5F-410D-A592-76FEEDA507EA"]}, {"type": "cert", "idList": ["VU:119704"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-0714", "CPAI-2019-0715", "CPAI-2019-0716", "CPAI-2019-0717", "CPAI-2019-0718", "CPAI-2019-0719", "CPAI-2019-0721", "CPAI-2019-0723", "CPAI-2019-0724", "CPAI-2019-0725", "CPAI-2019-0726", "CPAI-2019-0727", "CPAI-2019-0728", "CPAI-2019-0729", "CPAI-2019-0730", "CPAI-2019-0731", "CPAI-2019-0732", "CPAI-2019-0734", "CPAI-2019-0736", "CPAI-2019-0737", "CPAI-2019-0738", "CPAI-2019-0739", "CPAI-2019-1459", "CPAI-2019-1509", "CPAI-2019-1531", "CPAI-2019-2139"]}, {"type": "cisa", "idList": ["CISA:60BECD302CACD014F496544254DCB720"]}, {"type": "cve", "idList": ["CVE-2019-0620", "CVE-2019-0709", "CVE-2019-0710", "CVE-2019-0711", "CVE-2019-0713", "CVE-2019-0722", "CVE-2019-0888", "CVE-2019-0904", "CVE-2019-0905", "CVE-2019-0906", "CVE-2019-0907", "CVE-2019-0908", "CVE-2019-0909", "CVE-2019-0920", "CVE-2019-0941", "CVE-2019-0943", "CVE-2019-0948", "CVE-2019-0972", "CVE-2019-0973", "CVE-2019-0974", "CVE-2019-0983", "CVE-2019-0984", "CVE-2019-0986", "CVE-2019-0988", "CVE-2019-0989", "CVE-2019-0990", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-0998", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1005", "CVE-2019-1007", "CVE-2019-1010", "CVE-2019-1012", "CVE-2019-1014", "CVE-2019-1017", "CVE-2019-1018", "CVE-2019-1019", "CVE-2019-1021", "CVE-2019-1023", "CVE-2019-1024", "CVE-2019-1025", "CVE-2019-1027", "CVE-2019-1028", "CVE-2019-1038", "CVE-2019-1039", "CVE-2019-1040", "CVE-2019-1043", "CVE-2019-1045", "CVE-2019-1046", "CVE-2019-1050", "CVE-2019-1051", "CVE-2019-1052", "CVE-2019-1053", "CVE-2019-1054", "CVE-2019-1055", "CVE-2019-1064", "CVE-2019-1069", "CVE-2019-1080", "CVE-2019-1081", "CVE-2019-2102"]}, {"type": "exploitdb", "idList": ["EDB-ID:40863"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:13A5BB141ECA5CA8BCF5F91ACC56BA13"]}, {"type": "github", "idList": ["GHSA-2RFJ-2MWP-787V", "GHSA-53R4-H27G-RG3X", "GHSA-6973-94V8-5MGW", "GHSA-9824-RP6M-XX9W", "GHSA-W32P-76XR-88PC"]}, {"type": "githubexploit", "idList": ["1FEBEBF0-4E44-56B3-8111-2B2357BDD6B6", "28F899A8-D565-51D0-A9B5-5B2B631407EB", "57B37641-B730-5A1F-B4B5-1728366E36B9", "5A536F24-BD78-5071-8727-80AB3F4AB1CF", "6531DE99-76A6-5374-998A-30AC54C10711", "9CA0821B-A68F-559D-A2DC-1658BCCCC461", "9D170C46-A745-5692-BA84-67EBFEA037FF", "A839FA86-0873-592C-AA31-2C445B4C4F29", "AE9D3A7C-7BEB-54EA-9C61-A03C494D5EDD", "C82E0A5A-3070-5ED4-A0CF-B3E342C5E0C1", "DF0D0EC0-2878-5E37-A5C6-0C8FE794F7C7", "E49AB3DC-CC90-5210-8D8E-97BFBAEB2B5C", "F14831DC-287D-51D9-A831-971C21783F04", "FBA74A16-061A-5741-B662-B77D2C6DF28F"]}, {"type": "impervablog", "idList": ["IMPERVABLOG:A30E92D9B177CCFF9F5476DD34E25F51"]}, {"type": "kaspersky", "idList": ["KLA11493", "KLA11500", "KLA11874"]}, {"type": "kitploit", "idList": ["KITPLOIT:3386831261888925588", "KITPLOIT:3701426813255055656"]}, {"type": "krebs", "idList": ["KREBS:72AD883B9D56B1738723ABBD656A0AED"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-BLUETOOTH-CVE-2019-2102/", "MSF:ILITIES/MSFT-CVE-2019-2102/"]}, {"type": "mscve", "idList": ["MS:ADV190016", "MS:CVE-2019-0620", "MS:CVE-2019-0709", "MS:CVE-2019-0710", "MS:CVE-2019-0711", "MS:CVE-2019-0713", "MS:CVE-2019-0722", "MS:CVE-2019-0888", "MS:CVE-2019-0904", "MS:CVE-2019-0905", "MS:CVE-2019-0906", "MS:CVE-2019-0907", "MS:CVE-2019-0908", "MS:CVE-2019-0909", "MS:CVE-2019-0920", "MS:CVE-2019-0941", "MS:CVE-2019-0943", "MS:CVE-2019-0948", "MS:CVE-2019-0972", "MS:CVE-2019-0973", "MS:CVE-2019-0974", "MS:CVE-2019-0983", "MS:CVE-2019-0984", "MS:CVE-2019-0986", "MS:CVE-2019-0988", "MS:CVE-2019-0989", "MS:CVE-2019-0990", "MS:CVE-2019-0991", "MS:CVE-2019-0992", "MS:CVE-2019-0993", "MS:CVE-2019-0998", "MS:CVE-2019-1002", "MS:CVE-2019-1003", "MS:CVE-2019-1005", "MS:CVE-2019-1007", "MS:CVE-2019-1010", "MS:CVE-2019-1012", "MS:CVE-2019-1014", "MS:CVE-2019-1017", "MS:CVE-2019-1018", "MS:CVE-2019-1019", "MS:CVE-2019-1021", "MS:CVE-2019-1023", "MS:CVE-2019-1024", "MS:CVE-2019-1025", "MS:CVE-2019-1027", "MS:CVE-2019-1028", "MS:CVE-2019-1038", "MS:CVE-2019-1039", "MS:CVE-2019-1040", "MS:CVE-2019-1043", "MS:CVE-2019-1045", "MS:CVE-2019-1046", "MS:CVE-2019-1050", "MS:CVE-2019-1051", "MS:CVE-2019-1052", "MS:CVE-2019-1053", "MS:CVE-2019-1054", "MS:CVE-2019-1055", "MS:CVE-2019-1064", "MS:CVE-2019-1069", "MS:CVE-2019-1080", "MS:CVE-2019-1081"]}, {"type": "mskb", "idList": ["KB4503292"]}, {"type": "myhack58", "idList": ["MYHACK58:62201994853"]}, {"type": "nessus", "idList": ["SMB_NT_MS19_JUN_4503285.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310815085", "OPENVAS:1361412562310815086", "OPENVAS:1361412562310815088", "OPENVAS:1361412562310815205", "OPENVAS:1361412562310815206", "OPENVAS:1361412562310815207", "OPENVAS:1361412562310815208", "OPENVAS:1361412562310815210", "OPENVAS:1361412562310815410", "OPENVAS:1361412562310815431"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:548A2D8484377A20A276BF58474488F7"]}, {"type": "securelist", "idList": ["SECURELIST:78FB952921DD97BAF55DA33811CB6FE4"]}, {"type": "symantec", "idList": ["SMNTC-108612"]}, {"type": "talosblog", "idList": ["TALOSBLOG:07D81B04EFE21AC0E3C8DD9F1F76E7A4", "TALOSBLOG:A2A267E7C20665C55127A15BC5B9F7BD"]}, {"type": "thn", "idList": ["THN:9B966D7333226606F54AD717A81F6D7E"]}, {"type": "threatpost", "idList": ["THREATPOST:040A4A9D0367AA2E807A97FB83D00240", "THREATPOST:32543D9C50E016B8E5F07112935E35F8", "THREATPOST:93C6C6F1F74B11C3D7F109589684DAED"]}, {"type": "zdi", "idList": ["ZDI-19-554", "ZDI-19-627", "ZDI-19-638", "ZDI-19-641", "ZDI-19-723"]}, {"type": "zdt", "idList": ["1337DAY-ID-32897"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2019-1019", "epss": "0.005420000", "percentile": "0.738330000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0943", "epss": "0.000420000", "percentile": "0.004980000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1007", "epss": "0.000430000", "percentile": "0.073860000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1018", "epss": "0.000430000", "percentile": "0.073860000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0908", "epss": "0.057740000", "percentile": "0.921780000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0998", "epss": "0.000430000", "percentile": "0.073860000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0983", "epss": "0.000430000", "percentile": "0.073860000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0989", "epss": "0.027460000", "percentile": "0.889180000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0974", "epss": "0.037990000", "percentile": "0.904520000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0906", "epss": "0.038950000", "percentile": "0.905570000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0710", "epss": "0.000430000", "percentile": "0.073860000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1039", "epss": "0.000430000", "percentile": "0.073860000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1045", "epss": "0.000430000", "percentile": "0.073860000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0948", "epss": "0.001090000", "percentile": "0.422820000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0713", "epss": "0.000430000", "percentile": "0.073860000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1005", "epss": "0.022770000", "percentile": "0.879120000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1027", "epss": "0.000430000", "percentile": "0.073860000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0905", "epss": "0.037990000", "percentile": "0.904520000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1064", "epss": "0.935880000", "percentile": "0.985400000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0909", "epss": "0.037990000", "percentile": "0.904520000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1050", "epss": "0.282470000", "percentile": "0.961160000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0709", "epss": "0.000950000", "percentile": "0.385740000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0986", "epss": "0.000660000", "percentile": "0.270220000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1003", "epss": "0.027460000", "percentile": "0.889180000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0988", "epss": "0.034230000", "percentile": "0.899670000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1055", "epss": "0.022770000", "percentile": "0.879120000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1040", "epss": "0.448210000", "percentile": "0.967710000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1021", "epss": "0.000430000", "percentile": "0.073860000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1051", "epss": "0.027460000", "percentile": "0.889180000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1038", "epss": "0.022770000", "percentile": "0.879120000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0984", "epss": "0.000430000", "percentile": "0.073860000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0888", "epss": "0.037990000", "percentile": "0.904520000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0941", "epss": "0.001930000", "percentile": "0.552810000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0620", "epss": "0.000950000", "percentile": "0.385740000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1081", "epss": "0.003980000", "percentile": "0.694500000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0972", "epss": "0.001530000", "percentile": "0.497820000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1017", "epss": "0.000430000", "percentile": "0.073860000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1080", "epss": "0.022770000", "percentile": "0.879120000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0991", "epss": "0.027460000", "percentile": "0.889180000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1069", "epss": "0.002700000", "percentile": "0.627240000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1053", "epss": "0.002200000", "percentile": "0.581750000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0907", "epss": "0.037990000", "percentile": "0.904520000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1012", "epss": "0.282470000", "percentile": "0.961160000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0992", "epss": "0.027460000", "percentile": "0.889180000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0993", "epss": "0.027460000", "percentile": "0.889180000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0920", "epss": "0.051200000", "percentile": "0.917010000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0722", "epss": "0.006870000", "percentile": "0.770010000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1043", "epss": "0.019580000", "percentile": "0.868930000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1002", "epss": "0.027460000", "percentile": "0.889180000", "modified": "2023-03-15"}, {"cve": "CVE-2019-2102", "epss": "0.000760000", "percentile": "0.307340000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1010", "epss": "0.282470000", "percentile": "0.961160000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1046", "epss": "0.001970000", "percentile": "0.558700000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1028", "epss": "0.000430000", "percentile": "0.073860000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0904", "epss": "0.037990000", "percentile": "0.904520000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0973", "epss": "0.000430000", "percentile": "0.073860000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1025", "epss": "0.002010000", "percentile": "0.561910000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0711", "epss": "0.000430000", "percentile": "0.073860000", "modified": "2023-03-15"}, {"cve": "CVE-2019-0990", "epss": "0.045020000", "percentile": "0.911720000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1014", "epss": "0.000430000", "percentile": "0.073860000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1023", "epss": "0.045020000", "percentile": "0.911720000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1054", "epss": "0.001750000", "percentile": "0.529240000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1024", "epss": "0.027460000", "percentile": "0.889180000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1052", "epss": "0.027460000", "percentile": "0.889180000", "modified": "2023-03-15"}], "vulnersScore": 0.1}, "_state": {"dependencies": 1678957314, "score": 1678957448, "epss": 1678957426}, "_internal": {"score_hash": "fb7bdb9207028bf50469ffba18de72ac"}, "pluginID": "1361412562310815087", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815087\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-0620\", \"CVE-2019-0709\", \"CVE-2019-0710\", \"CVE-2019-0711\",\n \"CVE-2019-0713\", \"CVE-2019-0722\", \"CVE-2019-0888\", \"CVE-2019-0904\",\n \"CVE-2019-0905\", \"CVE-2019-0906\", \"CVE-2019-0907\", \"CVE-2019-0908\",\n \"CVE-2019-0909\", \"CVE-2019-0920\", \"CVE-2019-0941\", \"CVE-2019-0943\",\n \"CVE-2019-0948\", \"CVE-2019-0972\", \"CVE-2019-0973\", \"CVE-2019-0974\",\n \"CVE-2019-0983\", \"CVE-2019-0984\", \"CVE-2019-0986\", \"CVE-2019-0988\",\n \"CVE-2019-0989\", \"CVE-2019-0990\", \"CVE-2019-0991\", \"CVE-2019-0992\",\n \"CVE-2019-0993\", \"CVE-2019-0998\", \"CVE-2019-1002\", \"CVE-2019-1003\",\n \"CVE-2019-1005\", \"CVE-2019-1007\", \"CVE-2019-1010\", \"CVE-2019-1012\",\n \"CVE-2019-1014\", \"CVE-2019-1017\", \"CVE-2019-1018\", \"CVE-2019-1019\",\n \"CVE-2019-1021\", \"CVE-2019-1023\", \"CVE-2019-1024\", \"CVE-2019-1025\",\n \"CVE-2019-1027\", \"CVE-2019-1028\", \"CVE-2019-1038\", \"CVE-2019-1039\",\n \"CVE-2019-1040\", \"CVE-2019-1043\", \"CVE-2019-1045\", \"CVE-2019-1046\",\n \"CVE-2019-1050\", \"CVE-2019-1051\", \"CVE-2019-1052\", \"CVE-2019-1053\",\n \"CVE-2019-1054\", \"CVE-2019-1055\", \"CVE-2019-1064\", \"CVE-2019-1069\",\n \"CVE-2019-1080\", \"CVE-2019-1081\", \"CVE-2019-2102\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-06-12 09:25:15 +0530 (Wed, 12 Jun 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4503284)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4503284\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Windows kernel improperly initializes objects in memory.\n\n - Chakra scripting engine improperly handles objects in memory in Microsoft\n Edge.\n\n - Microsoft Hyper-V on a host server fails to properly validate input from a\n privileged user on a guest operating system.\n\n - Windows Jet Database Engine improperly handles objects in memory.\n\n - Windows Common Log File System (CLFS) driver improperly handles objects in\n memory.\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to execute arbitrary code on a victim system, escalate privileges, bypass\n security restrictions, disclose sensitive information and cause a denial of\n service condition on a victim system.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1709 for 32-bit Systems\n\n - Microsoft Windows 10 Version 1709 for 64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4503284\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer)\n exit(0);\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.16299.0\", test_version2:\"11.0.16299.1216\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.16299.0 - 11.0.16299.1216\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "naslFamily": "Windows : Microsoft Bulletins"}

{"openvas": [{"lastseen": "2020-07-21T20:40:57", "description": "This host is missing a critical security\n update according to Microsoft KB4503279", "cvss3": {}, "published": "2019-06-12T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4503279)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1019", "CVE-2019-0943", "CVE-2019-1007", "CVE-2019-1018", "CVE-2019-0908", "CVE-2019-0983", "CVE-2019-0989", "CVE-2019-0974", "CVE-2019-0906", "CVE-2019-0710", "CVE-2019-1039", "CVE-2019-1045", "CVE-2019-0948", "CVE-2019-0713", "CVE-2019-1005", "CVE-2019-0905", "CVE-2019-1064", "CVE-2019-0909", "CVE-2019-1050", "CVE-2019-0709", "CVE-2019-0986", "CVE-2019-1003", "CVE-2019-0988", "CVE-2019-1055", "CVE-2019-1040", "CVE-2019-1021", "CVE-2019-1051", "CVE-2019-1038", "CVE-2019-0984", "CVE-2019-0888", "CVE-2019-0941", "CVE-2019-0620", "CVE-2019-1081", "CVE-2019-0972", "CVE-2019-1017", "CVE-2019-1080", "CVE-2019-0991", "CVE-2019-1069", "CVE-2019-1053", "CVE-2019-0907", "CVE-2019-1012", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-0920", "CVE-2019-0722", "CVE-2019-1043", "CVE-2019-1002", "CVE-2019-2102", "CVE-2019-1010", "CVE-2019-1046", "CVE-2019-1028", "CVE-2019-0904", "CVE-2019-0973", "CVE-2019-1025", "CVE-2019-0711", "CVE-2019-0990", "CVE-2019-1014", "CVE-2019-1023", "CVE-2019-1054", "CVE-2019-1024", "CVE-2019-1052"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815086", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815086", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815086\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-2102\", \"CVE-2019-0620\", \"CVE-2019-0709\", \"CVE-2019-0710\",\n \"CVE-2019-0711\", \"CVE-2019-0713\", \"CVE-2019-0722\", \"CVE-2019-0888\",\n \"CVE-2019-0904\", \"CVE-2019-0905\", \"CVE-2019-0906\", \"CVE-2019-0907\",\n \"CVE-2019-0908\", \"CVE-2019-0909\", \"CVE-2019-0920\", \"CVE-2019-0941\",\n \"CVE-2019-0943\", \"CVE-2019-0948\", \"CVE-2019-0972\", \"CVE-2019-0973\",\n \"CVE-2019-0974\", \"CVE-2019-0983\", \"CVE-2019-0984\", \"CVE-2019-0986\",\n \"CVE-2019-0988\", \"CVE-2019-0989\", \"CVE-2019-0990\", \"CVE-2019-0991\",\n \"CVE-2019-0992\", \"CVE-2019-0993\", \"CVE-2019-1002\", \"CVE-2019-1003\",\n \"CVE-2019-1005\", \"CVE-2019-1007\", \"CVE-2019-1010\", \"CVE-2019-1012\",\n \"CVE-2019-1014\", \"CVE-2019-1017\", \"CVE-2019-1018\", \"CVE-2019-1019\",\n \"CVE-2019-1021\", \"CVE-2019-1023\", \"CVE-2019-1024\", \"CVE-2019-1025\",\n \"CVE-2019-1028\", \"CVE-2019-1038\", \"CVE-2019-1039\", \"CVE-2019-1040\",\n \"CVE-2019-1043\", \"CVE-2019-1045\", \"CVE-2019-1046\", \"CVE-2019-1050\",\n \"CVE-2019-1051\", \"CVE-2019-1052\", \"CVE-2019-1053\", \"CVE-2019-1054\",\n \"CVE-2019-1055\", \"CVE-2019-1064\", \"CVE-2019-1069\", \"CVE-2019-1080\",\n \"CVE-2019-1081\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-06-12 08:59:34 +0530 (Wed, 12 Jun 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4503279)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4503279\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Windows kernel improperly initializes objects in memory.\n\n - Chakra scripting engine handles objects in memory in Microsoft Edge.\n\n - Microsoft Hyper-V on a host server fails to properly validate input from\n a privileged user on a guest operating system.\n\n - Windows Jet Database Engine improperly handles objects in memory.\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to execute arbitrary code on a victim system, escalate privileges, bypass\n security restrictions, disclose sensitive information and cause a denial of\n service condition on a victim system.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Windows 10 Version 1703 x32/x64.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4503279\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer)\n exit(0);\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.15063.0\", test_version2:\"11.0.15063.1867\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.15063.0 - 11.0.15063.1867\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:54", "description": "This host is missing a critical security\n update according to Microsoft KB4503267", "cvss3": {}, "published": "2019-06-12T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4503267)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1019", "CVE-2019-0943", "CVE-2019-1007", "CVE-2019-1018", "CVE-2019-0908", "CVE-2019-0983", "CVE-2019-0989", "CVE-2019-0974", "CVE-2019-0906", "CVE-2019-0710", "CVE-2019-1039", "CVE-2019-0948", "CVE-2019-0713", "CVE-2019-1005", "CVE-2019-0905", "CVE-2019-1064", "CVE-2019-0909", "CVE-2019-1050", "CVE-2019-0709", "CVE-2019-0986", "CVE-2019-1003", "CVE-2019-0988", "CVE-2019-1055", "CVE-2019-1040", "CVE-2019-1051", "CVE-2019-1038", "CVE-2019-0984", "CVE-2019-0888", "CVE-2019-0941", "CVE-2019-0620", "CVE-2019-1081", "CVE-2019-0972", "CVE-2019-1017", "CVE-2019-1080", "CVE-2019-0991", "CVE-2019-1069", "CVE-2019-1053", "CVE-2019-0907", "CVE-2019-1012", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-0920", "CVE-2019-0722", "CVE-2019-1043", "CVE-2019-1002", "CVE-2019-2102", "CVE-2019-1010", "CVE-2019-1046", "CVE-2019-1028", "CVE-2019-0904", "CVE-2019-0973", "CVE-2019-1025", "CVE-2019-0711", "CVE-2019-0990", "CVE-2019-1014", "CVE-2019-1023", "CVE-2019-1054", "CVE-2019-1052"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815207", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815207", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815207\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-0974\", \"CVE-2019-0983\", \"CVE-2019-0984\", \"CVE-2019-1050\",\n \"CVE-2019-1051\", \"CVE-2019-1052\", \"CVE-2019-0620\", \"CVE-2019-0709\",\n \"CVE-2019-0710\", \"CVE-2019-1010\", \"CVE-2019-1012\", \"CVE-2019-0711\",\n \"CVE-2019-0713\", \"CVE-2019-0722\", \"CVE-2019-1014\", \"CVE-2019-0888\",\n \"CVE-2019-0904\", \"CVE-2019-0905\", \"CVE-2019-1017\", \"CVE-2019-1018\",\n \"CVE-2019-1019\", \"CVE-2019-0906\", \"CVE-2019-0907\", \"CVE-2019-1023\",\n \"CVE-2019-1025\", \"CVE-2019-0908\", \"CVE-2019-0909\", \"CVE-2019-1028\",\n \"CVE-2019-0920\", \"CVE-2019-0941\", \"CVE-2019-0943\", \"CVE-2019-1038\",\n \"CVE-2019-1039\", \"CVE-2019-0948\", \"CVE-2019-1040\", \"CVE-2019-1043\",\n \"CVE-2019-0972\", \"CVE-2019-0973\", \"CVE-2019-1046\", \"CVE-2019-0986\",\n \"CVE-2019-0988\", \"CVE-2019-0989\", \"CVE-2019-1053\", \"CVE-2019-1054\",\n \"CVE-2019-1055\", \"CVE-2019-1064\", \"CVE-2019-0990\", \"CVE-2019-0991\",\n \"CVE-2019-0992\", \"CVE-2019-0993\", \"CVE-2019-1069\", \"CVE-2019-1080\",\n \"CVE-2019-1081\", \"CVE-2019-1002\", \"CVE-2019-1003\", \"CVE-2019-1005\",\n \"CVE-2019-1007\", \"CVE-2019-2102\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-06-12 09:37:10 +0530 (Wed, 12 Jun 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4503267)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4503267\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Windows kernel improperly initializes objects in memory.\n\n - Chakra scripting engine improperly handles objects in memory in\n Microsoft Edge.\n\n - Microsoft Hyper-V on a host server fails to properly validate input from\n a privileged user on a guest operating system.\n\n - ActiveX Data Objects (ADO) improerly handle objects in memory.\n\n - Windows Jet Database Engine improperly handles objects in memory.\n\n - Windows AppX Deployment Service (AppXSVC) improperly handles hard links.\n\n - Windows GDI component improperly discloses the contents of its memory.\n\n - Task Scheduler Service improperly validates certain file operations.\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to execute arbitrary code in kernel mode, elevate privileges\n by escaping a sandbox, gain access to sensitive information, run\n processes and delete files and folders in an elevated context.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1607 x32/x64\n\n - Microsoft Windows Server 2016\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4503267\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1, win2016:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer)\n exit(0);\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.14393.0\", test_version2:\"11.0.14393.3023\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.14393.0 - 11.0.14393.3023\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:42", "description": "This host is missing a critical security\n update according to Microsoft KB4503276", "cvss3": {}, "published": "2019-06-12T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4503276)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1019", "CVE-2019-0943", "CVE-2019-0908", "CVE-2019-0974", "CVE-2019-0906", "CVE-2019-0710", "CVE-2019-1039", "CVE-2019-1045", "CVE-2019-0948", "CVE-2019-0713", "CVE-2019-1005", "CVE-2019-0905", "CVE-2019-0909", "CVE-2019-1050", "CVE-2019-0986", "CVE-2019-0988", "CVE-2019-1055", "CVE-2019-1040", "CVE-2019-1038", "CVE-2019-0984", "CVE-2019-0888", "CVE-2019-0941", "CVE-2019-0620", "CVE-2019-1081", "CVE-2019-0972", "CVE-2019-1017", "CVE-2019-1080", "CVE-2019-1053", "CVE-2019-0907", "CVE-2019-1012", "CVE-2019-0920", "CVE-2019-0722", "CVE-2019-1043", "CVE-2019-2102", "CVE-2019-1010", "CVE-2019-1046", "CVE-2019-1028", "CVE-2019-0904", "CVE-2019-0973", "CVE-2019-1025", "CVE-2019-0711", "CVE-2019-1014"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815210", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815210", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815210\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-0620\", \"CVE-2019-0710\", \"CVE-2019-0711\", \"CVE-2019-0713\",\n \"CVE-2019-0722\", \"CVE-2019-0888\", \"CVE-2019-0904\", \"CVE-2019-0905\",\n \"CVE-2019-0906\", \"CVE-2019-0907\", \"CVE-2019-0908\", \"CVE-2019-0909\",\n \"CVE-2019-0920\", \"CVE-2019-0941\", \"CVE-2019-0943\", \"CVE-2019-0948\",\n \"CVE-2019-0972\", \"CVE-2019-0973\", \"CVE-2019-0974\", \"CVE-2019-0984\",\n \"CVE-2019-0986\", \"CVE-2019-0988\", \"CVE-2019-1005\", \"CVE-2019-1010\",\n \"CVE-2019-1012\", \"CVE-2019-1014\", \"CVE-2019-1017\", \"CVE-2019-1019\",\n \"CVE-2019-1025\", \"CVE-2019-1028\", \"CVE-2019-1038\", \"CVE-2019-1039\",\n \"CVE-2019-1040\", \"CVE-2019-1043\", \"CVE-2019-1045\", \"CVE-2019-1046\",\n \"CVE-2019-1050\", \"CVE-2019-1053\", \"CVE-2019-1055\", \"CVE-2019-1080\",\n \"CVE-2019-1081\", \"CVE-2019-2102\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-06-12 11:42:30 +0530 (Wed, 12 Jun 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4503276)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4503276\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - ActiveX Data Objects (ADO) improperly handle objects in memory.\n\n - Microsoft Hyper-V on a host server fails to properly validate input from\n an authenticated user on a guest operating system.\n\n - Windows Installer fails to properly sanitize input.\n\n - Windows Common Log File System (CLFS) driver improperly handles objects\n in memory.\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n an attacker to execute arbitrary code, elevate privileges by escaping a\n sandbox, gain access to sensitive information, run processes and\n delete files and folders in an elevated context.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 8.1 for 32-bit/x64\n\n - Microsoft Windows Server 2012 R2\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4503276\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win8_1:1, win8_1x64:1, win2012R2:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\ndllVer = fetch_file_version(sysPath:sysPath, file_name:\"Inetcomm.dll\");\nif(!dllVer)\n exit(0);\n\nif(version_is_less(version:dllVer, test_version:\"6.3.9600.19377\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Inetcomm.dll\",\n file_version:dllVer, vulnerable_range:\"Less than 6.3.9600.19377\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:55", "description": "This host is missing a critical security\n update according to Microsoft KB4503291", "cvss3": {}, "published": "2019-06-12T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4503291)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1019", "CVE-2019-0943", "CVE-2019-1007", "CVE-2019-1018", "CVE-2019-0908", "CVE-2019-0989", "CVE-2019-0974", "CVE-2019-0906", "CVE-2019-0710", "CVE-2019-1039", "CVE-2019-1045", "CVE-2019-0948", "CVE-2019-0713", "CVE-2019-1005", "CVE-2019-0905", "CVE-2019-0909", "CVE-2019-1050", "CVE-2019-0709", "CVE-2019-0986", "CVE-2019-1003", "CVE-2019-0988", "CVE-2019-1055", "CVE-2019-1040", "CVE-2019-1051", "CVE-2019-1038", "CVE-2019-0984", "CVE-2019-0888", "CVE-2019-0941", "CVE-2019-0620", "CVE-2019-1081", "CVE-2019-0972", "CVE-2019-1017", "CVE-2019-1080", "CVE-2019-0991", "CVE-2019-1069", "CVE-2019-1053", "CVE-2019-0907", "CVE-2019-1012", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-0920", "CVE-2019-0722", "CVE-2019-1043", "CVE-2019-1002", "CVE-2019-2102", "CVE-2019-1010", "CVE-2019-1046", "CVE-2019-1028", "CVE-2019-0904", "CVE-2019-0973", "CVE-2019-1025", "CVE-2019-0711", "CVE-2019-0990", "CVE-2019-1014", "CVE-2019-1023", "CVE-2019-1052"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815205", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815205", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815205\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-0974\", \"CVE-2019-0984\", \"CVE-2019-1050\", \"CVE-2019-1051\",\n \"CVE-2019-1052\", \"CVE-2019-0620\", \"CVE-2019-0709\", \"CVE-2019-0710\",\n \"CVE-2019-1010\", \"CVE-2019-1012\", \"CVE-2019-0711\", \"CVE-2019-0713\",\n \"CVE-2019-0722\", \"CVE-2019-1014\", \"CVE-2019-0888\", \"CVE-2019-0904\",\n \"CVE-2019-0905\", \"CVE-2019-1017\", \"CVE-2019-1018\", \"CVE-2019-1019\",\n \"CVE-2019-0906\", \"CVE-2019-0907\", \"CVE-2019-1023\", \"CVE-2019-1025\",\n \"CVE-2019-0908\", \"CVE-2019-0909\", \"CVE-2019-1028\", \"CVE-2019-0920\",\n \"CVE-2019-0941\", \"CVE-2019-0943\", \"CVE-2019-1038\", \"CVE-2019-1039\",\n \"CVE-2019-0948\", \"CVE-2019-1040\", \"CVE-2019-1043\", \"CVE-2019-0972\",\n \"CVE-2019-0973\", \"CVE-2019-1045\", \"CVE-2019-1046\", \"CVE-2019-0986\",\n \"CVE-2019-0988\", \"CVE-2019-0989\", \"CVE-2019-1053\", \"CVE-2019-1055\",\n \"CVE-2019-0990\", \"CVE-2019-0991\", \"CVE-2019-0992\", \"CVE-2019-0993\",\n \"CVE-2019-1069\", \"CVE-2019-1080\", \"CVE-2019-1081\", \"CVE-2019-1002\",\n \"CVE-2019-1003\", \"CVE-2019-1005\", \"CVE-2019-1007\", \"CVE-2019-2102\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-06-12 09:29:24 +0530 (Wed, 12 Jun 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4503291)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4503291\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Windows kernel improperly initializes objects in memory.\n\n - Chakra scripting engine improperly handles objects in memory in\n Microsoft Edge.\n\n - Microsoft Hyper-V on a host server fails to properly validate input from\n a privileged user on a guest operating system.\n\n - ActiveX Data Objects (ADO) improperly handle objects in memory.\n\n - Windows Jet Database Engine improperly handles objects in memory.\n\n - Windows GDI component improperly discloses the contents of its\n memory.\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to execute arbitrary code in kernel mode, elevate privileges\n by escaping a sandbox, gain access to sensitive information, run processes\n and delete files and folders in an elevated context.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 for 32-bit Systems\n\n - Microsoft Windows 10 for x64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4503291\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer)\n exit(0);\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.10240.0\", test_version2:\"11.0.10240.18243\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.10240.0 - 11.0.10240.18243\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:41", "description": "This host is missing a critical security\n update according to Microsoft KB4503293", "cvss3": {}, "published": "2019-06-12T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4503293)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1065", "CVE-2019-1019", "CVE-2019-0943", "CVE-2019-1007", "CVE-2019-1026", "CVE-2019-0908", "CVE-2019-0998", "CVE-2019-0983", "CVE-2019-0989", "CVE-2019-0974", "CVE-2019-0906", "CVE-2019-1039", "CVE-2019-0948", "CVE-2019-1005", "CVE-2019-1027", "CVE-2019-0905", "CVE-2019-1022", "CVE-2019-1064", "CVE-2019-0909", "CVE-2019-1050", "CVE-2019-0986", "CVE-2019-1003", "CVE-2019-0988", "CVE-2019-1055", "CVE-2019-1040", "CVE-2019-1021", "CVE-2019-1051", "CVE-2019-1038", "CVE-2019-0984", "CVE-2019-0888", "CVE-2019-0941", "CVE-2019-0620", "CVE-2019-1081", "CVE-2019-0972", "CVE-2019-1017", "CVE-2019-1080", "CVE-2019-0991", "CVE-2019-1069", "CVE-2019-1053", "CVE-2019-0907", "CVE-2019-1012", "CVE-2019-0992", "CVE-2019-1041", "CVE-2019-0993", "CVE-2019-0920", "CVE-2019-0959", "CVE-2019-0722", "CVE-2019-1043", "CVE-2019-2102", "CVE-2019-1010", "CVE-2019-1046", "CVE-2019-1028", "CVE-2019-0904", "CVE-2019-0973", "CVE-2019-1025", "CVE-2019-0990", "CVE-2019-1014", "CVE-2019-1023", "CVE-2019-1054", "CVE-2019-1024", "CVE-2019-1052"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815085", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815085", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815085\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-2102\", \"CVE-2019-0620\", \"CVE-2019-0722\", \"CVE-2019-0888\",\n \"CVE-2019-0904\", \"CVE-2019-0905\", \"CVE-2019-0906\", \"CVE-2019-0907\",\n \"CVE-2019-0908\", \"CVE-2019-0909\", \"CVE-2019-0920\", \"CVE-2019-0941\",\n \"CVE-2019-0943\", \"CVE-2019-0948\", \"CVE-2019-0959\", \"CVE-2019-0972\",\n \"CVE-2019-0973\", \"CVE-2019-0974\", \"CVE-2019-0983\", \"CVE-2019-0984\",\n \"CVE-2019-0986\", \"CVE-2019-0988\", \"CVE-2019-0989\", \"CVE-2019-0990\",\n \"CVE-2019-0991\", \"CVE-2019-0992\", \"CVE-2019-0993\", \"CVE-2019-0998\",\n \"CVE-2019-1003\", \"CVE-2019-1005\", \"CVE-2019-1007\", \"CVE-2019-1010\",\n \"CVE-2019-1012\", \"CVE-2019-1014\", \"CVE-2019-1017\", \"CVE-2019-1019\",\n \"CVE-2019-1021\", \"CVE-2019-1022\", \"CVE-2019-1023\", \"CVE-2019-1024\",\n \"CVE-2019-1025\", \"CVE-2019-1026\", \"CVE-2019-1027\", \"CVE-2019-1028\",\n \"CVE-2019-1038\", \"CVE-2019-1039\", \"CVE-2019-1040\", \"CVE-2019-1041\",\n \"CVE-2019-1043\", \"CVE-2019-1046\", \"CVE-2019-1050\", \"CVE-2019-1051\",\n \"CVE-2019-1052\", \"CVE-2019-1053\", \"CVE-2019-1054\", \"CVE-2019-1055\",\n \"CVE-2019-1064\", \"CVE-2019-1065\", \"CVE-2019-1069\", \"CVE-2019-1080\",\n \"CVE-2019-1081\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-06-12 08:40:30 +0530 (Wed, 12 Jun 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4503293)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4503293\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Windows kernel improperly initializes objects in memory.\n\n - Chakra scripting engine improperly handles objects in memory in\n Microsoft Edge.\n\n - ActiveX Data Objects (ADO) improperly handle objects in memory.\n\n - Windows GDI component improperly discloses the contents of its memory.\n\n - Windows AppX Deployment Service (AppXSVC) improperly handles hard links.\n\n - Windows kernel fails to properly handle objects in memory.\n\n - Windows Common Log File System (CLFS) driver improperly handles objects in\n memory.\n\n - A misconfiguration in the Bluetooth pairing protocols\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to execute arbitrary code on a victim system, escalate privileges, bypass\n security restrictions, disclose sensitive information and cause a denial of\n service condition on a victim system.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1903 for 32-bit Systems\n\n - Microsoft Windows 10 Version 1903 for x64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4503293\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer)\n exit(0);\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.18362.0\", test_version2:\"11.0.18362.174\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.18362.0 - 11.0.18362.174\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:58", "description": "This host is missing a critical security\n update according to Microsoft KB4503286", "cvss3": {}, "published": "2019-06-12T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4503286)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1065", "CVE-2019-1019", "CVE-2019-0943", "CVE-2019-1007", "CVE-2019-1026", "CVE-2019-1018", "CVE-2019-0908", "CVE-2019-0998", "CVE-2019-0983", "CVE-2019-0989", "CVE-2019-0974", "CVE-2019-0906", "CVE-2019-0710", "CVE-2019-1039", "CVE-2019-0948", "CVE-2019-0713", "CVE-2019-1005", "CVE-2019-1027", "CVE-2019-0905", "CVE-2019-1064", "CVE-2019-0909", "CVE-2019-1050", "CVE-2019-0986", "CVE-2019-1003", "CVE-2019-0988", "CVE-2019-1055", "CVE-2019-1040", "CVE-2019-1021", "CVE-2019-1051", "CVE-2019-1038", "CVE-2019-0984", "CVE-2019-0888", "CVE-2019-0941", "CVE-2019-0620", "CVE-2019-1081", "CVE-2019-0972", "CVE-2019-1017", "CVE-2019-1080", "CVE-2019-0991", "CVE-2019-1069", "CVE-2019-1053", "CVE-2019-0907", "CVE-2019-1012", "CVE-2019-0992", "CVE-2019-1041", "CVE-2019-0993", "CVE-2019-0920", "CVE-2019-0959", "CVE-2019-0722", "CVE-2019-1043", "CVE-2019-1002", "CVE-2019-2102", "CVE-2019-1010", "CVE-2019-1046", "CVE-2019-1028", "CVE-2019-0904", "CVE-2019-0973", "CVE-2019-1025", "CVE-2019-0711", "CVE-2019-0990", "CVE-2019-1014", "CVE-2019-1023", "CVE-2019-1054", "CVE-2019-1024", "CVE-2019-1052"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815206", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815206", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815206\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-0974\", \"CVE-2019-0983\", \"CVE-2019-0984\", \"CVE-2019-1050\",\n \"CVE-2019-1051\", \"CVE-2019-1052\", \"CVE-2019-0620\", \"CVE-2019-0710\",\n \"CVE-2019-1010\", \"CVE-2019-1012\", \"CVE-2019-0711\", \"CVE-2019-0713\",\n \"CVE-2019-0722\", \"CVE-2019-1014\", \"CVE-2019-0888\", \"CVE-2019-0904\",\n \"CVE-2019-1017\", \"CVE-2019-1018\", \"CVE-2019-1019\", \"CVE-2019-0905\",\n \"CVE-2019-0906\", \"CVE-2019-0907\", \"CVE-2019-1021\", \"CVE-2019-1023\",\n \"CVE-2019-1024\", \"CVE-2019-1025\", \"CVE-2019-0908\", \"CVE-2019-0909\",\n \"CVE-2019-1026\", \"CVE-2019-1027\", \"CVE-2019-1028\", \"CVE-2019-0920\",\n \"CVE-2019-0941\", \"CVE-2019-0943\", \"CVE-2019-1038\", \"CVE-2019-1039\",\n \"CVE-2019-0948\", \"CVE-2019-0959\", \"CVE-2019-1040\", \"CVE-2019-1041\",\n \"CVE-2019-1043\", \"CVE-2019-0972\", \"CVE-2019-0973\", \"CVE-2019-1046\",\n \"CVE-2019-0986\", \"CVE-2019-0988\", \"CVE-2019-0989\", \"CVE-2019-1053\",\n \"CVE-2019-1054\", \"CVE-2019-1055\", \"CVE-2019-1064\", \"CVE-2019-0990\",\n \"CVE-2019-0991\", \"CVE-2019-0992\", \"CVE-2019-0993\", \"CVE-2019-0998\",\n \"CVE-2019-1065\", \"CVE-2019-1069\", \"CVE-2019-1080\", \"CVE-2019-1081\",\n \"CVE-2019-1002\", \"CVE-2019-1003\", \"CVE-2019-1005\", \"CVE-2019-1007\",\n \"CVE-2019-2102\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-06-12 09:25:27 +0530 (Wed, 12 Jun 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4503286)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4503286\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Windows kernel improper initializes objects in memory.\n\n - Chakra scripting engine improperly handles objects in memory in\n Microsoft Edge.\n\n - Microsoft Hyper-V on a host server fails to properly validate input from\n a privileged user on a guest operating system.\n\n - ActiveX Data Objects (ADO) improperly handles objects in memory.\n\n - Windows Common Log File System (CLFS) driver improperly handles\n objects in memory.\n\n - Scripting engine does not properly handle objects in memory in\n Microsoft Edge.\n\n - Windows Jet Database Engine improperly handles objects in memory.\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to run arbitrary code in kernel mode, cause denial of service, gain elevated\n privileges, delete files and folders in an elevated context, and bypass security\n restrictions.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1803 for 32-bit Systems\n\n - Microsoft Windows 10 Version 1803 for x64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4503286\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer)\n exit(0);\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.17134.0\", test_version2:\"11.0.17134.828\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.17134.0 - 11.0.17134.828\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:53", "description": "This host is missing a critical security\n update according to Microsoft KB4503327", "cvss3": {}, "published": "2019-06-12T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4503327)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1065", "CVE-2019-1019", "CVE-2019-0943", "CVE-2019-1007", "CVE-2019-1026", "CVE-2019-1018", "CVE-2019-1044", "CVE-2019-0908", "CVE-2019-0998", "CVE-2019-0983", "CVE-2019-0989", "CVE-2019-0974", "CVE-2019-0906", "CVE-2019-0710", "CVE-2019-1039", "CVE-2019-9502", "CVE-2019-0948", "CVE-2019-0713", "CVE-2019-1005", "CVE-2019-1027", "CVE-2019-0905", "CVE-2019-1022", "CVE-2019-1064", "CVE-2019-0909", "CVE-2019-1050", "CVE-2019-0986", "CVE-2019-1003", "CVE-2019-0988", "CVE-2019-1055", "CVE-2019-9500", "CVE-2019-1040", "CVE-2019-1021", "CVE-2019-1051", "CVE-2019-1038", "CVE-2019-0984", "CVE-2019-0888", "CVE-2019-0941", "CVE-2019-0620", "CVE-2019-9503", "CVE-2019-1081", "CVE-2019-0972", "CVE-2019-1017", "CVE-2019-1080", "CVE-2019-0991", "CVE-2019-1069", "CVE-2019-1053", "CVE-2019-0907", "CVE-2019-1012", "CVE-2019-0992", "CVE-2019-1041", "CVE-2019-0993", "CVE-2019-0920", "CVE-2019-0959", "CVE-2019-9501", "CVE-2019-0722", "CVE-2019-1043", "CVE-2019-2102", "CVE-2019-1010", "CVE-2019-1046", "CVE-2019-1028", "CVE-2019-0904", "CVE-2019-0973", "CVE-2019-1025", "CVE-2019-0711", "CVE-2019-0990", "CVE-2019-1014", "CVE-2019-1023", "CVE-2019-1054", "CVE-2019-1024", "CVE-2019-1052"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815088", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815088", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815088\");\n script_version(\"2020-07-17T06:09:49+0000\");\n script_cve_id(\"CVE-2019-0620\", \"CVE-2019-0710\", \"CVE-2019-0711\", \"CVE-2019-0713\",\n \"CVE-2019-0722\", \"CVE-2019-0888\", \"CVE-2019-0904\", \"CVE-2019-0905\",\n \"CVE-2019-0906\", \"CVE-2019-0907\", \"CVE-2019-0908\", \"CVE-2019-0909\",\n \"CVE-2019-0920\", \"CVE-2019-0941\", \"CVE-2019-0943\", \"CVE-2019-0948\",\n \"CVE-2019-0959\", \"CVE-2019-0972\", \"CVE-2019-0973\", \"CVE-2019-0974\",\n \"CVE-2019-0983\", \"CVE-2019-0984\", \"CVE-2019-0986\", \"CVE-2019-0988\",\n \"CVE-2019-0989\", \"CVE-2019-0990\", \"CVE-2019-0991\", \"CVE-2019-0992\",\n \"CVE-2019-0993\", \"CVE-2019-0998\", \"CVE-2019-1003\", \"CVE-2019-1005\",\n \"CVE-2019-1007\", \"CVE-2019-1010\", \"CVE-2019-1012\", \"CVE-2019-1014\",\n \"CVE-2019-1017\", \"CVE-2019-1018\", \"CVE-2019-1019\", \"CVE-2019-1021\",\n \"CVE-2019-1022\", \"CVE-2019-1023\", \"CVE-2019-1024\", \"CVE-2019-1025\",\n \"CVE-2019-1026\", \"CVE-2019-1027\", \"CVE-2019-1028\", \"CVE-2019-1038\",\n \"CVE-2019-1039\", \"CVE-2019-1040\", \"CVE-2019-1041\", \"CVE-2019-1043\",\n \"CVE-2019-1044\", \"CVE-2019-1046\", \"CVE-2019-1050\", \"CVE-2019-1051\",\n \"CVE-2019-1052\", \"CVE-2019-1053\", \"CVE-2019-1054\", \"CVE-2019-1055\",\n \"CVE-2019-1064\", \"CVE-2019-1065\", \"CVE-2019-1069\", \"CVE-2019-1080\",\n \"CVE-2019-1081\", \"CVE-2019-2102\", \"CVE-2019-9500\", \"CVE-2019-9501\",\n \"CVE-2019-9502\", \"CVE-2019-9503\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 06:09:49 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-06-12 09:36:13 +0530 (Wed, 12 Jun 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4503327)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4503327\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Windows kernel improperly initializes objects in memory.\n\n - Chakra scripting engine handles objects in memory in Microsoft Edge.\n\n - Microsoft Hyper-V on a host server fails to properly validate input from\n a privileged user on a guest operating system.\n\n - Windows Jet Database Engine improperly handles objects in memory.\n\n - Windows AppX Deployment Service (AppXSVC) improperly handles hard links.\n\n - Windows GDI component improperly discloses the contents of its memory.\n\n - Windows Common Log File System (CLFS) driver improperly handles objects in\n memory.\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to execute arbitrary code on a victim system, escalate privileges, bypass\n security restrictions, disclose sensitive information and cause a denial of\n service condition on a victim system.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1809 for 32-bit Systems\n\n - Microsoft Windows 10 Version 1809 for x64-based Systems\n\n - Microsoft Windows Server 2019\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4503327\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1, win2019:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer)\n exit(0);\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.17763.0\", test_version2:\"11.0.17763.556\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.17763.0 - 11.0.17763.556\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:45", "description": "This host is missing a critical security\n update according to Microsoft KB4503292", "cvss3": {}, "published": "2019-06-12T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4503292)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1019", "CVE-2019-1048", "CVE-2019-0977", "CVE-2019-0943", "CVE-2017-8533", "CVE-2019-0908", "CVE-2019-1011", "CVE-2019-0974", "CVE-2019-1016", "CVE-2019-0906", "CVE-2019-1039", "CVE-2019-1045", "CVE-2019-0948", "CVE-2019-0713", "CVE-2019-1005", "CVE-2019-0905", "CVE-2019-0909", "CVE-2019-0960", "CVE-2019-1013", "CVE-2019-0986", "CVE-2019-0988", "CVE-2019-1055", "CVE-2019-1040", "CVE-2019-1038", "CVE-2019-0984", "CVE-2019-0888", "CVE-2019-0941", "CVE-2019-1081", "CVE-2019-0972", "CVE-2019-1017", "CVE-2019-1080", "CVE-2019-1053", "CVE-2019-1049", "CVE-2019-0907", "CVE-2019-1012", "CVE-2019-0920", "CVE-2019-1047", "CVE-2019-0985", "CVE-2019-0722", "CVE-2019-1043", "CVE-2019-1010", "CVE-2019-1046", "CVE-2019-1009", "CVE-2019-1028", "CVE-2019-0968", "CVE-2019-0904", "CVE-2019-0973", "CVE-2019-1015", "CVE-2019-1025", "CVE-2019-1014"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815208", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815208", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815208\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2017-8533\", \"CVE-2019-0713\", \"CVE-2019-0722\", \"CVE-2019-0888\",\n \"CVE-2019-0904\", \"CVE-2019-0905\", \"CVE-2019-0906\", \"CVE-2019-0907\",\n \"CVE-2019-0908\", \"CVE-2019-0909\", \"CVE-2019-0920\", \"CVE-2019-0941\",\n \"CVE-2019-0943\", \"CVE-2019-0948\", \"CVE-2019-0960\", \"CVE-2019-0968\",\n \"CVE-2019-0972\", \"CVE-2019-0973\", \"CVE-2019-0974\", \"CVE-2019-0977\",\n \"CVE-2019-0984\", \"CVE-2019-0985\", \"CVE-2019-0986\", \"CVE-2019-0988\",\n \"CVE-2019-1005\", \"CVE-2019-1009\", \"CVE-2019-1010\", \"CVE-2019-1011\",\n \"CVE-2019-1012\", \"CVE-2019-1013\", \"CVE-2019-1014\", \"CVE-2019-1015\",\n \"CVE-2019-1016\", \"CVE-2019-1017\", \"CVE-2019-1019\", \"CVE-2019-1025\",\n \"CVE-2019-1028\", \"CVE-2019-1038\", \"CVE-2019-1039\", \"CVE-2019-1040\",\n \"CVE-2019-1043\", \"CVE-2019-1045\", \"CVE-2019-1046\", \"CVE-2019-1047\",\n \"CVE-2019-1048\", \"CVE-2019-1049\", \"CVE-2019-1053\", \"CVE-2019-1055\",\n \"CVE-2019-1080\", \"CVE-2019-1081\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-06-12 11:02:18 +0530 (Wed, 12 Jun 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4503292)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4503292\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Windows Event Viewer (eventvwr.msc) improperly parses XML input\n containing a reference to an external entity.\n\n - Microsoft Hyper-V on a host server fails to properly validate input from\n a privileged user on a guest operating system.\n\n - Microsoft Speech API (SAPI) improperly handles text-to-speech (TTS) input.\n\n - Windows GDI component improperly discloses the contents of its\n memory.\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n an attacker to execute arbitrary code, elevate privileges by escaping a\n sandbox, gain access to sensitive information, run processes and\n delete files and folders in an elevated context.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1\n\n - Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4503292/\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win7:2, win7x64:2, win2008r2:2) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\ndllVer = fetch_file_version(sysPath:sysPath, file_name:\"Ntdll.dll\");\nif(!dllVer)\n exit(0);\n\nif(version_is_less(version:dllVer, test_version:\"6.1.7601.24475\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Ntdll.dll\",\n file_version:dllVer, vulnerable_range:\"Less than 6.1.7601.24475\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-01-11T15:18:14", "description": "The remote Windows host is missing security update 4503291.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-0943)\n\n - A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. (CVE-2019-1019)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1014, CVE-2019-1017)\n\n - A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features. (CVE-2019-1040)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-0710, CVE-2019-0711, CVE-2019-0713)\n\n - An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-0990, CVE-2019-1023)\n\n - An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by correcting the input sanitization error to preclude unintended elevation. (CVE-2019-0973)\n\n - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-0904, CVE-2019-0905, CVE-2019-0906, CVE-2019-0907, CVE-2019-0908, CVE-2019-0909, CVE-2019-0974)\n\n - An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-1018)\n\n - An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration. (CVE-2019-0948)\n\n - A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1043)\n\n - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1051, CVE-2019-1052)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-0920, CVE-2019-1005, CVE-2019-1055, CVE-2019-1080)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1038)\n\n - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0620, CVE-2019-0709, CVE-2019-0722)\n\n - A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. (CVE-2019-1025)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-0988)\n\n - An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1007, CVE-2019-1028)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.\n (CVE-2019-1039)\n\n - This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause a denial of service on the target system's LSASS service, which triggers an automatic reboot of the system. The security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests. (CVE-2019-0972)\n\n - An elevation of privilege vulnerability exists in the way that the Windows Network File System (NFS) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1045)\n\n - An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox.\n (CVE-2019-1053)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1010, CVE-2019-1012, CVE-2019-1046, CVE-2019-1050)\n\n - A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim users privileges. An attacker could craft a website that exploits the vulnerability and then convince a victim user to visit the website. The security update addresses the vulnerability by modifying how ActiveX Data Objects handle objects in memory.\n (CVE-2019-0888)\n\n - An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2019-0984)\n\n - A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests. An attacker who successfully exploited this vulnerability could perform a temporary denial of service against pages configured to use request filtering. (CVE-2019-0941)\n\n - An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations. An attacker who successfully exploited the vulnerability could gain elevated privileges on a victim system. (CVE-2019-1069)\n\n - An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1081)\n\n - An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. (CVE-2019-0986)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-11T00:00:00", "type": "nessus", "title": "KB4503291: Windows 10 June 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0620", "CVE-2019-0709", "CVE-2019-0710", "CVE-2019-0711", "CVE-2019-0713", "CVE-2019-0722", "CVE-2019-0888", "CVE-2019-0904", "CVE-2019-0905", "CVE-2019-0906", "CVE-2019-0907", "CVE-2019-0908", "CVE-2019-0909", "CVE-2019-0920", "CVE-2019-0941", "CVE-2019-0943", "CVE-2019-0948", "CVE-2019-0972", "CVE-2019-0973", "CVE-2019-0974", "CVE-2019-0984", "CVE-2019-0986", "CVE-2019-0988", "CVE-2019-0989", "CVE-2019-0990", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1005", "CVE-2019-1007", "CVE-2019-1010", "CVE-2019-1012", "CVE-2019-1014", "CVE-2019-1017", "CVE-2019-1018", "CVE-2019-1019", "CVE-2019-1023", "CVE-2019-1025", "CVE-2019-1028", "CVE-2019-1038", "CVE-2019-1039", "CVE-2019-1040", "CVE-2019-1043", "CVE-2019-1045", "CVE-2019-1046", "CVE-2019-1050", "CVE-2019-1051", "CVE-2019-1052", "CVE-2019-1053", "CVE-2019-1055", "CVE-2019-1069", "CVE-2019-1080", "CVE-2019-1081"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS19_JUN_4503291.NASL", "href": "https://www.tenable.com/plugins/nessus/125823", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125823);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2019-0620\",\n \"CVE-2019-0709\",\n \"CVE-2019-0710\",\n \"CVE-2019-0711\",\n \"CVE-2019-0713\",\n \"CVE-2019-0722\",\n \"CVE-2019-0888\",\n \"CVE-2019-0904\",\n \"CVE-2019-0905\",\n \"CVE-2019-0906\",\n \"CVE-2019-0907\",\n \"CVE-2019-0908\",\n \"CVE-2019-0909\",\n \"CVE-2019-0920\",\n \"CVE-2019-0941\",\n \"CVE-2019-0943\",\n \"CVE-2019-0948\",\n \"CVE-2019-0972\",\n \"CVE-2019-0973\",\n \"CVE-2019-0974\",\n \"CVE-2019-0984\",\n \"CVE-2019-0986\",\n \"CVE-2019-0988\",\n \"CVE-2019-0989\",\n \"CVE-2019-0990\",\n \"CVE-2019-0991\",\n \"CVE-2019-0992\",\n \"CVE-2019-0993\",\n \"CVE-2019-1002\",\n \"CVE-2019-1003\",\n \"CVE-2019-1005\",\n \"CVE-2019-1007\",\n \"CVE-2019-1010\",\n \"CVE-2019-1012\",\n \"CVE-2019-1014\",\n \"CVE-2019-1017\",\n \"CVE-2019-1018\",\n \"CVE-2019-1019\",\n \"CVE-2019-1023\",\n \"CVE-2019-1025\",\n \"CVE-2019-1028\",\n \"CVE-2019-1038\",\n \"CVE-2019-1039\",\n \"CVE-2019-1040\",\n \"CVE-2019-1043\",\n \"CVE-2019-1045\",\n \"CVE-2019-1046\",\n \"CVE-2019-1050\",\n \"CVE-2019-1051\",\n \"CVE-2019-1052\",\n \"CVE-2019-1053\",\n \"CVE-2019-1055\",\n \"CVE-2019-1069\",\n \"CVE-2019-1080\",\n \"CVE-2019-1081\"\n );\n script_bugtraq_id(\n 108567,\n 108570,\n 108577,\n 108581,\n 108583,\n 108584,\n 108585,\n 108586,\n 108588,\n 108591,\n 108594,\n 108597,\n 108598,\n 108599,\n 108600,\n 108603,\n 108604,\n 108606,\n 108607,\n 108609,\n 108612,\n 108613,\n 108614,\n 108620,\n 108621,\n 108624,\n 108630,\n 108632,\n 108633,\n 108638,\n 108641,\n 108644,\n 108646,\n 108648,\n 108650,\n 108651,\n 108654,\n 108655,\n 108656,\n 108657,\n 108658,\n 108659,\n 108660,\n 108661,\n 108662,\n 108664,\n 108665,\n 108666,\n 108667,\n 108668,\n 108669,\n 108670,\n 108671,\n 108708,\n 108709\n );\n script_xref(name:\"MSKB\", value:\"4503291\");\n script_xref(name:\"MSFT\", value:\"MS19-4503291\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/05\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0129\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0430\");\n\n script_name(english:\"KB4503291: Windows 10 June 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4503291.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when\n Windows improperly handles calls to Advanced Local\n Procedure Call (ALPC). An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n the security context of the local system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-0943)\n\n - A security feature bypass vulnerability exists where a\n NETLOGON message is able to obtain the session key and\n sign messages. (CVE-2019-1019)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1014, CVE-2019-1017)\n\n - A tampering vulnerability exists in Microsoft Windows\n when a man-in-the-middle attacker is able to\n successfully bypass the NTLM MIC (Message Integrity\n Check) protection. An attacker who successfully\n exploited this vulnerability could gain the ability to\n downgrade NTLM security features. (CVE-2019-1040)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V on a host server fails to properly validate\n input from a privileged user on a guest operating\n system. (CVE-2019-0710, CVE-2019-0711, CVE-2019-0713)\n\n - An information disclosure vulnerability exists when the\n scripting engine does not properly handle objects in\n memory in Microsoft Edge. An attacker who successfully\n exploited the vulnerability could obtain information to\n further compromise the users system. (CVE-2019-0990,\n CVE-2019-1023)\n\n - An elevation of privilege vulnerability exists in the\n Windows Installer when the Windows Installer fails to\n properly sanitize input leading to an insecure library\n loading behavior. A locally authenticated attacker could\n run arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. The security update addresses the vulnerability\n by correcting the input sanitization error to preclude\n unintended elevation. (CVE-2019-0973)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-0904, CVE-2019-0905, CVE-2019-0906,\n CVE-2019-0907, CVE-2019-0908, CVE-2019-0909,\n CVE-2019-0974)\n\n - An elevation of privilege vulnerability exists when\n DirectX improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could run arbitrary code in kernel mode. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-1018)\n\n - An information disclosure vulnerability exists in the\n Windows Event Viewer (eventvwr.msc) when it improperly\n parses XML input containing a reference to an external\n entity. An attacker who successfully exploited this\n vulnerability could read arbitrary files via an XML\n external entity (XXE) declaration. (CVE-2019-0948)\n\n - A remote code execution vulnerability exists in the way\n that comctl32.dll handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1043)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2019-0989, CVE-2019-0991,\n CVE-2019-0992, CVE-2019-0993, CVE-2019-1002,\n CVE-2019-1003, CVE-2019-1051, CVE-2019-1052)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-0920, CVE-2019-1005, CVE-2019-1055,\n CVE-2019-1080)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1038)\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V on a host server fails to properly\n validate input from an authenticated user on a guest\n operating system. (CVE-2019-0620, CVE-2019-0709,\n CVE-2019-0722)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2019-1025)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-0988)\n\n - An elevation of privilege exists in Windows Audio\n Service. An attacker who successfully exploited the\n vulnerability could run arbitrary code with elevated\n privileges. (CVE-2019-1007, CVE-2019-1028)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly initializes objects in memory.\n (CVE-2019-1039)\n\n - This security update corrects a denial of service in the\n Local Security Authority Subsystem Service (LSASS)\n caused when an authenticated attacker sends a specially\n crafted authentication request. A remote attacker who\n successfully exploited this vulnerability could cause a\n denial of service on the target system's LSASS service,\n which triggers an automatic reboot of the system. The\n security update addresses the vulnerability by changing\n the way that LSASS handles specially crafted\n authentication requests. (CVE-2019-0972)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Network File System (NFS) handles\n objects in memory. An attacker who successfully\n exploited the vulnerability could execute code with\n elevated permissions. (CVE-2019-1045)\n\n - An elevation of privilege vulnerability exists when the\n Windows Shell fails to validate folder shortcuts. An\n attacker who successfully exploited the vulnerability\n could elevate privileges by escaping a sandbox.\n (CVE-2019-1053)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1010, CVE-2019-1012, CVE-2019-1046,\n CVE-2019-1050)\n\n - A remote code execution vulnerability exists in the way\n that ActiveX Data Objects (ADO) handle objects in\n memory. An attacker who successfully exploited the\n vulnerability could execute arbitrary code with the\n victim users privileges. An attacker could craft a\n website that exploits the vulnerability and then\n convince a victim user to visit the website. The\n security update addresses the vulnerability by modifying\n how ActiveX Data Objects handle objects in memory.\n (CVE-2019-0888)\n\n - An elevation of privilege vulnerability exists when the\n Windows Common Log File System (CLFS) driver improperly\n handles objects in memory. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. (CVE-2019-0984)\n\n - A denial of service exists in Microsoft IIS Server when\n the optional request filtering feature improperly\n handles requests. An attacker who successfully exploited\n this vulnerability could perform a temporary denial of\n service against pages configured to use request\n filtering. (CVE-2019-0941)\n\n - An elevation of privilege vulnerability exists in the\n way the Task Scheduler Service validates certain file\n operations. An attacker who successfully exploited the\n vulnerability could gain elevated privileges on a victim\n system. (CVE-2019-1069)\n\n - An information disclosure vulnerability exists when\n affected Microsoft browsers improperly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1081)\n\n - An elevation of privilege vulnerability exists when the\n Windows User Profile Service (ProfSvc) improperly\n handles symlinks. An attacker who successfully exploited\n this vulnerability could delete files and folders in an\n elevated context. (CVE-2019-0986)\");\n # https://support.microsoft.com/en-us/help/4503291/windows-10-update-kb4503291\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2306fc04\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4503291.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-0974\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1053\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-06\";\nkbs = make_list('4503291');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"10240\",\n rollup_date:\"06_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4503291])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:18:12", "description": "The remote Windows host is missing security update 4503279.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-0943)\n\n - A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. (CVE-2019-1019)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1014, CVE-2019-1017)\n\n - A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features. (CVE-2019-1040)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-0710, CVE-2019-0711, CVE-2019-0713)\n\n - An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-0990, CVE-2019-1023)\n\n - An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system.\n (CVE-2019-0983)\n\n - An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by correcting the input sanitization error to preclude unintended elevation. (CVE-2019-0973)\n\n - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-0904, CVE-2019-0905, CVE-2019-0906, CVE-2019-0907, CVE-2019-0908, CVE-2019-0909, CVE-2019-0974)\n\n - An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-1018)\n\n - An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration. (CVE-2019-0948)\n\n - A security feature bypass vulnerability exists in Edge that allows for bypassing Mark of the Web Tagging (MOTW). Failing to set the MOTW means that a large number of Microsoft security technologies are bypassed.\n (CVE-2019-1054)\n\n - A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1043)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-0920, CVE-2019-1005, CVE-2019-1055, CVE-2019-1080)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1038)\n\n - An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1064)\n\n - An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1007, CVE-2019-1021, CVE-2019-1028)\n\n - A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. (CVE-2019-1025)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-0988)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.\n (CVE-2019-1039)\n\n - This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause a denial of service on the target system's LSASS service, which triggers an automatic reboot of the system. The security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests. (CVE-2019-0972)\n\n - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0620, CVE-2019-0709, CVE-2019-0722)\n\n - An elevation of privilege vulnerability exists in the way that the Windows Network File System (NFS) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1045)\n\n - An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox.\n (CVE-2019-1053)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1010, CVE-2019-1012, CVE-2019-1046, CVE-2019-1050)\n\n - A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim users privileges. An attacker could craft a website that exploits the vulnerability and then convince a victim user to visit the website. The security update addresses the vulnerability by modifying how ActiveX Data Objects handle objects in memory.\n (CVE-2019-0888)\n\n - An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2019-0984)\n\n - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052)\n\n - A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests. An attacker who successfully exploited this vulnerability could perform a temporary denial of service against pages configured to use request filtering. (CVE-2019-0941)\n\n - An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations. An attacker who successfully exploited the vulnerability could gain elevated privileges on a victim system. (CVE-2019-1069)\n\n - An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1081)\n\n - An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. (CVE-2019-0986)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-11T00:00:00", "type": "nessus", "title": "KB4503279: Windows 10 Version 1703 June 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0620", "CVE-2019-0709", "CVE-2019-0710", "CVE-2019-0711", "CVE-2019-0713", "CVE-2019-0722", "CVE-2019-0888", "CVE-2019-0904", "CVE-2019-0905", "CVE-2019-0906", "CVE-2019-0907", "CVE-2019-0908", "CVE-2019-0909", "CVE-2019-0920", "CVE-2019-0941", "CVE-2019-0943", "CVE-2019-0948", "CVE-2019-0972", "CVE-2019-0973", "CVE-2019-0974", "CVE-2019-0983", "CVE-2019-0984", "CVE-2019-0986", "CVE-2019-0988", "CVE-2019-0989", "CVE-2019-0990", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1005", "CVE-2019-1007", "CVE-2019-1010", "CVE-2019-1012", "CVE-2019-1014", "CVE-2019-1017", "CVE-2019-1018", "CVE-2019-1019", "CVE-2019-1021", "CVE-2019-1023", "CVE-2019-1024", "CVE-2019-1025", "CVE-2019-1028", "CVE-2019-1038", "CVE-2019-1039", "CVE-2019-1040", "CVE-2019-1043", "CVE-2019-1045", "CVE-2019-1046", "CVE-2019-1050", "CVE-2019-1051", "CVE-2019-1052", "CVE-2019-1053", "CVE-2019-1054", "CVE-2019-1055", "CVE-2019-1064", "CVE-2019-1069", "CVE-2019-1080", "CVE-2019-1081"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS19_JUN_4503279.NASL", "href": "https://www.tenable.com/plugins/nessus/125819", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125819);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2019-0620\",\n \"CVE-2019-0709\",\n \"CVE-2019-0710\",\n \"CVE-2019-0711\",\n \"CVE-2019-0713\",\n \"CVE-2019-0722\",\n \"CVE-2019-0888\",\n \"CVE-2019-0904\",\n \"CVE-2019-0905\",\n \"CVE-2019-0906\",\n \"CVE-2019-0907\",\n \"CVE-2019-0908\",\n \"CVE-2019-0909\",\n \"CVE-2019-0920\",\n \"CVE-2019-0941\",\n \"CVE-2019-0943\",\n \"CVE-2019-0948\",\n \"CVE-2019-0972\",\n \"CVE-2019-0973\",\n \"CVE-2019-0974\",\n \"CVE-2019-0983\",\n \"CVE-2019-0984\",\n \"CVE-2019-0986\",\n \"CVE-2019-0988\",\n \"CVE-2019-0989\",\n \"CVE-2019-0990\",\n \"CVE-2019-0991\",\n \"CVE-2019-0992\",\n \"CVE-2019-0993\",\n \"CVE-2019-1002\",\n \"CVE-2019-1003\",\n \"CVE-2019-1005\",\n \"CVE-2019-1007\",\n \"CVE-2019-1010\",\n \"CVE-2019-1012\",\n \"CVE-2019-1014\",\n \"CVE-2019-1017\",\n \"CVE-2019-1018\",\n \"CVE-2019-1019\",\n \"CVE-2019-1021\",\n \"CVE-2019-1023\",\n \"CVE-2019-1024\",\n \"CVE-2019-1025\",\n \"CVE-2019-1028\",\n \"CVE-2019-1038\",\n \"CVE-2019-1039\",\n \"CVE-2019-1040\",\n \"CVE-2019-1043\",\n \"CVE-2019-1045\",\n \"CVE-2019-1046\",\n \"CVE-2019-1050\",\n \"CVE-2019-1051\",\n \"CVE-2019-1052\",\n \"CVE-2019-1053\",\n \"CVE-2019-1054\",\n \"CVE-2019-1055\",\n \"CVE-2019-1064\",\n \"CVE-2019-1069\",\n \"CVE-2019-1080\",\n \"CVE-2019-1081\"\n );\n script_bugtraq_id(\n 108567,\n 108570,\n 108577,\n 108581,\n 108583,\n 108584,\n 108585,\n 108586,\n 108587,\n 108588,\n 108591,\n 108592,\n 108594,\n 108597,\n 108598,\n 108599,\n 108600,\n 108603,\n 108604,\n 108606,\n 108607,\n 108609,\n 108612,\n 108613,\n 108614,\n 108620,\n 108621,\n 108624,\n 108630,\n 108632,\n 108633,\n 108638,\n 108641,\n 108644,\n 108646,\n 108647,\n 108648,\n 108650,\n 108651,\n 108652,\n 108654,\n 108655,\n 108656,\n 108657,\n 108658,\n 108659,\n 108660,\n 108661,\n 108662,\n 108663,\n 108664,\n 108665,\n 108666,\n 108667,\n 108668,\n 108669,\n 108670,\n 108671,\n 108708,\n 108709\n );\n script_xref(name:\"MSKB\", value:\"4503279\");\n script_xref(name:\"MSFT\", value:\"MS19-4503279\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/05\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0129\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0430\");\n\n script_name(english:\"KB4503279: Windows 10 Version 1703 June 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4503279.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when\n Windows improperly handles calls to Advanced Local\n Procedure Call (ALPC). An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n the security context of the local system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-0943)\n\n - A security feature bypass vulnerability exists where a\n NETLOGON message is able to obtain the session key and\n sign messages. (CVE-2019-1019)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1014, CVE-2019-1017)\n\n - A tampering vulnerability exists in Microsoft Windows\n when a man-in-the-middle attacker is able to\n successfully bypass the NTLM MIC (Message Integrity\n Check) protection. An attacker who successfully\n exploited this vulnerability could gain the ability to\n downgrade NTLM security features. (CVE-2019-1040)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V on a host server fails to properly validate\n input from a privileged user on a guest operating\n system. (CVE-2019-0710, CVE-2019-0711, CVE-2019-0713)\n\n - An information disclosure vulnerability exists when the\n scripting engine does not properly handle objects in\n memory in Microsoft Edge. An attacker who successfully\n exploited the vulnerability could obtain information to\n further compromise the users system. (CVE-2019-0990,\n CVE-2019-1023)\n\n - An elevation of privilege vulnerability exists when the\n Storage Service improperly handles file operations. An\n attacker who successfully exploited this vulnerability\n could gain elevated privileges on the victim system.\n (CVE-2019-0983)\n\n - An elevation of privilege vulnerability exists in the\n Windows Installer when the Windows Installer fails to\n properly sanitize input leading to an insecure library\n loading behavior. A locally authenticated attacker could\n run arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. The security update addresses the vulnerability\n by correcting the input sanitization error to preclude\n unintended elevation. (CVE-2019-0973)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-0904, CVE-2019-0905, CVE-2019-0906,\n CVE-2019-0907, CVE-2019-0908, CVE-2019-0909,\n CVE-2019-0974)\n\n - An elevation of privilege vulnerability exists when\n DirectX improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could run arbitrary code in kernel mode. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-1018)\n\n - An information disclosure vulnerability exists in the\n Windows Event Viewer (eventvwr.msc) when it improperly\n parses XML input containing a reference to an external\n entity. An attacker who successfully exploited this\n vulnerability could read arbitrary files via an XML\n external entity (XXE) declaration. (CVE-2019-0948)\n\n - A security feature bypass vulnerability exists in Edge\n that allows for bypassing Mark of the Web Tagging\n (MOTW). Failing to set the MOTW means that a large\n number of Microsoft security technologies are bypassed.\n (CVE-2019-1054)\n\n - A remote code execution vulnerability exists in the way\n that comctl32.dll handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1043)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-0920, CVE-2019-1005, CVE-2019-1055,\n CVE-2019-1080)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1038)\n\n - An elevation of privilege vulnerability exists when\n Windows AppX Deployment Service (AppXSVC) improperly\n handles hard links. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1064)\n\n - An elevation of privilege exists in Windows Audio\n Service. An attacker who successfully exploited the\n vulnerability could run arbitrary code with elevated\n privileges. (CVE-2019-1007, CVE-2019-1021,\n CVE-2019-1028)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2019-1025)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-0988)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly initializes objects in memory.\n (CVE-2019-1039)\n\n - This security update corrects a denial of service in the\n Local Security Authority Subsystem Service (LSASS)\n caused when an authenticated attacker sends a specially\n crafted authentication request. A remote attacker who\n successfully exploited this vulnerability could cause a\n denial of service on the target system's LSASS service,\n which triggers an automatic reboot of the system. The\n security update addresses the vulnerability by changing\n the way that LSASS handles specially crafted\n authentication requests. (CVE-2019-0972)\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V on a host server fails to properly\n validate input from an authenticated user on a guest\n operating system. (CVE-2019-0620, CVE-2019-0709,\n CVE-2019-0722)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Network File System (NFS) handles\n objects in memory. An attacker who successfully\n exploited the vulnerability could execute code with\n elevated permissions. (CVE-2019-1045)\n\n - An elevation of privilege vulnerability exists when the\n Windows Shell fails to validate folder shortcuts. An\n attacker who successfully exploited the vulnerability\n could elevate privileges by escaping a sandbox.\n (CVE-2019-1053)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1010, CVE-2019-1012, CVE-2019-1046,\n CVE-2019-1050)\n\n - A remote code execution vulnerability exists in the way\n that ActiveX Data Objects (ADO) handle objects in\n memory. An attacker who successfully exploited the\n vulnerability could execute arbitrary code with the\n victim users privileges. An attacker could craft a\n website that exploits the vulnerability and then\n convince a victim user to visit the website. The\n security update addresses the vulnerability by modifying\n how ActiveX Data Objects handle objects in memory.\n (CVE-2019-0888)\n\n - An elevation of privilege vulnerability exists when the\n Windows Common Log File System (CLFS) driver improperly\n handles objects in memory. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. (CVE-2019-0984)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2019-0989, CVE-2019-0991,\n CVE-2019-0992, CVE-2019-0993, CVE-2019-1002,\n CVE-2019-1003, CVE-2019-1024, CVE-2019-1051,\n CVE-2019-1052)\n\n - A denial of service exists in Microsoft IIS Server when\n the optional request filtering feature improperly\n handles requests. An attacker who successfully exploited\n this vulnerability could perform a temporary denial of\n service against pages configured to use request\n filtering. (CVE-2019-0941)\n\n - An elevation of privilege vulnerability exists in the\n way the Task Scheduler Service validates certain file\n operations. An attacker who successfully exploited the\n vulnerability could gain elevated privileges on a victim\n system. (CVE-2019-1069)\n\n - An information disclosure vulnerability exists when\n affected Microsoft browsers improperly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1081)\n\n - An elevation of privilege vulnerability exists when the\n Windows User Profile Service (ProfSvc) improperly\n handles symlinks. An attacker who successfully exploited\n this vulnerability could delete files and folders in an\n elevated context. (CVE-2019-0986)\");\n # https://support.microsoft.com/en-us/help/4503279/windows-10-update-kb4503279\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9bc5294b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4503279.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-0974\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1053\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-06\";\nkbs = make_list('4503279');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"15063\",\n rollup_date:\"06_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4503279])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:18:35", "description": "The remote Windows host is missing security update 4503267.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-0943)\n\n - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1051, CVE-2019-1052)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1014, CVE-2019-1017)\n\n - A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features. (CVE-2019-1040)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-0710, CVE-2019-0711, CVE-2019-0713)\n\n - An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-0990, CVE-2019-1023)\n\n - An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system.\n (CVE-2019-0983)\n\n - An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by correcting the input sanitization error to preclude unintended elevation. (CVE-2019-0973)\n\n - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-0904, CVE-2019-0905, CVE-2019-0906, CVE-2019-0907, CVE-2019-0908, CVE-2019-0909, CVE-2019-0974)\n\n - An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-1018)\n\n - An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration. (CVE-2019-0948)\n\n - A security feature bypass vulnerability exists in Edge that allows for bypassing Mark of the Web Tagging (MOTW). Failing to set the MOTW means that a large number of Microsoft security technologies are bypassed.\n (CVE-2019-1054)\n\n - A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1043)\n\n - A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. (CVE-2019-1019)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-0920, CVE-2019-1005, CVE-2019-1055, CVE-2019-1080)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1038)\n\n - An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1064)\n\n - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0620, CVE-2019-0709, CVE-2019-0722)\n\n - A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. (CVE-2019-1025)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-0988)\n\n - An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1007, CVE-2019-1028)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.\n (CVE-2019-1039)\n\n - This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause a denial of service on the target system's LSASS service, which triggers an automatic reboot of the system. The security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests. (CVE-2019-0972)\n\n - An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1081)\n\n - An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox.\n (CVE-2019-1053)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1010, CVE-2019-1012, CVE-2019-1046, CVE-2019-1050)\n\n - A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim users privileges. An attacker could craft a website that exploits the vulnerability and then convince a victim user to visit the website. The security update addresses the vulnerability by modifying how ActiveX Data Objects handle objects in memory.\n (CVE-2019-0888)\n\n - An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2019-0984)\n\n - A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests. An attacker who successfully exploited this vulnerability could perform a temporary denial of service against pages configured to use request filtering. (CVE-2019-0941)\n\n - An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations. An attacker who successfully exploited the vulnerability could gain elevated privileges on a victim system. (CVE-2019-1069)\n\n - An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. (CVE-2019-0986)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-11T00:00:00", "type": "nessus", "title": "KB4503267: Windows 10 Version 1607 and Windows Server 2016 June 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0620", "CVE-2019-0709", "CVE-2019-0710", "CVE-2019-0711", "CVE-2019-0713", "CVE-2019-0722", "CVE-2019-0888", "CVE-2019-0904", "CVE-2019-0905", "CVE-2019-0906", "CVE-2019-0907", "CVE-2019-0908", "CVE-2019-0909", "CVE-2019-0920", "CVE-2019-0941", "CVE-2019-0943", "CVE-2019-0948", "CVE-2019-0972", "CVE-2019-0973", "CVE-2019-0974", "CVE-2019-0983", "CVE-2019-0984", "CVE-2019-0986", "CVE-2019-0988", "CVE-2019-0989", "CVE-2019-0990", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1005", "CVE-2019-1007", "CVE-2019-1010", "CVE-2019-1012", "CVE-2019-1014", "CVE-2019-1017", "CVE-2019-1018", "CVE-2019-1019", "CVE-2019-1023", "CVE-2019-1025", "CVE-2019-1028", "CVE-2019-1038", "CVE-2019-1039", "CVE-2019-1040", "CVE-2019-1043", "CVE-2019-1046", "CVE-2019-1050", "CVE-2019-1051", "CVE-2019-1052", "CVE-2019-1053", "CVE-2019-1054", "CVE-2019-1055", "CVE-2019-1064", "CVE-2019-1069", "CVE-2019-1080", "CVE-2019-1081"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS19_JUN_4503267.NASL", "href": "https://www.tenable.com/plugins/nessus/125816", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125816);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2019-0620\",\n \"CVE-2019-0709\",\n \"CVE-2019-0710\",\n \"CVE-2019-0711\",\n \"CVE-2019-0713\",\n \"CVE-2019-0722\",\n \"CVE-2019-0888\",\n \"CVE-2019-0904\",\n \"CVE-2019-0905\",\n \"CVE-2019-0906\",\n \"CVE-2019-0907\",\n \"CVE-2019-0908\",\n \"CVE-2019-0909\",\n \"CVE-2019-0920\",\n \"CVE-2019-0941\",\n \"CVE-2019-0943\",\n \"CVE-2019-0948\",\n \"CVE-2019-0972\",\n \"CVE-2019-0973\",\n \"CVE-2019-0974\",\n \"CVE-2019-0983\",\n \"CVE-2019-0984\",\n \"CVE-2019-0986\",\n \"CVE-2019-0988\",\n \"CVE-2019-0989\",\n \"CVE-2019-0990\",\n \"CVE-2019-0991\",\n \"CVE-2019-0992\",\n \"CVE-2019-0993\",\n \"CVE-2019-1002\",\n \"CVE-2019-1003\",\n \"CVE-2019-1005\",\n \"CVE-2019-1007\",\n \"CVE-2019-1010\",\n \"CVE-2019-1012\",\n \"CVE-2019-1014\",\n \"CVE-2019-1017\",\n \"CVE-2019-1018\",\n \"CVE-2019-1019\",\n \"CVE-2019-1023\",\n \"CVE-2019-1025\",\n \"CVE-2019-1028\",\n \"CVE-2019-1038\",\n \"CVE-2019-1039\",\n \"CVE-2019-1040\",\n \"CVE-2019-1043\",\n \"CVE-2019-1046\",\n \"CVE-2019-1050\",\n \"CVE-2019-1051\",\n \"CVE-2019-1052\",\n \"CVE-2019-1053\",\n \"CVE-2019-1054\",\n \"CVE-2019-1055\",\n \"CVE-2019-1064\",\n \"CVE-2019-1069\",\n \"CVE-2019-1080\",\n \"CVE-2019-1081\"\n );\n script_bugtraq_id(\n 108567,\n 108570,\n 108577,\n 108581,\n 108583,\n 108585,\n 108586,\n 108587,\n 108588,\n 108591,\n 108594,\n 108597,\n 108598,\n 108599,\n 108600,\n 108603,\n 108604,\n 108606,\n 108607,\n 108609,\n 108612,\n 108613,\n 108614,\n 108620,\n 108621,\n 108624,\n 108630,\n 108632,\n 108633,\n 108638,\n 108641,\n 108644,\n 108646,\n 108647,\n 108648,\n 108650,\n 108651,\n 108652,\n 108654,\n 108655,\n 108656,\n 108657,\n 108658,\n 108659,\n 108660,\n 108661,\n 108662,\n 108664,\n 108665,\n 108666,\n 108667,\n 108668,\n 108669,\n 108670,\n 108671,\n 108708,\n 108709\n );\n script_xref(name:\"MSKB\", value:\"4503267\");\n script_xref(name:\"MSFT\", value:\"MS19-4503267\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/05\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0129\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0430\");\n\n script_name(english:\"KB4503267: Windows 10 Version 1607 and Windows Server 2016 June 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4503267.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when\n Windows improperly handles calls to Advanced Local\n Procedure Call (ALPC). An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n the security context of the local system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-0943)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2019-0989, CVE-2019-0991,\n CVE-2019-0992, CVE-2019-0993, CVE-2019-1002,\n CVE-2019-1003, CVE-2019-1051, CVE-2019-1052)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1014, CVE-2019-1017)\n\n - A tampering vulnerability exists in Microsoft Windows\n when a man-in-the-middle attacker is able to\n successfully bypass the NTLM MIC (Message Integrity\n Check) protection. An attacker who successfully\n exploited this vulnerability could gain the ability to\n downgrade NTLM security features. (CVE-2019-1040)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V on a host server fails to properly validate\n input from a privileged user on a guest operating\n system. (CVE-2019-0710, CVE-2019-0711, CVE-2019-0713)\n\n - An information disclosure vulnerability exists when the\n scripting engine does not properly handle objects in\n memory in Microsoft Edge. An attacker who successfully\n exploited the vulnerability could obtain information to\n further compromise the users system. (CVE-2019-0990,\n CVE-2019-1023)\n\n - An elevation of privilege vulnerability exists when the\n Storage Service improperly handles file operations. An\n attacker who successfully exploited this vulnerability\n could gain elevated privileges on the victim system.\n (CVE-2019-0983)\n\n - An elevation of privilege vulnerability exists in the\n Windows Installer when the Windows Installer fails to\n properly sanitize input leading to an insecure library\n loading behavior. A locally authenticated attacker could\n run arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. The security update addresses the vulnerability\n by correcting the input sanitization error to preclude\n unintended elevation. (CVE-2019-0973)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-0904, CVE-2019-0905, CVE-2019-0906,\n CVE-2019-0907, CVE-2019-0908, CVE-2019-0909,\n CVE-2019-0974)\n\n - An elevation of privilege vulnerability exists when\n DirectX improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could run arbitrary code in kernel mode. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-1018)\n\n - An information disclosure vulnerability exists in the\n Windows Event Viewer (eventvwr.msc) when it improperly\n parses XML input containing a reference to an external\n entity. An attacker who successfully exploited this\n vulnerability could read arbitrary files via an XML\n external entity (XXE) declaration. (CVE-2019-0948)\n\n - A security feature bypass vulnerability exists in Edge\n that allows for bypassing Mark of the Web Tagging\n (MOTW). Failing to set the MOTW means that a large\n number of Microsoft security technologies are bypassed.\n (CVE-2019-1054)\n\n - A remote code execution vulnerability exists in the way\n that comctl32.dll handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1043)\n\n - A security feature bypass vulnerability exists where a\n NETLOGON message is able to obtain the session key and\n sign messages. (CVE-2019-1019)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-0920, CVE-2019-1005, CVE-2019-1055,\n CVE-2019-1080)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1038)\n\n - An elevation of privilege vulnerability exists when\n Windows AppX Deployment Service (AppXSVC) improperly\n handles hard links. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1064)\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V on a host server fails to properly\n validate input from an authenticated user on a guest\n operating system. (CVE-2019-0620, CVE-2019-0709,\n CVE-2019-0722)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2019-1025)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-0988)\n\n - An elevation of privilege exists in Windows Audio\n Service. An attacker who successfully exploited the\n vulnerability could run arbitrary code with elevated\n privileges. (CVE-2019-1007, CVE-2019-1028)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly initializes objects in memory.\n (CVE-2019-1039)\n\n - This security update corrects a denial of service in the\n Local Security Authority Subsystem Service (LSASS)\n caused when an authenticated attacker sends a specially\n crafted authentication request. A remote attacker who\n successfully exploited this vulnerability could cause a\n denial of service on the target system's LSASS service,\n which triggers an automatic reboot of the system. The\n security update addresses the vulnerability by changing\n the way that LSASS handles specially crafted\n authentication requests. (CVE-2019-0972)\n\n - An information disclosure vulnerability exists when\n affected Microsoft browsers improperly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1081)\n\n - An elevation of privilege vulnerability exists when the\n Windows Shell fails to validate folder shortcuts. An\n attacker who successfully exploited the vulnerability\n could elevate privileges by escaping a sandbox.\n (CVE-2019-1053)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1010, CVE-2019-1012, CVE-2019-1046,\n CVE-2019-1050)\n\n - A remote code execution vulnerability exists in the way\n that ActiveX Data Objects (ADO) handle objects in\n memory. An attacker who successfully exploited the\n vulnerability could execute arbitrary code with the\n victim users privileges. An attacker could craft a\n website that exploits the vulnerability and then\n convince a victim user to visit the website. The\n security update addresses the vulnerability by modifying\n how ActiveX Data Objects handle objects in memory.\n (CVE-2019-0888)\n\n - An elevation of privilege vulnerability exists when the\n Windows Common Log File System (CLFS) driver improperly\n handles objects in memory. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. (CVE-2019-0984)\n\n - A denial of service exists in Microsoft IIS Server when\n the optional request filtering feature improperly\n handles requests. An attacker who successfully exploited\n this vulnerability could perform a temporary denial of\n service against pages configured to use request\n filtering. (CVE-2019-0941)\n\n - An elevation of privilege vulnerability exists in the\n way the Task Scheduler Service validates certain file\n operations. An attacker who successfully exploited the\n vulnerability could gain elevated privileges on a victim\n system. (CVE-2019-1069)\n\n - An elevation of privilege vulnerability exists when the\n Windows User Profile Service (ProfSvc) improperly\n handles symlinks. An attacker who successfully exploited\n this vulnerability could delete files and folders in an\n elevated context. (CVE-2019-0986)\");\n # https://support.microsoft.com/en-us/help/4503267/windows-10-update-kb4503267\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c05ae217\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4503267.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-0974\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1053\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-06\";\nkbs = make_list('4503267');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"14393\",\n rollup_date:\"06_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4503267])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:18:15", "description": "The remote Windows host is missing security update 4503284.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-0943)\n\n - A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. (CVE-2019-1019)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1014, CVE-2019-1017)\n\n - A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features. (CVE-2019-1040)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-0710, CVE-2019-0711, CVE-2019-0713)\n\n - An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-0990, CVE-2019-1023)\n\n - An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by correcting the input sanitization error to preclude unintended elevation. (CVE-2019-0973)\n\n - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-0904, CVE-2019-0905, CVE-2019-0906, CVE-2019-0907, CVE-2019-0908, CVE-2019-0909, CVE-2019-0974)\n\n - An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-1018)\n\n - An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration. (CVE-2019-0948)\n\n - A security feature bypass vulnerability exists in Edge that allows for bypassing Mark of the Web Tagging (MOTW). Failing to set the MOTW means that a large number of Microsoft security technologies are bypassed.\n (CVE-2019-1054)\n\n - A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1043)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-0920, CVE-2019-1005, CVE-2019-1055, CVE-2019-1080)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1038)\n\n - An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1064)\n\n - An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1007, CVE-2019-1021, CVE-2019-1027, CVE-2019-1028)\n\n - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0620, CVE-2019-0709, CVE-2019-0722)\n\n - A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. (CVE-2019-1025)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-0988)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.\n (CVE-2019-1039)\n\n - This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause a denial of service on the target system's LSASS service, which triggers an automatic reboot of the system. The security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests. (CVE-2019-0972)\n\n - An elevation of privilege vulnerability exists in the way that the Windows Network File System (NFS) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1045)\n\n - An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox.\n (CVE-2019-1053)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1010, CVE-2019-1012, CVE-2019-1046, CVE-2019-1050)\n\n - A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim users privileges. An attacker could craft a website that exploits the vulnerability and then convince a victim user to visit the website. The security update addresses the vulnerability by modifying how ActiveX Data Objects handle objects in memory.\n (CVE-2019-0888)\n\n - An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2019-0984)\n\n - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052)\n\n - A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests. An attacker who successfully exploited this vulnerability could perform a temporary denial of service against pages configured to use request filtering. (CVE-2019-0941)\n\n - An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations. An attacker who successfully exploited the vulnerability could gain elevated privileges on a victim system. (CVE-2019-1069)\n\n - An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system.\n (CVE-2019-0983, CVE-2019-0998)\n\n - An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1081)\n\n - An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. (CVE-2019-0986)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-11T00:00:00", "type": "nessus", "title": "KB4503284: Windows 10 Version 1709 June 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0620", "CVE-2019-0709", "CVE-2019-0710", "CVE-2019-0711", "CVE-2019-0713", "CVE-2019-0722", "CVE-2019-0888", "CVE-2019-0904", "CVE-2019-0905", "CVE-2019-0906", "CVE-2019-0907", "CVE-2019-0908", "CVE-2019-0909", "CVE-2019-0920", "CVE-2019-0941", "CVE-2019-0943", "CVE-2019-0948", "CVE-2019-0972", "CVE-2019-0973", "CVE-2019-0974", "CVE-2019-0983", "CVE-2019-0984", "CVE-2019-0986", "CVE-2019-0988", "CVE-2019-0989", "CVE-2019-0990", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-0998", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1005", "CVE-2019-1007", "CVE-2019-1010", "CVE-2019-1012", "CVE-2019-1014", "CVE-2019-1017", "CVE-2019-1018", "CVE-2019-1019", "CVE-2019-1021", "CVE-2019-1023", "CVE-2019-1024", "CVE-2019-1025", "CVE-2019-1027", "CVE-2019-1028", "CVE-2019-1038", "CVE-2019-1039", "CVE-2019-1040", "CVE-2019-1043", "CVE-2019-1045", "CVE-2019-1046", "CVE-2019-1050", "CVE-2019-1051", "CVE-2019-1052", "CVE-2019-1053", "CVE-2019-1054", "CVE-2019-1055", "CVE-2019-1064", "CVE-2019-1069", "CVE-2019-1080", "CVE-2019-1081"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS19_JUN_4503284.NASL", "href": "https://www.tenable.com/plugins/nessus/125820", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125820);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2019-0620\",\n \"CVE-2019-0709\",\n \"CVE-2019-0710\",\n \"CVE-2019-0711\",\n \"CVE-2019-0713\",\n \"CVE-2019-0722\",\n \"CVE-2019-0888\",\n \"CVE-2019-0904\",\n \"CVE-2019-0905\",\n \"CVE-2019-0906\",\n \"CVE-2019-0907\",\n \"CVE-2019-0908\",\n \"CVE-2019-0909\",\n \"CVE-2019-0920\",\n \"CVE-2019-0941\",\n \"CVE-2019-0943\",\n \"CVE-2019-0948\",\n \"CVE-2019-0972\",\n \"CVE-2019-0973\",\n \"CVE-2019-0974\",\n \"CVE-2019-0983\",\n \"CVE-2019-0984\",\n \"CVE-2019-0986\",\n \"CVE-2019-0988\",\n \"CVE-2019-0989\",\n \"CVE-2019-0990\",\n \"CVE-2019-0991\",\n \"CVE-2019-0992\",\n \"CVE-2019-0993\",\n \"CVE-2019-0998\",\n \"CVE-2019-1002\",\n \"CVE-2019-1003\",\n \"CVE-2019-1005\",\n \"CVE-2019-1007\",\n \"CVE-2019-1010\",\n \"CVE-2019-1012\",\n \"CVE-2019-1014\",\n \"CVE-2019-1017\",\n \"CVE-2019-1018\",\n \"CVE-2019-1019\",\n \"CVE-2019-1021\",\n \"CVE-2019-1023\",\n \"CVE-2019-1024\",\n \"CVE-2019-1025\",\n \"CVE-2019-1027\",\n \"CVE-2019-1028\",\n \"CVE-2019-1038\",\n \"CVE-2019-1039\",\n \"CVE-2019-1040\",\n \"CVE-2019-1043\",\n \"CVE-2019-1045\",\n \"CVE-2019-1046\",\n \"CVE-2019-1050\",\n \"CVE-2019-1051\",\n \"CVE-2019-1052\",\n \"CVE-2019-1053\",\n \"CVE-2019-1054\",\n \"CVE-2019-1055\",\n \"CVE-2019-1064\",\n \"CVE-2019-1069\",\n \"CVE-2019-1080\",\n \"CVE-2019-1081\"\n );\n script_bugtraq_id(\n 108567,\n 108570,\n 108577,\n 108581,\n 108583,\n 108584,\n 108585,\n 108586,\n 108587,\n 108588,\n 108591,\n 108592,\n 108594,\n 108596,\n 108597,\n 108598,\n 108599,\n 108600,\n 108603,\n 108604,\n 108606,\n 108607,\n 108609,\n 108612,\n 108613,\n 108614,\n 108620,\n 108621,\n 108624,\n 108630,\n 108632,\n 108633,\n 108638,\n 108641,\n 108644,\n 108646,\n 108647,\n 108648,\n 108650,\n 108651,\n 108652,\n 108653,\n 108654,\n 108655,\n 108656,\n 108657,\n 108658,\n 108659,\n 108660,\n 108661,\n 108662,\n 108663,\n 108664,\n 108665,\n 108666,\n 108667,\n 108668,\n 108669,\n 108670,\n 108671,\n 108708,\n 108709\n );\n script_xref(name:\"MSKB\", value:\"4503284\");\n script_xref(name:\"MSFT\", value:\"MS19-4503284\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/05\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0129\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0430\");\n\n script_name(english:\"KB4503284: Windows 10 Version 1709 June 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4503284.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when\n Windows improperly handles calls to Advanced Local\n Procedure Call (ALPC). An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n the security context of the local system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-0943)\n\n - A security feature bypass vulnerability exists where a\n NETLOGON message is able to obtain the session key and\n sign messages. (CVE-2019-1019)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1014, CVE-2019-1017)\n\n - A tampering vulnerability exists in Microsoft Windows\n when a man-in-the-middle attacker is able to\n successfully bypass the NTLM MIC (Message Integrity\n Check) protection. An attacker who successfully\n exploited this vulnerability could gain the ability to\n downgrade NTLM security features. (CVE-2019-1040)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V on a host server fails to properly validate\n input from a privileged user on a guest operating\n system. (CVE-2019-0710, CVE-2019-0711, CVE-2019-0713)\n\n - An information disclosure vulnerability exists when the\n scripting engine does not properly handle objects in\n memory in Microsoft Edge. An attacker who successfully\n exploited the vulnerability could obtain information to\n further compromise the users system. (CVE-2019-0990,\n CVE-2019-1023)\n\n - An elevation of privilege vulnerability exists in the\n Windows Installer when the Windows Installer fails to\n properly sanitize input leading to an insecure library\n loading behavior. A locally authenticated attacker could\n run arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. The security update addresses the vulnerability\n by correcting the input sanitization error to preclude\n unintended elevation. (CVE-2019-0973)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-0904, CVE-2019-0905, CVE-2019-0906,\n CVE-2019-0907, CVE-2019-0908, CVE-2019-0909,\n CVE-2019-0974)\n\n - An elevation of privilege vulnerability exists when\n DirectX improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could run arbitrary code in kernel mode. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-1018)\n\n - An information disclosure vulnerability exists in the\n Windows Event Viewer (eventvwr.msc) when it improperly\n parses XML input containing a reference to an external\n entity. An attacker who successfully exploited this\n vulnerability could read arbitrary files via an XML\n external entity (XXE) declaration. (CVE-2019-0948)\n\n - A security feature bypass vulnerability exists in Edge\n that allows for bypassing Mark of the Web Tagging\n (MOTW). Failing to set the MOTW means that a large\n number of Microsoft security technologies are bypassed.\n (CVE-2019-1054)\n\n - A remote code execution vulnerability exists in the way\n that comctl32.dll handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1043)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-0920, CVE-2019-1005, CVE-2019-1055,\n CVE-2019-1080)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1038)\n\n - An elevation of privilege vulnerability exists when\n Windows AppX Deployment Service (AppXSVC) improperly\n handles hard links. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1064)\n\n - An elevation of privilege exists in Windows Audio\n Service. An attacker who successfully exploited the\n vulnerability could run arbitrary code with elevated\n privileges. (CVE-2019-1007, CVE-2019-1021,\n CVE-2019-1027, CVE-2019-1028)\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V on a host server fails to properly\n validate input from an authenticated user on a guest\n operating system. (CVE-2019-0620, CVE-2019-0709,\n CVE-2019-0722)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2019-1025)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-0988)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly initializes objects in memory.\n (CVE-2019-1039)\n\n - This security update corrects a denial of service in the\n Local Security Authority Subsystem Service (LSASS)\n caused when an authenticated attacker sends a specially\n crafted authentication request. A remote attacker who\n successfully exploited this vulnerability could cause a\n denial of service on the target system's LSASS service,\n which triggers an automatic reboot of the system. The\n security update addresses the vulnerability by changing\n the way that LSASS handles specially crafted\n authentication requests. (CVE-2019-0972)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Network File System (NFS) handles\n objects in memory. An attacker who successfully\n exploited the vulnerability could execute code with\n elevated permissions. (CVE-2019-1045)\n\n - An elevation of privilege vulnerability exists when the\n Windows Shell fails to validate folder shortcuts. An\n attacker who successfully exploited the vulnerability\n could elevate privileges by escaping a sandbox.\n (CVE-2019-1053)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1010, CVE-2019-1012, CVE-2019-1046,\n CVE-2019-1050)\n\n - A remote code execution vulnerability exists in the way\n that ActiveX Data Objects (ADO) handle objects in\n memory. An attacker who successfully exploited the\n vulnerability could execute arbitrary code with the\n victim users privileges. An attacker could craft a\n website that exploits the vulnerability and then\n convince a victim user to visit the website. The\n security update addresses the vulnerability by modifying\n how ActiveX Data Objects handle objects in memory.\n (CVE-2019-0888)\n\n - An elevation of privilege vulnerability exists when the\n Windows Common Log File System (CLFS) driver improperly\n handles objects in memory. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. (CVE-2019-0984)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2019-0989, CVE-2019-0991,\n CVE-2019-0992, CVE-2019-0993, CVE-2019-1002,\n CVE-2019-1003, CVE-2019-1024, CVE-2019-1051,\n CVE-2019-1052)\n\n - A denial of service exists in Microsoft IIS Server when\n the optional request filtering feature improperly\n handles requests. An attacker who successfully exploited\n this vulnerability could perform a temporary denial of\n service against pages configured to use request\n filtering. (CVE-2019-0941)\n\n - An elevation of privilege vulnerability exists in the\n way the Task Scheduler Service validates certain file\n operations. An attacker who successfully exploited the\n vulnerability could gain elevated privileges on a victim\n system. (CVE-2019-1069)\n\n - An elevation of privilege vulnerability exists when the\n Storage Service improperly handles file operations. An\n attacker who successfully exploited this vulnerability\n could gain elevated privileges on the victim system.\n (CVE-2019-0983, CVE-2019-0998)\n\n - An information disclosure vulnerability exists when\n affected Microsoft browsers improperly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1081)\n\n - An elevation of privilege vulnerability exists when the\n Windows User Profile Service (ProfSvc) improperly\n handles symlinks. An attacker who successfully exploited\n this vulnerability could delete files and folders in an\n elevated context. (CVE-2019-0986)\");\n # https://support.microsoft.com/en-us/help/4503284/windows-10-update-kb4503284\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?22fd634e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4503284.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-0974\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1053\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-06\";\nkbs = make_list('4503284');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nmy_os_build = get_kb_item(\"SMB/WindowsVersionBuild\");\nproductname = get_kb_item_or_exit(\"SMB/ProductName\");\n\nif (my_os_build == \"16299\" && \"enterprise\" >!< tolower(productname) && \"education\" >!< tolower(productname) && \"server\" >!< tolower(productname))\n audit(AUDIT_OS_NOT, \"a supported version of Windows\");\n\n\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"16299\",\n rollup_date:\"06_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4503284])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:17:31", "description": "The remote Windows host is missing security update 4503290 or cumulative update 4503276. It is, therefore, affected by multiple vulnerabilities :\n\n - An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration. (CVE-2019-0948)\n\n - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0620, CVE-2019-0722)\n\n - A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. (CVE-2019-1019)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1014, CVE-2019-1017)\n\n - A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features. (CVE-2019-1040)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-0710, CVE-2019-0711, CVE-2019-0713)\n\n - A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1043)\n\n - An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by correcting the input sanitization error to preclude unintended elevation. (CVE-2019-0973)\n\n - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-0904, CVE-2019-0905, CVE-2019-0906, CVE-2019-0907, CVE-2019-0908, CVE-2019-0909, CVE-2019-0974)\n\n - An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-0943)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-0920, CVE-2019-1005, CVE-2019-1055, CVE-2019-1080)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1038)\n\n - An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1081)\n\n - An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1028)\n\n - A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. (CVE-2019-1025)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-0988)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.\n (CVE-2019-1039)\n\n - This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause a denial of service on the target system's LSASS service, which triggers an automatic reboot of the system. The security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests. (CVE-2019-0972)\n\n - An elevation of privilege vulnerability exists in the way that the Windows Network File System (NFS) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1045)\n\n - An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox.\n (CVE-2019-1053)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1010, CVE-2019-1012, CVE-2019-1046, CVE-2019-1050)\n\n - A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim users privileges. An attacker could craft a website that exploits the vulnerability and then convince a victim user to visit the website. The security update addresses the vulnerability by modifying how ActiveX Data Objects handle objects in memory.\n (CVE-2019-0888)\n\n - An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2019-0984)\n\n - A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests. An attacker who successfully exploited this vulnerability could perform a temporary denial of service against pages configured to use request filtering. (CVE-2019-0941)\n\n - An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. (CVE-2019-0986)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-11T00:00:00", "type": "nessus", "title": "KB4503290: Windows 8.1 and Windows Server 2012 R2 June 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0620", "CVE-2019-0710", "CVE-2019-0711", "CVE-2019-0713", "CVE-2019-0722", "CVE-2019-0888", "CVE-2019-0904", "CVE-2019-0905", "CVE-2019-0906", "CVE-2019-0907", "CVE-2019-0908", "CVE-2019-0909", "CVE-2019-0920", "CVE-2019-0941", "CVE-2019-0943", "CVE-2019-0948", "CVE-2019-0972", "CVE-2019-0973", "CVE-2019-0974", "CVE-2019-0984", "CVE-2019-0986", "CVE-2019-0988", "CVE-2019-1005", "CVE-2019-1010", "CVE-2019-1012", "CVE-2019-1014", "CVE-2019-1017", "CVE-2019-1019", "CVE-2019-1025", "CVE-2019-1028", "CVE-2019-1038", "CVE-2019-1039", "CVE-2019-1040", "CVE-2019-1043", "CVE-2019-1045", "CVE-2019-1046", "CVE-2019-1050", "CVE-2019-1053", "CVE-2019-1055", "CVE-2019-1080", "CVE-2019-1081"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_JUN_4503276.NASL", "href": "https://www.tenable.com/plugins/nessus/125818", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125818);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2019-0620\",\n \"CVE-2019-0710\",\n \"CVE-2019-0711\",\n \"CVE-2019-0713\",\n \"CVE-2019-0722\",\n \"CVE-2019-0888\",\n \"CVE-2019-0904\",\n \"CVE-2019-0905\",\n \"CVE-2019-0906\",\n \"CVE-2019-0907\",\n \"CVE-2019-0908\",\n \"CVE-2019-0909\",\n \"CVE-2019-0920\",\n \"CVE-2019-0941\",\n \"CVE-2019-0943\",\n \"CVE-2019-0948\",\n \"CVE-2019-0972\",\n \"CVE-2019-0973\",\n \"CVE-2019-0974\",\n \"CVE-2019-0984\",\n \"CVE-2019-0986\",\n \"CVE-2019-0988\",\n \"CVE-2019-1005\",\n \"CVE-2019-1010\",\n \"CVE-2019-1012\",\n \"CVE-2019-1014\",\n \"CVE-2019-1017\",\n \"CVE-2019-1019\",\n \"CVE-2019-1025\",\n \"CVE-2019-1028\",\n \"CVE-2019-1038\",\n \"CVE-2019-1039\",\n \"CVE-2019-1040\",\n \"CVE-2019-1043\",\n \"CVE-2019-1045\",\n \"CVE-2019-1046\",\n \"CVE-2019-1050\",\n \"CVE-2019-1053\",\n \"CVE-2019-1055\",\n \"CVE-2019-1080\",\n \"CVE-2019-1081\"\n );\n script_bugtraq_id(\n 108570,\n 108577,\n 108581,\n 108583,\n 108584,\n 108585,\n 108586,\n 108591,\n 108594,\n 108597,\n 108599,\n 108600,\n 108603,\n 108604,\n 108606,\n 108607,\n 108609,\n 108612,\n 108613,\n 108614,\n 108620,\n 108624,\n 108630,\n 108632,\n 108633,\n 108638,\n 108641,\n 108644,\n 108646,\n 108648,\n 108650,\n 108651,\n 108654,\n 108655,\n 108656,\n 108666,\n 108667,\n 108668,\n 108669,\n 108708,\n 108709\n );\n script_xref(name:\"MSKB\", value:\"4503276\");\n script_xref(name:\"MSKB\", value:\"4503290\");\n script_xref(name:\"MSFT\", value:\"MS19-4503276\");\n script_xref(name:\"MSFT\", value:\"MS19-4503290\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0129\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0430\");\n\n script_name(english:\"KB4503290: Windows 8.1 and Windows Server 2012 R2 June 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4503290\nor cumulative update 4503276. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - An information disclosure vulnerability exists in the\n Windows Event Viewer (eventvwr.msc) when it improperly\n parses XML input containing a reference to an external\n entity. An attacker who successfully exploited this\n vulnerability could read arbitrary files via an XML\n external entity (XXE) declaration. (CVE-2019-0948)\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V on a host server fails to properly\n validate input from an authenticated user on a guest\n operating system. (CVE-2019-0620, CVE-2019-0722)\n\n - A security feature bypass vulnerability exists where a\n NETLOGON message is able to obtain the session key and\n sign messages. (CVE-2019-1019)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1014, CVE-2019-1017)\n\n - A tampering vulnerability exists in Microsoft Windows\n when a man-in-the-middle attacker is able to\n successfully bypass the NTLM MIC (Message Integrity\n Check) protection. An attacker who successfully\n exploited this vulnerability could gain the ability to\n downgrade NTLM security features. (CVE-2019-1040)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V on a host server fails to properly validate\n input from a privileged user on a guest operating\n system. (CVE-2019-0710, CVE-2019-0711, CVE-2019-0713)\n\n - A remote code execution vulnerability exists in the way\n that comctl32.dll handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1043)\n\n - An elevation of privilege vulnerability exists in the\n Windows Installer when the Windows Installer fails to\n properly sanitize input leading to an insecure library\n loading behavior. A locally authenticated attacker could\n run arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. The security update addresses the vulnerability\n by correcting the input sanitization error to preclude\n unintended elevation. (CVE-2019-0973)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-0904, CVE-2019-0905, CVE-2019-0906,\n CVE-2019-0907, CVE-2019-0908, CVE-2019-0909,\n CVE-2019-0974)\n\n - An elevation of privilege vulnerability exists when\n Windows improperly handles calls to Advanced Local\n Procedure Call (ALPC). An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n the security context of the local system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-0943)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-0920, CVE-2019-1005, CVE-2019-1055,\n CVE-2019-1080)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1038)\n\n - An information disclosure vulnerability exists when\n affected Microsoft browsers improperly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1081)\n\n - An elevation of privilege exists in Windows Audio\n Service. An attacker who successfully exploited the\n vulnerability could run arbitrary code with elevated\n privileges. (CVE-2019-1028)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2019-1025)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-0988)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly initializes objects in memory.\n (CVE-2019-1039)\n\n - This security update corrects a denial of service in the\n Local Security Authority Subsystem Service (LSASS)\n caused when an authenticated attacker sends a specially\n crafted authentication request. A remote attacker who\n successfully exploited this vulnerability could cause a\n denial of service on the target system's LSASS service,\n which triggers an automatic reboot of the system. The\n security update addresses the vulnerability by changing\n the way that LSASS handles specially crafted\n authentication requests. (CVE-2019-0972)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Network File System (NFS) handles\n objects in memory. An attacker who successfully\n exploited the vulnerability could execute code with\n elevated permissions. (CVE-2019-1045)\n\n - An elevation of privilege vulnerability exists when the\n Windows Shell fails to validate folder shortcuts. An\n attacker who successfully exploited the vulnerability\n could elevate privileges by escaping a sandbox.\n (CVE-2019-1053)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1010, CVE-2019-1012, CVE-2019-1046,\n CVE-2019-1050)\n\n - A remote code execution vulnerability exists in the way\n that ActiveX Data Objects (ADO) handle objects in\n memory. An attacker who successfully exploited the\n vulnerability could execute arbitrary code with the\n victim users privileges. An attacker could craft a\n website that exploits the vulnerability and then\n convince a victim user to visit the website. The\n security update addresses the vulnerability by modifying\n how ActiveX Data Objects handle objects in memory.\n (CVE-2019-0888)\n\n - An elevation of privilege vulnerability exists when the\n Windows Common Log File System (CLFS) driver improperly\n handles objects in memory. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. (CVE-2019-0984)\n\n - A denial of service exists in Microsoft IIS Server when\n the optional request filtering feature improperly\n handles requests. An attacker who successfully exploited\n this vulnerability could perform a temporary denial of\n service against pages configured to use request\n filtering. (CVE-2019-0941)\n\n - An elevation of privilege vulnerability exists when the\n Windows User Profile Service (ProfSvc) improperly\n handles symlinks. An attacker who successfully exploited\n this vulnerability could delete files and folders in an\n elevated context. (CVE-2019-0986)\");\n # https://support.microsoft.com/en-us/help/4503276/june-11-2019-kb4503276-os-build-monthly-rollup\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?953a7c84\");\n # https://support.microsoft.com/en-us/help/4503290/windows-8-1-update-kb4503290\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1dd73841\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4503290 or Cumulative Update KB4503276.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-0974\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1053\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-06\";\nkbs = make_list('4503276', '4503290');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\n# Windows 8 EOL\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname && \"8.1\" >!< productname)\n audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.3\",\n sp:0,\n rollup_date:\"06_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4503276, 4503290])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:17:51", "description": "The remote Windows host is missing security update 4503263 or cumulative update 4503285. It is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-0943)\n\n - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0620, CVE-2019-0722)\n\n - A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. (CVE-2019-1019)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1014, CVE-2019-1017)\n\n - A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features. (CVE-2019-1040)\n\n - A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1043)\n\n - An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by correcting the input sanitization error to preclude unintended elevation. (CVE-2019-0973)\n\n - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-0904, CVE-2019-0905, CVE-2019-0906, CVE-2019-0907, CVE-2019-0908, CVE-2019-0909, CVE-2019-0974)\n\n - An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration. (CVE-2019-0948)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-0920, CVE-2019-1005, CVE-2019-1055, CVE-2019-1080)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1038)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-0713)\n\n - An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1081)\n\n - A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. (CVE-2019-1025)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-0988)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.\n (CVE-2019-1039)\n\n - This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause a denial of service on the target system's LSASS service, which triggers an automatic reboot of the system. The security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests. (CVE-2019-0972)\n\n - An elevation of privilege vulnerability exists in the way that the Windows Network File System (NFS) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1045)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1010, CVE-2019-1012, CVE-2019-1015, CVE-2019-1046, CVE-2019-1050)\n\n - An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox.\n (CVE-2019-1053)\n\n - A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim users privileges. An attacker could craft a website that exploits the vulnerability and then convince a victim user to visit the website. The security update addresses the vulnerability by modifying how ActiveX Data Objects handle objects in memory.\n (CVE-2019-0888)\n\n - An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2019-0984)\n\n - A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests. An attacker who successfully exploited this vulnerability could perform a temporary denial of service against pages configured to use request filtering. (CVE-2019-0941)\n\n - An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. (CVE-2019-0986)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-11T00:00:00", "type": "nessus", "title": "KB4503263: Windows Server 2012 June 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0620", "CVE-2019-0713", "CVE-2019-0722", "CVE-2019-0888", "CVE-2019-0904", "CVE-2019-0905", "CVE-2019-0906", "CVE-2019-0907", "CVE-2019-0908", "CVE-2019-0909", "CVE-2019-0920", "CVE-2019-0941", "CVE-2019-0943", "CVE-2019-0948", "CVE-2019-0972", "CVE-2019-0973", "CVE-2019-0974", "CVE-2019-0984", "CVE-2019-0986", "CVE-2019-0988", "CVE-2019-1005", "CVE-2019-1010", "CVE-2019-1012", "CVE-2019-1014", "CVE-2019-1015", "CVE-2019-1017", "CVE-2019-1019", "CVE-2019-1025", "CVE-2019-1038", "CVE-2019-1039", "CVE-2019-1040", "CVE-2019-1043", "CVE-2019-1045", "CVE-2019-1046", "CVE-2019-1050", "CVE-2019-1053", "CVE-2019-1055", "CVE-2019-1080", "CVE-2019-1081"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_JUN_4503285.NASL", "href": "https://www.tenable.com/plugins/nessus/125821", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125821);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2019-0620\",\n \"CVE-2019-0713\",\n \"CVE-2019-0722\",\n \"CVE-2019-0888\",\n \"CVE-2019-0904\",\n \"CVE-2019-0905\",\n \"CVE-2019-0906\",\n \"CVE-2019-0907\",\n \"CVE-2019-0908\",\n \"CVE-2019-0909\",\n \"CVE-2019-0920\",\n \"CVE-2019-0941\",\n \"CVE-2019-0943\",\n \"CVE-2019-0948\",\n \"CVE-2019-0972\",\n \"CVE-2019-0973\",\n \"CVE-2019-0974\",\n \"CVE-2019-0984\",\n \"CVE-2019-0986\",\n \"CVE-2019-0988\",\n \"CVE-2019-1005\",\n \"CVE-2019-1010\",\n \"CVE-2019-1012\",\n \"CVE-2019-1014\",\n \"CVE-2019-1015\",\n \"CVE-2019-1017\",\n \"CVE-2019-1019\",\n \"CVE-2019-1025\",\n \"CVE-2019-1038\",\n \"CVE-2019-1039\",\n \"CVE-2019-1040\",\n \"CVE-2019-1043\",\n \"CVE-2019-1045\",\n \"CVE-2019-1046\",\n \"CVE-2019-1050\",\n \"CVE-2019-1053\",\n \"CVE-2019-1055\",\n \"CVE-2019-1080\",\n \"CVE-2019-1081\"\n );\n script_bugtraq_id(\n 108570,\n 108577,\n 108581,\n 108583,\n 108584,\n 108585,\n 108586,\n 108591,\n 108594,\n 108599,\n 108600,\n 108603,\n 108604,\n 108606,\n 108607,\n 108609,\n 108612,\n 108613,\n 108614,\n 108620,\n 108624,\n 108627,\n 108633,\n 108638,\n 108641,\n 108644,\n 108646,\n 108648,\n 108650,\n 108651,\n 108654,\n 108655,\n 108656,\n 108666,\n 108667,\n 108668,\n 108669,\n 108708,\n 108709\n );\n script_xref(name:\"MSKB\", value:\"4503263\");\n script_xref(name:\"MSKB\", value:\"4503285\");\n script_xref(name:\"MSFT\", value:\"MS19-4503263\");\n script_xref(name:\"MSFT\", value:\"MS19-4503285\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0129\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0430\");\n\n script_name(english:\"KB4503263: Windows Server 2012 June 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4503263\nor cumulative update 4503285. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when\n Windows improperly handles calls to Advanced Local\n Procedure Call (ALPC). An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n the security context of the local system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-0943)\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V on a host server fails to properly\n validate input from an authenticated user on a guest\n operating system. (CVE-2019-0620, CVE-2019-0722)\n\n - A security feature bypass vulnerability exists where a\n NETLOGON message is able to obtain the session key and\n sign messages. (CVE-2019-1019)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1014, CVE-2019-1017)\n\n - A tampering vulnerability exists in Microsoft Windows\n when a man-in-the-middle attacker is able to\n successfully bypass the NTLM MIC (Message Integrity\n Check) protection. An attacker who successfully\n exploited this vulnerability could gain the ability to\n downgrade NTLM security features. (CVE-2019-1040)\n\n - A remote code execution vulnerability exists in the way\n that comctl32.dll handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1043)\n\n - An elevation of privilege vulnerability exists in the\n Windows Installer when the Windows Installer fails to\n properly sanitize input leading to an insecure library\n loading behavior. A locally authenticated attacker could\n run arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. The security update addresses the vulnerability\n by correcting the input sanitization error to preclude\n unintended elevation. (CVE-2019-0973)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-0904, CVE-2019-0905, CVE-2019-0906,\n CVE-2019-0907, CVE-2019-0908, CVE-2019-0909,\n CVE-2019-0974)\n\n - An information disclosure vulnerability exists in the\n Windows Event Viewer (eventvwr.msc) when it improperly\n parses XML input containing a reference to an external\n entity. An attacker who successfully exploited this\n vulnerability could read arbitrary files via an XML\n external entity (XXE) declaration. (CVE-2019-0948)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-0920, CVE-2019-1005, CVE-2019-1055,\n CVE-2019-1080)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1038)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V on a host server fails to properly validate\n input from a privileged user on a guest operating\n system. (CVE-2019-0713)\n\n - An information disclosure vulnerability exists when\n affected Microsoft browsers improperly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1081)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2019-1025)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-0988)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly initializes objects in memory.\n (CVE-2019-1039)\n\n - This security update corrects a denial of service in the\n Local Security Authority Subsystem Service (LSASS)\n caused when an authenticated attacker sends a specially\n crafted authentication request. A remote attacker who\n successfully exploited this vulnerability could cause a\n denial of service on the target system's LSASS service,\n which triggers an automatic reboot of the system. The\n security update addresses the vulnerability by changing\n the way that LSASS handles specially crafted\n authentication requests. (CVE-2019-0972)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Network File System (NFS) handles\n objects in memory. An attacker who successfully\n exploited the vulnerability could execute code with\n elevated permissions. (CVE-2019-1045)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1010, CVE-2019-1012, CVE-2019-1015,\n CVE-2019-1046, CVE-2019-1050)\n\n - An elevation of privilege vulnerability exists when the\n Windows Shell fails to validate folder shortcuts. An\n attacker who successfully exploited the vulnerability\n could elevate privileges by escaping a sandbox.\n (CVE-2019-1053)\n\n - A remote code execution vulnerability exists in the way\n that ActiveX Data Objects (ADO) handle objects in\n memory. An attacker who successfully exploited the\n vulnerability could execute arbitrary code with the\n victim users privileges. An attacker could craft a\n website that exploits the vulnerability and then\n convince a victim user to visit the website. The\n security update addresses the vulnerability by modifying\n how ActiveX Data Objects handle objects in memory.\n (CVE-2019-0888)\n\n - An elevation of privilege vulnerability exists when the\n Windows Common Log File System (CLFS) driver improperly\n handles objects in memory. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. (CVE-2019-0984)\n\n - A denial of service exists in Microsoft IIS Server when\n the optional request filtering feature improperly\n handles requests. An attacker who successfully exploited\n this vulnerability could perform a temporary denial of\n service against pages configured to use request\n filtering. (CVE-2019-0941)\n\n - An elevation of privilege vulnerability exists when the\n Windows User Profile Service (ProfSvc) improperly\n handles symlinks. An attacker who successfully exploited\n this vulnerability could delete files and folders in an\n elevated context. (CVE-2019-0986)\");\n # https://support.microsoft.com/en-us/help/4503263/windows-server-2012-update-kb4503263\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?11b6c66e\");\n # https://support.microsoft.com/en-us/help/4503285/windows-server-2012-kb4503285\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b6f9d59c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4503263 or Cumulative Update KB4503285.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-0974\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1053\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-06\";\nkbs = make_list('4503285', '4503263');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win8:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\n# Windows 8 EOL\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.2\",\n sp:0,\n rollup_date:\"06_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4503285, 4503263])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:18:35", "description": "The remote Windows host is missing security update 4503286.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-0943)\n\n - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0620, CVE-2019-0722)\n\n - A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. (CVE-2019-1019)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1014, CVE-2019-1017)\n\n - A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features. (CVE-2019-1040)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-0710, CVE-2019-0711, CVE-2019-0713)\n\n - An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-0990, CVE-2019-1023)\n\n - An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by correcting the input sanitization error to preclude unintended elevation. (CVE-2019-0973)\n\n - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-0904, CVE-2019-0905, CVE-2019-0906, CVE-2019-0907, CVE-2019-0908, CVE-2019-0909, CVE-2019-0974)\n\n - An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-1018)\n\n - An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration. (CVE-2019-0948)\n\n - A security feature bypass vulnerability exists in Edge that allows for bypassing Mark of the Web Tagging (MOTW). Failing to set the MOTW means that a large number of Microsoft security technologies are bypassed.\n (CVE-2019-1054)\n\n - A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1043)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-0920, CVE-2019-1005, CVE-2019-1055, CVE-2019-1080)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1038)\n\n - An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1064)\n\n - An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1007, CVE-2019-1021, CVE-2019-1026, CVE-2019-1027, CVE-2019-1028)\n\n - A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. (CVE-2019-1025)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-0988)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.\n (CVE-2019-1039)\n\n - An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2019-0959, CVE-2019-0984)\n\n - This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause a denial of service on the target system's LSASS service, which triggers an automatic reboot of the system. The security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests. (CVE-2019-0972)\n\n - An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1081)\n\n - An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox.\n (CVE-2019-1053)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1010, CVE-2019-1012, CVE-2019-1046, CVE-2019-1050)\n\n - A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim users privileges. An attacker could craft a website that exploits the vulnerability and then convince a victim user to visit the website. The security update addresses the vulnerability by modifying how ActiveX Data Objects handle objects in memory.\n (CVE-2019-0888)\n\n - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052)\n\n - A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests. An attacker who successfully exploited this vulnerability could perform a temporary denial of service against pages configured to use request filtering. (CVE-2019-0941)\n\n - An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations. An attacker who successfully exploited the vulnerability could gain elevated privileges on a victim system. (CVE-2019-1069)\n\n - An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system.\n (CVE-2019-0983, CVE-2019-0998)\n\n - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1041, CVE-2019-1065)\n\n - An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. (CVE-2019-0986)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-11T00:00:00", "type": "nessus", "title": "KB4503286: Windows 10 Version 1803 June 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0620", "CVE-2019-0710", "CVE-2019-0711", "CVE-2019-0713", "CVE-2019-0722", "CVE-2019-0888", "CVE-2019-0904", "CVE-2019-0905", "CVE-2019-0906", "CVE-2019-0907", "CVE-2019-0908", "CVE-2019-0909", "CVE-2019-0920", "CVE-2019-0941", "CVE-2019-0943", "CVE-2019-0948", "CVE-2019-0959", "CVE-2019-0972", "CVE-2019-0973", "CVE-2019-0974", "CVE-2019-0983", "CVE-2019-0984", "CVE-2019-0986", "CVE-2019-0988", "CVE-2019-0989", "CVE-2019-0990", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-0998", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1005", "CVE-2019-1007", "CVE-2019-1010", "CVE-2019-1012", "CVE-2019-1014", "CVE-2019-1017", "CVE-2019-1018", "CVE-2019-1019", "CVE-2019-1021", "CVE-2019-1023", "CVE-2019-1024", "CVE-2019-1025", "CVE-2019-1026", "CVE-2019-1027", "CVE-2019-1028", "CVE-2019-1038", "CVE-2019-1039", "CVE-2019-1040", "CVE-2019-1041", "CVE-2019-1043", "CVE-2019-1046", "CVE-2019-1050", "CVE-2019-1051", "CVE-2019-1052", "CVE-2019-1053", "CVE-2019-1054", "CVE-2019-1055", "CVE-2019-1064", "CVE-2019-1065", "CVE-2019-1069", "CVE-2019-1080", "CVE-2019-1081"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS19_JUN_4503286.NASL", "href": "https://www.tenable.com/plugins/nessus/125822", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125822);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2019-0620\",\n \"CVE-2019-0710\",\n \"CVE-2019-0711\",\n \"CVE-2019-0713\",\n \"CVE-2019-0722\",\n \"CVE-2019-0888\",\n \"CVE-2019-0904\",\n \"CVE-2019-0905\",\n \"CVE-2019-0906\",\n \"CVE-2019-0907\",\n \"CVE-2019-0908\",\n \"CVE-2019-0909\",\n \"CVE-2019-0920\",\n \"CVE-2019-0941\",\n \"CVE-2019-0943\",\n \"CVE-2019-0948\",\n \"CVE-2019-0959\",\n \"CVE-2019-0972\",\n \"CVE-2019-0973\",\n \"CVE-2019-0974\",\n \"CVE-2019-0983\",\n \"CVE-2019-0984\",\n \"CVE-2019-0986\",\n \"CVE-2019-0988\",\n \"CVE-2019-0989\",\n \"CVE-2019-0990\",\n \"CVE-2019-0991\",\n \"CVE-2019-0992\",\n \"CVE-2019-0993\",\n \"CVE-2019-0998\",\n \"CVE-2019-1002\",\n \"CVE-2019-1003\",\n \"CVE-2019-1005\",\n \"CVE-2019-1007\",\n \"CVE-2019-1010\",\n \"CVE-2019-1012\",\n \"CVE-2019-1014\",\n \"CVE-2019-1017\",\n \"CVE-2019-1018\",\n \"CVE-2019-1019\",\n \"CVE-2019-1021\",\n \"CVE-2019-1023\",\n \"CVE-2019-1024\",\n \"CVE-2019-1025\",\n \"CVE-2019-1026\",\n \"CVE-2019-1027\",\n \"CVE-2019-1028\",\n \"CVE-2019-1038\",\n \"CVE-2019-1039\",\n \"CVE-2019-1040\",\n \"CVE-2019-1041\",\n \"CVE-2019-1043\",\n \"CVE-2019-1046\",\n \"CVE-2019-1050\",\n \"CVE-2019-1051\",\n \"CVE-2019-1052\",\n \"CVE-2019-1053\",\n \"CVE-2019-1054\",\n \"CVE-2019-1055\",\n \"CVE-2019-1064\",\n \"CVE-2019-1065\",\n \"CVE-2019-1069\",\n \"CVE-2019-1080\",\n \"CVE-2019-1081\"\n );\n script_bugtraq_id(\n 108567,\n 108570,\n 108577,\n 108581,\n 108583,\n 108585,\n 108586,\n 108587,\n 108588,\n 108591,\n 108592,\n 108594,\n 108595,\n 108596,\n 108597,\n 108598,\n 108599,\n 108600,\n 108602,\n 108603,\n 108604,\n 108606,\n 108607,\n 108608,\n 108609,\n 108612,\n 108613,\n 108614,\n 108620,\n 108624,\n 108630,\n 108632,\n 108633,\n 108638,\n 108641,\n 108644,\n 108646,\n 108647,\n 108648,\n 108649,\n 108650,\n 108651,\n 108652,\n 108653,\n 108654,\n 108655,\n 108656,\n 108657,\n 108658,\n 108659,\n 108660,\n 108661,\n 108662,\n 108663,\n 108664,\n 108665,\n 108666,\n 108667,\n 108668,\n 108669,\n 108670,\n 108671,\n 108708,\n 108709\n );\n script_xref(name:\"MSKB\", value:\"4503286\");\n script_xref(name:\"MSFT\", value:\"MS19-4503286\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/05\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0129\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0430\");\n\n script_name(english:\"KB4503286: Windows 10 Version 1803 June 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4503286.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists when\n Windows improperly handles calls to Advanced Local\n Procedure Call (ALPC). An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n the security context of the local system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-0943)\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V on a host server fails to properly\n validate input from an authenticated user on a guest\n operating system. (CVE-2019-0620, CVE-2019-0722)\n\n - A security feature bypass vulnerability exists where a\n NETLOGON message is able to obtain the session key and\n sign messages. (CVE-2019-1019)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1014, CVE-2019-1017)\n\n - A tampering vulnerability exists in Microsoft Windows\n when a man-in-the-middle attacker is able to\n successfully bypass the NTLM MIC (Message Integrity\n Check) protection. An attacker who successfully\n exploited this vulnerability could gain the ability to\n downgrade NTLM security features. (CVE-2019-1040)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V on a host server fails to properly validate\n input from a privileged user on a guest operating\n system. (CVE-2019-0710, CVE-2019-0711, CVE-2019-0713)\n\n - An information disclosure vulnerability exists when the\n scripting engine does not properly handle objects in\n memory in Microsoft Edge. An attacker who successfully\n exploited the vulnerability could obtain information to\n further compromise the users system. (CVE-2019-0990,\n CVE-2019-1023)\n\n - An elevation of privilege vulnerability exists in the\n Windows Installer when the Windows Installer fails to\n properly sanitize input leading to an insecure library\n loading behavior. A locally authenticated attacker could\n run arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. The security update addresses the vulnerability\n by correcting the input sanitization error to preclude\n unintended elevation. (CVE-2019-0973)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-0904, CVE-2019-0905, CVE-2019-0906,\n CVE-2019-0907, CVE-2019-0908, CVE-2019-0909,\n CVE-2019-0974)\n\n - An elevation of privilege vulnerability exists when\n DirectX improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could run arbitrary code in kernel mode. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-1018)\n\n - An information disclosure vulnerability exists in the\n Windows Event Viewer (eventvwr.msc) when it improperly\n parses XML input containing a reference to an external\n entity. An attacker who successfully exploited this\n vulnerability could read arbitrary files via an XML\n external entity (XXE) declaration. (CVE-2019-0948)\n\n - A security feature bypass vulnerability exists in Edge\n that allows for bypassing Mark of the Web Tagging\n (MOTW). Failing to set the MOTW means that a large\n number of Microsoft security technologies are bypassed.\n (CVE-2019-1054)\n\n - A remote code execution vulnerability exists in the way\n that comctl32.dll handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1043)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-0920, CVE-2019-1005, CVE-2019-1055,\n CVE-2019-1080)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1038)\n\n - An elevation of privilege vulnerability exists when\n Windows AppX Deployment Service (AppXSVC) improperly\n handles hard links. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1064)\n\n - An elevation of privilege exists in Windows Audio\n Service. An attacker who successfully exploited the\n vulnerability could run arbitrary code with elevated\n privileges. (CVE-2019-1007, CVE-2019-1021,\n CVE-2019-1026, CVE-2019-1027, CVE-2019-1028)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2019-1025)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-0988)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly initializes objects in memory.\n (CVE-2019-1039)\n\n - An elevation of privilege vulnerability exists when the\n Windows Common Log File System (CLFS) driver improperly\n handles objects in memory. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. (CVE-2019-0959, CVE-2019-0984)\n\n - This security update corrects a denial of service in the\n Local Security Authority Subsystem Service (LSASS)\n caused when an authenticated attacker sends a specially\n crafted authentication request. A remote attacker who\n successfully exploited this vulnerability could cause a\n denial of service on the target system's LSASS service,\n which triggers an automatic reboot of the system. The\n security update addresses the vulnerability by changing\n the way that LSASS handles specially crafted\n authentication requests. (CVE-2019-0972)\n\n - An information disclosure vulnerability exists when\n affected Microsoft browsers improperly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1081)\n\n - An elevation of privilege vulnerability exists when the\n Windows Shell fails to validate folder shortcuts. An\n attacker who successfully exploited the vulnerability\n could elevate privileges by escaping a sandbox.\n (CVE-2019-1053)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1010, CVE-2019-1012, CVE-2019-1046,\n CVE-2019-1050)\n\n - A remote code execution vulnerability exists in the way\n that ActiveX Data Objects (ADO) handle objects in\n memory. An attacker who successfully exploited the\n vulnerability could execute arbitrary code with the\n victim users privileges. An attacker could craft a\n website that exploits the vulnerability and then\n convince a victim user to visit the website. The\n security update addresses the vulnerability by modifying\n how ActiveX Data Objects handle objects in memory.\n (CVE-2019-0888)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2019-0989, CVE-2019-0991,\n CVE-2019-0992, CVE-2019-0993, CVE-2019-1002,\n CVE-2019-1003, CVE-2019-1024, CVE-2019-1051,\n CVE-2019-1052)\n\n - A denial of service exists in Microsoft IIS Server when\n the optional request filtering feature improperly\n handles requests. An attacker who successfully exploited\n this vulnerability could perform a temporary denial of\n service against pages configured to use request\n filtering. (CVE-2019-0941)\n\n - An elevation of privilege vulnerability exists in the\n way the Task Scheduler Service validates certain file\n operations. An attacker who successfully exploited the\n vulnerability could gain elevated privileges on a victim\n system. (CVE-2019-1069)\n\n - An elevation of privilege vulnerability exists when the\n Storage Service improperly handles file operations. An\n attacker who successfully exploited this vulnerability\n could gain elevated privileges on the victim system.\n (CVE-2019-0983, CVE-2019-0998)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2019-1041, CVE-2019-1065)\n\n - An elevation of privilege vulnerability exists when the\n Windows User Profile Service (ProfSvc) improperly\n handles symlinks. An attacker who successfully exploited\n this vulnerability could delete files and folders in an\n elevated context. (CVE-2019-0986)\");\n # https://support.microsoft.com/en-us/help/4503286/june112019kb4503286osbuild17134821\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1318c44e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4503286.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-0974\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1053\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-06\";\nkbs = make_list('4503286');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"17134\",\n rollup_date:\"06_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4503286])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:18:34", "description": "The remote Windows host is missing security update 4503293.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1007, CVE-2019-1021, CVE-2019-1022, CVE-2019-1026, CVE-2019-1027, CVE-2019-1028)\n\n - An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-0943)\n\n - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0620, CVE-2019-0722)\n\n - A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. (CVE-2019-1019)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1014, CVE-2019-1017)\n\n - A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features. (CVE-2019-1040)\n\n - An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-0990, CVE-2019-1023)\n\n - An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2019-0959, CVE-2019-0984)\n\n - An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by correcting the input sanitization error to preclude unintended elevation. (CVE-2019-0973)\n\n - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-0904, CVE-2019-0905, CVE-2019-0906, CVE-2019-0907, CVE-2019-0908, CVE-2019-0909, CVE-2019-0974)\n\n - An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration. (CVE-2019-0948)\n\n - A security feature bypass vulnerability exists in Edge that allows for bypassing Mark of the Web Tagging (MOTW). Failing to set the MOTW means that a large number of Microsoft security technologies are bypassed.\n (CVE-2019-1054)\n\n - A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1043)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-0920, CVE-2019-1005, CVE-2019-1055, CVE-2019-1080)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1038)\n\n - An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1064)\n\n - A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. (CVE-2019-1025)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-0988)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.\n (CVE-2019-1039)\n\n - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052)\n\n - This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause a denial of service on the target system's LSASS service, which triggers an automatic reboot of the system. The security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests. (CVE-2019-0972)\n\n - An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1081)\n\n - An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox.\n (CVE-2019-1053)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1010, CVE-2019-1012, CVE-2019-1046, CVE-2019-1050)\n\n - A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim users privileges. An attacker could craft a website that exploits the vulnerability and then convince a victim user to visit the website. The security update addresses the vulnerability by modifying how ActiveX Data Objects handle objects in memory.\n (CVE-2019-0888)\n\n - A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests. An attacker who successfully exploited this vulnerability could perform a temporary denial of service against pages configured to use request filtering. (CVE-2019-0941)\n\n - An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations. An attacker who successfully exploited the vulnerability could gain elevated privileges on a victim system. (CVE-2019-1069)\n\n - An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system.\n (CVE-2019-0983, CVE-2019-0998)\n\n - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1041, CVE-2019-1065)\n\n - An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. (CVE-2019-0986)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-11T00:00:00", "type": "nessus", "title": "KB4503293: Windows 10 Version 1903 June 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0620", "CVE-2019-0722", "CVE-2019-0888", "CVE-2019-0904", "CVE-2019-0905", "CVE-2019-0906", "CVE-2019-0907", "CVE-2019-0908", "CVE-2019-0909", "CVE-2019-0920", "CVE-2019-0941", "CVE-2019-0943", "CVE-2019-0948", "CVE-2019-0959", "CVE-2019-0972", "CVE-2019-0973", "CVE-2019-0974", "CVE-2019-0983", "CVE-2019-0984", "CVE-2019-0986", "CVE-2019-0988", "CVE-2019-0989", "CVE-2019-0990", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-0998", "CVE-2019-1003", "CVE-2019-1005", "CVE-2019-1007", "CVE-2019-1010", "CVE-2019-1012", "CVE-2019-1014", "CVE-2019-1017", "CVE-2019-1019", "CVE-2019-1021", "CVE-2019-1022", "CVE-2019-1023", "CVE-2019-1024", "CVE-2019-1025", "CVE-2019-1026", "CVE-2019-1027", "CVE-2019-1028", "CVE-2019-1038", "CVE-2019-1039", "CVE-2019-1040", "CVE-2019-1041", "CVE-2019-1043", "CVE-2019-1046", "CVE-2019-1050", "CVE-2019-1051", "CVE-2019-1052", "CVE-2019-1053", "CVE-2019-1054", "CVE-2019-1055", "CVE-2019-1064", "CVE-2019-1065", "CVE-2019-1069", "CVE-2019-1080", "CVE-2019-1081"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS19_JUN_4503293.NASL", "href": "https://www.tenable.com/plugins/nessus/125825", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125825);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2019-0620\",\n \"CVE-2019-0722\",\n \"CVE-2019-0888\",\n \"CVE-2019-0904\",\n \"CVE-2019-0905\",\n \"CVE-2019-0906\",\n \"CVE-2019-0907\",\n \"CVE-2019-0908\",\n \"CVE-2019-0909\",\n \"CVE-2019-0920\",\n \"CVE-2019-0941\",\n \"CVE-2019-0943\",\n \"CVE-2019-0948\",\n \"CVE-2019-0959\",\n \"CVE-2019-0972\",\n \"CVE-2019-0973\",\n \"CVE-2019-0974\",\n \"CVE-2019-0983\",\n \"CVE-2019-0984\",\n \"CVE-2019-0986\",\n \"CVE-2019-0988\",\n \"CVE-2019-0989\",\n \"CVE-2019-0990\",\n \"CVE-2019-0991\",\n \"CVE-2019-0992\",\n \"CVE-2019-0993\",\n \"CVE-2019-0998\",\n \"CVE-2019-1003\",\n \"CVE-2019-1005\",\n \"CVE-2019-1007\",\n \"CVE-2019-1010\",\n \"CVE-2019-1012\",\n \"CVE-2019-1014\",\n \"CVE-2019-1017\",\n \"CVE-2019-1019\",\n \"CVE-2019-1021\",\n \"CVE-2019-1022\",\n \"CVE-2019-1023\",\n \"CVE-2019-1024\",\n \"CVE-2019-1025\",\n \"CVE-2019-1026\",\n \"CVE-2019-1027\",\n \"CVE-2019-1028\",\n \"CVE-2019-1038\",\n \"CVE-2019-1039\",\n \"CVE-2019-1040\",\n \"CVE-2019-1041\",\n \"CVE-2019-1043\",\n \"CVE-2019-1046\",\n \"CVE-2019-1050\",\n \"CVE-2019-1051\",\n \"CVE-2019-1052\",\n \"CVE-2019-1053\",\n \"CVE-2019-1054\",\n \"CVE-2019-1055\",\n \"CVE-2019-1064\",\n \"CVE-2019-1065\",\n \"CVE-2019-1069\",\n \"CVE-2019-1080\",\n \"CVE-2019-1081\"\n );\n script_bugtraq_id(\n 108570,\n 108577,\n 108581,\n 108583,\n 108585,\n 108586,\n 108587,\n 108588,\n 108591,\n 108592,\n 108593,\n 108594,\n 108595,\n 108596,\n 108597,\n 108598,\n 108599,\n 108600,\n 108602,\n 108603,\n 108604,\n 108606,\n 108607,\n 108608,\n 108609,\n 108612,\n 108613,\n 108620,\n 108624,\n 108633,\n 108638,\n 108641,\n 108644,\n 108646,\n 108647,\n 108648,\n 108649,\n 108650,\n 108651,\n 108652,\n 108653,\n 108654,\n 108655,\n 108656,\n 108657,\n 108658,\n 108659,\n 108660,\n 108662,\n 108663,\n 108664,\n 108665,\n 108666,\n 108667,\n 108668,\n 108669,\n 108670,\n 108671,\n 108708,\n 108709\n );\n script_xref(name:\"MSKB\", value:\"4503293\");\n script_xref(name:\"MSFT\", value:\"MS19-4503293\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/05\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0129\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0430\");\n\n script_name(english:\"KB4503293: Windows 10 Version 1903 June 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4503293.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege exists in Windows Audio\n Service. An attacker who successfully exploited the\n vulnerability could run arbitrary code with elevated\n privileges. (CVE-2019-1007, CVE-2019-1021,\n CVE-2019-1022, CVE-2019-1026, CVE-2019-1027,\n CVE-2019-1028)\n\n - An elevation of privilege vulnerability exists when\n Windows improperly handles calls to Advanced Local\n Procedure Call (ALPC). An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n the security context of the local system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-0943)\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V on a host server fails to properly\n validate input from an authenticated user on a guest\n operating system. (CVE-2019-0620, CVE-2019-0722)\n\n - A security feature bypass vulnerability exists where a\n NETLOGON message is able to obtain the session key and\n sign messages. (CVE-2019-1019)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1014, CVE-2019-1017)\n\n - A tampering vulnerability exists in Microsoft Windows\n when a man-in-the-middle attacker is able to\n successfully bypass the NTLM MIC (Message Integrity\n Check) protection. An attacker who successfully\n exploited this vulnerability could gain the ability to\n downgrade NTLM security features. (CVE-2019-1040)\n\n - An information disclosure vulnerability exists when the\n scripting engine does not properly handle objects in\n memory in Microsoft Edge. An attacker who successfully\n exploited the vulnerability could obtain information to\n further compromise the users system. (CVE-2019-0990,\n CVE-2019-1023)\n\n - An elevation of privilege vulnerability exists when the\n Windows Common Log File System (CLFS) driver improperly\n handles objects in memory. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. (CVE-2019-0959, CVE-2019-0984)\n\n - An elevation of privilege vulnerability exists in the\n Windows Installer when the Windows Installer fails to\n properly sanitize input leading to an insecure library\n loading behavior. A locally authenticated attacker could\n run arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. The security update addresses the vulnerability\n by correcting the input sanitization error to preclude\n unintended elevation. (CVE-2019-0973)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-0904, CVE-2019-0905, CVE-2019-0906,\n CVE-2019-0907, CVE-2019-0908, CVE-2019-0909,\n CVE-2019-0974)\n\n - An information disclosure vulnerability exists in the\n Windows Event Viewer (eventvwr.msc) when it improperly\n parses XML input containing a reference to an external\n entity. An attacker who successfully exploited this\n vulnerability could read arbitrary files via an XML\n external entity (XXE) declaration. (CVE-2019-0948)\n\n - A security feature bypass vulnerability exists in Edge\n that allows for bypassing Mark of the Web Tagging\n (MOTW). Failing to set the MOTW means that a large\n number of Microsoft security technologies are bypassed.\n (CVE-2019-1054)\n\n - A remote code execution vulnerability exists in the way\n that comctl32.dll handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1043)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-0920, CVE-2019-1005, CVE-2019-1055,\n CVE-2019-1080)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1038)\n\n - An elevation of privilege vulnerability exists when\n Windows AppX Deployment Service (AppXSVC) improperly\n handles hard links. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1064)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2019-1025)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-0988)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly initializes objects in memory.\n (CVE-2019-1039)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2019-0989, CVE-2019-0991,\n CVE-2019-0992, CVE-2019-0993, CVE-2019-1003,\n CVE-2019-1024, CVE-2019-1051, CVE-2019-1052)\n\n - This security update corrects a denial of service in the\n Local Security Authority Subsystem Service (LSASS)\n caused when an authenticated attacker sends a specially\n crafted authentication request. A remote attacker who\n successfully exploited this vulnerability could cause a\n denial of service on the target system's LSASS service,\n which triggers an automatic reboot of the system. The\n security update addresses the vulnerability by changing\n the way that LSASS handles specially crafted\n authentication requests. (CVE-2019-0972)\n\n - An information disclosure vulnerability exists when\n affected Microsoft browsers improperly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1081)\n\n - An elevation of privilege vulnerability exists when the\n Windows Shell fails to validate folder shortcuts. An\n attacker who successfully exploited the vulnerability\n could elevate privileges by escaping a sandbox.\n (CVE-2019-1053)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1010, CVE-2019-1012, CVE-2019-1046,\n CVE-2019-1050)\n\n - A remote code execution vulnerability exists in the way\n that ActiveX Data Objects (ADO) handle objects in\n memory. An attacker who successfully exploited the\n vulnerability could execute arbitrary code with the\n victim users privileges. An attacker could craft a\n website that exploits the vulnerability and then\n convince a victim user to visit the website. The\n security update addresses the vulnerability by modifying\n how ActiveX Data Objects handle objects in memory.\n (CVE-2019-0888)\n\n - A denial of service exists in Microsoft IIS Server when\n the optional request filtering feature improperly\n handles requests. An attacker who successfully exploited\n this vulnerability could perform a temporary denial of\n service against pages configured to use request\n filtering. (CVE-2019-0941)\n\n - An elevation of privilege vulnerability exists in the\n way the Task Scheduler Service validates certain file\n operations. An attacker who successfully exploited the\n vulnerability could gain elevated privileges on a victim\n system. (CVE-2019-1069)\n\n - An elevation of privilege vulnerability exists when the\n Storage Service improperly handles file operations. An\n attacker who successfully exploited this vulnerability\n could gain elevated privileges on the victim system.\n (CVE-2019-0983, CVE-2019-0998)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2019-1041, CVE-2019-1065)\n\n - An elevation of privilege vulnerability exists when the\n Windows User Profile Service (ProfSvc) improperly\n handles symlinks. An attacker who successfully exploited\n this vulnerability could delete files and folders in an\n elevated context. (CVE-2019-0986)\");\n # https://support.microsoft.com/en-us/help/4503293/windows-10-update-kb4503293\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?05d0b88c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4503293.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-0974\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1053\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-06\";\nkbs = make_list('4503293');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"18362\",\n rollup_date:\"06_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4503293])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:17:30", "description": "The remote Windows host is missing security update 4503327.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1007, CVE-2019-1021, CVE-2019-1022, CVE-2019-1026, CVE-2019-1027, CVE-2019-1028)\n\n - An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-0943)\n\n - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0620, CVE-2019-0722)\n\n - A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. (CVE-2019-1019)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1014, CVE-2019-1017)\n\n - A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features. (CVE-2019-1040)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-0710, CVE-2019-0711, CVE-2019-0713)\n\n - An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-0990, CVE-2019-1023)\n\n - An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2019-0959, CVE-2019-0984)\n\n - An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by correcting the input sanitization error to preclude unintended elevation. (CVE-2019-0973)\n\n - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-0904, CVE-2019-0905, CVE-2019-0906, CVE-2019-0907, CVE-2019-0908, CVE-2019-0909, CVE-2019-0974)\n\n - An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-1018)\n\n - An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration. (CVE-2019-0948)\n\n - A security feature bypass vulnerability exists in Edge that allows for bypassing Mark of the Web Tagging (MOTW). Failing to set the MOTW means that a large number of Microsoft security technologies are bypassed.\n (CVE-2019-1054)\n\n - A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1043)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-0920, CVE-2019-1005, CVE-2019-1055, CVE-2019-1080)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1038)\n\n - An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1064)\n\n - A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. (CVE-2019-1025)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-0988)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.\n (CVE-2019-1039)\n\n - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052)\n\n - This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause a denial of service on the target system's LSASS service, which triggers an automatic reboot of the system. The security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests. (CVE-2019-0972)\n\n - An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1081)\n\n - An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox.\n (CVE-2019-1053)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1010, CVE-2019-1012, CVE-2019-1046, CVE-2019-1050)\n\n - A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim users privileges. An attacker could craft a website that exploits the vulnerability and then convince a victim user to visit the website. The security update addresses the vulnerability by modifying how ActiveX Data Objects handle objects in memory.\n (CVE-2019-0888)\n\n - A security feature bypass vulnerability exists when Windows Secure Kernel Mode fails to properly handle objects in memory. (CVE-2019-1044)\n\n - A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests. An attacker who successfully exploited this vulnerability could perform a temporary denial of service against pages configured to use request filtering. (CVE-2019-0941)\n\n - An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations. An attacker who successfully exploited the vulnerability could gain elevated privileges on a victim system. (CVE-2019-1069)\n\n - An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system.\n (CVE-2019-0983, CVE-2019-0998)\n\n - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1041, CVE-2019-1065)\n\n - An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. (CVE-2019-0986)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-11T00:00:00", "type": "nessus", "title": "KB4503327: Windows 10 Version 1809 and Windows Server 2019 June 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0620", "CVE-2019-0710", "CVE-2019-0711", "CVE-2019-0713", "CVE-2019-0722", "CVE-2019-0888", "CVE-2019-0904", "CVE-2019-0905", "CVE-2019-0906", "CVE-2019-0907", "CVE-2019-0908", "CVE-2019-0909", "CVE-2019-0920", "CVE-2019-0941", "CVE-2019-0943", "CVE-2019-0948", "CVE-2019-0959", "CVE-2019-0972", "CVE-2019-0973", "CVE-2019-0974", "CVE-2019-0983", "CVE-2019-0984", "CVE-2019-0986", "CVE-2019-0988", "CVE-2019-0989", "CVE-2019-0990", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-0998", "CVE-2019-1003", "CVE-2019-1005", "CVE-2019-1007", "CVE-2019-1010", "CVE-2019-1012", "CVE-2019-1014", "CVE-2019-1017", "CVE-2019-1018", "CVE-2019-1019", "CVE-2019-1021", "CVE-2019-1022", "CVE-2019-1023", "CVE-2019-1024", "CVE-2019-1025", "CVE-2019-1026", "CVE-2019-1027", "CVE-2019-1028", "CVE-2019-1038", "CVE-2019-1039", "CVE-2019-1040", "CVE-2019-1041", "CVE-2019-1043", "CVE-2019-1044", "CVE-2019-1046", "CVE-2019-1050", "CVE-2019-1051", "CVE-2019-1052", "CVE-2019-1053", "CVE-2019-1054", "CVE-2019-1055", "CVE-2019-1064", "CVE-2019-1065", "CVE-2019-1069", "CVE-2019-1080", "CVE-2019-1081"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS19_JUN_4503327.NASL", "href": "https://www.tenable.com/plugins/nessus/125826", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125826);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2019-0620\",\n \"CVE-2019-0710\",\n \"CVE-2019-0711\",\n \"CVE-2019-0713\",\n \"CVE-2019-0722\",\n \"CVE-2019-0888\",\n \"CVE-2019-0904\",\n \"CVE-2019-0905\",\n \"CVE-2019-0906\",\n \"CVE-2019-0907\",\n \"CVE-2019-0908\",\n \"CVE-2019-0909\",\n \"CVE-2019-0920\",\n \"CVE-2019-0941\",\n \"CVE-2019-0943\",\n \"CVE-2019-0948\",\n \"CVE-2019-0959\",\n \"CVE-2019-0972\",\n \"CVE-2019-0973\",\n \"CVE-2019-0974\",\n \"CVE-2019-0983\",\n \"CVE-2019-0984\",\n \"CVE-2019-0986\",\n \"CVE-2019-0988\",\n \"CVE-2019-0989\",\n \"CVE-2019-0990\",\n \"CVE-2019-0991\",\n \"CVE-2019-0992\",\n \"CVE-2019-0993\",\n \"CVE-2019-0998\",\n \"CVE-2019-1003\",\n \"CVE-2019-1005\",\n \"CVE-2019-1007\",\n \"CVE-2019-1010\",\n \"CVE-2019-1012\",\n \"CVE-2019-1014\",\n \"CVE-2019-1017\",\n \"CVE-2019-1018\",\n \"CVE-2019-1019\",\n \"CVE-2019-1021\",\n \"CVE-2019-1022\",\n \"CVE-2019-1023\",\n \"CVE-2019-1024\",\n \"CVE-2019-1025\",\n \"CVE-2019-1026\",\n \"CVE-2019-1027\",\n \"CVE-2019-1028\",\n \"CVE-2019-1038\",\n \"CVE-2019-1039\",\n \"CVE-2019-1040\",\n \"CVE-2019-1041\",\n \"CVE-2019-1043\",\n \"CVE-2019-1044\",\n \"CVE-2019-1046\",\n \"CVE-2019-1050\",\n \"CVE-2019-1051\",\n \"CVE-2019-1052\",\n \"CVE-2019-1053\",\n \"CVE-2019-1054\",\n \"CVE-2019-1055\",\n \"CVE-2019-1064\",\n \"CVE-2019-1065\",\n \"CVE-2019-1069\",\n \"CVE-2019-1080\",\n \"CVE-2019-1081\"\n );\n script_bugtraq_id(\n 108567,\n 108570,\n 108577,\n 108581,\n 108583,\n 108585,\n 108586,\n 108587,\n 108588,\n 108591,\n 108592,\n 108593,\n 108594,\n 108595,\n 108596,\n 108597,\n 108598,\n 108599,\n 108600,\n 108602,\n 108603,\n 108604,\n 108605,\n 108606,\n 108607,\n 108608,\n 108609,\n 108612,\n 108613,\n 108614,\n 108620,\n 108624,\n 108630,\n 108632,\n 108633,\n 108638,\n 108641,\n 108644,\n 108646,\n 108647,\n 108648,\n 108649,\n 108650,\n 108651,\n 108652,\n 108653,\n 108654,\n 108655,\n 108656,\n 108657,\n 108658,\n 108659,\n 108660,\n 108662,\n 108663,\n 108664,\n 108665,\n 108666,\n 108667,\n 108668,\n 108669,\n 108670,\n 108671,\n 108708,\n 108709\n );\n script_xref(name:\"MSKB\", value:\"4503327\");\n script_xref(name:\"MSFT\", value:\"MS19-4503327\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/05\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0129\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0430\");\n\n script_name(english:\"KB4503327: Windows 10 Version 1809 and Windows Server 2019 June 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4503327.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege exists in Windows Audio\n Service. An attacker who successfully exploited the\n vulnerability could run arbitrary code with elevated\n privileges. (CVE-2019-1007, CVE-2019-1021,\n CVE-2019-1022, CVE-2019-1026, CVE-2019-1027,\n CVE-2019-1028)\n\n - An elevation of privilege vulnerability exists when\n Windows improperly handles calls to Advanced Local\n Procedure Call (ALPC). An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n the security context of the local system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-0943)\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V on a host server fails to properly\n validate input from an authenticated user on a guest\n operating system. (CVE-2019-0620, CVE-2019-0722)\n\n - A security feature bypass vulnerability exists where a\n NETLOGON message is able to obtain the session key and\n sign messages. (CVE-2019-1019)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1014, CVE-2019-1017)\n\n - A tampering vulnerability exists in Microsoft Windows\n when a man-in-the-middle attacker is able to\n successfully bypass the NTLM MIC (Message Integrity\n Check) protection. An attacker who successfully\n exploited this vulnerability could gain the ability to\n downgrade NTLM security features. (CVE-2019-1040)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V on a host server fails to properly validate\n input from a privileged user on a guest operating\n system. (CVE-2019-0710, CVE-2019-0711, CVE-2019-0713)\n\n - An information disclosure vulnerability exists when the\n scripting engine does not properly handle objects in\n memory in Microsoft Edge. An attacker who successfully\n exploited the vulnerability could obtain information to\n further compromise the users system. (CVE-2019-0990,\n CVE-2019-1023)\n\n - An elevation of privilege vulnerability exists when the\n Windows Common Log File System (CLFS) driver improperly\n handles objects in memory. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. (CVE-2019-0959, CVE-2019-0984)\n\n - An elevation of privilege vulnerability exists in the\n Windows Installer when the Windows Installer fails to\n properly sanitize input leading to an insecure library\n loading behavior. A locally authenticated attacker could\n run arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. The security update addresses the vulnerability\n by correcting the input sanitization error to preclude\n unintended elevation. (CVE-2019-0973)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-0904, CVE-2019-0905, CVE-2019-0906,\n CVE-2019-0907, CVE-2019-0908, CVE-2019-0909,\n CVE-2019-0974)\n\n - An elevation of privilege vulnerability exists when\n DirectX improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could run arbitrary code in kernel mode. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-1018)\n\n - An information disclosure vulnerability exists in the\n Windows Event Viewer (eventvwr.msc) when it improperly\n parses XML input containing a reference to an external\n entity. An attacker who successfully exploited this\n vulnerability could read arbitrary files via an XML\n external entity (XXE) declaration. (CVE-2019-0948)\n\n - A security feature bypass vulnerability exists in Edge\n that allows for bypassing Mark of the Web Tagging\n (MOTW). Failing to set the MOTW means that a large\n number of Microsoft security technologies are bypassed.\n (CVE-2019-1054)\n\n - A remote code execution vulnerability exists in the way\n that comctl32.dll handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1043)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-0920, CVE-2019-1005, CVE-2019-1055,\n CVE-2019-1080)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1038)\n\n - An elevation of privilege vulnerability exists when\n Windows AppX Deployment Service (AppXSVC) improperly\n handles hard links. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1064)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2019-1025)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-0988)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly initializes objects in memory.\n (CVE-2019-1039)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2019-0989, CVE-2019-0991,\n CVE-2019-0992, CVE-2019-0993, CVE-2019-1003,\n CVE-2019-1024, CVE-2019-1051, CVE-2019-1052)\n\n - This security update corrects a denial of service in the\n Local Security Authority Subsystem Service (LSASS)\n caused when an authenticated attacker sends a specially\n crafted authentication request. A remote attacker who\n successfully exploited this vulnerability could cause a\n denial of service on the target system's LSASS service,\n which triggers an automatic reboot of the system. The\n security update addresses the vulnerability by changing\n the way that LSASS handles specially crafted\n authentication requests. (CVE-2019-0972)\n\n - An information disclosure vulnerability exists when\n affected Microsoft browsers improperly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1081)\n\n - An elevation of privilege vulnerability exists when the\n Windows Shell fails to validate folder shortcuts. An\n attacker who successfully exploited the vulnerability\n could elevate privileges by escaping a sandbox.\n (CVE-2019-1053)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1010, CVE-2019-1012, CVE-2019-1046,\n CVE-2019-1050)\n\n - A remote code execution vulnerability exists in the way\n that ActiveX Data Objects (ADO) handle objects in\n memory. An attacker who successfully exploited the\n vulnerability could execute arbitrary code with the\n victim users privileges. An attacker could craft a\n website that exploits the vulnerability and then\n convince a victim user to visit the website. The\n security update addresses the vulnerability by modifying\n how ActiveX Data Objects handle objects in memory.\n (CVE-2019-0888)\n\n - A security feature bypass vulnerability exists when\n Windows Secure Kernel Mode fails to properly handle\n objects in memory. (CVE-2019-1044)\n\n - A denial of service exists in Microsoft IIS Server when\n the optional request filtering feature improperly\n handles requests. An attacker who successfully exploited\n this vulnerability could perform a temporary denial of\n service against pages configured to use request\n filtering. (CVE-2019-0941)\n\n - An elevation of privilege vulnerability exists in the\n way the Task Scheduler Service validates certain file\n operations. An attacker who successfully exploited the\n vulnerability could gain elevated privileges on a victim\n system. (CVE-2019-1069)\n\n - An elevation of privilege vulnerability exists when the\n Storage Service improperly handles file operations. An\n attacker who successfully exploited this vulnerability\n could gain elevated privileges on the victim system.\n (CVE-2019-0983, CVE-2019-0998)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2019-1041, CVE-2019-1065)\n\n - An elevation of privilege vulnerability exists when the\n Windows User Profile Service (ProfSvc) improperly\n handles symlinks. An attacker who successfully exploited\n this vulnerability could delete files and folders in an\n elevated context. (CVE-2019-0986)\");\n # https://support.microsoft.com/en-us/help/4503327/windows-10-update-kb4503327\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a1f9e5bd\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4503327.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-0974\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1053\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-06\";\nkbs = make_list('4503327');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"17763\",\n rollup_date:\"06_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4503327])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:17:09", "description": "The remote Windows host is missing security update 4503269 or cumulative update 4503292. It is, therefore, affected by multiple vulnerabilities :\n\n - An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration. (CVE-2019-0948)\n\n - A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. (CVE-2019-1019)\n\n - A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features. (CVE-2019-1040)\n\n - A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1043)\n\n - An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by correcting the input sanitization error to preclude unintended elevation. (CVE-2019-0973)\n\n - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-0904, CVE-2019-0905, CVE-2019-0906, CVE-2019-0907, CVE-2019-0908, CVE-2019-0909, CVE-2019-0974)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-0968, CVE-2019-0977, CVE-2019-1009, CVE-2019-1010, CVE-2019-1011, CVE-2019-1012, CVE-2019-1013, CVE-2019-1015, CVE-2019-1016, CVE-2019-1046, CVE-2019-1047, CVE-2019-1048, CVE-2019-1049)\n\n - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0722)\n\n - An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-0943)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-0920, CVE-2019-1005, CVE-2019-1055, CVE-2019-1080)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1038)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-0713)\n\n - An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1081)\n\n - An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1028)\n\n - A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. (CVE-2019-1025)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-0988)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.\n (CVE-2019-1039)\n\n - This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause a denial of service on the target system's LSASS service, which triggers an automatic reboot of the system. The security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests. (CVE-2019-0972)\n\n - An elevation of privilege vulnerability exists in the way that the Windows Network File System (NFS) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1045)\n\n - A remote code execution vulnerability exists when the Microsoft Speech API (SAPI) improperly handles text-to- speech (TTS) input. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user.\n (CVE-2019-0985)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-0960, CVE-2019-1014, CVE-2019-1017)\n\n - An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox.\n (CVE-2019-1053)\n\n - A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim users privileges. An attacker could craft a website that exploits the vulnerability and then convince a victim user to visit the website. The security update addresses the vulnerability by modifying how ActiveX Data Objects handle objects in memory.\n (CVE-2019-0888)\n\n - An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2019-0984)\n\n - A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests. An attacker who successfully exploited this vulnerability could perform a temporary denial of service against pages configured to use request filtering. (CVE-2019-0941)\n\n - An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. (CVE-2019-0986)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-11T00:00:00", "type": "nessus", "title": "KB4503269: Windows 7 and Windows Server 2008 R2 June 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0713", "CVE-2019-0722", "CVE-2019-0888", "CVE-2019-0904", "CVE-2019-0905", "CVE-2019-0906", "CVE-2019-0907", "CVE-2019-0908", "CVE-2019-0909", "CVE-2019-0920", "CVE-2019-0941", "CVE-2019-0943", "CVE-2019-0948", "CVE-2019-0960", "CVE-2019-0968", "CVE-2019-0972", "CVE-2019-0973", "CVE-2019-0974", "CVE-2019-0977", "CVE-2019-0984", "CVE-2019-0985", "CVE-2019-0986", "CVE-2019-0988", "CVE-2019-1005", "CVE-2019-1009", "CVE-2019-1010", "CVE-2019-1011", "CVE-2019-1012", "CVE-2019-1013", "CVE-2019-1014", "CVE-2019-1015", "CVE-2019-1016", "CVE-2019-1017", "CVE-2019-1019", "CVE-2019-1025", "CVE-2019-1028", "CVE-2019-1038", "CVE-2019-1039", "CVE-2019-1040", "CVE-2019-1043", "CVE-2019-1045", "CVE-2019-1046", "CVE-2019-1047", "CVE-2019-1048", "CVE-2019-1049", "CVE-2019-1053", "CVE-2019-1055", "CVE-2019-1080", "CVE-2019-1081"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_JUN_4503292.NASL", "href": "https://www.tenable.com/plugins/nessus/125824", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125824);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2019-0713\",\n \"CVE-2019-0722\",\n \"CVE-2019-0888\",\n \"CVE-2019-0904\",\n \"CVE-2019-0905\",\n \"CVE-2019-0906\",\n \"CVE-2019-0907\",\n \"CVE-2019-0908\",\n \"CVE-2019-0909\",\n \"CVE-2019-0920\",\n \"CVE-2019-0941\",\n \"CVE-2019-0943\",\n \"CVE-2019-0948\",\n \"CVE-2019-0960\",\n \"CVE-2019-0968\",\n \"CVE-2019-0972\",\n \"CVE-2019-0973\",\n \"CVE-2019-0974\",\n \"CVE-2019-0977\",\n \"CVE-2019-0984\",\n \"CVE-2019-0985\",\n \"CVE-2019-0986\",\n \"CVE-2019-0988\",\n \"CVE-2019-1005\",\n \"CVE-2019-1009\",\n \"CVE-2019-1010\",\n \"CVE-2019-1011\",\n \"CVE-2019-1012\",\n \"CVE-2019-1013\",\n \"CVE-2019-1014\",\n \"CVE-2019-1015\",\n \"CVE-2019-1016\",\n \"CVE-2019-1017\",\n \"CVE-2019-1019\",\n \"CVE-2019-1025\",\n \"CVE-2019-1028\",\n \"CVE-2019-1038\",\n \"CVE-2019-1039\",\n \"CVE-2019-1040\",\n \"CVE-2019-1043\",\n \"CVE-2019-1045\",\n \"CVE-2019-1046\",\n \"CVE-2019-1047\",\n \"CVE-2019-1048\",\n \"CVE-2019-1049\",\n \"CVE-2019-1053\",\n \"CVE-2019-1055\",\n \"CVE-2019-1080\",\n \"CVE-2019-1081\"\n );\n script_bugtraq_id(\n 108570,\n 108577,\n 108581,\n 108582,\n 108583,\n 108584,\n 108585,\n 108586,\n 108591,\n 108594,\n 108597,\n 108599,\n 108600,\n 108603,\n 108604,\n 108606,\n 108609,\n 108612,\n 108613,\n 108614,\n 108616,\n 108620,\n 108623,\n 108624,\n 108626,\n 108627,\n 108631,\n 108633,\n 108634,\n 108635,\n 108636,\n 108639,\n 108641,\n 108642,\n 108643,\n 108644,\n 108646,\n 108648,\n 108650,\n 108651,\n 108654,\n 108655,\n 108656,\n 108666,\n 108667,\n 108668,\n 108669,\n 108708,\n 108709\n );\n script_xref(name:\"MSKB\", value:\"4503269\");\n script_xref(name:\"MSKB\", value:\"4503292\");\n script_xref(name:\"MSFT\", value:\"MS19-4503269\");\n script_xref(name:\"MSFT\", value:\"MS19-4503292\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0129\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0430\");\n\n script_name(english:\"KB4503269: Windows 7 and Windows Server 2008 R2 June 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4503269\nor cumulative update 4503292. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - An information disclosure vulnerability exists in the\n Windows Event Viewer (eventvwr.msc) when it improperly\n parses XML input containing a reference to an external\n entity. An attacker who successfully exploited this\n vulnerability could read arbitrary files via an XML\n external entity (XXE) declaration. (CVE-2019-0948)\n\n - A security feature bypass vulnerability exists where a\n NETLOGON message is able to obtain the session key and\n sign messages. (CVE-2019-1019)\n\n - A tampering vulnerability exists in Microsoft Windows\n when a man-in-the-middle attacker is able to\n successfully bypass the NTLM MIC (Message Integrity\n Check) protection. An attacker who successfully\n exploited this vulnerability could gain the ability to\n downgrade NTLM security features. (CVE-2019-1040)\n\n - A remote code execution vulnerability exists in the way\n that comctl32.dll handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1043)\n\n - An elevation of privilege vulnerability exists in the\n Windows Installer when the Windows Installer fails to\n properly sanitize input leading to an insecure library\n loading behavior. A locally authenticated attacker could\n run arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. The security update addresses the vulnerability\n by correcting the input sanitization error to preclude\n unintended elevation. (CVE-2019-0973)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-0904, CVE-2019-0905, CVE-2019-0906,\n CVE-2019-0907, CVE-2019-0908, CVE-2019-0909,\n CVE-2019-0974)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-0968, CVE-2019-0977, CVE-2019-1009,\n CVE-2019-1010, CVE-2019-1011, CVE-2019-1012,\n CVE-2019-1013, CVE-2019-1015, CVE-2019-1016,\n CVE-2019-1046, CVE-2019-1047, CVE-2019-1048,\n CVE-2019-1049)\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V on a host server fails to properly\n validate input from an authenticated user on a guest\n operating system. (CVE-2019-0722)\n\n - An elevation of privilege vulnerability exists when\n Windows improperly handles calls to Advanced Local\n Procedure Call (ALPC). An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n the security context of the local system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2019-0943)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-0920, CVE-2019-1005, CVE-2019-1055,\n CVE-2019-1080)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1038)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V on a host server fails to properly validate\n input from a privileged user on a guest operating\n system. (CVE-2019-0713)\n\n - An information disclosure vulnerability exists when\n affected Microsoft browsers improperly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1081)\n\n - An elevation of privilege exists in Windows Audio\n Service. An attacker who successfully exploited the\n vulnerability could run arbitrary code with elevated\n privileges. (CVE-2019-1028)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2019-1025)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-0988)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly initializes objects in memory.\n (CVE-2019-1039)\n\n - This security update corrects a denial of service in the\n Local Security Authority Subsystem Service (LSASS)\n caused when an authenticated attacker sends a specially\n crafted authentication request. A remote attacker who\n successfully exploited this vulnerability could cause a\n denial of service on the target system's LSASS service,\n which triggers an automatic reboot of the system. The\n security update addresses the vulnerability by changing\n the way that LSASS handles specially crafted\n authentication requests. (CVE-2019-0972)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Network File System (NFS) handles\n objects in memory. An attacker who successfully\n exploited the vulnerability could execute code with\n elevated permissions. (CVE-2019-1045)\n\n - A remote code execution vulnerability exists when the\n Microsoft Speech API (SAPI) improperly handles text-to-\n speech (TTS) input. The vulnerability could corrupt\n memory in a way that enables an attacker to execute\n arbitrary code in the context of the current user.\n (CVE-2019-0985)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-0960, CVE-2019-1014,\n CVE-2019-1017)\n\n - An elevation of privilege vulnerability exists when the\n Windows Shell fails to validate folder shortcuts. An\n attacker who successfully exploited the vulnerability\n could elevate privileges by escaping a sandbox.\n (CVE-2019-1053)\n\n - A remote code execution vulnerability exists in the way\n that ActiveX Data Objects (ADO) handle objects in\n memory. An attacker who successfully exploited the\n vulnerability could execute arbitrary code with the\n victim users privileges. An attacker could craft a\n website that exploits the vulnerability and then\n convince a victim user to visit the website. The\n security update addresses the vulnerability by modifying\n how ActiveX Data Objects handle objects in memory.\n (CVE-2019-0888)\n\n - An elevation of privilege vulnerability exists when the\n Windows Common Log File System (CLFS) driver improperly\n handles objects in memory. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. (CVE-2019-0984)\n\n - A denial of service exists in Microsoft IIS Server when\n the optional request filtering feature improperly\n handles requests. An attacker who successfully exploited\n this vulnerability could perform a temporary denial of\n service against pages configured to use request\n filtering. (CVE-2019-0941)\n\n - An elevation of privilege vulnerability exists when the\n Windows User Profile Service (ProfSvc) improperly\n handles symlinks. An attacker who successfully exploited\n this vulnerability could delete files and folders in an\n elevated context. (CVE-2019-0986)\");\n # https://support.microsoft.com/en-us/help/4503269/windows-7-update-kb4503269\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?16b76640\");\n # https://support.microsoft.com/en-us/help/4503292/windows-7-update-kb4503292\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2c09dd7d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4503269 or Cumulative Update KB4503292.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-0974\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1053\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-06\";\nkbs = make_list('4503292', '4503269');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win7:'1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.1\",\n sp:1,\n rollup_date:\"06_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4503292, 4503269])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:18:35", "description": "The remote Windows host is missing security update 4503287 or cumulative update 4503273. It is, therefore, affected by multiple vulnerabilities :\n\n - An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1081)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-0920, CVE-2019-1005, CVE-2019-1055, CVE-2019-1080)\n\n - A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features. (CVE-2019-1040)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-0960, CVE-2019-1014, CVE-2019-1017)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-0713)\n\n - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0722)\n\n - An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration. (CVE-2019-0948)\n\n - A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests. An attacker who successfully exploited this vulnerability could perform a temporary denial of service against pages configured to use request filtering. (CVE-2019-0941)\n\n - A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. (CVE-2019-1019)\n\n - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-0904, CVE-2019-0905, CVE-2019-0906, CVE-2019-0907, CVE-2019-0908, CVE-2019-0909, CVE-2019-0974)\n\n - An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox.\n (CVE-2019-1053)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-0968, CVE-2019-0977, CVE-2019-1009, CVE-2019-1010, CVE-2019-1011, CVE-2019-1012, CVE-2019-1013, CVE-2019-1015, CVE-2019-1016, CVE-2019-1046, CVE-2019-1047, CVE-2019-1048, CVE-2019-1049)\n\n - A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. (CVE-2019-1025)\n\n - A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim users privileges. An attacker could craft a website that exploits the vulnerability and then convince a victim user to visit the website. The security update addresses the vulnerability by modifying how ActiveX Data Objects handle objects in memory.\n (CVE-2019-0888)\n\n - A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1043)\n\n - An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. (CVE-2019-0986)\n\n - An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2019-0984)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.\n (CVE-2019-1039)\n\n - An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by correcting the input sanitization error to preclude unintended elevation. (CVE-2019-0973)\n\n - This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause a denial of service on the target system's LSASS service, which triggers an automatic reboot of the system. The security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests. (CVE-2019-0972)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-11T00:00:00", "type": "nessus", "title": "KB4503287: Windows Server 2008 June 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0713", "CVE-2019-0722", "CVE-2019-0888", "CVE-2019-0904", "CVE-2019-0905", "CVE-2019-0906", "CVE-2019-0907", "CVE-2019-0908", "CVE-2019-0909", "CVE-2019-0920", "CVE-2019-0941", "CVE-2019-0948", "CVE-2019-0960", "CVE-2019-0968", "CVE-2019-0972", "CVE-2019-0973", "CVE-2019-0974", "CVE-2019-0977", "CVE-2019-0984", "CVE-2019-0986", "CVE-2019-1005", "CVE-2019-1009", "CVE-2019-1010", "CVE-2019-1011", "CVE-2019-1012", "CVE-2019-1013", "CVE-2019-1014", "CVE-2019-1015", "CVE-2019-1016", "CVE-2019-1017", "CVE-2019-1019", "CVE-2019-1025", "CVE-2019-1039", "CVE-2019-1040", "CVE-2019-1043", "CVE-2019-1046", "CVE-2019-1047", "CVE-2019-1048", "CVE-2019-1049", "CVE-2019-1053", "CVE-2019-1055", "CVE-2019-1080", "CVE-2019-1081"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_JUN_4503273.NASL", "href": "https://www.tenable.com/plugins/nessus/125817", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125817);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2019-0713\",\n \"CVE-2019-0722\",\n \"CVE-2019-0888\",\n \"CVE-2019-0904\",\n \"CVE-2019-0905\",\n \"CVE-2019-0906\",\n \"CVE-2019-0907\",\n \"CVE-2019-0908\",\n \"CVE-2019-0909\",\n \"CVE-2019-0920\",\n \"CVE-2019-0941\",\n \"CVE-2019-0948\",\n \"CVE-2019-0960\",\n \"CVE-2019-0968\",\n \"CVE-2019-0972\",\n \"CVE-2019-0973\",\n \"CVE-2019-0974\",\n \"CVE-2019-0977\",\n \"CVE-2019-0984\",\n \"CVE-2019-0986\",\n \"CVE-2019-1005\",\n \"CVE-2019-1009\",\n \"CVE-2019-1010\",\n \"CVE-2019-1011\",\n \"CVE-2019-1012\",\n \"CVE-2019-1013\",\n \"CVE-2019-1014\",\n \"CVE-2019-1015\",\n \"CVE-2019-1016\",\n \"CVE-2019-1017\",\n \"CVE-2019-1019\",\n \"CVE-2019-1025\",\n \"CVE-2019-1039\",\n \"CVE-2019-1040\",\n \"CVE-2019-1043\",\n \"CVE-2019-1046\",\n \"CVE-2019-1047\",\n \"CVE-2019-1048\",\n \"CVE-2019-1049\",\n \"CVE-2019-1053\",\n \"CVE-2019-1055\",\n \"CVE-2019-1080\",\n \"CVE-2019-1081\"\n );\n script_bugtraq_id(\n 108570,\n 108577,\n 108581,\n 108582,\n 108583,\n 108585,\n 108586,\n 108591,\n 108594,\n 108599,\n 108600,\n 108603,\n 108604,\n 108606,\n 108609,\n 108612,\n 108613,\n 108614,\n 108616,\n 108620,\n 108623,\n 108624,\n 108626,\n 108627,\n 108631,\n 108633,\n 108634,\n 108635,\n 108636,\n 108639,\n 108641,\n 108642,\n 108644,\n 108648,\n 108650,\n 108651,\n 108654,\n 108655,\n 108666,\n 108668,\n 108669,\n 108708,\n 108709\n );\n script_xref(name:\"MSKB\", value:\"4503287\");\n script_xref(name:\"MSKB\", value:\"4503273\");\n script_xref(name:\"MSFT\", value:\"MS19-4503287\");\n script_xref(name:\"MSFT\", value:\"MS19-4503273\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0129\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0430\");\n\n script_name(english:\"KB4503287: Windows Server 2008 June 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4503287\nor cumulative update 4503273. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - An information disclosure vulnerability exists when\n affected Microsoft browsers improperly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1081)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-0920, CVE-2019-1005, CVE-2019-1055,\n CVE-2019-1080)\n\n - A tampering vulnerability exists in Microsoft Windows\n when a man-in-the-middle attacker is able to\n successfully bypass the NTLM MIC (Message Integrity\n Check) protection. An attacker who successfully\n exploited this vulnerability could gain the ability to\n downgrade NTLM security features. (CVE-2019-1040)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-0960, CVE-2019-1014,\n CVE-2019-1017)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V on a host server fails to properly validate\n input from a privileged user on a guest operating\n system. (CVE-2019-0713)\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V on a host server fails to properly\n validate input from an authenticated user on a guest\n operating system. (CVE-2019-0722)\n\n - An information disclosure vulnerability exists in the\n Windows Event Viewer (eventvwr.msc) when it improperly\n parses XML input containing a reference to an external\n entity. An attacker who successfully exploited this\n vulnerability could read arbitrary files via an XML\n external entity (XXE) declaration. (CVE-2019-0948)\n\n - A denial of service exists in Microsoft IIS Server when\n the optional request filtering feature improperly\n handles requests. An attacker who successfully exploited\n this vulnerability could perform a temporary denial of\n service against pages configured to use request\n filtering. (CVE-2019-0941)\n\n - A security feature bypass vulnerability exists where a\n NETLOGON message is able to obtain the session key and\n sign messages. (CVE-2019-1019)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-0904, CVE-2019-0905, CVE-2019-0906,\n CVE-2019-0907, CVE-2019-0908, CVE-2019-0909,\n CVE-2019-0974)\n\n - An elevation of privilege vulnerability exists when the\n Windows Shell fails to validate folder shortcuts. An\n attacker who successfully exploited the vulnerability\n could elevate privileges by escaping a sandbox.\n (CVE-2019-1053)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-0968, CVE-2019-0977, CVE-2019-1009,\n CVE-2019-1010, CVE-2019-1011, CVE-2019-1012,\n CVE-2019-1013, CVE-2019-1015, CVE-2019-1016,\n CVE-2019-1046, CVE-2019-1047, CVE-2019-1048,\n CVE-2019-1049)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2019-1025)\n\n - A remote code execution vulnerability exists in the way\n that ActiveX Data Objects (ADO) handle objects in\n memory. An attacker who successfully exploited the\n vulnerability could execute arbitrary code with the\n victim users privileges. An attacker could craft a\n website that exploits the vulnerability and then\n convince a victim user to visit the website. The\n security update addresses the vulnerability by modifying\n how ActiveX Data Objects handle objects in memory.\n (CVE-2019-0888)\n\n - A remote code execution vulnerability exists in the way\n that comctl32.dll handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1043)\n\n - An elevation of privilege vulnerability exists when the\n Windows User Profile Service (ProfSvc) improperly\n handles symlinks. An attacker who successfully exploited\n this vulnerability could delete files and folders in an\n elevated context. (CVE-2019-0986)\n\n - An elevation of privilege vulnerability exists when the\n Windows Common Log File System (CLFS) driver improperly\n handles objects in memory. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. (CVE-2019-0984)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly initializes objects in memory.\n (CVE-2019-1039)\n\n - An elevation of privilege vulnerability exists in the\n Windows Installer when the Windows Installer fails to\n properly sanitize input leading to an insecure library\n loading behavior. A locally authenticated attacker could\n run arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. The security update addresses the vulnerability\n by correcting the input sanitization error to preclude\n unintended elevation. (CVE-2019-0973)\n\n - This security update corrects a denial of service in the\n Local Security Authority Subsystem Service (LSASS)\n caused when an authenticated attacker sends a specially\n crafted authentication request. A remote attacker who\n successfully exploited this vulnerability could cause a\n denial of service on the target system's LSASS service,\n which triggers an automatic reboot of the system. The\n security update addresses the vulnerability by changing\n the way that LSASS handles specially crafted\n authentication requests. (CVE-2019-0972)\");\n # https://support.microsoft.com/en-us/help/4503287/windows-server-2008-update-kb4503287\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5718bf96\");\n # https://support.microsoft.com/en-us/help/4503273/windows-server-2008-update-kb4503273\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fd8cfdad\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4503287 or Cumulative Update KB4503273.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-0974\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1053\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-06\";\nkbs = make_list('4503287', '4503273');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Vista\" >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.0\",\n sp:2,\n rollup_date:\"06_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4503287, 4503273])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:18:35", "description": "The Internet Explorer installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1038)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-0920, CVE-2019-1005, CVE-2019-1055, CVE-2019-1080)\n\n - An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1081)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-0988)", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-11T00:00:00", "type": "nessus", "title": "Security Updates for Internet Explorer (June 2019)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0920", "CVE-2019-0988", "CVE-2019-1005", "CVE-2019-1038", "CVE-2019-1055", "CVE-2019-1080", "CVE-2019-1081"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_JUN_INTERNET_EXPLORER.NASL", "href": "https://www.tenable.com/plugins/nessus/125828", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125828);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2019-0920\",\n \"CVE-2019-0988\",\n \"CVE-2019-1005\",\n \"CVE-2019-1038\",\n \"CVE-2019-1055\",\n \"CVE-2019-1080\",\n \"CVE-2019-1081\"\n );\n script_xref(name:\"MSKB\", value:\"4503259\");\n script_xref(name:\"MSKB\", value:\"4503273\");\n script_xref(name:\"MSKB\", value:\"4503276\");\n script_xref(name:\"MSKB\", value:\"4503285\");\n script_xref(name:\"MSKB\", value:\"4503292\");\n script_xref(name:\"MSFT\", value:\"MS19-4503259\");\n script_xref(name:\"MSFT\", value:\"MS19-4503273\");\n script_xref(name:\"MSFT\", value:\"MS19-4503276\");\n script_xref(name:\"MSFT\", value:\"MS19-4503285\");\n script_xref(name:\"MSFT\", value:\"MS19-4503292\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0430\");\n\n script_name(english:\"Security Updates for Internet Explorer (June 2019)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Internet Explorer installation on the remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Internet Explorer installation on the remote host is\nmissing security updates. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-1038)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-0920, CVE-2019-1005, CVE-2019-1055,\n CVE-2019-1080)\n\n - An information disclosure vulnerability exists when\n affected Microsoft browsers improperly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1081)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-0988)\");\n # https://support.microsoft.com/en-us/help/4503276/june-11-2019-kb4503276-os-build-monthly-rollup\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?953a7c84\");\n # https://support.microsoft.com/en-us/help/4503273/windows-server-2008-update-kb4503273\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fd8cfdad\");\n # https://support.microsoft.com/en-us/help/4503292/windows-7-update-kb4503292\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2c09dd7d\");\n # https://support.microsoft.com/en-us/help/4503285/windows-server-2012-kb4503285\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b6f9d59c\");\n # https://support.microsoft.com/en-us/help/4503259/cumulative-security-update-for-internet-explorer\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3ebae0e7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released the following security updates to address this issue: \n -KB4503259\n -KB4503273\n -KB4503276\n -KB4503285\n -KB4503292\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-0988\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS19-06';\nkbs = make_list(\n '4503259',\n '4503273',\n '4503276',\n '4503285',\n '4503292'\n);\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nos = get_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2', win7:'1', win8:'0', win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname && \"8.1\" >!< productname)\n audit(AUDIT_OS_SP_NOT_VULN);\nif (\"Vista\" >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nif (hotfix_check_server_core() == 1) audit(AUDIT_WIN_SERVER_CORE);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n # Windows 8.1 / Windows Server 2012 R2\n # Internet Explorer 11\n hotfix_is_vulnerable(os:\"6.3\", sp:0, file:\"mshtml.dll\", version:\"11.0.9600.19377\", min_version:\"11.0.9600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"4503259\") ||\n\n # Windows Server 2012\n # Internet Explorer 10\n hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"mshtml.dll\", version:\"10.0.9200.22773\", min_version:\"10.0.9200.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"4503259\") ||\n # Internet Explorer 11\n hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"mshtml.dll\", version:\"11.0.9600.19377\", min_version:\"11.0.9600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"4503259\") ||\n \n # Windows 7 / Server 2008 R2\n # Internet Explorer 11\n hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"mshtml.dll\", version:\"11.0.9600.19377\", min_version:\"11.0.9600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"4503259\") ||\n\n # Windows Server 2008\n # Internet Explorer 9\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"mshtml.dll\", version:\"9.0.8112.21342\", min_version:\"9.0.8112.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"4503259\")\n)\n{\n report = '\\nNote: The fix for this issue is available in either of the following updates:\\n';\n report += ' - KB4503259 : Cumulative Security Update for Internet Explorer\\n';\n if(os == \"6.3\")\n {\n report += ' - KB4503276 : Windows 8.1 / Server 2012 R2 Monthly Rollup\\n';\n hotfix_add_report(bulletin:'MS19-06', kb:'4503276', report);\n }\n else if(os == \"6.2\")\n {\n report += ' - KB4503285 : Windows Server 2012 Monthly Rollup\\n';\n hotfix_add_report(bulletin:'MS19-06', kb:'4503285', report);\n }\n else if(os == \"6.1\")\n {\n report += ' - KB4503292 : Windows 7 / Server 2008 R2 Monthly Rollup\\n';\n hotfix_add_report(bulletin:'MS19-06', kb:'4503292', report);\n }\n else if(os == \"6.0\")\n {\n report += ' - KB4503273 : Windows Server 2008 Monthly Rollup\\n';\n hotfix_add_report(bulletin:'MS19-06', kb:'4503273', report);\n }\n set_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2023-02-08T15:58:14", "description": "### *Detect date*:\n06/11/2019\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, bypass security restrictions.\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).\n\n### *Affected products*:\nInternet Explorer 11 \nMicrosoft Edge \nInternet Explorer 10 \nInternet Explorer 9 \nChakraCore\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2019-1081](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1081>) \n[CVE-2019-1051](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1051>) \n[CVE-2019-1054](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1054>) \n[CVE-2019-0993](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0993>) \n[CVE-2019-1024](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1024>) \n[CVE-2019-0989](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0989>) \n[CVE-2019-0990](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0990>) \n[CVE-2019-1038](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1038>) \n[CVE-2019-1002](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1002>) \n[CVE-2019-1005](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1005>) \n[CVE-2019-1055](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1055>) \n[CVE-2019-0991](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0991>) \n[CVE-2019-1023](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1023>) \n[CVE-2019-1080](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1080>) \n[CVE-2019-0992](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0992>) \n[CVE-2019-1003](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1003>) \n[CVE-2019-0988](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0988>) \n[CVE-2019-1052](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1052>) \n[CVE-2019-0920](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0920>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Internet Explorer](<https://threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/>)\n\n### *CVE-IDS*:\n[CVE-2019-1081](<https://vulners.com/cve/CVE-2019-1081>)4.3Warning \n[CVE-2019-1051](<https://vulners.com/cve/CVE-2019-1051>)7.6Critical \n[CVE-2019-1054](<https://vulners.com/cve/CVE-2019-1054>)5.1High \n[CVE-2019-0993](<https://vulners.com/cve/CVE-2019-0993>)7.6Critical \n[CVE-2019-1024](<https://vulners.com/cve/CVE-2019-1024>)7.6Critical \n[CVE-2019-0989](<https://vulners.com/cve/CVE-2019-0989>)7.6Critical \n[CVE-2019-0990](<https://vulners.com/cve/CVE-2019-0990>)4.3Warning \n[CVE-2019-1038](<https://vulners.com/cve/CVE-2019-1038>)7.6Critical \n[CVE-2019-1002](<https://vulners.com/cve/CVE-2019-1002>)7.6Critical \n[CVE-2019-1005](<https://vulners.com/cve/CVE-2019-1005>)7.6Critical \n[CVE-2019-1055](<https://vulners.com/cve/CVE-2019-1055>)7.6Critical \n[CVE-2019-0991](<https://vulners.com/cve/CVE-2019-0991>)7.6Critical \n[CVE-2019-1023](<https://vulners.com/cve/CVE-2019-1023>)4.3Warning \n[CVE-2019-1080](<https://vulners.com/cve/CVE-2019-1080>)7.6Critical \n[CVE-2019-0992](<https://vulners.com/cve/CVE-2019-0992>)7.6Critical \n[CVE-2019-1003](<https://vulners.com/cve/CVE-2019-1003>)7.6Critical \n[CVE-2019-0988](<https://vulners.com/cve/CVE-2019-0988>)7.6Critical \n[CVE-2019-1052](<https://vulners.com/cve/CVE-2019-1052>)7.6Critical \n[CVE-2019-0920](<https://vulners.com/cve/CVE-2019-0920>)7.6Critical\n\n### *KB list*:\n[4503293](<http://support.microsoft.com/kb/4503293>) \n[4503327](<http://support.microsoft.com/kb/4503327>) \n[4503286](<http://support.microsoft.com/kb/4503286>) \n[4503284](<http://support.microsoft.com/kb/4503284>) \n[4503285](<http://support.microsoft.com/kb/4503285>) \n[4503276](<http://support.microsoft.com/kb/4503276>) \n[4503292](<http://support.microsoft.com/kb/4503292>) \n[4503267](<http://support.microsoft.com/kb/4503267>) \n[4503291](<http://support.microsoft.com/kb/4503291>) \n[4503279](<http://support.microsoft.com/kb/4503279>) \n[4503259](<http://support.microsoft.com/kb/4503259>) \n[4512497](<http://support.microsoft.com/kb/4512497>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-11T00:00:00", "type": "kaspersky", "title": "KLA11500 Multiple vulnerabilities in Microsoft Browsers", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0920", "CVE-2019-0988", "CVE-2019-0989", "CVE-2019-0990", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1005", "CVE-2019-1023", "CVE-2019-1024", "CVE-2019-1038", "CVE-2019-1051", "CVE-2019-1052", "CVE-2019-1054", "CVE-2019-1055", "CVE-2019-1080", "CVE-2019-1081"], "modified": "2020-07-22T00:00:00", "id": "KLA11500", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11500/", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-21T08:32:12", "description": "### *Detect date*:\n06/11/2019\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, gain privileges, execute arbitrary code, bypass security restrictions, spoof user interface.\n\n### *Exploitation*:\nThe following public exploits exists for this vulnerability:\n\n### *Affected products*:\nWindows 10 Version 1809 for x64-based Systems \nWindows 10 Version 1903 for 32-bit Systems \nWindows Server 2019 \nWindows 10 Version 1803 for 32-bit Systems \nWindows 10 Version 1903 for ARM64-based Systems \nWindows 10 Version 1809 for 32-bit Systems \nWindows 10 Version 1809 for ARM64-based Systems \nWindows 10 Version 1803 for ARM64-based Systems \nWindows Server, version 1903 (Server Core installation) \nWindows 10 Version 1803 for x64-based Systems \nWindows 10 Version 1903 for x64-based Systems \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nWindows Server 2008 for x64-based Systems Service Pack 2 \nWindows 10 Version 1607 for 32-bit Systems \nWindows 8.1 for x64-based systems \nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows 10 Version 1607 for x64-based Systems \nWindows 7 for 32-bit Systems Service Pack 1 \nWindows 10 for x64-based Systems \nWindows Server 2012 (Server Core installation) \nWindows Server 2016 \nWindows 10 Version 1703 for x64-based Systems \nWindows 10 Version 1709 for 32-bit Systems \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nWindows Server 2008 R2 for Itanium-Based Systems Service Pack 1 \nWindows 10 for 32-bit Systems \nWindows 10 Version 1709 for ARM64-based Systems \nWindows Server 2012 R2 \nWindows 7 for x64-based Systems Service Pack 1 \nWindows Server 2008 for Itanium-Based Systems Service Pack 2 \nWindows 10 Version 1703 for 32-bit Systems \nWindows Server 2012 \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nWindows 8.1 for 32-bit systems \nWindows Server 2012 R2 (Server Core installation) \nWindows RT 8.1 \nWindows Server, version 1803 (Server Core Installation) \nWindows Server 2016 (Server Core installation) \nWindows 10 Version 1709 for x64-based Systems \nWindows Server 2019 (Server Core installation) \nWindows Server, version 1709 (Server Core Installation)\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2019-1046](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1046>) \n[CVE-2019-1025](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1025>) \n[CVE-2019-0713](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0713>) \n[CVE-2019-0943](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0943>) \n[CVE-2019-0973](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0973>) \n[CVE-2019-1064](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1064>) \n[CVE-2019-0998](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0998>) \n[CVE-2019-0986](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0986>) \n[CVE-2019-1015](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1015>) \n[CVE-2019-1022](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1022>) \n[CVE-2019-0711](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0711>) \n[CVE-2019-0948](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0948>) \n[CVE-2019-0710](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0710>) \n[CVE-2019-0909](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0909>) \n[CVE-2019-0984](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0984>) \n[CVE-2019-1045](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1045>) \n[CVE-2019-0907](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0907>) \n[CVE-2019-1050](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1050>) \n[CVE-2019-1044](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1044>) \n[CVE-2019-1019](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1019>) \n[CVE-2019-1043](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1043>) \n[CVE-2019-1039](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1039>) \n[CVE-2019-0905](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0905>) \n[CVE-2019-1065](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1065>) \n[CVE-2019-1010](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1010>) \n[CVE-2019-0974](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0974>) \n[CVE-2019-0908](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0908>) \n[CVE-2019-1028](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1028>) \n[CVE-2019-1021](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1021>) \n[CVE-2019-0983](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0983>) \n[CVE-2019-0904](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0904>) \n[CVE-2019-1014](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1014>) \n[CVE-2019-1027](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1027>) \n[CVE-2019-1069](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1069>) \n[CVE-2019-1026](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1026>) \n[CVE-2019-1041](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1041>) \n[CVE-2019-0941](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0941>) \n[CVE-2019-0906](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0906>) \n[CVE-2019-1012](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1012>) \n[CVE-2019-1018](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1018>) \n[CVE-2019-0722](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0722>) \n[CVE-2019-0620](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0620>) \n[CVE-2019-0888](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0888>) \n[CVE-2019-0959](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0959>) \n[CVE-2019-1053](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1053>) \n[CVE-2019-1040](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1040>) \n[CVE-2019-1017](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1017>) \n[CVE-2019-0709](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0709>) \n[CVE-2019-1007](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1007>) \n[CVE-2019-0972](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0972>) \n[ADV190016](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190016>) \n[ADV190017](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190017>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Windows](<https://threats.kaspersky.com/en/product/Microsoft-Windows/>)\n\n### *CVE-IDS*:\n[CVE-2019-1065](<https://vulners.com/cve/CVE-2019-1065>)7.2High \n[CVE-2019-0959](<https://vulners.com/cve/CVE-2019-0959>)7.2High \n[CVE-2019-0986](<https://vulners.com/cve/CVE-2019-0986>)3.6Warning \n[CVE-2019-0973](<https://vulners.com/cve/CVE-2019-0973>)7.2High \n[CVE-2019-1040](<https://vulners.com/cve/CVE-2019-1040>)4.3Warning \n[CVE-2019-0909](<https://vulners.com/cve/CVE-2019-0909>)9.3Critical \n[CVE-2019-0948](<https://vulners.com/cve/CVE-2019-0948>)4.3Warning \n[CVE-2019-1019](<https://vulners.com/cve/CVE-2019-1019>)6.0High \n[CVE-2019-1010](<https://vulners.com/cve/CVE-2019-1010>)4.3Warning \n[CVE-2019-1027](<https://vulners.com/cve/CVE-2019-1027>)4.6Warning \n[CVE-2019-1041](<https://vulners.com/cve/CVE-2019-1041>)7.2High \n[CVE-2019-1053](<https://vulners.com/cve/CVE-2019-1053>)7.2High \n[CVE-2019-0908](<https://vulners.com/cve/CVE-2019-0908>)9.3Critical \n[CVE-2019-0722](<https://vulners.com/cve/CVE-2019-0722>)9.0Critical \n[CVE-2019-1039](<https://vulners.com/cve/CVE-2019-1039>)2.1Warning \n[CVE-2019-1007](<https://vulners.com/cve/CVE-2019-1007>)4.6Warning \n[CVE-2019-1043](<https://vulners.com/cve/CVE-2019-1043>)8.5Critical \n[CVE-2019-1025](<https://vulners.com/cve/CVE-2019-1025>)7.8Critical \n[CVE-2019-1044](<https://vulners.com/cve/CVE-2019-1044>)7.2High \n[CVE-2019-0974](<https://vulners.com/cve/CVE-2019-0974>)9.3Critical \n[CVE-2019-0709](<https://vulners.com/cve/CVE-2019-0709>)7.7Critical \n[CVE-2019-0620](<https://vulners.com/cve/CVE-2019-0620>)7.7Critical \n[CVE-2019-1045](<https://vulners.com/cve/CVE-2019-1045>)7.2High \n[CVE-2019-0905](<https://vulners.com/cve/CVE-2019-0905>)9.3Critical \n[CVE-2019-1069](<https://vulners.com/cve/CVE-2019-1069>)7.2High \n[CVE-2019-1014](<https://vulners.com/cve/CVE-2019-1014>)7.2High \n[CVE-2019-0941](<https://vulners.com/cve/CVE-2019-0941>)5.0Critical \n[CVE-2019-1026](<https://vulners.com/cve/CVE-2019-1026>)4.6Warning \n[CVE-2019-0984](<https://vulners.com/cve/CVE-2019-0984>)7.2High \n[CVE-2019-0906](<https://vulners.com/cve/CVE-2019-0906>)9.3Critical \n[CVE-2019-0943](<https://vulners.com/cve/CVE-2019-0943>)7.2High \n[CVE-2019-1028](<https://vulners.com/cve/CVE-2019-1028>)4.6Warning \n[CVE-2019-1021](<https://vulners.com/cve/CVE-2019-1021>)4.6Warning \n[CVE-2019-1015](<https://vulners.com/cve/CVE-2019-1015>)4.3Warning \n[CVE-2019-1064](<https://vulners.com/cve/CVE-2019-1064>)7.2High \n[CVE-2019-1046](<https://vulners.com/cve/CVE-2019-1046>)4.3Warning \n[CVE-2019-0888](<https://vulners.com/cve/CVE-2019-0888>)9.3Critical \n[CVE-2019-0907](<https://vulners.com/cve/CVE-2019-0907>)9.3Critical \n[CVE-2019-0711](<https://vulners.com/cve/CVE-2019-0711>)5.5High \n[CVE-2019-1050](<https://vulners.com/cve/CVE-2019-1050>)4.3Warning \n[CVE-2019-1012](<https://vulners.com/cve/CVE-2019-1012>)4.3Warning \n[CVE-2019-1018](<https://vulners.com/cve/CVE-2019-1018>)7.2High \n[CVE-2019-0904](<https://vulners.com/cve/CVE-2019-0904>)9.3Critical \n[CVE-2019-1022](<https://vulners.com/cve/CVE-2019-1022>)4.6Warning \n[CVE-2019-0713](<https://vulners.com/cve/CVE-2019-0713>)5.5High \n[CVE-2019-1017](<https://vulners.com/cve/CVE-2019-1017>)7.2High \n[CVE-2019-0998](<https://vulners.com/cve/CVE-2019-0998>)7.2High \n[CVE-2019-0710](<https://vulners.com/cve/CVE-2019-0710>)5.5High \n[CVE-2019-0983](<https://vulners.com/cve/CVE-2019-0983>)7.2High \n[CVE-2019-0972](<https://vulners.com/cve/CVE-2019-0972>)6.8High\n\n### *Microsoft official advisories*:\n\n\n### *KB list*:\n[4503293](<http://support.microsoft.com/kb/4503293>) \n[4503327](<http://support.microsoft.com/kb/4503327>) \n[4503286](<http://support.microsoft.com/kb/4503286>) \n[4503284](<http://support.microsoft.com/kb/4503284>) \n[4503285](<http://support.microsoft.com/kb/4503285>) \n[4503276](<http://support.microsoft.com/kb/4503276>) \n[4503267](<http://support.microsoft.com/kb/4503267>) \n[4503263](<http://support.microsoft.com/kb/4503263>) \n[4503291](<http://support.microsoft.com/kb/4503291>) \n[4503290](<http://support.microsoft.com/kb/4503290>) \n[4503279](<http://support.microsoft.com/kb/4503279>) \n[4507453](<http://support.microsoft.com/kb/4507453>)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-11T00:00:00", "type": "kaspersky", "title": "KLA11493 Multiple vulnerabilities in Microsoft Windows", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0620", "CVE-2019-0709", "CVE-2019-0710", "CVE-2019-0711", "CVE-2019-0713", "CVE-2019-0722", "CVE-2019-0888", "CVE-2019-0904", "CVE-2019-0905", "CVE-2019-0906", "CVE-2019-0907", "CVE-2019-0908", "CVE-2019-0909", "CVE-2019-0941", "CVE-2019-0943", "CVE-2019-0948", "CVE-2019-0959", "CVE-2019-0972", "CVE-2019-0973", "CVE-2019-0974", "CVE-2019-0983", "CVE-2019-0984", "CVE-2019-0986", "CVE-2019-0998", "CVE-2019-1007", "CVE-2019-1010", "CVE-2019-1012", "CVE-2019-1014", "CVE-2019-1015", "CVE-2019-1017", "CVE-2019-1018", "CVE-2019-1019", "CVE-2019-1021", "CVE-2019-1022", "CVE-2019-1025", "CVE-2019-1026", "CVE-2019-1027", "CVE-2019-1028", "CVE-2019-1039", "CVE-2019-1040", "CVE-2019-1041", "CVE-2019-1043", "CVE-2019-1044", "CVE-2019-1045", "CVE-2019-1046", "CVE-2019-1050", "CVE-2019-1053", "CVE-2019-1064", "CVE-2019-1065", "CVE-2019-1069"], "modified": "2023-03-17T00:00:00", "id": "KLA11493", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11493/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-21T08:28:08", "description": "### *Detect date*:\n06/11/2019\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges, execute arbitrary code, spoof user interface, cause denial of service, bypass security restrictions.\n\n### *Exploitation*:\nThe following public exploits exists for this vulnerability:\n\n### *Affected products*:\nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows 10 for 32-bit Systems \nWindows Server, version 1803 (Server Core Installation) \nWindows 10 Version 1903 for x64-based Systems \nInternet Explorer 9 \nWindows 10 for x64-based Systems \nWindows Server 2012 (Server Core installation) \nWindows Server 2016 (Server Core installation) \nWindows 7 for x64-based Systems Service Pack 1 \nWindows 8.1 for 32-bit systems \nWindows 8.1 for x64-based systems \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nWindows Server 2012 \nInternet Explorer 11 \nWindows 10 Version 1803 for ARM64-based Systems \nWindows Server 2008 for x64-based Systems Service Pack 2 \nWindows Server 2016 \nWindows 10 Version 1709 for x64-based Systems \nWindows RT 8.1 \nWindows 10 Version 1709 for ARM64-based Systems \nWindows 10 Version 1703 for x64-based Systems \nWindows 10 Version 1809 for 32-bit Systems \nWindows Server 2008 for Itanium-Based Systems Service Pack 2 \nWindows 10 Version 1809 for ARM64-based Systems \nWindows 10 Version 1903 for 32-bit Systems \nWindows Server 2012 R2 (Server Core installation) \nWindows Server 2008 R2 for Itanium-Based Systems Service Pack 1 \nWindows Server 2019 (Server Core installation) \nMicrosoft Edge (EdgeHTML-based) \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nWindows 10 Version 1803 for x64-based Systems \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nWindows Server, version 1903 (Server Core installation) \nWindows 10 Version 1903 for ARM64-based Systems \nWindows 10 Version 1607 for 32-bit Systems \nWindows 10 Version 1809 for x64-based Systems \nWindows 10 Version 1607 for x64-based Systems \nWindows 10 Version 1803 for 32-bit Systems \nWindows 7 for 32-bit Systems Service Pack 1 \nWindows 10 Version 1709 for 32-bit Systems \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nWindows 10 Version 1703 for 32-bit Systems \nInternet Explorer 10 \nWindows Server 2012 R2 \nWindows Server 2019\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2019-1039](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1039>) \n[CVE-2019-1028](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1028>) \n[CVE-2019-1048](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1048>) \n[CVE-2019-1049](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1049>) \n[CVE-2019-0888](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0888>) \n[CVE-2019-1009](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1009>) \n[CVE-2019-1046](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1046>) \n[CVE-2019-1047](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1047>) \n[CVE-2019-1040](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1040>) \n[CVE-2019-1025](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1025>) \n[CVE-2019-1014](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1014>) \n[CVE-2019-1080](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1080>) \n[CVE-2019-1081](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1081>) \n[CVE-2019-0713](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0713>) \n[CVE-2019-1005](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1005>) \n[CVE-2019-0968](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0968>) \n[CVE-2019-0908](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0908>) \n[CVE-2019-1010](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1010>) \n[CVE-2019-0986](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0986>) \n[CVE-2019-0906](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0906>) \n[CVE-2019-0984](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0984>) \n[CVE-2019-0985](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0985>) \n[CVE-2019-1045](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1045>) \n[CVE-2019-0960](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0960>) \n[CVE-2019-0904](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0904>) \n[CVE-2019-1017](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1017>) \n[CVE-2019-0943](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0943>) \n[CVE-2019-1015](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1015>) \n[CVE-2019-0941](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0941>) \n[CVE-2019-1013](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1013>) \n[CVE-2019-1012](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1012>) \n[CVE-2019-1011](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1011>) \n[CVE-2019-0909](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0909>) \n[CVE-2019-0722](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0722>) \n[CVE-2019-0907](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0907>) \n[CVE-2019-0948](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0948>) \n[CVE-2019-0905](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0905>) \n[CVE-2019-1019](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1019>) \n[CVE-2019-1053](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1053>) \n[CVE-2019-0920](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0920>) \n[CVE-2019-1055](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1055>) \n[CVE-2019-1043](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1043>) \n[CVE-2019-1016](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1016>) \n[CVE-2019-0977](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0977>) \n[CVE-2019-0974](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0974>) \n[CVE-2019-0973](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0973>) \n[CVE-2019-0972](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0972>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Internet Explorer](<https://threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/>)\n\n### *CVE-IDS*:\n[CVE-2019-0986](<https://vulners.com/cve/CVE-2019-0986>)3.6Warning \n[CVE-2019-0973](<https://vulners.com/cve/CVE-2019-0973>)7.2High \n[CVE-2019-1040](<https://vulners.com/cve/CVE-2019-1040>)4.3Warning \n[CVE-2019-0909](<https://vulners.com/cve/CVE-2019-0909>)9.3Critical \n[CVE-2019-0948](<https://vulners.com/cve/CVE-2019-0948>)4.3Warning \n[CVE-2019-1019](<https://vulners.com/cve/CVE-2019-1019>)6.0High \n[CVE-2019-1010](<https://vulners.com/cve/CVE-2019-1010>)4.3Warning \n[CVE-2019-1053](<https://vulners.com/cve/CVE-2019-1053>)7.2High \n[CVE-2019-0908](<https://vulners.com/cve/CVE-2019-0908>)9.3Critical \n[CVE-2019-0977](<https://vulners.com/cve/CVE-2019-0977>)4.3Warning \n[CVE-2019-1009](<https://vulners.com/cve/CVE-2019-1009>)4.3Warning \n[CVE-2019-0722](<https://vulners.com/cve/CVE-2019-0722>)9.0Critical \n[CVE-2019-1039](<https://vulners.com/cve/CVE-2019-1039>)2.1Warning \n[CVE-2019-1043](<https://vulners.com/cve/CVE-2019-1043>)8.5Critical \n[CVE-2019-1025](<https://vulners.com/cve/CVE-2019-1025>)7.8Critical \n[CVE-2019-0974](<https://vulners.com/cve/CVE-2019-0974>)9.3Critical \n[CVE-2019-1045](<https://vulners.com/cve/CVE-2019-1045>)7.2High \n[CVE-2019-0905](<https://vulners.com/cve/CVE-2019-0905>)9.3Critical \n[CVE-2019-1014](<https://vulners.com/cve/CVE-2019-1014>)7.2High \n[CVE-2019-0941](<https://vulners.com/cve/CVE-2019-0941>)5.0Critical \n[CVE-2019-0985](<https://vulners.com/cve/CVE-2019-0985>)6.8High \n[CVE-2019-0960](<https://vulners.com/cve/CVE-2019-0960>)7.2High \n[CVE-2019-0984](<https://vulners.com/cve/CVE-2019-0984>)7.2High \n[CVE-2019-0906](<https://vulners.com/cve/CVE-2019-0906>)9.3Critical \n[CVE-2019-0943](<https://vulners.com/cve/CVE-2019-0943>)7.2High \n[CVE-2019-1047](<https://vulners.com/cve/CVE-2019-1047>)4.3Warning \n[CVE-2019-1028](<https://vulners.com/cve/CVE-2019-1028>)4.6Warning \n[CVE-2019-1048](<https://vulners.com/cve/CVE-2019-1048>)4.3Warning \n[CVE-2019-1015](<https://vulners.com/cve/CVE-2019-1015>)4.3Warning \n[CVE-2019-1049](<https://vulners.com/cve/CVE-2019-1049>)4.3Warning \n[CVE-2019-1046](<https://vulners.com/cve/CVE-2019-1046>)4.3Warning \n[CVE-2019-0888](<https://vulners.com/cve/CVE-2019-0888>)9.3Critical \n[CVE-2019-0907](<https://vulners.com/cve/CVE-2019-0907>)9.3Critical \n[CVE-2019-1011](<https://vulners.com/cve/CVE-2019-1011>)4.3Warning \n[CVE-2019-1013](<https://vulners.com/cve/CVE-2019-1013>)4.3Warning \n[CVE-2019-1012](<https://vulners.com/cve/CVE-2019-1012>)4.3Warning \n[CVE-2019-0968](<https://vulners.com/cve/CVE-2019-0968>)4.3Warning \n[CVE-2019-0904](<https://vulners.com/cve/CVE-2019-0904>)9.3Critical \n[CVE-2019-0713](<https://vulners.com/cve/CVE-2019-0713>)5.5High \n[CVE-2019-1017](<https://vulners.com/cve/CVE-2019-1017>)7.2High \n[CVE-2019-0972](<https://vulners.com/cve/CVE-2019-0972>)6.8High \n[CVE-2019-1016](<https://vulners.com/cve/CVE-2019-1016>)4.3Warning \n[CVE-2019-1081](<https://vulners.com/cve/CVE-2019-1081>)4.3Warning \n[CVE-2019-1005](<https://vulners.com/cve/CVE-2019-1005>)7.6Critical \n[CVE-2019-1055](<https://vulners.com/cve/CVE-2019-1055>)7.6Critical \n[CVE-2019-1080](<https://vulners.com/cve/CVE-2019-1080>)7.6Critical \n[CVE-2019-0920](<https://vulners.com/cve/CVE-2019-0920>)7.6Critical\n\n### *KB list*:\n[4503287](<http://support.microsoft.com/kb/4503287>) \n[4503292](<http://support.microsoft.com/kb/4503292>) \n[4503273](<http://support.microsoft.com/kb/4503273>) \n[4503269](<http://support.microsoft.com/kb/4503269>) \n[4503259](<http://support.microsoft.com/kb/4503259>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-11T00:00:00", "type": "kaspersky", "title": "KLA11874 Multiple vulnerabilities in Microsoft Products (ESU)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0713", "CVE-2019-0722", "CVE-2019-0888", "CVE-2019-0904", "CVE-2019-0905", "CVE-2019-0906", "CVE-2019-0907", "CVE-2019-0908", "CVE-2019-0909", "CVE-2019-0920", "CVE-2019-0941", "CVE-2019-0943", "CVE-2019-0948", "CVE-2019-0960", "CVE-2019-0968", "CVE-2019-0972", "CVE-2019-0973", "CVE-2019-0974", "CVE-2019-0977", "CVE-2019-0984", "CVE-2019-0985", "CVE-2019-0986", "CVE-2019-1005", "CVE-2019-1009", "CVE-2019-1010", "CVE-2019-1011", "CVE-2019-1012", "CVE-2019-1013", "CVE-2019-1014", "CVE-2019-1015", "CVE-2019-1016", "CVE-2019-1017", "CVE-2019-1019", "CVE-2019-1025", "CVE-2019-1028", "CVE-2019-1039", "CVE-2019-1040", "CVE-2019-1043", "CVE-2019-1045", "CVE-2019-1046", "CVE-2019-1047", "CVE-2019-1048", "CVE-2019-1049", "CVE-2019-1053", "CVE-2019-1055", "CVE-2019-1080", "CVE-2019-1081"], "modified": "2023-03-17T00:00:00", "id": "KLA11874", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11874/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "github": [{"lastseen": "2023-02-01T05:08:15", "description": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-03-29T20:59:04", "type": "github", "title": "Out-of-bounds write", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0989", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1024", "CVE-2019-1051", "CVE-2019-1052"], "modified": "2023-02-01T05:05:18", "id": "GHSA-9824-RP6M-XX9W", "href": "https://github.com/advisories/GHSA-9824-rp6m-xx9w", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-01T05:08:15", "description": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-03-29T20:59:06", "type": "github", "title": "Out-of-bounds write", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0989", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1024", "CVE-2019-1051", "CVE-2019-1052"], "modified": "2023-02-01T05:05:09", "id": "GHSA-W32P-76XR-88PC", "href": "https://github.com/advisories/GHSA-w32p-76xr-88pc", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-01T05:08:15", "description": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-03-29T20:59:07", "type": "github", "title": "Out-of-bounds write", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0989", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1024", "CVE-2019-1051", "CVE-2019-1052"], "modified": "2023-02-01T05:05:09", "id": "GHSA-53R4-H27G-RG3X", "href": "https://github.com/advisories/GHSA-53r4-h27g-rg3x", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-01T05:08:15", "description": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-03-29T20:57:51", "type": "github", "title": "Out-of-bounds write", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0989", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1024", "CVE-2019-1051", "CVE-2019-1052"], "modified": "2023-02-01T05:05:11", "id": "GHSA-2RFJ-2MWP-787V", "href": "https://github.com/advisories/GHSA-2rfj-2mwp-787v", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-01T05:08:15", "description": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-03-29T20:57:42", "type": "github", "title": "Out-of-bounds write", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0989", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1024", "CVE-2019-1051", "CVE-2019-1052"], "modified": "2023-02-01T05:05:11", "id": "GHSA-6973-94V8-5MGW", "href": "https://github.com/advisories/GHSA-6973-94v8-5mgw", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "osv": [{"lastseen": "2023-03-28T05:23:52", "description": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-03-29T20:59:07", "type": "osv", "title": "Out-of-bounds write", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0989", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1024", "CVE-2019-1051", "CVE-2019-1052"], "modified": "2023-03-28T05:23:50", "id": "OSV:GHSA-53R4-H27G-RG3X", "href": "https://osv.dev/vulnerability/GHSA-53r4-h27g-rg3x", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-28T05:31:05", "description": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-03-29T20:59:04", "type": "osv", "title": "Out-of-bounds write", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0989", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1024", "CVE-2019-1051", "CVE-2019-1052"], "modified": "2023-03-28T05:31:00", "id": "OSV:GHSA-9824-RP6M-XX9W", "href": "https://osv.dev/vulnerability/GHSA-9824-rp6m-xx9w", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-28T05:46:33", "description": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-03-29T20:59:06", "type": "osv", "title": "Out-of-bounds write", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0989", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1024", "CVE-2019-1051", "CVE-2019-1052"], "modified": "2023-03-28T05:46:27", "id": "OSV:GHSA-W32P-76XR-88PC", "href": "https://osv.dev/vulnerability/GHSA-w32p-76xr-88pc", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-28T05:42:38", "description": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-03-29T20:57:42", "type": "osv", "title": "Out-of-bounds write", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0989", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1024", "CVE-2019-1051", "CVE-2019-1052"], "modified": "2023-03-28T05:42:34", "id": "OSV:GHSA-6973-94V8-5MGW", "href": "https://osv.dev/vulnerability/GHSA-6973-94v8-5mgw", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-28T05:44:27", "description": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-03-29T20:57:51", "type": "osv", "title": "Out-of-bounds write", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0989", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1024", "CVE-2019-1051", "CVE-2019-1052"], "modified": "2023-03-28T05:44:22", "id": "OSV:GHSA-2RFJ-2MWP-787V", "href": "https://osv.dev/vulnerability/GHSA-2rfj-2mwp-787v", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2023-02-09T14:23:45", "description": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0989", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0989", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1024", "CVE-2019-1051", "CVE-2019-1052"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:edge:-"], "id": "CVE-2019-0989", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0989", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:44", "description": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0991", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0989", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1024", "CVE-2019-1051", "CVE-2019-1052"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:edge:-"], "id": "CVE-2019-0991", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0991", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:46", "description": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0992", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0989", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1024", "CVE-2019-1051", "CVE-2019-1052"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:edge:-"], "id": "CVE-2019-0992", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0992", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:45", "description": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0993", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0989", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1024", "CVE-2019-1051", "CVE-2019-1052"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:edge:-"], "id": "CVE-2019-0993", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0993", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:25:40", "description": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1052.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1051", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0989", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1024", "CVE-2019-1051", "CVE-2019-1052"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:edge:-"], "id": "CVE-2019-1051", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1051", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:53", "description": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1003", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0989", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1024", "CVE-2019-1051", "CVE-2019-1052"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:edge:-"], "id": "CVE-2019-1003", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1003", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:24:59", "description": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1051, CVE-2019-1052.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1024", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0989", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1024", "CVE-2019-1051", "CVE-2019-1052"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:edge:-"], "id": "CVE-2019-1024", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1024", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:25:42", "description": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1052", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0989", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1024", "CVE-2019-1051", "CVE-2019-1052"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:edge:-"], "id": "CVE-2019-1052", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1052", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:53", "description": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1002", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0989", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1024", "CVE-2019-1051", "CVE-2019-1052"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:edge:-"], "id": "CVE-2019-1002", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1002", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:32", "description": "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0904, CVE-2019-0905, CVE-2019-0906, CVE-2019-0908, CVE-2019-0909, CVE-2019-0974.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0907", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0904", "CVE-2019-0905", "CVE-2019-0906", "CVE-2019-0907", "CVE-2019-0908", "CVE-2019-0909", "CVE-2019-0974"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-0907", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0907", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:31", "description": "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0904, CVE-2019-0905, CVE-2019-0906, CVE-2019-0907, CVE-2019-0908, CVE-2019-0974.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0909", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0904", "CVE-2019-0905", "CVE-2019-0906", "CVE-2019-0907", "CVE-2019-0908", "CVE-2019-0909", "CVE-2019-0974"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-0909", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0909", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:32", "description": "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0904, CVE-2019-0905, CVE-2019-0907, CVE-2019-0908, CVE-2019-0909, CVE-2019-0974.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0906", "cwe": ["CWE-129"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0904", "CVE-2019-0905", "CVE-2019-0906", "CVE-2019-0907", "CVE-2019-0908", "CVE-2019-0909", "CVE-2019-0974"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-0906", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0906", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:30", "description": "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0904, CVE-2019-0905, CVE-2019-0906, CVE-2019-0907, CVE-2019-0909, CVE-2019-0974.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0908", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0904", "CVE-2019-0905", "CVE-2019-0906", "CVE-2019-0907", "CVE-2019-0908", "CVE-2019-0909", "CVE-2019-0974"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-0908", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0908", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:30", "description": "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0905, CVE-2019-0906, CVE-2019-0907, CVE-2019-0908, CVE-2019-0909, CVE-2019-0974.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0904", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0904", "CVE-2019-0905", "CVE-2019-0906", "CVE-2019-0907", "CVE-2019-0908", "CVE-2019-0909", "CVE-2019-0974"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-0904", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0904", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:42", "description": "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0904, CVE-2019-0905, CVE-2019-0906, CVE-2019-0907, CVE-2019-0908, CVE-2019-0909.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0974", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0904", "CVE-2019-0905", "CVE-2019-0906", "CVE-2019-0907", "CVE-2019-0908", "CVE-2019-0909", "CVE-2019-0974"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-0974", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0974", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:31", "description": "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0904, CVE-2019-0906, CVE-2019-0907, CVE-2019-0908, CVE-2019-0909, CVE-2019-0974.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0905", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0904", "CVE-2019-0905", "CVE-2019-0906", "CVE-2019-0907", "CVE-2019-0908", "CVE-2019-0909", "CVE-2019-0974"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-0905", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0905", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:25:46", "description": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0920, CVE-2019-0988, CVE-2019-1005, CVE-2019-1080.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1055", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0920", "CVE-2019-0988", "CVE-2019-1005", "CVE-2019-1055", "CVE-2019-1080"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:internet_explorer:10", "cpe:/a:microsoft:internet_explorer:11", "cpe:/a:microsoft:internet_explorer:9"], "id": "CVE-2019-1055", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1055", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:26:25", "description": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0920, CVE-2019-0988, CVE-2019-1005, CVE-2019-1055.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1080", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0920", "CVE-2019-0988", "CVE-2019-1005", "CVE-2019-1055", "CVE-2019-1080"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:internet_explorer:10", "cpe:/a:microsoft:internet_explorer:11", "cpe:/a:microsoft:internet_explorer:9"], "id": "CVE-2019-1080", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1080", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*"]}, {"lastseen": "2023-02-08T15:41:07", "description": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0920, CVE-2019-1005, CVE-2019-1055, CVE-2019-1080.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0988", "cwe": ["CWE-843", "CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0920", "CVE-2019-0988", "CVE-2019-1005", "CVE-2019-1055", "CVE-2019-1080"], "modified": "2023-01-31T14:16:00", "cpe": ["cpe:/a:microsoft:internet_explorer:11", "cpe:/a:microsoft:internet_explorer:10"], "id": "CVE-2019-0988", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0988", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:24:08", "description": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0920, CVE-2019-0988, CVE-2019-1055, CVE-2019-1080.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1005", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0920", "CVE-2019-0988", "CVE-2019-1005", "CVE-2019-1055", "CVE-2019-1080"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:internet_explorer:10", "cpe:/a:microsoft:internet_explorer:11", "cpe:/a:microsoft:internet_explorer:9"], "id": "CVE-2019-1005", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1005", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:33", "description": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0988, CVE-2019-1005, CVE-2019-1055, CVE-2019-1080.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0920", "cwe": ["CWE-843", "CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0920", "CVE-2019-0988", "CVE-2019-1005", "CVE-2019-1055", "CVE-2019-1080"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:internet_explorer:10", "cpe:/a:microsoft:internet_explorer:11", "cpe:/a:microsoft:internet_explorer:9"], "id": "CVE-2019-0920", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0920", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:internet_explorer:10:-:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:00", "description": "A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0620, CVE-2019-0709.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0722", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0620", "CVE-2019-0709", "CVE-2019-0722"], "modified": "2019-06-12T20:26:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-0722", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0722", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:22:59", "description": "A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0620, CVE-2019-0722.", "cvss3": {"exploitabilityScore": 1.7, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 8.4, "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0709", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 5.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.7, "vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0620", "CVE-2019-0709", "CVE-2019-0722"], "modified": "2019-06-12T19:58:00", "cpe": ["cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-0709", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0709", "cvss": {"score": 7.7, "vector": "AV:A/AC:L/Au:S/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*"]}, {"lastseen": "2023-02-09T14:22:43", "description": "A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0709, CVE-2019-0722.", "cvss3": {"exploitabilityScore": 1.7, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 8.4, "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0620", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 5.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.7, "vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0620", "CVE-2019-0709", "CVE-2019-0722"], "modified": "2019-06-12T19:49:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-0620", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0620", "cvss": {"score": 7.7, "vector": "AV:A/AC:L/Au:S/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:22:59", "description": "A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0710, CVE-2019-0713.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0711", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 5.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 5.5, "vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0710", "CVE-2019-0711", "CVE-2019-0713"], "modified": "2019-06-12T20:12:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-0711", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0711", "cvss": {"score": 5.5, "vector": "AV:A/AC:L/Au:S/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:22:59", "description": "A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0710, CVE-2019-0711.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0713", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 5.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 5.5, "vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0710", "CVE-2019-0711", "CVE-2019-0713"], "modified": "2019-06-12T20:22:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-0713", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0713", "cvss": {"score": 5.5, "vector": "AV:A/AC:L/Au:S/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:01", "description": "A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0711, CVE-2019-0713.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0710", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 5.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 5.5, "vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0710", "CVE-2019-0711", "CVE-2019-0713"], "modified": "2019-06-12T20:06:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-0710", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0710", "cvss": {"score": 5.5, "vector": "AV:A/AC:L/Au:S/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:25:04", "description": "An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1007, CVE-2019-1021, CVE-2019-1022, CVE-2019-1026, CVE-2019-1028.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1027", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1007", "CVE-2019-1021", "CVE-2019-1022", "CVE-2019-1026", "CVE-2019-1027", "CVE-2019-1028"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_server_2016:1903"], "id": "CVE-2019-1027", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1027", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:24:14", "description": "An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1021, CVE-2019-1022, CVE-2019-1026, CVE-2019-1027, CVE-2019-1028.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1007", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1007", "CVE-2019-1021", "CVE-2019-1022", "CVE-2019-1026", "CVE-2019-1027", "CVE-2019-1028"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-1007", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1007", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:25:02", "description": "An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1007, CVE-2019-1021, CVE-2019-1022, CVE-2019-1027, CVE-2019-1028.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1026", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1007", "CVE-2019-1021", "CVE-2019-1022", "CVE-2019-1026", "CVE-2019-1027", "CVE-2019-1028"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_server_2016:1903"], "id": "CVE-2019-1026", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1026", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:24:56", "description": "An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1007, CVE-2019-1022, CVE-2019-1026, CVE-2019-1027, CVE-2019-1028.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1021", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1007", "CVE-2019-1021", "CVE-2019-1022", "CVE-2019-1026", "CVE-2019-1027", "CVE-2019-1028"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2016:1709", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_10:1903"], "id": "CVE-2019-1021", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1021", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:24:57", "description": "An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1007, CVE-2019-1021, CVE-2019-1026, CVE-2019-1027, CVE-2019-1028.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1022", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1007", "CVE-2019-1021", "CVE-2019-1022", "CVE-2019-1026", "CVE-2019-1027", "CVE-2019-1028"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_10:1903"], "id": "CVE-2019-1022", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1022", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:25:05", "description": "An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1007, CVE-2019-1021, CVE-2019-1022, CVE-2019-1026, CVE-2019-1027.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1028", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1007", "CVE-2019-1021", "CVE-2019-1022", "CVE-2019-1026", "CVE-2019-1027", "CVE-2019-1028"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-1028", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1028", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:24:58", "description": "An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0990.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1023", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0990", "CVE-2019-1023"], "modified": "2019-06-13T17:56:00", "cpe": ["cpe:/a:microsoft:edge:-"], "id": "CVE-2019-1023", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1023", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:44", "description": "An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1023.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0990", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0990", "CVE-2019-1023"], "modified": "2019-06-13T15:02:00", "cpe": ["cpe:/a:microsoft:edge:-"], "id": "CVE-2019-0990", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0990", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:45", "description": "An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations, aka 'Windows Storage Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0983.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0998", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0983", "CVE-2019-0998"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_server_2016:1903"], "id": "CVE-2019-0998", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0998", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:44", "description": "An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations, aka 'Windows Storage Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0998.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0983", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0983", "CVE-2019-0998"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-0983", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0983", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:39", "description": "An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1014, CVE-2019-1017.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0960", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0960", "CVE-2019-1014", "CVE-2019-1017"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2008:r2"], "id": "CVE-2019-0960", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0960", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:24:49", "description": "An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0960, CVE-2019-1014.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1017", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0960", "CVE-2019-1014", "CVE-2019-1017"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-1017", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1017", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:24:42", "description": "An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0960, CVE-2019-1017.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1014", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0960", "CVE-2019-1014", "CVE-2019-1017"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-1014", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1014", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:45:39", "description": "In the Bluetooth Low Energy (BLE) specification, there is a provided example Long Term Key (LTK). If a BLE device were to use this as a hardcoded LTK, it is theoretically possible for a proximate attacker to remotely inject keystrokes on a paired Android host due to improperly used crypto. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-128843052.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-07T20:29:00", "type": "cve", "title": "CVE-2019-2102", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-2102"], "modified": "2019-09-12T04:15:00", "cpe": ["cpe:/o:google:android:9.0", "cpe:/o:google:android:8.0", "cpe:/o:google:android:8.1", "cpe:/o:google:android:7.1.2", "cpe:/o:google:android:7.0", "cpe:/o:google:android:7.1.1"], "id": "CVE-2019-2102", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-2102", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:37", "description": "An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity, aka 'Windows Event Viewer Information Disclosure Vulnerability'.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0948", "cwe": ["CWE-611"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0948"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-0948", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0948", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:26:11", "description": "An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations, aka 'Task Scheduler Elevation of Privilege Vulnerability'.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1069", "cwe": ["CWE-59"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1069"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-1069", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1069", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:25:31", "description": "An elevation of privilege vulnerability exists in the way that the Windows Network File System (NFS) handles objects in memory, aka 'Windows Network File System Elevation of Privilege Vulnerability'.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1045", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1045"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:-"], "id": "CVE-2019-1045", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1045", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:25:27", "description": "A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory, aka 'Comctl32 Remote Code Execution Vulnerability'.", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1043", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1043"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-1043", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1043", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:25:22", "description": "A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1038", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1038"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:internet_explorer:10", "cpe:/a:microsoft:edge:-", "cpe:/a:microsoft:internet_explorer:11"], "id": "CVE-2019-1038", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1038", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:25:22", "description": "An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka 'Windows Kernel Information Disclosure Vulnerability'.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1039", "cwe": ["CWE-665"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1039"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-1039", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1039", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:42", "description": "This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request, aka 'Local Security Authority Subsystem Service Denial of Service Vulnerability'.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0972", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 6.8, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0972"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-0972", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0972", "cvss": {"score": 6.8, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:25:23", "description": "A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection, aka 'Windows NTLM Tampering Vulnerability'.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1040", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1040"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-1040", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1040", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:25:44", "description": "An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts, aka 'Windows Shell Elevation of Privilege Vulnerability'.", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1053", "cwe": ["CWE-59"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1053"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-1053", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1053", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:36", "description": "An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system, aka 'Windows ALPC Elevation of Privilege Vulnerability'.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0943", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0943"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-0943", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0943", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:25:46", "description": "A security feature bypass vulnerability exists in Edge that allows for bypassing Mark of the Web Tagging (MOTW), aka 'Microsoft Edge Security Feature Bypass Vulnerability'.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 5.0, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.4}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1054", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1054"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:edge:-"], "id": "CVE-2019-1054", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1054", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:42", "description": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-1009, CVE-2019-1010, CVE-2019-1011, CVE-2019-1012, CVE-2019-1013, CVE-2019-1015, CVE-2019-1016, CVE-2019-1046, CVE-2019-1047, CVE-2019-1048, CVE-2019-1049, CVE-2019-1050.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0977", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0968", "CVE-2019-0977", "CVE-2019-1009", "CVE-2019-1010", "CVE-2019-1011", "CVE-2019-1012", "CVE-2019-1013", "CVE-2019-1015", "CVE-2019-1016", "CVE-2019-1046", "CVE-2019-1047", "CVE-2019-1048", "CVE-2019-1049", "CVE-2019-1050"], "modified": "2019-06-13T12:24:00", "cpe": ["cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2008:r2"], "id": "CVE-2019-0977", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0977", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:41", "description": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0977, CVE-2019-1009, CVE-2019-1010, CVE-2019-1011, CVE-2019-1012, CVE-2019-1013, CVE-2019-1015, CVE-2019-1016, CVE-2019-1046, CVE-2019-1047, CVE-2019-1048, CVE-2019-1049, CVE-2019-1050.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-0968", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0968", "CVE-2019-0977", "CVE-2019-1009", "CVE-2019-1010", "CVE-2019-1011", "CVE-2019-1012", "CVE-2019-1013", "CVE-2019-1015", "CVE-2019-1016", "CVE-2019-1046", "CVE-2019-1047", "CVE-2019-1048", "CVE-2019-1049", "CVE-2019-1050"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2008:r2"], "id": "CVE-2019-0968", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0968", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:24:15", "description": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, CVE-2019-1010, CVE-2019-1011, CVE-2019-1012, CVE-2019-1013, CVE-2019-1015, CVE-2019-1016, CVE-2019-1046, CVE-2019-1047, CVE-2019-1048, CVE-2019-1049, CVE-2019-1050.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1009", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0968", "CVE-2019-0977", "CVE-2019-1009", "CVE-2019-1010", "CVE-2019-1011", "CVE-2019-1012", "CVE-2019-1013", "CVE-2019-1015", "CVE-2019-1016", "CVE-2019-1046", "CVE-2019-1047", "CVE-2019-1048", "CVE-2019-1049", "CVE-2019-1050"], "modified": "2019-08-09T16:15:00", "cpe": ["cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2008:r2"], "id": "CVE-2019-1009", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1009", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:24:19", "description": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, CVE-2019-1009, CVE-2019-1011, CVE-2019-1012, CVE-2019-1013, CVE-2019-1015, CVE-2019-1016, CVE-2019-1046, CVE-2019-1047, CVE-2019-1048, CVE-2019-1049, CVE-2019-1050.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1010", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0968", "CVE-2019-0977", "CVE-2019-1009", "CVE-2019-1010", "CVE-2019-1011", "CVE-2019-1012", "CVE-2019-1013", "CVE-2019-1015", "CVE-2019-1016", "CVE-2019-1046", "CVE-2019-1047", "CVE-2019-1048", "CVE-2019-1049", "CVE-2019-1050"], "modified": "2019-06-13T17:19:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-1010", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:24:40", "description": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, CVE-2019-1009, CVE-2019-1010, CVE-2019-1011, CVE-2019-1013, CVE-2019-1015, CVE-2019-1016, CVE-2019-1046, CVE-2019-1047, CVE-2019-1048, CVE-2019-1049, CVE-2019-1050.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2019-06-12T14:29:00", "type": "cve", "title": "CVE-2019-1012", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0968", "CVE-2019-0977", "CVE-2019-1009", "CVE-2019-1010", "CVE-2019-1011", "CVE-2019-1012", "CVE-2019-1013", "CVE-2019-1015", "CVE-2019-1016", "CVE-2019-1046", "CVE-2019-1047", "CVE-2019-1048", "CVE-2019-1049", "CVE-2019-1050"], "modified": "2019-06-13T15:03:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2019-1012", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1012", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"]}], "talosblog": [{"lastseen": "2019-06-15T08:23:19", "description": "[![](https://3.bp.blogspot.com/-bIERk6jqSvs/XKypl8tltSI/AAAAAAAAFxU/d9l6_EW1Czs7DzBngmhg8pjdPfhPAZ3yACK4BGAYYCw/s1600/recurring%2Bblog%2Bimages_patch%2Btuesday.jpg)](<http://3.bp.blogspot.com/-bIERk6jqSvs/XKypl8tltSI/AAAAAAAAFxU/d9l6_EW1Czs7DzBngmhg8pjdPfhPAZ3yACK4BGAYYCw/s1600/recurring%2Bblog%2Bimages_patch%2Btuesday.jpg>) \nMicrosoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 88 vulnerabilities, 18 of which are rated \u201ccritical,\" 69 that are considered \"important\" and one \"moderate.\" This release also includes a critical advisory regarding security updates to Adobe Flash Player. \n \nThis month\u2019s security update covers security issues in a variety of Microsoft\u2019s products, including the Chakra scripting engine, the Jet database engine and Windows kernel. For more on our coverage of these bugs, check out the Snort blog post here, covering all of the new rules we have for this release. \n \n\n\n### Critical vulnerabilities\n\nMicrosoft disclosed 19 critical vulnerabilities this month, 10 of which we will highlight below. \n \n[CVE-2019-0988](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0988>), [CVE-2019-0989,](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0989>) [CVE-2019-0991](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0991>), [CVE-2019-0992](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0992>), [CVE-2019-0993](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0993>), [CVE-2019-1002](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1002>), [CVE-2019-1003](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1003>) and [CVE-2019-1024](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1024>) are all memory corruption vulnerabilities in the Chakra scripting engine. An attacker could exploit any of these bugs by tricking a user into visiting a specially crafted, malicious website while using the Microsoft Edge browser. If successful, the attacker could then corrupt memory in such a way that would allow them to take control of an affected system. \n \n[CVE-2019-0620](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0620>) is a remote code execution vulnerability in Windows Hyper-V that exists when Hyper-V fails to properly validate input on a host server from an authenticated user using a guest operating system. An attacker could exploit this bug by running a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. \n[ \n](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0888>)[CVE-2019-0888](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0888>) is a remote code execution vulnerability that exists in the way ActiveX Data Obejcts handles object in memory. An attacker could exploit this vulnerability by tricking the user into visiting a specially crafted, malicious website. If successful, the attacker could then execute code in the context of the current user. \n \nThe other critical vulnerabilities are: \n\n\n[](<http://cve-2019-0709%20cve-2019-0722%20%20%20cve-2019-0985%20%20%20cve-2019-0990%20%20%20%20%20%20%20cve-2019-1038%20cve-2019-1051%20cve-2019-1052%20cve-2019-0709/>)\n * [](<http://cve-2019-0709%20cve-2019-0722%20%20%20cve-2019-0985%20%20%20cve-2019-0990%20%20%20%20%20%20%20cve-2019-1038%20cve-2019-1051%20cve-2019-1052%20cve-2019-0709/>)[CVE-2019-0709](<http://cve-2019-0709%20cve-2019-0722%20%20%20cve-2019-0985%20%20%20cve-2019-0990%20%20%20%20%20%20%20cve-2019-1038%20cve-2019-1051%20cve-2019-1052%20cve-2019-0709/>)\n * [CVE-2019-0722](<http://cve-2019-0709%20cve-2019-0722%20%20%20cve-2019-0985%20%20%20cve-2019-0990%20%20%20%20%20%20%20cve-2019-1038%20cve-2019-1051%20cve-2019-1052%20cve-2019-0722/>)\n * [CVE-2019-0985](<http://cve-2019-0709%20cve-2019-0722%20%20%20cve-2019-0985%20%20%20cve-2019-0990%20%20%20%20%20%20%20cve-2019-1038%20cve-2019-1051%20cve-2019-1052%20cve-2019-0985/>)\n * [CVE-2019-0990](<http://cve-2019-0709%20cve-2019-0722%20%20%20cve-2019-0985%20%20%20cve-2019-0990%20%20%20%20%20%20%20cve-2019-1038%20cve-2019-1051%20cve-2019-1052%20cve-2019-0990/>)\n * [CVE-2019-1038](<http://cve-2019-0709%20cve-2019-0722%20%20%20cve-2019-0985%20%20%20cve-2019-0990%20%20%20%20%20%20%20cve-2019-1038%20cve-2019-1051%20cve-2019-1052%20cve-2019-1038/>)\n * [CVE-2019-1051](<http://cve-2019-0709%20cve-2019-0722%20%20%20cve-2019-0985%20%20%20cve-2019-0990%20%20%20%20%20%20%20cve-2019-1038%20cve-2019-1051%20cve-2019-1052%20cve-2019-1051/>)\n * [CVE-2019-1052](<http://cve-2019-0709%20cve-2019-0722%20%20%20cve-2019-0985%20%20%20cve-2019-0990%20%20%20%20%20%20%20cve-2019-1038%20cve-2019-1051%20cve-2019-1052%20cve-2019-1052/>)\n * [CVE-2019-1055](<http://cve-2019-0709%20cve-2019-0722%20%20%20cve-2019-0985%20%20%20cve-2019-0990%20%20%20%20%20%20%20cve-2019-1038%20cve-2019-1051%20cve-2019-1052%20cve-2019-1055/>)\n\n### Important vulnerabilities\n\nThis release also contains 65 important vulnerabilities, one of which we will highlight below. \n \n[CVE-2019-1065](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1065>) is an elevation of privilege vulnerability that occurs when the Windows kernel improperly handles objects in memory. An attacker would first have to log onto the system in order to exploit this vulnerability, and then run a specially crafted application to take control of the system. They would then have the ability to run arbitrary code in kernel mode. \n \nThe other important vulnerabilities are: \n \n\n\n * [CVE-2019-0710](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0710>)\n * [CVE-2019-0711](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0711>)\n * [CVE-2019-0713](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0713>)\n * [CVE-2019-0904](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0904>)\n * [CVE-2019-0905](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0905>)\n * [CVE-2019-0906](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0906>)\n * [CVE-2019-0907](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0907>)\n * [CVE-2019-0908](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0908>)\n * [CVE-2019-0909](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0909>)\n * [CVE-2019-0941](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0941>)\n * [CVE-2019-0943](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0943>)\n * [CVE-2019-0959](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0959>)\n * [CVE-2019-0960](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0960>)\n * [CVE-2019-0968](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0968>)\n * [CVE-2019-0972](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0972>)\n * [CVE-2019-0973](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0973>)\n * [CVE-2019-0974](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0974>)\n * [CVE-2019-0977](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0977>)\n * [CVE-2019-0983](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0983>)\n * [CVE-2019-0984](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0984>)\n * [CVE-2019-0986](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0986>)\n * [CVE-2019-0998](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0998>)\n * [CVE-2019-1005](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1005>)\n * [CVE-2019-1007](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1007>)\n * [CVE-2019-1009](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1009>)\n * [CVE-2019-1010](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1010>)\n * [CVE-2019-1011](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1011>)\n * [CVE-2019-1012](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1012>)\n * [CVE-2019-1013](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1013>)\n * [CVE-2019-1014](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1014>)\n * [CVE-2019-1015](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1015>)\n * [CVE-2019-1016](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1016>)\n * [CVE-2019-1017](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1017>)\n * [CVE-2019-1018](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1018>)\n * [CVE-2019-1019](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1019>)\n * [CVE-2019-1021](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1021>)\n * [CVE-2019-1022](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1022>)\n * [CVE-2019-1023](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1023>)\n * [CVE-2019-1025](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1025>)\n * [CVE-2019-1026](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1026>)\n * [CVE-2019-1027](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1027>)\n * [CVE-2019-1028](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1028>)\n * [CVE-2019-1029](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1029>)\n * [CVE-2019-1031](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1031>)\n * [CVE-2019-1032](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1032>)\n * [CVE-2019-1033](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1033>)\n * [CVE-2019-1034](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1034>)\n * [CVE-2019-1035](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1035>)\n * [CVE-2019-1036](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1036>)\n * [CVE-2019-1039](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1039>)\n * [CVE-2019-1040](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1040>)\n * [CVE-2019-1041](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1041>)\n * [CVE-2019-1043](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1043>)\n * [CVE-2019-1044](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1044>)\n * [CVE-2019-1045](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1045>)\n * [CVE-2019-1046](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1046>)\n * [CVE-2019-1047](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1047>)\n * [CVE-2019-1048](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1048>)\n * [CVE-2019-1049](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1049>)\n * [CVE-2019-1050](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1050>)\n * [CVE-2019-1053](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1053>)\n * [CVE-2019-1054](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1054>)\n * [CVE-2019-1064](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1064>)\n * [CVE-2019-1069](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1069>)\n \n\n\n### Moderate vulnerability\n\nThere is one moderate vulnerability, [CVE-2019-0948](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0948>), which is an information disclosure vulnerability in Windows Event Manager. \n\n\n### Coverage \n\nIn response to these vulnerability disclosures, Talos is releasing the following SNORT\u24c7 rules that detect attempts to exploit them. Please note that additional rules may be released at a future date and current rules are subject to change pending additional information. Firepower customers should use the latest update to their ruleset by updating their SRU. Open Source Snort Subscriber Rule Set customers can stay up-to-date by downloading the latest rule pack available for purchase on Snort.org. \n \nSnort rules: 44813-44814, 48051-48052, 49762-49765, 50162-50163, 50183-50184, 50198-50199, 50357-50376, 50393-50408, 50411-50414\n\n![](http://feeds.feedburner.com/~r/feedburner/Talos/~4/mq1Y7axZhN0)", "cvss3": {}, "published": "2019-06-11T11:42:30", "type": "talosblog", "title": "Microsoft Patch Tuesday \u2014 June 2019: Vulnerability disclosures and Snort coverage", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2019-0620", "CVE-2019-0709", "CVE-2019-0710", "CVE-2019-0711", "CVE-2019-0713", "CVE-2019-0722", "CVE-2019-0888", "CVE-2019-0904", "CVE-2019-0905", "CVE-2019-0906", "CVE-2019-0907", "CVE-2019-0908", "CVE-2019-0909", "CVE-2019-0941", "CVE-2019-0943", "CVE-2019-0948", "CVE-2019-0959", "CVE-2019-0960", "CVE-2019-0968", "CVE-2019-0972", "CVE-2019-0973", "CVE-2019-0974", "CVE-2019-0977", "CVE-2019-0983", "CVE-2019-0984", "CVE-2019-0985", "CVE-2019-0986", "CVE-2019-0988", "CVE-2019-0989", "CVE-2019-0990", "CVE-2019-0991", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-0998", "CVE-2019-1002", "CVE-2019-1003", "CVE-2019-1005", "CVE-2019-1007", "CVE-2019-1009", "CVE-2019-1010", "CVE-2019-1011", "CVE-2019-1012", "CVE-2019-1013", "CVE-2019-1014", "CVE-2019-1015", "CVE-2019-1016", "CVE-2019-1017", "CVE-2019-1018", "CVE-2019-1019", "CVE-2019-1021", "CVE-2019-1022", "CVE-2019-1023", "CVE-2019-1024", "CVE-2019-1025", "CVE-2019-1026", "CVE-2019-1027", "CVE-2019-1028", "CVE-2019-1029", "CVE-2019-1031", "CVE-2019-1032", "CVE-2019-1033", "CVE-2019-1034", "CVE-2019-1035", "CVE-2019-1036", "CVE-2019-1038", "CVE-2019-1039", "CVE-2019-1040", "CVE-2019-1041", "CVE-2019-1043", "CVE-2019-1044", "CVE-2019-1045", "CVE-2019-1046", "CVE-2019-1047", "CVE-2019-1048", "CVE-2019-1049", "CVE-2019-1050", "CVE-2019-1051", "CVE-2019-1052", "CVE-2019-1053", "CVE-2019-1054", "CVE-2019-1055", "CVE-2019-1064", "CVE-2019-1065", "CVE-2019-1069"], "modified": "2019-06-11T11:42:30", "id": "TALOSBLOG:A2A267E7C20665C55127A15BC5B9F7BD", "href": "http://feedproxy.google.com/~r/feedburner/Talos/~3/mq1Y7axZhN0/microsoft-patch-tuesday-june-2019.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "thn": [{"lastseen": "2022-05-09T12:39:34", "description": "[![windows security patch updates ](https://thehackernews.com/images/-rWEOBIr2-vE/XP_DsH-R1uI/AAAAAAAA0L8/4wO0_A8Veu84Nv9fNtKdix7wropZCI-dQCLcBGAs/s728-e100/windows-patch-updates-june.jpg)](<https://thehackernews.com/images/-rWEOBIr2-vE/XP_DsH-R1uI/AAAAAAAA0L8/4wO0_A8Veu84Nv9fNtKdix7wropZCI-dQCLcBGAs/s728-e100/windows-patch-updates-june.jpg>)\n\nAfter [Adobe](<https://thehackernews.com/2019/06/adobe-patch-june.html>), the technology giant Microsoft today\u2014on June 2019 Patch Tuesday\u2014also [released](<https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/253dc509-9a5b-e911-a98e-000d3a33c573>) its monthly batch of software security updates for various supported versions of Windows operating systems and other Microsoft products. \n \nThis month's security updates include patches for a total of 88 vulnerabilities, 21 are rated Critical, 66 are Important, and one is rated Moderate in severity. \n \nThe June 2019 updates include patches Windows OS, Internet Explorer, Microsoft Edge browser, Microsoft Office and Services, ChakraCore, Skype for Business, Microsoft Lync, Microsoft Exchange Server, and Azure. \n \nFour of the security vulnerabilities, all rated important and could allow attackers to escalate privileges, patched by the tech giant this month were disclosed publicly, of which none were found exploited in the wild. \n \n\n\n## Unpatched Issue Reported by Google Researcher\n\n \nHowever, Microsoft failed to patch a [minor flaw in SymCrypt](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1804>), a core cryptographic function library currently used by Windows, which on successful exploitation could allow malicious programs to interrupt (denial of service) the encryption service for other programs. \n \nThis vulnerability was reported to Microsoft by Tavis Ormandy, a Google project zero security researcher, almost 90 days ago. Ormandy today publicly released details and proof-of-concept of the flaw after finding that Microsoft doesn't have any plan to patch the issue with this month updates. \n \n\n\n> \"I've been able to construct an X.509 certificate that triggers the bug. I've found that embedding the certificate in an S/MIME message, authenticode signature, schannel connection, and so on will effectively DoS any windows server (e.g. ipsec, iis, exchange, etc) and (depending on the context) may require the machine to be rebooted,\" Ormandy said.\n\n \n\n\n> \"Obviously, lots of software that processes untrusted content (like antivirus) call these routines on untrusted data, and this will cause them to deadlock.\"\n\n \n\n\n## RCE Through NTLM Vulnerabilities (All Windows Versions Affected)\n\n \nDiscovered by researchers at Preempt, [two important severity vulnerabilities](<https://blog.preempt.com/security-advisory-critical-vulnerabilities-in-ntlm>) (CVE-2019-1040 and CVE-2019-1019) affect Microsoft's NTLM authentication protocol that could allow remote attackers to bypass NTLM protection mechanisms and re-enable NTLM Relay attacks. \n \nThese flaws originate from three logical flaws that let attackers bypass various mitigations\u2014including Message Integrity Code (MIC), SMB Session Signing andEnhanced Protection for Authentication (EPA)\u2014Microsoft added to prevent NTLM Relay attacks. \n \nOn successful exploitation, a man-in-the-middle attacker can \"execute malicious code on any Windows machine or authenticate to any web server that supports Windows Integrated Authentication (WIA) such as Exchange or ADFS.\" \n \nThe latest Microsoft Windows updates address the vulnerability by hardening NTLM MIC protection on the server-side. \n \n\n\n## Other Important Microsoft Vulnerabilities\n\n \nHere below we have compiled a list of other critical and important Microsoft vulnerabilities of which you should be aware of: \n \n**1) Windows Hyper-V RCE and DoS Vulnerabilities** (CVE-2019-0620, CVE-2019-0709, CVE-2019-0722) \u2014 Microsoft patches three critical remote code execution vulnerabilities in Windows Hyper-V, native virtualization software that lets administrators run multiple operating systems as virtual machines on Windows. \n \nAccording to advisories, these flaws originate because the host machine fails to properly validate inputs from an authenticated user on a guest operating system. \n \nHyper-V RCE flaws thus allow an attacker to execute arbitrary malicious code on the host operating system just by executing a specially crafted application on a guest operating system. \n \nBesides RCE flaws in Hyper-V, Microsoft has also released patches for three denial-of-service (DoS) vulnerabilities in Hyper-V software that could allow an attacker with a privileged account on a guest operating system to crash the host operating system. \n \nUsers and system administrators are highly recommended to apply the latest security patches as soon as possible to keep cybercriminals and hackers away from taking control of their computers. \n \nFor installing the latest security updates, you can head on to Settings \u2192 Update & Security \u2192 Windows Update \u2192 Check for updates on your computer, or you can install the updates manually. \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-11T18:08:00", "type": "thn", "title": "Microsoft Releases June 2019 Security Updates to Patch 88 Vulnerabilities", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0620", "CVE-2019-0709", "CVE-2019-0722", "CVE-2019-1019", "CVE-2019-1040"], "modified": "2019-06-11T18:49:11", "id": "THN:9B966D7333226606F54AD717A81F6D7E", "href": "https://thehackernews.com/2019/06/windows-june-updates.html", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "threatpost": [{"lastseen": "2020-04-11T11:45:21", "description": "Microsoft patched four Windows operating system bugs \u2013 all of which are already publicly known or have proof of concept exploits \u2013 as part of its June Patch Tuesday security bulletin. Each of the vulnerabilities are rated important and there are no reports of public exploitation for the flaws.\n\nThe four bugs are part of a total of 88 vulnerabilities that were patched by Microsoft this month, 21 of which are rated critical, 66 rated important and one moderate.\n\nRaising the most concern among security experts are the four bugs that are publicly known. One of those bugs ([CVE-2019-1069](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1069>)) is a Windows Task Scheduler vulnerability affecting Windows 10, Server 2016 and later, according to Microsoft. The flaw, Microsoft reported, could allow Elevation of Privilege on the affected system. \n[![](https://media.threatpost.com/wp-content/uploads/sites/103/2019/02/19151457/subscribe2.jpg)](<https://threatpost.com/newsletter-sign/>)\n\n\u201cPublic disclosure is an indicator of increased risk,\u201d wrote Chris Goettl, director of product management, security at Ivanti in a written analysis. \u201cThis means attackers have had early access to engineer an exploit to take advantage of these vulnerabilities.\u201d\n\nGoettl warned all four of the previously known bugs (CVE-2019-1069, [CVE-2019-1064](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1064>), [CVE-2019-1053](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1053>) and [CVE-2019-0973](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0973>)) should be a patching priority for system administrators.\n\nAnother bug CVE-2019-1064 is a vulnerability in Windows, which could allow Elevation of Privilege on the affected system. Affected is Windows 10, Server 2016 and later.\n\nThe third bug (CVE-2019-1053) is a Windows Shell vulnerability that could also create Elevation of Privilege conditions on the affected system by escaping a sandbox, according to Microsoft. The flaw affects all currently supported Windows operating systems. The last of the four publicly known bugs (CVE-2019-0973) is a vulnerability in Windows Installer that could also allow Elevation of Privilege on the affected system due to improper sanitization of input from loaded libraries.\n\n## Hyper-V and Office Vulnerabilities\n\nSecurity researchers are also flagging three hypervisor escape bugs in Hyper-V. Three remote code execution vulnerabilities ([CVE-2019-0620](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0620>), [CVE-2019-0709](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0709>), and [CVE-2019-0722](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0722>)) are patched in Hyper-V that would allow an authenticated user on a guest system to run arbitrary code on the host system, noted Jimmy Graham, a director at Qualys [in his Patch Tuesday commentary](<https://blog.qualys.com/laws-of-vulnerabilities/2019/06/11/june-2019-patch-tuesday-88-vulns-21-critical-hyper-v-escape-adobe-vulns>). \u201cMicrosoft notes that exploitation of this vulnerability is less likely, but these patches should still be prioritized for Hyper-V systems.\u201d\n\nPatches for two potentially serious remote code execution vulnerabilities in Microsoft Word ([CVE-2019-1034](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1034>) and [CVE-2019-1035](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1035>)) are also worth prioritizing, according to commentary from Allan Liska, threat intelligence analyst at Recorded Future. This vulnerability affects all versions of Microsoft Word on Windows and Mac as well as Office 365, according to Microsoft.\n\n[![Microsoft June Patch Tuesday ](https://media.threatpost.com/wp-content/uploads/sites/103/2019/05/14160018/bug-fix-300x190.jpg)](<https://media.threatpost.com/wp-content/uploads/sites/103/2019/05/14160018/bug-fix.jpg>)\u201cGiven that Microsoft Word Documents are a favorite exploitation tool of cybercriminals, if this vulnerability is reverse engineered it could be widely exploited,\u201d he said.\n\nLiska said both are memory corruption vulnerabilities that require an attacker to send a specially crafted Microsoft Word document for a victim to open. He said that alternatively, an attacker could convince a victim to click on a link to website hosting a malicious Microsoft Word document.\n\nAlso affecting Office are three cross-site scripting vulnerabilities in SharePoint ([CVE-2019-1031](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1031>), [CVE-2019-1033](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1033>) and [CVE-2019-1036](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1036>)). \u201c[The] vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server,\u201d Microsoft wrote of each of the CVEs. A successful exploit of either of the bugs allows an adversary to read unauthorized content, use the victim\u2019s identity to further access a SharePoint site and change permissions, delete content or place malicious context of the user\u2019s browser.\n\n## NTLM Relay Attack Bug\n\nTwo moderate vulnerabilities [CVE-2019-1040](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1040>) and [CVE-2019-1019](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1019>) were patched by Microsoft that allowed attackers to remotely execute malicious code on any Windows machine or authenticate to any web server that supports Windows Integrated Authentication (WIA) such as Exchange or ADFS.\n\nAccording to researchers at Preempt, [who discovered the flaws](<https://threatpost.com/critical-microsoft-rce-bugs-windows/145572/>), the two CVEs consist of three logical flaws in NTLM, the company\u2019s proprietary authentication protocol.\n\nAside from the 88 bugs patched, Microsoft released a number of advisories. Here they are as reported by Qualys:\n\n * [ADV190016](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190016>) Disables the ability to use certain Bluetooth Low Energy FIDO security keys, due to a [vulnerability](<https://nvd.nist.gov/vuln/detail/CVE-2019-2102>) that was disclosed in May. [Google](<https://security.googleblog.com/2019/05/titan-keys-update.html>) and [Feitian](<https://www.ftsafe.com/replacement/>) have issued advisories for customers of these keys.\n * [ADV190017](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190017>) fixes several vulnerabilities in HoloLens that could allow an unauthenticated attacker to DoS or compromise HoloLens devices if they are in close proximity.\n * [ADV190018](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190018>) refers to a \u201cMicrosoft Exchange Server Defense in Depth Update,\u201d but there are no details provided around the update as of the time of this writing.\n\n**_Ransomware is on the rise: _**[**_Don\u2019t miss our free Threatpost webinar _**](<https://attendee.gotowebinar.com/register/611039692762707715?source=enews>)**_on the ransomware threat landscape, June 19 at 2 p.m. ET. _****_Join _****_Threatpost _****_and a panel of experts as they discuss_****_ how to manage the risk associated with this unique attack type,_** **_with exclusive insights into new developments on the ransomware front and how to stay ahead of the attackers._**\n", "cvss3": {}, "published": "2019-06-11T20:29:45", "type": "threatpost", "title": "Microsoft Patches Four Publicly-Known Vulnerabilities", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2019-0620", "CVE-2019-0709", "CVE-2019-0722", "CVE-2019-0973", "CVE-2019-1019", "CVE-2019-1031", "CVE-2019-1033", "CVE-2019-1034", "CVE-2019-1035", "CVE-2019-1036", "CVE-2019-1040", "CVE-2019-1053", "CVE-2019-1064", "CVE-2019-1069", "CVE-2019-2102"], "modified": "2019-06-11T20:29:45", "id": "THREATPOST:040A4A9D0367AA2E807A97FB83D00240", "href": "https://threatpost.com/microsoft-patches-four-publicly-known-vulnerabilities/145594/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-17T02:04:53", "description": "UPDATE\n\nTwo Microsoft vulnerabilities, [CVE-2019-1040](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1040>) and [CVE-2019-1019](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1019>), would allow attackers to remotely execute malicious code on any Windows machine or authenticate to any web server that supports Windows Integrated Authentication (WIA) such as Exchange or ADFS.\n\nAccording to researchers at Preempt, who discovered the flaws, the two CVEs consist of three logical flaws in NTLM, the company\u2019s proprietary authentication protocol. A successful exploit would allow an attacker to read all users\u2019 emails; authenticate to any cloud resource that is controlled by ADFS; remotely execute code on any machine the victim has privileges on; and modify various network configuration to create backdoors.\n\n\u201cNTLM is susceptible to relay attacks, which allows actors to capture an authentication and relay it to another server, granting them the ability to perform operations on the remote server using the authenticated user\u2019s privileges,\u201d they explained in a write-up released Tuesday and shared with Threatpost ahead of publication. \u201cNTLM Relay is one of the most common attack techniques used in Active Directory environments, where the attacker compromises one machine, then moves laterally to other machines by using NTLM authentication directed at the compromised server.\u201d\n\n[![](https://media.threatpost.com/wp-content/uploads/sites/103/2019/02/19151457/subscribe2.jpg)](<https://threatpost.com/newsletter-sign/>)\n\nWhile Microsoft has previously developed several mitigations for preventing NTLM relay attacks, Preempt researchers discovered bugs in those mitigations that can be exploited by attackers.\n\nAll Windows versions are vulnerable, and the attack surface is vast.\n\n\u201cIt\u2019s probably all networks that have an Active Directory, and this is the vast majority of networks in the world,\u201d Preempt researcher Yaron Ziner told Threatpost. \u201cWe don\u2019t have official statistics, but this is definitely more than 90 percent of networks. The most notable fact in our opinion is the fact that we managed to breach all NTLM mitigations and any NTLM usage can result in network compromise.\u201d\n\nEven though NTLM relay is an old attack technique, enterprises cannot completely eliminate the use of the protocol as it will break many applications, Preempt researchers said. However, Microsoft has issued patches for the two bugs as part of its June Patch Tuesday Update. Full protection, however, will also require configuration changes.\n\n\u201cThe patch Microsoft will issue will not be enough to stop the described attacks,\u201d Ziner said. \u201cSecure configuration is needed to be fully protected, and usage of old protocol versions is still exploitable. You need to monitor traffic carefully and analyze network configuration to be 100 percent protected.\n\nCVE-2019-1040 has a base CVSS v3.0 score of 5.3, making it a medium-severity bug; the other, CVE-2019-1019, has a base score of 8.5, ranking it as high-severity. Microsoft ranks both as \u201cimportant.\u201d Researchers at Preempt said they considered the bugs to be critical, however.\n\n\u201cWe do not know always know how Microsoft will score a vulnerability,\u201d Ziner said. \u201cMicrosoft might downplay the impact of these issues, but as experts in network security and NTLM, we believe they are critical. We stand by our assessment [that the bugs are critical] and cannot think of any network in the world that will not be compromised using these vulnerabilities.\u201d\n\n## The Flaws\n\nThree logical flaws are at the heart of the vulnerabilities.\n\nThe first has to do with the Message Integrity Code (MIC) field, which ensures that attackers do not tamper NTLM messages. According Preempt\u2019s [write-up](<https://blog.preempt.com/drop-the-mic>) on the flaw, the bypass allows attackers to remove the \u2018MIC\u2019 protection and modify various fields in the NTLM authentication flow, such as signing negotiation.\n\nThe second weakness is in the SMB Session Signing, which prevents attackers from relaying NTLM authentication messages to establish SMB and DCE/RPC sessions. This bypass, according [to the analysis](<https://blog.preempt.com/your-session-key-is-my-session-key>), enables attackers to relay NTLM authentication requests to any server in the domain, including domain controllers, while establishing a signed session to perform remote code execution. If the relayed authentication is of a privileged user, this means full domain compromise.\n\nAnd finally, Enhanced Protection for Authentication (EPA) prevents attackers from relaying NTLM messages to TLS sessions has a flaw. The bypass here, [as described](<https://blog.preempt.com/how-to-easily-bypass-epa>), allows attackers to modify NTLM messages to generate legitimate channel binding information. This allows attackers to connect to various web servers using the attacked user\u2019s privileges and perform operations such as reading the user\u2019s emails (by relaying to OWA servers) or even connecting to cloud resources (by relaying to ADFS servers).\n\nIn terms of how an attacker would use an exploit for the bugs in real life, Ziner told Threatpost that \u201ca user that connects to a compromised server (in many cases, this can be triggered by an attacker, e.g, by a phishing email), credentials will be stolen with a 100 percent probability by an attacker.\u201d\n\nFor a successful exploit, \u201can attacker would mainly need some way to intercept NTLM sessions (there are several known techniques to accomplish this),\u201d he added. \u201cExploitation is difficult in the sense that only a technology expert could code an exploit. However, once open-source exploits would be available, it would be very easy to exploit.\u201d\n\nAfter patching, the network administrators should make the recommended configuration changes, researchers said: These include turning on SMB Signing on all machines in the network; completely blocking the outdated version of the protocol, NTLMv1; enforcing LDAP signing and LDAPS channel binding on domain controllers; hardening all web servers (OWA, ADFS) to accept only requests with EPA; and removing NTLM where it is not needed.\n\n_This story was updated at 3:27 p.m. on June 11 to reflect revised severity ratings, after Microsoft issued its patches. And, updated at 9 a.m. on June 12 to include a comment from Preempt on why the firm considers the bugs to be \u201ccritical.\u201d_\n\n**_Ransomware is on the rise: _**[**_Don\u2019t miss our free Threatpost webinar _**](<https://attendee.gotowebinar.com/register/611039692762707715?source=enews>)**_on the ransomware threat landscape, June 19 at 2 p.m. ET. _****_Join _****_Threatpost _****_and a panel of experts as they discuss_****_ how to manage the risk associated with this unique attack type,_** **_with exclusive insights into new developments on the ransomware front and how to stay ahead of the attackers._**\n", "cvss3": {}, "published": "2019-06-11T16:00:39", "type": "threatpost", "title": "Near-Ubiquitous Microsoft RCE Bugs Affect All Versions of Windows", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2019-1019", "CVE-2019-1040"], "modified": "2019-06-11T16:00:39", "id": "THREATPOST:32543D9C50E016B8E5F07112935E35F8", "href": "https://threatpost.com/critical-microsoft-rce-bugs-windows/145572/", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-05-12T21:53:50", "description": "A Windows interface that allows system administrators to configure and monitor systems from an admin level has several vulnerabilities that would allow an attacker to install malicious payloads and even take over a target, privileged machine.\n\nThe bugs are grouped under one umbrella (CVE-2019-0948) and are found in the Microsoft Management Console (MMC), according to Check Point researchers Eran Vaknin and Alon Boxiner,\n\n\u201cThe goal of MMC is to provide a programming platform for creating and hosting applications that manage Microsoft Windows-based environments, and to provide a simple, consistent and integrated management user interface and administration model,\u201d they explained [in a breakdown](<https://research.checkpoint.com/microsoft-management-console-mmc-vulnerabilities>) of the vulnerabilities, given to clients last week but just made public on Monday. As such, a compromised PC would offer access to a range of privileged functions and access.\n\n[![](https://media.threatpost.com/wp-content/uploads/sites/103/2019/02/19151457/subscribe2.jpg)](<https://threatpost.com/newsletter-sign/>)\n\nThe issues include multiple cross-site scripting (XSS) bugs and XML external entity (XXE) problems. One set of flaws includes multiple XSS vulnerabilities that exist in WebView.\n\nAttackers can exploit the bugs by abusing the \u201csnap-in\u201d mechanism in MMC, the researchers said. [MMC snap-ins](<https://www.itprotoday.com/windows-78/microsoft-management-console-snap-ins>) are the actual management tools available for the platform. The console \u2014 sometimes referred to as a \u201ctools host\u201d \u2014 is simply a framework into which the snap-ins are added. Snap-ins include ActiveX Control, Link to Web Address and so on.\n\nTo exploit the vulnerability, an attacker would create a snap-in file (with the .msc file extension) containing specially crafted XML content, and then convince an authenticated user to import the file using any number of social-engineering techniques.\n\nThe researchers explained that if an attacker creates a file with the Link to Web Address snap-in, he can insert a URL link to his own server within it, thus directing victims to an HTML page with a malicious payload.\n\n\u201cAs the victim opens the malicious .msc file, a WebView is opened (within the MMC window) and the malicious payload is executed,\u201d the researchers explained. \u201cWe have successfully managed to insert a malicious URL link that contains malicious payloads, such as redirection to SMB server that will capture the user NTLM hash. Moreover, it is also possible to execute VBS script on the victims\u2019 host via the mentioned WebView.\u201d\n\nSimilarly, an attacker can choose to create a file with the ActiveX Control snap-in (all ActiveX controls are vulnerable, the researchers said) and save it as an .msc file. \u201cIn the .msc file, under the StringsTables section, the attacker changes the third string value to a malicious URL under his control, containing an HTML page with a malicious payload,\u201d the two explained.\n\nAlso included in the CVE is an XXE vulnerability due to a faulty XML parser.\n\n\u201cA victim opens the MMC and chooses the event viewer snap-in and clicks on \u2018Action\u2019 \u2013 and then on \u2018Import Custom View,'\u201d the researchers said. \u201cAs soon as a malicious XML file is chosen (containing an XXE payload) any file from the victim\u2019s host is sent to the attacker.\u201d\n\nMicrosoft, [in its advisory](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0948>), described it tersely as a moderate-severity information-disclosure bug.\n\n\u201cAn information-disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity,\u201d it said. \u201cAn attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration.\u201d\n\nMicrosoft patched the issues in its [June Patch Tuesday update](<https://threatpost.com/microsoft-patches-four-publicly-known-vulnerabilities/145594/>).\n\nHowever, Vaknin and Boxiner said that the bugs could allow a more serious attack than just information disclosure.\n\nThe researchers told Threatpost, \u201cThe most notable aspect is that MMC files are being used\u2026by IT administrators, anti-virus does not categorize those files as malicious and it is possible to take control over the victim PC by exploiting the vulnerabilities.\u201d That PC would have admin status, allowing adversaries to penetrate further into the network.\n\nWindows 7, Windows 8.1, Windows 10, and Windows Server 2008 to Windows Server 2019 are vulnerable and should be updated, they added. So far, there is no evidence of exploitation.\n\n**_Ransomware is on the rise: _**[**_Don\u2019t miss our free Threatpost webinar _**](<https://attendee.gotowebinar.com/register/611039692762707715?source=ART>)**_on the ransomware threat landscape, June 19 at 2 p.m. ET. _****_Join _****_Threatpost _****_and a panel of experts from Malwarebytes, Recorded Future and Moss Adams as they discuss_****_ how to manage the risk associated with this unique attack type,_** **_with exclusive insights into new developments on the ransomware front and how to stay ahead of the attackers._**\n", "cvss3": {}, "published": "2019-06-18T15:01:07", "type": "threatpost", "title": "Microsoft Management Console Bugs Allow Windows Takeover", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2019-0948"], "modified": "2019-06-18T15:01:07", "id": "THREATPOST:93C6C6F1F74B11C3D7F109589684DAED", "href": "https://threatpost.com/microsoft-management-console-bugs/145791/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "qualysblog": [{"lastseen": "2019-06-15T08:21:08", "description": "This month's Microsoft Patch Tuesday addresses 88 vulnerabilities with 21 of them labeled as Critical. Of the 21 Critical vulns, 17 are for scripting engines and browsers, and 3 are potential hypervisor escapes in Hyper-V. The remaining vulnerability is an RCE in the Microsoft Speech API. Microsoft also issued guidance on Bluetooth Low Energy FIDO keys, HoloLens, and Microsoft Exchange. Adobe issues patches today for Flash, ColdFusion, and Campaign.\n\n### Workstation Patches\n\nScripting Engine and Browser patches should be prioritized for workstation-type devices, meaning any system that is used for email or to access the internet via a browser. This includes multi-user servers that are used as remote desktops for users.\n\n### Hyper-V Hypervisor Escape\n\nThree remote code execution vulnerabilities ([CVE-2019-0620](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0620>), [CVE-2019-0709](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0709>), and [CVE-2019-0722](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0722>)) are patched in Hyper-V that would allow an authenticated user on a guest system to run arbitrary code on the host system. Microsoft notes that exploitation of this vulnerability is less likely, but these patches should still be prioritized for Hyper-V systems.\n\n### Microsoft Speech API RCE\n\nA remote code execution vulnerability ([CVE-2019-0985](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0985>)) exists in the Microsoft Speech API. This impacts Windows 7 and Server 2008 R2, and requires a user to open a malicious document in order to exploit.\n\n### Advisories\n\nMicrosoft also issued several advisories:\n\n * [ADV190016](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190016>) Disables the ability to use certain Bluetooth Low Energy FIDO security keys, due to a [vulnerability](<https://nvd.nist.gov/vuln/detail/CVE-2019-2102>) that was disclosed in May. [Google](<https://security.googleblog.com/2019/05/titan-keys-update.html>) and [Feitian](<https://www.ftsafe.com/replacement/>) have issued advisories for customers of these keys.\n * [ADV190017](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190017>) fixes several vulnerabilities in HoloLens that could allow an unauthenticated attacker to DoS or compromise HoloLens devices if they are in close proximity.\n * [ADV190018](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190018>) refers to a \"Microsoft Exchange Server Defense in Depth Update,\" but there are no details provided around the update as of the time of this writing.\n\n### Adobe Patch Tuesday\n\nAdobe released updates today for Flash, ColdFusion, and Campaign. The [Flash update](<https://helpx.adobe.com/security/products/flash-player/apsb19-30.html>) fixes one critical CVE, and should be prioritized for workstations that have Flash installed. The [ColdFusion updates](<https://helpx.adobe.com/security/products/coldfusion/apsb19-27.html>) address three vulnerabilities of various types, all labeled as Critical. Anyone running a ColdFusion server should test and patch as soon as possible. The [Adobe Campaign patch](<https://helpx.adobe.com/security/products/campaign/apsb19-28.html>) addresses 7 different vulnerabilities, with one labeled as Critical.", "cvss3": {}, "published": "2019-06-11T18:18:29", "type": "qualysblog", "title": "June 2019 Patch Tuesday \u2013 88 Vulns, 21 Critical, Hyper-V Escape, Adobe Vulns", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2019-0620", "CVE-2019-0709", "CVE-2019-0722", "CVE-2019-0985", "CVE-2019-2102"], "modified": "2019-06-11T18:18:29", "id": "QUALYSBLOG:548A2D8484377A20A276BF58474488F7", "href": "https://blog.qualys.com/laws-of-vulnerabilities/2019/06/11/june-2019-patch-tuesday-88-vulns-21-critical-hyper-v-escape-adobe-vulns", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "krebs": [{"lastseen": "2019-06-15T09:03:39", "description": "**Microsoft** on Tuesday released updates to fix 88 security vulnerabilities in its **Windows** operating systems and related software. The most dangerous of these include four flaws for which there is already exploit code available. There's also a scary bug affecting all versions of **Microsoft Office** that can be triggered by a malicious link or attachment. And of course **Adobe** has its customary monthly security update for **Flash Player**.\n\n![](https://krebsonsecurity.com/wp-content/uploads/2014/07/brokenwindows.png)Microsoft says it has so far seen no exploitation against any of the four flaws that were disclosed publicly prior to their patching this week -- nor against any of the 88 bugs quashed in this month's release. All four are privilege escalation flaws: [CVE-2019-1064](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1064>) and [CVE-2019-1069](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1069>) affect **Windows 10** and later; [CVE-2019-1053](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1053>) and [CVE-2019-0973](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0973>) both affect all currently supported versions of Windows.\n\nMost of the critical vulnerabilities -- those that can be exploited by malware or miscreants to infect systems without any action on the part of the user -- are present in Microsoft's browsers **Internet Explorer** and **Edge**.\n\nAccording to **Allan Liska**, senior solutions architect at **Recorded Future**, serious vulnerabilities in this month's patch batch reside in **Microsoft Word** ([CVE-2019-1034](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1034>) and [CVE-2019-1035](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1035>)).\n\n\"This is another memory corruption vulnerability that requires an attacker to send a specially crafted Microsoft Word document for a victim to open, alternatively an attacker could convince a victim to click on a link to a website hosting a malicious Microsoft Word document,\" Liska wrote. \"This vulnerability affects all versions of Microsoft Word on Windows and Mac as well as Office 365. Given that Microsoft Word Documents are a favorite exploitation tool of cybercriminals, if this vulnerability is reverse engineered it could be widely exploited.\"\n\nMicrosoft also pushed an update to plug [a single critical security hole](<https://helpx.adobe.com/security/products/flash-player/apsb19-30.html>) in Adobe's Flash Player software, which is waning in use but it still is a target for malware purveyors. **Google Chrome **auto-updates Flash but also is now making users explicitly enable Flash every time they want to use it. By the summer of 2019 Google will [make Chrome users go into their settings to enable it](<https://nakedsecurity.sophos.com/2018/09/03/chrome-flash-is-almost-almost-almost-dead/>) every time they want to run it.\n\nFirefox also forces users with the Flash add-on installed to click in order to play Flash content; instructions for disabling or removing Flash from Firefox are [here](<https://support.mozilla.org/en-US/kb/disable-or-remove-add-ons>). Adobe will stop supporting Flash at the end of 2020.\n\nNote that **Windows 10** likes to install patches all in one go and reboot your computer on its own schedule. Microsoft doesn\u2019t make it easy for Windows 10 users to change this setting, [but it is possible](<https://www.howtogeek.com/224471/how-to-prevent-windows-10-from-automatically-downloading-updates/>). For all other Windows OS users, if you\u2019d rather be alerted to new updates when they\u2019re available so you can choose when to install them, there\u2019s a setting for that in **Windows Update**. To get there, click the Windows key on your keyboard and type \"windows update\" into the box that pops up.\n\nStaying up-to-date on Windows patches is good. Updating only after you\u2019ve backed up your important data and files is even better. A good backup means you\u2019re not pulling your hair out if the odd buggy patch causes problems booting the system. So do yourself a favor and backup your files before installing any patches.\n\nAs always, if you experience any problems installing any of the patches this month, please feel free to leave a comment about it below; there\u2019s a good chance other readers have experienced the same and may even chime in here with some helpful tips.\n\nAdditional reading:\n\n[Martin Brinkmann's take at Ghacks.net](<https://www.ghacks.net/2019/06/11/microsoft-windows-security-updates-june-2019-overview/>)\n\n[Qualys on Patch Tuesday](<https://blog.qualys.com/laws-of-vulnerabilities/2019/06/11/june-2019-patch-tuesday-88-vulns-21-critical-hyper-v-escape-adobe-vulns>)\n\n[SANS's quick reference by severity](<https://isc.sans.edu/forums/diary/MSFT+June+2019+Patch+Tuesday/25024/>)", "edition": 2, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-06-12T13:26:21", "type": "krebs", "title": "Microsoft Patch Tuesday, June 2019 Edition", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0973", "CVE-2019-1034", "CVE-2019-1035", "CVE-2019-1053", "CVE-2019-1064", "CVE-2019-1069"], "modified": "2019-06-12T13:26:21", "id": "KREBS:72AD883B9D56B1738723ABBD656A0AED", "href": "https://krebsonsecurity.com/2019/06/microsoft-patch-tuesday-june-2019-edition/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "mskb": [{"lastseen": "2023-02-10T10:52:51", "description": "None\n**Reminder: **March 12 and April 9 will be the last two Delta updates for Windows 10, version 1703. Security and quality updates will continue to be available via the express and full cumulative update packages. For more information on this change please visit our [blog](<https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-quality-updates-explained-amp-the-end-of-delta/ba-p/214426>).\n\n_Windows 10, version 1703, reached end of service on October 8, 2018__. Devices running Windows 10 Home, Pro, Pro for Workstation, and IoT Core editions will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10._**IMPORTANT: **Windows 10 Enterprise and Windows 10 Education editions will receive one year of additional servicing at no cost.\n\n**Note: **This release also contains updates for Windows 10 Mobile (OS Build 15063.1868) released June 11, 2019.\n\n_Windows 10 Mobile, version 1703, reached end of service on June 11, 2019. Devices running Windows 10 Mobile and Windows 10 Mobile Enterprise will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10._\n\n## Improvements and fixes\n\nThis update includes quality improvements. Key changes include:\n\n * Addresses a security vulnerability by intentionally preventing connections between Windows and Bluetooth devices that are not secure and use well-known keys to encrypt connections, including security fobs. If BTHUSB Event 22 in the Event Viewer states, \u201cYour Bluetooth device attempted to establish a debug connection\u2026.\u201d, then your system is affected. Contact your Bluetooth device manufacturer to determine if a device update exists. For more information, see [CVE-2019-2102](<https://vulners.com/cve/CVE-2019-2102>) and KB4507623.\n * Addresses an issue that may prevent Internet Explorer 11 from opening if the **Default Search Provider** is not set or is malformed.\n * Security updates to Microsoft Edge, Internet Explorer, Windows App Platform and Frameworks, Windows Input and Composition, Windows Media, Windows Shell, Windows Server, Windows Authentication, Windows Datacenter Networking, Windows Storage and Filesystems, Windows Virtualization, Internet Information Services, and the Microsoft JET Database Engine.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nWhen trying to expand, view, or create **Custom Views **in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using **Filter Current Log **in the **Action **menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.| This issue is resolved in KB4503289. \nDevices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing this update. You may also receive an error in the **System **log section of **Event Viewer **with Event ID 43 from iScsiPrt and a description of \u201cTarget failed to respond in time for a login request.\u201d| This issue is resolved in KB4509476. \nAfter installing this update and restarting, some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\".| This issue is resolved in KB4507450. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU. For more information, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates#why-should-servicing-stack-updates-be-installed-and-kept-up-to-date>).If you are using Windows Update, the latest SSU (KB4500640) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update**This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4503279 >) website.**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4503279](<http://download.microsoft.com/download/5/E/A/5EA53689-645A-4EA5-81A6-0FF345776339/4503279.csv>). \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-11T07:00:00", "type": "mskb", "title": "June 11, 2019\u2014KB4503279 (OS Build 15063.1868)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1069", "CVE-2019-2102"], "modified": "2019-06-11T07:00:00", "id": "KB4503279", "href": "https://support.microsoft.com/en-us/help/4503279", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-10T10:52:53", "description": "None\nThe Windows 10 April 2018 Update will reach end of service on November 12, 2019 for Home and Pro editions. We will begin updating devices running the Windows 10 April 2018 Update starting July 16, 2019 to help ensure that these devices remain in a serviced and secure state. For more information, see the Windows 10, version 1903 section of the [release information dashboard](<https://docs.microsoft.com/en-us/windows/release-information/status-windows-10-1903>).\n\n**Note **Follow [@WindowsUpdate](<https://twitter.com/windowsupdate>) to find out when new content is published to the release information dashboard.\n\n**Reminder: **March 12 and April 9 will be the last two Delta updates for Windows 10, version 1803. Security and quality updates will continue to be available via the express and full cumulative update packages. For more information on this change please visit our [blog](<https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-quality-updates-explained-amp-the-end-of-delta/ba-p/214426>).\n\nStarting with update KB4499183, we are introducing functionality that allows you to decide when to install a feature update. You control when you get a feature update while simultaneously keeping your devices up to date. Feature updates that are available for eligible devices will appear in a separate module on the Windows Update page (**Settings **> **Update & Security** > **Windows Update**). If you would like to get an available update right away, select **Download and install now**. To find out more about this feature, please go to this [blog](<https://blogs.windows.com/windowsexperience/?p=172316>). _When Windows 10 devices are at, or within several months of reaching, end of service, Windows Update will begin to automatically initiate a feature update. This keeps those devices supported and receiving the monthly updates that are critical to device security and ecosystem health._\n\n## Improvements and fixes\n\nThis update includes quality improvements. Key changes include:\n\n * Addresses a security vulnerability by intentionally preventing connections between Windows and Bluetooth devices that are not secure and use well-known keys to encrypt connections, including security fobs. If BTHUSB Event 22 in the Event Viewer states, \u201cYour Bluetooth device attempted to establish a debug connection\u2026.\u201d, then your system is affected. Contact your Bluetooth device manufacturer to determine if a device update exists. For more information, see [CVE-2019-2102](<https://vulners.com/cve/CVE-2019-2102>) and KB4507623.\n * Addresses an issue that may prevent the Preboot Execution Environment (PXE) from starting a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.\n * Addresses an issue that may prevent Internet Explorer 11 from opening if the **Default Search Provider** is not set or is malformed.\n * Security updates to Microsoft Scripting Engine, Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, Windows App Platform and Frameworks, Windows Input and Composition, Windows Media, Windows Shell, Windows Server, Windows Authentication, Windows Cryptography, Windows Storage and Filesystems, Windows Virtualization, Internet Information Services Windows SQL components, and the Microsoft JET Database Engine .\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nWhen trying to expand, view, or create **Custom Views **in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using **Filter Current Log **in the **Action **menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.| This issue is resolved in KB4503288. \nWe are investigating reports that a small number of devices may startup to a black screen during the first logon after installing updates.| This issue is resolved in KB4519978. \nDevices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing this update. You may also receive an error in the **System **log section of **Event Viewer **with Event ID 43 from iScsiPrt and a description of \u201cTarget failed to respond in time for a login request.\u201d| This issue is resolved in KB4509478. \nDevices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing this update on a WDS server.| This issue is resolved in KB4512509. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU. For more information, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates#why-should-servicing-stack-updates-be-installed-and-kept-up-to-date>).If you are using Windows Update, the latest SSU (KB4497398) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update**This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4503286 >) website.**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4503286](<http://download.microsoft.com/download/6/3/3/63340BDE-2BDB-4688-A08C-75B5B452365B/4503286.csv>). \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-11T07:00:00", "type": "mskb", "title": "June 11, 2019\u2014KB4503286 (OS Build 17134.829)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0998", "CVE-2019-2102"], "modified": "2019-06-11T07:00:00", "id": "KB4503286", "href": "https://support.microsoft.com/en-us/help/4503286", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-10T10:52:52", "description": "None\n**Reminder: **March 12 and April 9 will be the last two Delta updates for Windows 10, version 1709. Security and quality updates will continue to be available via the express and full cumulative update packages. For more information on this change please visit our [blog](<https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-quality-updates-explained-amp-the-end-of-delta/ba-p/214426>).\n\n**Reminder:** Windows 10, version 1709, will reach end of service on April 9, 2019 for devices running Windows 10 Home, Pro, Pro for Workstation, and IoT Core editions. These devices will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.\n\n**IMPORTANT: **Windows 10 Enterprise, Education, and IoT Enterprise editions will continue to receive servicing for 12 months at no cost per the lifecycle announcement on October 2018.\n\n## Improvements and fixes\n\nThis update includes quality improvements. Key changes include:\n\n * Addresses a security vulnerability by intentionally preventing connections between Windows and Bluetooth devices that are not secure and use well-known keys to encrypt connections, including security fobs. If BTHUSB Event 22 in the Event Viewer states, \u201cYour Bluetooth device attempted to establish a debug connection\u2026.\u201d, then your system is affected. Contact your Bluetooth device manufacturer to determine if a device update exists. For more information, see [CVE-2019-2102](<https://vulners.com/cve/CVE-2019-2102>) and KB4507623.\n * Addresses an issue that may prevent Internet Explorer 11 from opening if the **Default Search Provider** is not set or is malformed.\n * Security updates to Microsoft Edge, Microsoft Scripting Engine, Internet Explorer, Windows App Platform and Frameworks, Windows Input and Composition, Windows Media, Windows Shell, Windows Server, Windows Authentication, Windows Datacenter Networking, Windows Storage and Filesystems, Windows Virtualization, Internet Information Services, and the Microsoft JET Database Engine.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nWhen trying to expand, view, or create **Custom Views **in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using **Filter Current Log **in the **Action **menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.| This issue is resolved in KB4503281. \nDevices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing this update. You may also receive an error in the **System **log section of **Event Viewer **with Event ID 43 from iScsiPrt and a description of \u201cTarget failed to respond in time for a login request.\u201d| This issue is resolved in KB4509477. \nDevices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing this update on a WDS server.| This issue is resolved in KB4512494. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For more information, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates#why-should-servicing-stack-updates-be-installed-and-kept-up-to-date>).If you are using Windows Update, the latest SSU (KB4500641) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).**Install this update**This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4503284>) website.**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4503284](<http://download.microsoft.com/download/4/C/A/4CA512D5-877D-49BB-8279-45F555D610C8/4503284.csv>). \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-11T07:00:00", "type": "mskb", "title": "June 11, 2019\u2014KB4503284 (OS Build 16299.1217)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1055", "CVE-2019-2102"], "modified": "2019-06-11T07:00:00", "id": "KB4503284", "href": "https://support.microsoft.com/en-us/help/4503284", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-15T10:34:40", "description": "None\n**Reminder:** The additional servicing for Windows 10 Enterprise, Education, and IoT Enterprise editions ends on April 9, 2019 and doesn't extend beyond this date. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.\n\n**Reminder: **March 12 and April 9 will be the last two Delta updates for Windows 10, version 1607. For Long-Term Servicing Branch (LTSB) customers, security and quality updates will continue to be available via the express and full cumulative update packages. For more information on this change please visit our [blog](<https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-quality-updates-explained-amp-the-end-of-delta/ba-p/214426>).\n\n_Windows 10, version 1607, reached end of service on April 10, 2018. Devices running Windows 10 Home or Pro editions will no longer receive monthly security and quality updates that contain protection from the latest security threats. __To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10._**IMPORTANT: **Windows 10 Enterprise and Windows 10 Education editions will receive additional servicing at no cost until April 9, 2019. Devices on the Long-Term Servicing Channels (LTSC) will continue to receive updates until October 2026 per the [Lifecycle Policy page](<https://support.microsoft.com/lifecycle/search?alpha=Windows%2010>). Windows 10 Anniversary Update (v. 1607) devices running the Intel \u201cClovertrail\u201d chipset will continue to receive updates until January 2023 per the [Microsoft Community blog](<https://answers.microsoft.com/windows/forum/windows_10-windows_install/intel-clover-trail-processors-are-not-supported-on/ed1823d3-c82c-4d7f-ba9d-43ecbcf526e9?auth=1>).\n\n_Windows Server 2016 Standard edition, Nano Server installation option and Windows Server 2016 Datacenter edition, Nano Server installation option __reached end of service on October 9, 2018_._ These editions will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10._\n\n_Windows 10 Mobile, version 1607, reached end of service on October 8, 2018. Devices running Windows 10 Mobile and Windows 10 Mobile Enterprise will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10._\n\n## Improvements and fixes\n\nThis update includes quality improvements. Key changes include:\n\n * Addresses an issue that may cause authentication to fail when using Windows Hello for Business on Windows Server 2016 with the Server Core option installed.\n * Addresses a security vulnerability by intentionally preventing connections between Windows and Bluetooth devices that are not secure and use well-known keys to encrypt connections, including security fobs. If BTHUSB Event 22 in the Event Viewer states, \u201cYour Bluetooth device attempted to establish a debug connection\u2026.\u201d, then your system is affected. Contact your Bluetooth device manufacturer to determine if a device update exists. For more information, see [CVE-2019-2102](<https://vulners.com/cve/CVE-2019-2102>) and KB4507623.\n * Addresses an issue that may prevent the Preboot Execution Environment (PXE) from starting a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.\n * Addresses an issue that may prevent Internet Explorer 11 from opening if the **Default Search Provider** is not set or is malformed.\n * Security updates to Microsoft Edge, Microsoft Scripting Engine, Internet Explorer, Windows App Platform and Frameworks, Windows Input and Composition, Windows Media, Windows Shell, Windows Server, Windows Authentication, Windows Datacenter Networking, Windows Storage and Filesystems, Windows Virtualization, Internet Information Services, and the Microsoft JET Database Engine.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nFor hosts managed by System Center Virtual Machine Manager (SCVMM), SCVMM cannot enumerate and manage logical switches deployed on the host after installing the update.Additionally, if you do not follow the [best practices](<https://techcommunity.microsoft.com/t5/System-Center-Blog/System-Center-Virtual-Machine-Manager-fails-to-enumerate-and/ba-p/360646>), a stop error may occur in **vfpext.sys** on the hosts.| This issue is resolved in KB4507459. \n \n \nAfter installing KB4467684, the cluster service may fail to start with the error \u201c2245 (NERR_PasswordTooShort)\u201d if the group policy \u201cMinimum Password Length\u201d is configured with greater than 14 characters.| Set the domain default \"Minimum Password Length\" policy to less than or equal to 14 characters.Microsoft is working on a resolution and will provide an update in an upcoming release. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing this update and restarting, some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\".| This issue is resolved in KB4507460. \nSome applications may fail to run as expected on clients of Active Directory Federation Services 2016 (AD FS 2016) after installation of this update on the server. Applications that may exhibit this behavior use an **IFRAME** during non-interactive authentication requests and receive **X-Frame Options** set to DENY.| This issue is resolved in KB4507459. \nWhen trying to expand, view, or create **Custom Views **in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using **Filter Current Log **in the **Action **menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.| This issue is resolved in KB4503294. \nDevices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing this update. You may also receive an error in the **System **log section of **Event Viewer **with Event ID 43 from iScsiPrt and a description of \u201cTarget failed to respond in time for a login request.\u201d| This issue is resolved in KB4509475. \nDevices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing this update on a WDS server.| This issue is resolved in KB4512495. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU. For more information, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates#why-should-servicing-stack-updates-be-installed-and-kept-up-to-date>).If you are using Windows Update, the latest SSU (KB4503537) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update**This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4503267>) website.**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4503267](<http://download.microsoft.com/download/7/A/E/7AE23660-A356-4069-8AA8-3242D711FED4/4503267.csv>). \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-11T07:00:00", "type": "mskb", "title": "June 11, 2019\u2014KB4503267 (OS Build 14393.3025)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1081", "CVE-2019-2102"], "modified": "2019-06-11T07:00:00", "id": "KB4503267", "href": "https://support.microsoft.com/en-us/help/4503267", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-15T10:35:02", "description": "None\n## Improvements and fixes\n\nThis update includes quality improvements. Key changes include:\n\n * Addresses an issue to set the date separator properly in the Japanese short date format. For more information, see KB4469068.\n * Updates time zone information for Morocco.\n * Updates time zone information for the Palestinian territories.\n * Addresses a security vulnerability by intentionally preventing connections between Windows and Bluetooth devices that are not secure and use well-known keys to encrypt connections, including security fobs. If BTHUSB Event 22 in the Event Viewer states, \u201cYour Bluetooth device attempted to establish a debug connection\u2026.\u201d, then your system is affected. Contact your Bluetooth device manufacturer to determine if a device update exists. For more information, see [CVE-2019-2102](<https://vulners.com/cve/CVE-2019-2102>) and KB4507623.\n * Addresses an issue with the HTTP and HTTPS string character limit for URLs when using Internet Explorer.\n * Security updates to Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, Windows Input and Composition, Windows Media, Windows Shell, Windows Server, Windows Authentication, Windows Cryptography, Windows Datacenter Networking, Windows Storage and Filesystems, Windows Virtualization, Internet Information Services, Windows SQL components, and the Microsoft JET Database Engine.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device. For more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nWhen trying to expand, view, or create **Custom Views **in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using **Filter Current Log **in the **Action **menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.| This issue is resolved in KB4507458. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends that you install the latest servicing stack update (SSU) for your operating system before installing th