Lucene search
K

7 matches found

Pen Test Partners Blog
Pen Test Partners Blog
added 2018/10/10 1:28 p.m.381 views

Time Travel Debugging: finding Windows GDI flaws

Introduction Microsoft Patches for October 2018 included a total of 49 security patches. There were many interesting ones including kernel privilege escalation as well as critical ones which could lead to remote code execution such as the MSXML one. In this post we will be analysing a case of a W...

2.1CVSS7.8AI score0.43458EPSS
Exploits0
CVE
CVE
added 2018/10/10 1:0 p.m.117 views

CVE-2018-8472

CVE-2018-8472 is a Windows GDI information-disclosure vulnerability. The issue arises from how the Windows Graphics Device Interface handles objects in memory, enabling a local attacker to retrieve information from the target system. Affected software/hosts include multiple Windows platforms list...

5.5CVSS5.7AI score0.18869EPSS
Exploits0References3Affected Software8
OpenVAS
OpenVAS
added 2018/10/10 12:0 a.m.160 views

Microsoft Windows Multiple Vulnerabilities (KB4462923)

This host is missing a critical security update according to Microsoft KB4462923 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.8AI score0.69833EPSS
Exploits16References3
OpenVAS
OpenVAS
added 2018/10/10 12:0 a.m.87 views

Microsoft Windows Multiple Vulnerabilities (KB4462922)

This host is missing a critical security update according to Microsoft KB4462922 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.8AI score0.69833EPSS
Exploits16References3
Kaspersky
Kaspersky
added 2018/10/09 12:0 a.m.91 views

KLA11889 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. An elevation...

9.3CVSS8.9AI score0.69833EPSS
Exploits16References32
Symantec
Symantec
added 2018/10/09 12:0 a.m.159 views

Microsoft Windows GDI Component CVE-2018-8472 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...

1.2AI score0.18869EPSS
Exploits0Affected Software3
Tenable Nessus
Tenable Nessus
added 2018/10/09 12:0 a.m.167 views

KB4462937: Windows 10 Version 1703 October 2018 Security Update

The remote Windows host is missing security update 4462937. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker...

9.3CVSS8.1AI score0.69833EPSS
Exploits17References25
Rows per page
Query Builder