Plugins Database As of 12-06-2019

Microsoft Windows Multiple Vulnerabilities (KB4512506)

Windows : Microsoft Bulletins
Impact by CVSS Score
  • ID: 1.3.6.1.4.1.25623.1.0.815438

CVSS Base Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Summary:
This host is missing a critical security update according to Microsoft KB4512506.

Detection Method:
Checks if a vulnerable version is present on the target host.

Technical Details:
Multiple flaws exist as, - Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. - Windows improperly handles objects in memory. - VBScript engine improperly handles objects in memory. - The XmlLite runtime (XmlLite.dll) improperly parses XML input. - Microsoft browsers improperly handle requests of different origins. - Windows Server DHCP service improperly process specially crafted packets. - Bluetooth BR/EDR key negotiation vulnerability that exists at the hardware specification level of any BR/EDR Bluetooth device. For more information about the vulnerabilities refer Reference links.

Impact:
Successful exploitation will allow an attacker to crash the host server, execute arbitrary code on the target system, obtain information that could be used to try to further compromise the affected system and negotiate the offered key length of bluetooth connection.

Affected Versions:
Windows 7 for 32-bit/x64 Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1

Recommendations:
The vendor has released updates. Please see the references for more information.

Solution Type:
Vendor Patch

Detection Type:
Executable

Search
Severity
High
CVSS Score
10.0
Published
2019-08-14 04:51:38
Modified
2019-08-14 14:30:23
CVE
CVE-2019-0714
CVE-2019-0715
CVE-2019-0716
CVE-2019-0720
CVE-2019-0723
CVE-2019-0736
CVE-2019-1057
CVE-2019-1078
CVE-2019-1133
CVE-2019-1143
CVE-2019-1144
CVE-2019-1145
CVE-2019-1146
CVE-2019-1147
CVE-2019-1148
CVE-2019-1149
CVE-2019-1150
CVE-2019-1151
CVE-2019-1152
CVE-2019-1153
CVE-2019-1154
CVE-2019-1155
CVE-2019-1156
CVE-2019-1157
CVE-2019-1158
CVE-2019-1159
CVE-2019-1162
CVE-2019-1164
CVE-2019-1168
CVE-2019-1169
CVE-2019-1177
CVE-2019-1178
CVE-2019-1181
CVE-2019-1182
CVE-2019-1183
CVE-2019-1187
CVE-2019-1192
CVE-2019-1193
CVE-2019-1194
CVE-2019-1212
CVE-2019-1228
CVE-2019-9506

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.