Showing posts with label windows. Show all posts
Showing posts with label windows. Show all posts

Ajay Verma , , , , 08:40
Severity rating: High

Software affected
·        Microsoft SharePoint Enterprise Server 2016
·        Microsoft SharePoint Foundation 2010 Service Pack 2
·        Microsoft SharePoint Foundation 2013 Service Pack 1
·        Microsoft SharePoint Server 2019

Overview
A vulnerability has been reported in Microsoft SharePoint Server which
could allow a remote attacker to execute arbitrary code on the targeted
system.

Description
1.  Remote Code Execution Vulnerability (CVE-2020-1181)

This vulnerability exists in Microsoft SharePoint Server due to improper
identification and filtration of unsafe ASP.Net web controls. A remote
attacker could exploit this vulnerability by using a specially crafted page
on the affected server.

Successful exploitation of this vulnerability could allow the attacker to
cause remote code execution on the targeted system.

Solution
Apply appropriate patches as mentioned in Microsoft Security Guidance

Vendor Information
Microsoft
- -1181

References
Microsoft
- -1181

CVE Name
CVE-2020-1181

Read more [..]

Ajay Verma , , , , 02:22
Severity Rating: HIGH
Software Affected
Open Enclave SDK
Overview

A vulnerability has been reported in Open Enclave SDK which could allow
remote attacker to improperly handle objects on the targeted system.
Description

An information disclosure vulnerability exists in Open Enclave SDK due to
improper handling of objects in memory. An attacker could exploit this
vulnerability by compromising the host application running the enclave
without user interaction. 

Successful exploitation of this vulnerability could allow an attacker to
obtain information stored in the Enclave.

Solution

Apply appropriate patches as mentioned in following vendor advisory: 
- -1369

Vendor Information
Microsoft
- -1369

References

Microsoft
- -1369

CVE Name
CVE-2019-1369
Read more [..]

Ajay Verma , , , , 01:55
Severity Rating: MEDIUM
Software Affected
Docker Desktop Community version 2.3.0.2
Overview
A vulnerability has been reported in Windows Docker Desktop Service that
could allow an attacker to gain elevated privileges on a targeted system.

Description
This vulnerability exists in the Docker Desktop for Windows when
communicating as a client to child processes. An attacker could exploit
this vulnerability by connecting the affected software to a named pipe
which is set up by a malicious lower privilege process.

Successful exploitation of this vulnerability could allow the attacker to
impersonate the Docker Desktop Service account (SYSTEM) and execute
arbitrary system commands with the highest level privileges.

Solution
Apply updates as available on

Vendor Information
Docker

References
Docker

Zdnet
- -docker-desktop-for-windows/

CVE Name
CVE-2020-11492
Read more [..]

Ajay Verma , , , , , , , 01:26

Severity Rating: High
Systems Affected

·        Windows 10 Version 1903 for 32-bit Systems
·        Windows 10 Version 1903 for ARM64-based Systems
·        Windows 10 Version 1903 for x64-based Systems
·        Windows 10 Version 1909 for 32-bit Systems
·        Windows 10 Version 1909 for ARM64-based Systems
·        Windows 10 Version 1909 for x64-based Systems
·        Windows 10 Version 2004 for 32-bit Systems
·        Windows 10 Version 2004 for ARM64-based Systems
·        Windows 10 Version 2004 for x64-based Systems
·        Windows Server, version 1903 (Server Core installation)
·        Windows Server, version 1909 (Server Core installation)
·        Windows Server, version 2004 (Server Core installation)

Overview
A vulnerability has been reported in Microsoft Server Message Block Server
that could allow a remote attacker to access sensitive information on the
targeted system. 
Description
This vulnerability exists in the way that the Microsoft Server Message
Block 3.1.1 (SMBv3) protocol handles certain requests. A remote attacker
could exploit this vulnerability by sending a specially crafted packet to a
targeted SMBv3 server. Successful exploitation of this vulnerability could
allow the attacker to access sensitive information on the targeted system.

Note:
This vulnerability exists in the same function as with SMBGhost
(CVE-2020-0796, CIVN-2020-0048) vulnerability.

Solution
Apply appropriate software updates as mentioned in the Microsoft advisory

- -1206

Vendor Information

- -1206

References

Zecops

bleed-cve-2020-1206-with-smbghost/

Tenable


CVE Name

CVE-2020-1206

Read more [..]

Ajay Verma , , , 01:21


Severity Rating: HIGH
Software Affected

·          Microsoft Windows Graphics Device Interface (GDI)

Overview
A remote code execution vulnerability has been reported in Microsoft
Windows Graphics Device Interface (GDI) which could allow a remote attacker
to execute arbitrary code and take control of affected system.

Description
A remote code execution vulnerability exists in Microsoft Windows Graphics
Device Interface (GDI) due to improper handling of objects in the memory. 
A remote attacker can exploit the vulnerability in multiple different ways.
First, by hosting a specially crafted website that is designed to exploit
the vulnerability and convince users to visit the website. Second, an
attacker could provide a specially crafted document file and convince users
to open the document file.

Successful exploitation of this vulnerability could allow the remote
attacker to take control of affected system, install programs; view,
change, or delete data; or create new accounts with full user rights.

Solution

Apply appropriate patches as mentioned in Microsoft Security Bulletin.


Vendor Information

Microsoft

- -1248

References

Microsoft

- -1248

CVE Name

CVE-2020-1248

Read more [..]

Ajay Verma , , , 01:18
Severity Rating: High

Software Affected
·         Windows 7
·         Windows 8.1
·         Windows 10
·         Windows RT 8.1               
·         Windows Server 2008
·         Windows Server 2008 R2
·         Windows Server 2012
·         Windows Server 2012 R2
·         Windows Server 2016
·         Windows Server 2019

Overview
A vulnerability has been reported in Microsoft Windows OLE which could
allow an attacker to execute malicious code on the targeted system.
Description
This Vulnerability exists in Microsoft Windows OLE due to improper
validation of user input. A remote attacker could exploit this
vulnerability by convince a user to open either a specially crafted file or
a program from either a webpage or an email message on the targeted system.

Successful exploitation of this vulnerability may result in complete
compromise of vulnerable system. 
Solution

Apply appropriate patches as mentioned in Microsoft Security


Vendor Information

Microsoft

- -1281

References

- -1281


CVE Name
CVE-2020-1281

Read more [..]

Ajay Verma , , , , 00:54
Severity Rating: High

Software Affected

•    Windows 7 for 32-bit Systems SP 1 and x64-based Systems SP 1

•    Windows 8.1 for 32-bit systems and x64-based systems

•    Windows RT 8.1

•    Windows 10 for 32-bit Systems and x64-based Systems

•    Windows 10 Version 1607 for 32-bit Systems and x64-based Systems

•    Windows 10 Version 1709 for 32-bit Systems, ARM64-based Systems and
x64-based Systems

•    Windows 10 Version 1803 for 32-bit Systems, ARM64-based Systems and
x64-based Systems

•    Windows 10 Version 1809 for 32-bit Systems, ARM64-based Systems and
x64-based Systems

•    Windows 10 Version 1903 for 32-bit Systems, ARM64-based Systems and
x64-based Systems

•    Windows 10 Version 1909 for 32-bit Systems, ARM64-based Systems and
x64-based Systems

•    Windows Server 2008 for 32-bit Systems SP 2, 32-bit Systems SP 2
(Server Core installation), Itanium-Based Systems SP 2

•    Windows Server 2008 for x64-based Systems SP 2, x64-based Systems SP
2 (Server Core installation)

•    Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1,
x64-based Systems Service Pack 1 and x64-based Systems Service Pack 1
(Server Core installation)

•    Windows Server 2012

•    Windows Server 2012 (Server Core installation)

•    Windows Server 2012 R2

•    Windows Server 2012 R2 (Server Core installation)

•    Windows Server 2016

•    Windows Server 2016 (Server Core installation)

•    Windows Server 2019

•    Windows Server 2019 (Server Core installation)

•    Windows Server version 1803 (Server Core Installation)

•    Windows Server version 1903 (Server Core installation)

•    Windows Server version 1909 (Server Core installation)



Overview

A remote code execution vulnerability has been reported in Microsoft
Windows, which could allow an attacker to gain the same user rights as the
local user.

Description

LNK Remote Code Execution Vulnerability (CVE-2020-1299)

This remote code execution vulnerability attacker could exploit in
Microsoft Windows while processing the ".LNK" file. An attacker could
exploit this vulnerability by presenting to the user a removable drive, or
remote share, that contains a malicious ".LNK" file and an associated
malicious binary. When the user opens this removable drive (or remote
share) in Windows Explorer, or any other application that parses the
".LNK" file, the malicious code will be executed by the associated
binary on the target system. Successful exploitation of this vulnerability
would allow to gain same user rights as the local user.

Solution

Apply appropriate fix as mentioned in Microsoft Security Advisory



Vendor Information

Microsoft


References
Microsoft

- -1299
CVE Name

CVE-2020-1299

Read more [..]
Subscribe to: Posts ( Atom )

© Copyright 2020. Designed By Templateify

© Copyright 2020. Ud64

Scroll to Top