Detections
Analytics
KB4480957: Windows Server 2008 January 2019 Security Update
high Nessus Plugin ID 121016
Language:
Synopsis
The remote Windows host is affected by multiple vulnerabilities.Description
The remote Windows host is missing security update 4480957 or cumulative update 4480968. It is, therefore, affected by multiple vulnerabilities :- An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. (CVE-2019-0569)
- An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross- origin Resource Sharing (CORS) configurations. An attacker who successfully exploited the vulnerability could retrieve content, that is normally restricted, from a web application. The security update addresses the vulnerability by enforcing CORS configuration to prevent its bypass. (CVE-2019-0545)
- A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-0538, CVE-2019-0575, CVE-2019-0576, CVE-2019-0577, CVE-2019-0578, CVE-2019-0579, CVE-2019-0580, CVE-2019-0581, CVE-2019-0582, CVE-2019-0583, CVE-2019-0584)
- A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input. An attacker could execute arbitrary code in the context of the current user. (CVE-2019-0541)
- An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-0536, CVE-2019-0549, CVE-2019-0554)
- An elevation of privilege vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. The update addresses the vulnerability by correcting the way Windows handles authentication requests. (CVE-2019-0543)
Solution
Apply Security Only update KB4480957 or Cumulative Update KB4480968.See Also
Plugin Details
Severity: High
ID: 121016
File Name: smb_nt_ms19_jan_4480968.nasl
Version: 1.13
Type: local
Agent: windows
Family: Windows : Microsoft Bulletins
Published: 1/8/2019
Updated: 5/24/2022
Supported Sensors: Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 9.4
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 8.1
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2019-0584
CVSS v3
Risk Factor: High
Base Score: 8.8
Temporal Score: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C
CVSS Score Source: CVE-2019-0541
Vulnerability Information
CPE: cpe:/o:microsoft:windows
Required KB Items: SMB/MS_Bulletin_Checks/Possible
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 1/8/2019
Vulnerability Publication Date: 1/8/2019
CISA Known Exploited Vulnerability Due Dates: 4/5/2022, 5/3/2022
Reference Information
CVE: CVE-2019-0536, CVE-2019-0538, CVE-2019-0541, CVE-2019-0543, CVE-2019-0545, CVE-2019-0549, CVE-2019-0554, CVE-2019-0569, CVE-2019-0575, CVE-2019-0576, CVE-2019-0577, CVE-2019-0578, CVE-2019-0579, CVE-2019-0580, CVE-2019-0581, CVE-2019-0582, CVE-2019-0583, CVE-2019-0584