Latest Security Vulnerabilities – DEC 2018

by | Dec 20, 2018 | Security Updates | 0 comments

.NET Framework – Denial of Service Vulnerability

Description: A denial of service vulnerability exists when .NET Framework improperly handles special web requests.

Threat: Denial of service against the .NET Framework web application. The vulnerability can be exploited remotely, without authentication.

Criticality: High

Update/Patch: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8517

 

SharePoint Server – Elevation of Privilege Vulnerability

Description: elevation of privilege vulnerability.

Threat: Execution of malicious code.

Criticality: Medium

Update/Patch: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8635

 

McAfee Agent – Elevation of Privilege Vulnerability

Description: A specially crafted TCP packet allows an attacker to cause stability issues.

Threat: Memory corruption and denial of service.

Criticality: Medium

Update/Patch: https://www.mcafee.com/enterprise/en-us/downloads/security-updates.html

 

Microsoft Exchange Server – Server Tampering Vulnerability

Description: Exchange Server fails to handle profile data if an attacker authenticates.

Threat: Modification of user’s profile data.

Criticality: Low

Update/Patch: https://www.microsoft.com/en-us/download/details.aspx?id=57604

Nelson Clemente (BEng, ISO27032)

getNEXT – Systems Engineer, Cyber Security Awareness

0 Comments

Submit a Comment

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Register your email to receive the latest news and updates from getNEXT.

You have Successfully Subscribed!

Share This