Internet Explorer – Information Disclosure Vulnerability

 

Description: An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory.

Threat: An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

Criticality: High

Update/Patch: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0930

 

Cisco Prime Infrastructure – Remote Code Execution Vulnerability

Description: Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager.

Threat:  Allowing a remote attacker to gain the ability to execute arbitrary code with elevated privileges on the underlying operating system. 

Criticality: High

Update/Patch: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-pi-rce

 

Windows GDI – Information Disclosure Vulnerability

Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory.

Threat: An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

Criticality: High

Update/Patch: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0882

 

Microsoft Word – Remote Code Execution Vulnerability

Description: A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory.

Threat: An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.

Criticality: Medium

Update/Patch: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0953

 

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Register your email to receive the latest news and updates from getNEXT.

You have Successfully Subscribed!

Share This

Contacting us to better serve you

 

Dear customers,

We continue to experience higher-than-normal volumes of phone requests related to remote working arrangements. Therefore, if you have a support issue or need to contact us, we ask that you please email support@getnext.com.au first with your contact details, your business name and the nature of your issue. If you already have a ticket number, please respond to the ticket email received.

Regards,

The getNEXT Team