Internet Explorer – Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory.
Threat: An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.
Criticality: High
Update/Patch: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0930
Cisco Prime Infrastructure – Remote Code Execution Vulnerability
Description: Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager.
Threat: Allowing a remote attacker to gain the ability to execute arbitrary code with elevated privileges on the underlying operating system.
Criticality: High
Update/Patch: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-pi-rce
Windows GDI – Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory.
Threat: An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.
Criticality: High
Update/Patch: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0882
Microsoft Word – Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory.
Threat: An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.
Criticality: Medium
Update/Patch: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0953
0 Comments