VDB

GCVE-110-NCSC-2024-334

GCVE-110-NCSC-2024-334
Advisory PublishedCVSS 8.6/10
Vulnetix · Advisory published August 13, 2024
Microsoft heeft kwetsbaarheden verholpen in Windows.

Weaknesses (CWE)

CWE-197Numeric Truncation ErrorCWE-787Out-of-bounds WriteCWE-122Heap-based Buffer OverflowCWE-843Access of Resource Using Incompatible Type ('Type Confusion')CWE-125Out-of-bounds ReadCWE-362Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')CWE-416Use After FreeCWE-20Improper Input ValidationCWE-345Insufficient Verification of Data AuthenticityCWE-693Protection Mechanism FailureCWE-284Improper Access ControlCWE-191Integer Underflow (Wrap or Wraparound)CWE-591Sensitive Data Storage in Improperly Locked MemoryCWE-208Observable Timing DiscrepancyCWE-908Use of Uninitialized ResourceCWE-476NULL Pointer DereferenceCWE-138Improper Neutralization of Special ElementsCWE-306Missing Authentication for Critical FunctionCWE-190Integer Overflow or WraparoundCWE-367Time-of-check Time-of-use (TOCTOU) Race ConditionCWE-822Untrusted Pointer DereferenceCWE-126Buffer Over-readCWE-73External Control of File Name or Path

Risk Scores

CVSS 3.1
8.6/10
High · CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected Products

VendorProductVersionsPlatforms
microsoftwindows_server_2008_r2_service_pack_1__server_core_installation_
microsoftwindows_10
microsoftwindows_server_2008_r2_service_pack_1
microsoftwindows_10_version_1507
microsoftwindows_server_2022__23h2_edition__server_core_installation_
microsoftwindows_server_2008__service_pack_2
microsoftwindows_server_2016__server_core_installation_
microsoftwindows_10_version_21h2
microsoftwindows_11_version_23h2
microsoftwindows
microsoftwindows_server_2008_service_pack_2
microsoftwindows_server_2022
microsoftwindows_11_version_22h2
microsoftremote_desktop_client_for_windows_desktop
microsoftwindows_11
microsoftwindows_server_2019
microsoftwindows_server_2019__server_core_installation_
microsoftwindows_server_2022_23h2
microsoftwindows_server_2012
microsoftwindows_11_version_21h2
microsoftwindows_server_2012_r2__server_core_installation_
microsoftwindows_server_2016
microsoftwindows_server_2012_r2
microsoftwindows_10_version_1809
microsoftwindows_server_2008_service_pack_2__server_core_installation_
microsoftwindows_10_version_22h2
microsoftwindows_11_version_22h3
microsoftwindows_server_2012__server_core_installation_
microsoftwindows_11_version_24h2
microsoftwindows_10_version_1607

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›