Vulnérabilités informatiques de Microsoft Windows 2008 R0

Intel Processors : obtention d'information via TSX Asynchronous Abort
Un attaquant peut contourner les restrictions d'accès aux données via TSX Asynchronous Abort de Intel Processors, afin d'obtenir des informations sensibles...
6198355, CERTFR-2019-AVI-554, CERTFR-2019-AVI-555, CERTFR-2019-AVI-558, CERTFR-2019-AVI-559, CERTFR-2019-AVI-560, CERTFR-2019-AVI-561, CERTFR-2019-AVI-563, CERTFR-2019-AVI-571, CERTFR-2019-AVI-575, CERTFR-2019-AVI-612, CERTFR-2019-AVI-635, CERTFR-2020-AVI-029, CERTFR-2020-AVI-056, CTX263684, CVE-2019-11135, DLA-1989-1, DLA-1990-1, DLA-2051-1, DSA-2020-062, DSA-4564-1, DSA-4565-1, DSA-4565-2, DSA-4602-1, FEDORA-2019-1689d3fe07, FEDORA-2019-68d7f68507, FEDORA-2019-7a3fc17778, FreeBSD-SA-19:26.mcu, HPESBHF03968, INTEL-SA-00270, openSUSE-SU-2019:2503-1, openSUSE-SU-2019:2504-1, openSUSE-SU-2019:2505-1, openSUSE-SU-2019:2506-1, openSUSE-SU-2019:2507-1, openSUSE-SU-2019:2509-1, openSUSE-SU-2019:2510-1, openSUSE-SU-2019:2527-1, openSUSE-SU-2019:2528-1, openSUSE-SU-2019:2620-1, openSUSE-SU-2019:2631-1, openSUSE-SU-2019:2710-1, RHSA-2019:3832-01, RHSA-2019:3833-01, RHSA-2019:3834-01, RHSA-2019:3835-01, RHSA-2019:3836-01, RHSA-2019:3837-01, RHSA-2019:3838-01, RHSA-2019:3839-01, RHSA-2019:3840-01, RHSA-2019:3841-01, RHSA-2019:3842-01, RHSA-2019:3843-01, RHSA-2019:3844-01, RHSA-2019:3936-01, RHSA-2020:0026-01, RHSA-2020:0028-01, RHSA-2020:0204-01, RHSA-2020:0279-01, RHSA-2020:0366-01, RHSA-2020:0555-01, RHSA-2020:0666-01, SB10306, SSA:2019-320-01, SUSE-SU-2019:14217-1, SUSE-SU-2019:14218-1, SUSE-SU-2019:14220-1, SUSE-SU-2019:2946-1, SUSE-SU-2019:2947-1, SUSE-SU-2019:2948-1, SUSE-SU-2019:2949-1, SUSE-SU-2019:2950-1, SUSE-SU-2019:2951-1, SUSE-SU-2019:2952-1, SUSE-SU-2019:2953-1, SUSE-SU-2019:2954-1, SUSE-SU-2019:2955-1, SUSE-SU-2019:2956-1, SUSE-SU-2019:2957-1, SUSE-SU-2019:2958-1, SUSE-SU-2019:2959-1, SUSE-SU-2019:2960-1, SUSE-SU-2019:2961-1, SUSE-SU-2019:2962-1, SUSE-SU-2019:2984-1, SUSE-SU-2019:2986-1, SUSE-SU-2019:2987-1, SUSE-SU-2019:2988-1, SUSE-SU-2019:3091-1, SUSE-SU-2019:3200-1, SUSE-SU-2019:3294-1, SUSE-SU-2019:3295-1, SUSE-SU-2019:3297-1, SUSE-SU-2019:3340-1, SUSE-SU-2019:3348-1, SUSE-SU-2020:0093-1, SUSE-SU-2020:0334-1, SUSE-SU-2020:0388-1, USN-4182-1, USN-4182-2, USN-4182-3, USN-4182-4, USN-4183-1, USN-4183-2, USN-4184-1, USN-4184-2, USN-4185-1, USN-4185-2, USN-4185-3, USN-4186-1, USN-4186-2, USN-4186-3, USN-4187-1, USN-4188-1, VIGILANCE-VUL-30847, VMSA-2019-0020, XSA-305

Intel Processors : déni de service via Machine Check Error On Page Size Change
Un attaquant, dans un système invité, peut provoquer une erreur fatale via Machine Check Error On Page Size Change de Intel Processors, afin de mener un déni de service sur le système hôte...
CERTFR-2019-AVI-554, CERTFR-2019-AVI-555, CERTFR-2019-AVI-558, CERTFR-2019-AVI-559, CERTFR-2019-AVI-560, CERTFR-2019-AVI-561, CERTFR-2019-AVI-563, CERTFR-2019-AVI-571, CERTFR-2019-AVI-575, CERTFR-2019-AVI-635, CERTFR-2020-AVI-029, CERTFR-2020-AVI-056, CTX263684, CVE-2018-12207, DLA-1990-1, DSA-4564-1, DSA-4566-1, DSA-4602-1, FEDORA-2019-1689d3fe07, FEDORA-2019-68d7f68507, FEDORA-2019-7a3fc17778, FreeBSD-SA-19:25.mcepsc, INTEL-SA-00210, K17269881, openSUSE-SU-2019:2503-1, openSUSE-SU-2019:2505-1, openSUSE-SU-2019:2506-1, openSUSE-SU-2019:2507-1, openSUSE-SU-2019:2510-1, openSUSE-SU-2019:2710-1, RHSA-2019:3832-01, RHSA-2019:3833-01, RHSA-2019:3834-01, RHSA-2019:3835-01, RHSA-2019:3836-01, RHSA-2019:3837-01, RHSA-2019:3838-01, RHSA-2019:3839-01, RHSA-2019:3840-01, RHSA-2019:3841-01, RHSA-2019:3842-01, RHSA-2019:3843-01, RHSA-2019:3844-01, RHSA-2019:3936-01, RHSA-2020:0026-01, RHSA-2020:0028-01, RHSA-2020:0204-01, SUSE-SU-2019:14218-1, SUSE-SU-2019:2946-1, SUSE-SU-2019:2947-1, SUSE-SU-2019:2948-1, SUSE-SU-2019:2949-1, SUSE-SU-2019:2950-1, SUSE-SU-2019:2951-1, SUSE-SU-2019:2952-1, SUSE-SU-2019:2953-1, SUSE-SU-2019:2954-1, SUSE-SU-2019:2955-1, SUSE-SU-2019:2956-1, SUSE-SU-2019:2960-1, SUSE-SU-2019:2961-1, SUSE-SU-2019:2962-1, SUSE-SU-2019:2984-1, SUSE-SU-2019:3294-1, SUSE-SU-2019:3295-1, SUSE-SU-2019:3297-1, SUSE-SU-2019:3340-1, SUSE-SU-2019:3348-1, SUSE-SU-2020:0093-1, SUSE-SU-2020:0334-1, SUSE-SU-2020:0388-1, USN-4183-1, USN-4183-2, USN-4184-1, USN-4184-2, USN-4185-1, USN-4185-2, USN-4185-3, USN-4186-1, USN-4186-2, USN-4186-3, VIGILANCE-VUL-30843, VMSA-2019-0020, XSA-304

Microsoft Windows : déni de service via Storage Service
Un attaquant peut provoquer une erreur fatale via Storage Service de Microsoft Windows, afin de mener un déni de service...
VIGILANCE-VUL-30452, ZDI-19-848

Bluetooth BR/EDR : obtention d'information via Key Negotiation
Un attaquant peut contourner les restrictions d'accès aux données via Key Negotiation de Bluetooth BR/EDR, afin d'obtenir des informations sensibles...
CERTFR-2019-AVI-419, CERTFR-2019-AVI-441, CERTFR-2019-AVI-482, CERTFR-2019-AVI-486, CERTFR-2019-AVI-502, CERTFR-2019-AVI-503, CERTFR-2019-AVI-513, CERTFR-2019-AVI-519, CERTFR-2019-AVI-522, CERTFR-2019-AVI-528, CERTFR-2019-AVI-561, CERTFR-2019-AVI-575, CERTFR-2019-AVI-612, CERTFR-2019-AVI-635, CERTFR-2020-AVI-029, CERTFR-2020-AVI-056, CERTFR-2020-AVI-210, cisco-sa-20190813-bluetooth, CVE-2019-9506, DLA-1919-1, DLA-1919-2, DLA-1930-1, HT210346, HT210348, openSUSE-SU-2019:2307-1, openSUSE-SU-2019:2308-1, RHSA-2019:2975-01, RHSA-2019:3055-01, RHSA-2019:3076-01, RHSA-2019:3089-01, RHSA-2019:3165-01, RHSA-2019:3187-01, RHSA-2019:3217-01, RHSA-2019:3218-01, RHSA-2019:3220-01, RHSA-2019:3231-01, RHSA-2019:3309-01, RHSA-2019:3517-01, RHSA-2020:0204-01, RHSA-2020:1460-01, SUSE-SU-2019:2648-1, SUSE-SU-2019:2651-1, SUSE-SU-2019:2658-1, SUSE-SU-2019:2706-1, SUSE-SU-2019:2710-1, SUSE-SU-2019:2879-1, SUSE-SU-2019:2949-1, SUSE-SU-2019:2950-1, SUSE-SU-2019:2984-1, SUSE-SU-2019:3200-1, SUSE-SU-2019:3295-1, SUSE-SU-2020:0093-1, USN-4115-1, USN-4115-2, USN-4118-1, USN-4147-1, VIGILANCE-VUL-30041

HTTP/2 : multiples vulnérabilités
Un attaquant peut employer plusieurs vulnérabilités de HTTP/2...
1072144, 1072860, 1167160, 6198380, bulletinoct2019, CERTFR-2019-AVI-389, cpuapr2020, CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518, DSA-4503-1, DSA-4505-1, DSA-4508-1, DSA-4511-1, DSA-4520-1, DSA-4669-1, FEDORA-2019-1686ae9b59, FEDORA-2019-5a6a7bc12c, FEDORA-2019-63ba15cc83, FEDORA-2019-7443ebda4b, FEDORA-2019-81985a8858, FEDORA-2019-8a437d5c2f, FEDORA-2019-befd924cfe, HT210436, NFLX-2019-002, openSUSE-SU-2019:2000-1, openSUSE-SU-2019:2051-1, openSUSE-SU-2019:2056-1, openSUSE-SU-2019:2072-1, openSUSE-SU-2019:2085-1, openSUSE-SU-2019:2114-1, openSUSE-SU-2019:2115-1, openSUSE-SU-2019:2120-1, openSUSE-SU-2019:2130-1, openSUSE-SU-2019:2232-1, openSUSE-SU-2019:2234-1, openSUSE-SU-2019:2264-1, RHSA-2019:2692-01, RHSA-2019:2726-01, RHSA-2019:2745-01, RHSA-2019:2746-01, RHSA-2019:2775-01, RHSA-2019:2799-01, RHSA-2019:2893-01, RHSA-2019:2925-01, RHSA-2019:2939-01, RHSA-2019:2949-01, RHSA-2019:2955-01, RHSA-2019:4018-01, RHSA-2019:4019-01, RHSA-2019:4020-01, RHSA-2019:4021-01, RHSA-2019:4040-01, RHSA-2019:4041-01, RHSA-2019:4042-01, RHSA-2019:4045-01, RHSA-2019:4269-01, RHSA-2019:4273-01, RHSA-2020:0406-01, SSA:2020-091-02, SUSE-SU-2019:2213-1, SUSE-SU-2019:2214-1, SUSE-SU-2019:2237-1, SUSE-SU-2019:2254-1, SUSE-SU-2019:2259-1, SUSE-SU-2019:2260-1, SUSE-SU-2019:2309-1, SUSE-SU-2019:2329-1, SUSE-SU-2019:2473-1, SUSE-SU-2019:2559-1, SUSE-SU-2020:0059-1, Synology-SA-19:33, Synology-SA-19:37, USN-4099-1, USN-4113-1, USN-4113-2, USN-4308-1, VIGILANCE-VUL-30040, VU#605641

Intel 64-bit CPU : obtention d'information via SWAPGS
Un attaquant local peut lire un fragment de la mémoire via SWAPGS de Intel 64-bit CPU, afin d'obtenir des informations sensibles...
1103505, CERTFR-2019-AVI-375, CERTFR-2019-AVI-376, CERTFR-2019-AVI-381, CERTFR-2019-AVI-390, CERTFR-2019-AVI-391, CERTFR-2019-AVI-392, CERTFR-2019-AVI-417, CERTFR-2019-AVI-418, CERTFR-2019-AVI-428, CERTFR-2019-AVI-440, CERTFR-2019-AVI-458, CERTFR-2019-AVI-467, CERTFR-2019-AVI-486, CVE-2019-1125, DLA-1884-1, DLA-1885-1, DSA-4495-1, DSA-4497-1, FEDORA-2019-6bda4c81f4, FEDORA-2019-e37c348348, JSA10993, K31085564, openSUSE-SU-2019:1923-1, openSUSE-SU-2019:1924-1, RHSA-2019:2405-01, RHSA-2019:2411-01, RHSA-2019:2473-01, RHSA-2019:2476-01, RHSA-2019:2600-01, RHSA-2019:2609-01, RHSA-2019:2695-01, RHSA-2019:2696-01, RHSA-2019:2730-01, RHSA-2019:2899-01, RHSA-2019:2900-01, RHSA-2019:2975-01, RHSA-2019:3220-01, SB10297, SSA:2019-226-01, SSB-439005, STORM-2019-007, SUSE-SU-2019:14157-1, SUSE-SU-2019:2068-1, SUSE-SU-2019:2069-1, SUSE-SU-2019:2070-1, SUSE-SU-2019:2071-1, SUSE-SU-2019:2072-1, SUSE-SU-2019:2073-1, SUSE-SU-2019:2262-1, SUSE-SU-2019:2263-1, SUSE-SU-2019:2299-1, SUSE-SU-2019:2430-1, SUSE-SU-2019:2450-1, SWAPGS, Synology-SA-19:32, USN-4093-1, USN-4094-1, USN-4095-1, USN-4095-2, USN-4096-1, VIGILANCE-VUL-29962

Microsoft Windows : élévation de privilèges via _SchRpcRegisterTask
Un attaquant peut contourner les restrictions via _SchRpcRegisterTask() de MS-Windows, afin d'élever ses privilèges...
CVE-2019-1069, VIGILANCE-VUL-29387, VU#119704

Processeurs Intel : obtention d'information via des mesures de performance
Un attaquant peut mesurer les performance de son processus afin d'obtenir des informations potentiellement sensibles sur les autres processus ou dans le cas d'un système virtualisé sur les autres systèmes invités...
1074268, 1103481, CERTFR-2019-AVI-209, CERTFR-2019-AVI-211, CERTFR-2019-AVI-212, CERTFR-2019-AVI-213, CERTFR-2019-AVI-215, CERTFR-2019-AVI-217, CERTFR-2019-AVI-229, CERTFR-2019-AVI-230, CERTFR-2019-AVI-233, CERTFR-2019-AVI-311, CERTFR-2019-AVI-458, CERTFR-2019-AVI-489, CTX251995, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091, DLA-1787-1, DLA-1789-1, DLA-1789-2, DLA-1799-1, DLA-1799-2, DSA-2019-199, DSA-2019-201, DSA-4444-1, DSA-4447-1, DSA-4447-2, DSA-4602-1, FEDORA-2019-0731828893, FEDORA-2019-1f5832fc0e, FEDORA-2019-640f8d8dd1, FEDORA-2019-6458474bf2, FEDORA-2019-c36afa818c, FEDORA-2019-e6bf55e821, FEDORA-2019-eb08fb0c5f, FG-IR-18-002, FreeBSD-SA-19:07.mds, FreeBSD-SA-19:26.mcu, HPESBHF03933, INTEL-SA-00233, JSA10993, openSUSE-SU-2019:1402-1, openSUSE-SU-2019:1403-1, openSUSE-SU-2019:1404-1, openSUSE-SU-2019:1405-1, openSUSE-SU-2019:1407-1, openSUSE-SU-2019:1408-1, openSUSE-SU-2019:1419-1, openSUSE-SU-2019:1420-1, openSUSE-SU-2019:1468-1, openSUSE-SU-2019:1505-1, openSUSE-SU-2019:1805-1, openSUSE-SU-2019:1806-1, PAN-SA-2019-0012, RHSA-2019:1155-01, RHSA-2019:1167-01, RHSA-2019:1168-01, RHSA-2019:1169-01, RHSA-2019:1170-01, RHSA-2019:1171-01, RHSA-2019:1172-01, RHSA-2019:1174-01, RHSA-2019:1175-01, RHSA-2019:1176-01, RHSA-2019:1177-01, RHSA-2019:1178-01, RHSA-2019:1180-01, RHSA-2019:1181-01, RHSA-2019:1182-01, RHSA-2019:1183-01, RHSA-2019:1184-01, RHSA-2019:1185-01, RHSA-2019:1186-01, RHSA-2019:1187-01, RHSA-2019:1188-01, RHSA-2019:1189-01, RHSA-2019:1190-01, RHSA-2019:1193-01, RHSA-2019:1194-01, RHSA-2019:1195-01, RHSA-2019:1196-01, RHSA-2019:1197-01, RHSA-2019:1198-01, SB10292, SSA-608355, SSA-616472, SSB-439005, SUSE-SU-2019:1235-1, SUSE-SU-2019:1236-1, SUSE-SU-2019:1238-1, SUSE-SU-2019:1239-1, SUSE-SU-2019:1240-1, SUSE-SU-2019:1241-1, SUSE-SU-2019:1242-1, SUSE-SU-2019:1243-1, SUSE-SU-2019:1244-1, SUSE-SU-2019:1245-1, SUSE-SU-2019:1248-1, SUSE-SU-2019:1268-1, SUSE-SU-2019:1269-1, SUSE-SU-2019:1272-1, SUSE-SU-2019:1287-1, SUSE-SU-2019:1289-1, SUSE-SU-2019:1296-1, SUSE-SU-2019:1313-1, SUSE-SU-2019:1347-1, SUSE-SU-2019:1348-1, SUSE-SU-2019:1349-1, SUSE-SU-2019:1356-1, SUSE-SU-2019:1371-1, SUSE-SU-2019:14048-1, SUSE-SU-2019:14051-1, SUSE-SU-2019:14052-1, SUSE-SU-2019:14063-1, SUSE-SU-2019:14133-1, SUSE-SU-2019:1423-1, SUSE-SU-2019:1438-1, SUSE-SU-2019:1452-1, SUSE-SU-2019:1490-1, SUSE-SU-2019:1547-1, SUSE-SU-2019:1550-1, SUSE-SU-2019:1909-1, SUSE-SU-2019:1910-1, SUSE-SU-2019:1954-1, SUSE-SU-2019:2430-1, Synology-SA-19:24, USN-3977-1, USN-3977-2, USN-3977-3, USN-3978-1, USN-3979-1, USN-3980-1, USN-3981-1, USN-3981-2, USN-3982-1, USN-3982-2, USN-3983-1, USN-3983-2, USN-3984-1, USN-3985-1, USN-3985-2, VIGILANCE-VUL-29300, VMSA-2019-0008, XSA-297, ZombieLoad

Windows : élévation de privilèges via win32k-MNGetpItemFromIndex NtUserMNDragOver
Un attaquant peut contourner les restrictions via win32k::MNGetpItemFromIndex NtUserMNDragOver() de Windows, afin d'élever ses privilèges...
CVE-2019-0808, VIGILANCE-VUL-28702

Windows : élévation de privilèges via MsiAdvertiseProduct
Un attaquant peut contourner les restrictions via MsiAdvertiseProduct de Windows, afin d'élever ses privilèges...
VIGILANCE-VUL-28108, VU#228297

Notre base de données contient d'autres bulletins. Vous pouvez utiliser un essai gratuit pour les consulter.

Consulter les informations sur Microsoft Windows 2008 R0 :

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd540768(v=ws.10)