windows server 2008 vulnerabilities and exploits

10
HIGH
CVE-2014-6271

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd,...

GnuBash
NA
CVE-2019-0690

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To...

NA
CVE-2019-0774

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways...

NA
CVE-2019-0756

A vulnerability in the Microsoft XML Core Services (MSXML) parser used in Microsoft Windows could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability exists because the affected software improperly handles user input. An...

NA
CVE-2019-0667

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully...

NA
CVE-2019-0768

Microsoft Internet Explorer could allow a remote attacker to bypass security restrictions, caused by improper restriction to VBScript by the VBScript execution policy. By persuading a victim to visit a specially-crafted website, an attacker could exploit this vulnerability to...

NA
CVE-2019-0755

A vulnerability in the Microsoft Windows kernel could allow a local attacker to access sensitive information on a targeted system. The vulnerability exists because the affected software improperly initializes memory objects. An attacker could exploit this vulnerability...

NA
CVE-2019-0666

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully...

NA
CVE-2019-0780

Microsoft Internet Explorer could allow a remote attacker to execute arbitrary code on the system, caused by improper handling of objects in memory. By persuading a victim to visit specially-crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code...

NA
CVE-2019-0609

Microsoft browsers could allow a remote attacker to execute arbitrary code on the system, caused by improper handling of objects in memory by the scripting engine. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to execute...