8.8
CVE-2023-24884
- EPSS 2.1%
- Veröffentlicht 11.04.2023 21:15:19
- Zuletzt bearbeitet 21.11.2024 07:48:42
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
LoginMicrosoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Windows 10 1507 Version < 10.0.10240.19869
Microsoft ≫ Windows 10 1607 Version < 10.0.14393.5850
Microsoft ≫ Windows 10 1809 Version < 10.0.17763.4252
Microsoft ≫ Windows 10 20h2 Version < 10.0.19042.2846
Microsoft ≫ Windows 10 21h2 Version < 10.0.19044.2846
Microsoft ≫ Windows 10 22h2 Version < 10.0.19045.2846
Microsoft ≫ Windows 11 21h2 Version < 10.0.22000.1817
Microsoft ≫ Windows 11 22h2 Version < 10.0.22621.1555
Microsoft ≫ Windows Server 2012 Version-
Microsoft ≫ Windows Server 2012 Versionr2
Microsoft ≫ Windows Server 2016 Version-
Microsoft ≫ Windows Server 2019 Version-
Microsoft ≫ Windows Server 2022 Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.1% | 0.841 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secure@microsoft.com | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-681 Incorrect Conversion between Numeric Types
When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.