8.8
CVE-2023-24885
- EPSS 2.1%
- Veröffentlicht 11.04.2023 21:15:19
- Zuletzt bearbeitet 21.11.2024 07:48:42
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
LoginMicrosoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Windows 10 1507 Version < 10.0.10240.19869
Microsoft ≫ Windows 10 1607 Version < 10.0.14393.5850
Microsoft ≫ Windows 10 1809 Version < 10.0.17763.4252
Microsoft ≫ Windows 10 20h2 Version < 10.0.19042.2846
Microsoft ≫ Windows 10 21h2 Version < 10.0.19044.2846
Microsoft ≫ Windows 10 22h2 Version < 10.0.19045.2846
Microsoft ≫ Windows 11 21h2 Version < 10.0.22000.1817
Microsoft ≫ Windows 11 22h2 Version < 10.0.22621.1555
Microsoft ≫ Windows Server 2012 Version-
Microsoft ≫ Windows Server 2012 Versionr2
Microsoft ≫ Windows Server 2016 Version-
Microsoft ≫ Windows Server 2019 Version-
Microsoft ≫ Windows Server 2022 Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.1% | 0.841 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| secure@microsoft.com | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')
The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.