漏洞标题
活动目录远程代码执行漏洞
漏洞描述信息
<p>当Active Directory集成的DNS(ADIDNS)在处理内存中的对象时出现错误,存在一个远程代码执行漏洞。成功利用此漏洞的经过身份验证的攻击者可以在本地系统账户的上下文中运行任意代码。</p>
<p>为了利用此漏洞,经过身份验证的攻击者可以向Active Directory集成的DNS(ADIDNS)服务器发送恶意请求。</p>
<p>该更新通过纠正Active Directory集成的DNS(ADIDNS)处理内存中对象的方式,解决了该漏洞。</p>
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
Active Directory Remote Code Execution Vulnerability
漏洞描述信息
<p>A remote code execution vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account</p>
<p>To exploit the vulnerability, an authenticated attacker could send malicious requests to an Active Directory integrated DNS (ADIDNS) server.</p>
<p>The update addresses the vulnerability by correcting how Active Directory integrated DNS (ADIDNS) handles objects in memory.</p>
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
Microsoft Windows 安全漏洞
漏洞描述信息
Microsoft Windows是美国微软(Microsoft)公司的一种桌面操作系统。 Microsoft Windows Active Directory Integrated DNS (ADIDNS)存在远程代码执行漏洞,该漏洞允许攻击者在本地系统账户中运行任意代码。以下产品及版本受到影响: Windows Server 2008 R2版本, Windows Server 1909版本, Windows Server 2004版本, Windows Server 1903版本, Windows S
CVSS信息
N/A
漏洞类别
其他