目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

CVE-2021-34481— Microsoft Windows Print Spooler Components 缓冲区错误漏洞

CVSS 8.8 · High EPSS 45.42% · P99
获取后续新漏洞提醒登录后订阅

一、 漏洞 CVE-2021-34481 基础信息

漏洞信息

对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
Windows Print Spooler Remote Code Execution Vulnerability
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p> <p><strong>UPDATE</strong> August 10, 2021: Microsoft has completed the investigation and has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. This security update changes the Point and Print default behavior; please see <a href="https://support.microsoft.com/help/5005652">KB5005652</a>.</p>
来源: 美国国家漏洞数据库 NVD
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Microsoft Windows Print Spooler Components 缓冲区错误漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Microsoft Windows Print Spooler Components是美国微软(Microsoft)公司的一个打印后台处理程序组件。 microsoft Windows Print Spooler Components存在缓冲区错误漏洞。以下产品和版本受到影响:Windows Versions Under Investigation
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商产品影响版本CPE订阅
MicrosoftWindows 10 Version 1809 10.0.0 ~ 10.0.17763.2114 cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2114:*:*:*:*:*:x86:*
MicrosoftWindows Server 2019 10.0.0 ~ 10.0.17763.2114 cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2114:*:*:*:*:*:*:*
MicrosoftWindows Server 2019 (Server Core installation) 10.0.0 ~ 10.0.17763.2114 cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2114:*:*:*:*:*:*:*
MicrosoftWindows 10 Version 1909 10.0.0 ~ 10.0.18363.1734 cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1734:*:*:*:*:*:x86:*
MicrosoftWindows 10 Version 21H1 10.0.0 ~ 10.0.19043.1165 cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1165:*:*:*:*:*:x64:*
MicrosoftWindows 10 Version 2004 10.0.0 ~ 10.0.19041.1165 cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.1165:*:*:*:*:*:x64:*
MicrosoftWindows Server version 2004 10.0.0 ~ 10.0.19041.1165 cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.1165:*:*:*:*:*:*:*
MicrosoftWindows 10 Version 20H2 10.0.0 ~ 10.0.19042.1165 cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1165:*:*:*:*:*:x86:*
MicrosoftWindows Server version 20H2 10.0.0 ~ 10.0.19042.1165 cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.1165:*:*:*:*:*:*:*
MicrosoftWindows 10 Version 1507 10.0.0 ~ 10.0.10240.19022 cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19022:*:*:*:*:*:x86:*
MicrosoftWindows 10 Version 1607 10.0.0 ~ 10.0.14393.4583 cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4583:*:*:*:*:*:x86:*
MicrosoftWindows Server 2016 10.0.0 ~ 10.0.14393.4583 cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4583:*:*:*:*:*:*:*
MicrosoftWindows Server 2016 (Server Core installation) 10.0.0 ~ 10.0.14393.4583 cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4583:*:*:*:*:*:*:*
MicrosoftWindows 7 6.1.0 ~ 6.1.7601.25685 cpe:2.3:o:microsoft:windows_7:6.1.7601.25685:sp1:*:*:*:*:x86:*
MicrosoftWindows 7 Service Pack 1 6.1.0 ~ 6.1.7601.25685 cpe:2.3:o:microsoft:windows_7:6.1.7601.25685:sp1:*:*:*:*:x64:*
MicrosoftWindows 8.1 6.3.0 ~ 6.3.9600.20094 cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20094:*:*:*:*:*:x86:*
MicrosoftWindows Server 2008 Service Pack 2 6.0.0 ~ 6.0.6003.21192 cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21192:*:*:*:*:*:x64:*
MicrosoftWindows Server 2008 Service Pack 2 (Server Core installation) 6.0.0 ~ 6.0.6003.21192 cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21192:*:*:*:*:*:x64:*
MicrosoftWindows Server 2008 Service Pack 2 6.0.0 ~ 6.0.6003.21192 cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21192:*:*:*:*:*:x86:*
MicrosoftWindows Server 2008 R2 Service Pack 1 6.1.0 ~ 6.1.7601.25685 cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.25685:*:*:*:*:*:x64:*
MicrosoftWindows Server 2008 R2 Service Pack 1 (Server Core installation) 6.0.0 ~ 6.1.7601.25685 cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.25685:*:*:*:*:*:x64:*
MicrosoftWindows Server 2012 6.2.0 ~ 6.2.9200.23435 cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23435:*:*:*:*:*:x64:*
MicrosoftWindows Server 2012 (Server Core installation) 6.2.0 ~ 6.2.9200.23435 cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23435:*:*:*:*:*:x64:*
MicrosoftWindows Server 2012 R2 6.3.0 ~ 6.3.9600.20094 cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20094:*:*:*:*:*:x64:*
MicrosoftWindows Server 2012 R2 (Server Core installation) 6.3.0 ~ 6.3.9600.20094 cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20094:*:*:*:*:*:x64:*

二、漏洞 CVE-2021-34481 的公开POC

#POC 描述源链接神龙链接
1Check patch for CVE-2021-34481https://github.com/vpn28/CVE-2021-34481POC详情
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2021-34481 的情报信息

登录查看更多情报信息。

CVE-2021-34481 厂商安全公告 (1)

同批安全公告 · Microsoft · 2021-07-16 · 共 27 条

CVE-2021-344589.9 CRITICALMicrosoft Windows Kernel 代码注入漏洞
CVE-2021-344428.8 HIGHMicrosoft Windows DNS 输入验证错误漏洞
CVE-2021-344508.5 HIGHMicrosoft Hyper-V 代码注入漏洞
CVE-2021-344468.0 HIGHMicrosoft Windows 安全特征问题漏洞
CVE-2021-344647.8 HIGHMicrosoft Windows Defender 代码注入漏洞
CVE-2021-344387.8 HIGHMicrosoft Graphics Components 代码注入漏洞
CVE-2021-344397.8 HIGHMicrosoft Windows Media Foundation 代码注入漏洞
CVE-2021-344417.8 HIGHMicrosoft Windows Media Foundation 代码注入漏洞
CVE-2021-344457.8 HIGHMicrosoft Windows Remote Access Connection Manager 权限许可和访问控制问题漏洞
CVE-2021-344527.8 HIGHMicrosoft Office 代码注入漏洞
CVE-2021-344557.8 HIGHMicrosoft Windows File History Service 权限许可和访问控制问题漏洞
CVE-2021-344567.8 HIGHMicrosoft Windows Remote Access Connection Manager 权限许可和访问控制问题漏洞
CVE-2021-344597.8 HIGHMicrosoft Windows AppContainer 权限许可和访问控制问题漏洞
CVE-2021-344607.8 HIGHMicrosoft Windows Storage 权限许可和访问控制问题漏洞
CVE-2021-344617.8 HIGHMicrosoft Windows Kernel 安全特征问题漏洞
CVE-2021-344677.1 HIGHMicrosoft Office SharePoint 代码注入漏洞
CVE-2021-344497.0 HIGHMicrosoft Win32k 权限许可和访问控制问题漏洞
CVE-2021-344627.0 HIGHMicrosoft Windows AppX Deployment Extensions 竞争条件问题漏洞
CVE-2021-344486.8 MEDIUMMicrosoft Scripting Engine 缓冲区错误漏洞
CVE-2021-344476.8 MEDIUMMicrosoft Windows MSHTML Platform 代码注入漏洞

显示前 20 条,共 27 条。 查看全部 &rarr; →

IV. Related Vulnerabilities

V. Comments for CVE-2021-34481

暂无评论


发表评论