- Description
- Windows Themes Spoofing Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
- nvd@nist.gov
- NVD-CWE-noinfo
- secure@microsoft.com
- CWE-200
- Hype score
- Not currently trending
Actively exploited CVE : CVE-2024-38030
@transilienceai
19 Nov 2024
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-38030
@transilienceai
17 Nov 2024
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-38030
@transilienceai
14 Nov 2024
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-38030
@transilienceai
12 Nov 2024
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-38030
@transilienceai
10 Nov 2024
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-38030
@transilienceai
8 Nov 2024
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
ماکروسافت برای آسیب پذیری با کد شناسایی CVE-2024-21320 پچ لازم را منتشر نمود اما بعد از مدتی مشخص شد که این پچ نیز قابل دور زدن می باشد . برای همین پچ نیز که به نوعی آسیب پذیر بود کد شناسایی جدید CVE-2024-38030 را منتشر نمود و پچ جدید را ارائه کرد. https://t.co/Y2P1U3epiq https:/
@AmirHossein_sec
5 Nov 2024
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#exploit 1. CVE-2024-38030: Windows Themes Files Spoofing https://t.co/Nw0kAkD9aA 2. CVE-2024-9533: D-Link DIR-605L buffer overflow https://t.co/EoxBJzuS48
@ksg93rd
31 Oct 2024
48 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
Windowsテーマにおけるゼロデイ脆弱性に対する非公式パッチを0patch社が提供。該当脆弱性はCVE未採番で、CVE-2024-21320を迂回可能なCVE-2024-38030のマイクロパッチを開発中だったACROS Security社が発見したもの。NTLM資格情報が窃取される可能性。 https://t.co/bLDX6xMvLU
@__kokumoto
30 Oct 2024
924 Impressions
9 Retweets
4 Likes
1 Bookmark
0 Replies
0 Quotes
We Patched CVE-2024-38030, Found Another Windows Themes Spoofing Vulnerability (0day) https://t.co/yCAUdaJO7F https://t.co/B03mOtVdSI
@0patch
29 Oct 2024
1255 Impressions
5 Retweets
10 Likes
2 Bookmarks
1 Reply
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B7482622-F4B1-4086-8484-136592BAACCE",
"versionEndExcluding": "10.0.10240.20710"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BEEE46C5-718B-43C5-8B06-A4CB2E0DEF7A",
"versionEndExcluding": "10.0.14393.7159"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3EE3B092-248B-4F68-AA13-DF4FB2E0DA3F",
"versionEndExcluding": "10.0.17763.6054"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "905A0D97-FCF2-4999-A3F3-C79D88511D52",
"versionEndExcluding": "10.0.19044.4651"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2DEB25D6-2E73-4DF4-9D7D-2C9780101B1B",
"versionEndExcluding": "10.0.19045.4651"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1F4C0A5A-B376-4DE8-A02A-5E341825AAAB",
"versionEndExcluding": "10.0.22000.3079"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A2B9B3F1-347C-4935-BFA9-6B4191831D28",
"versionEndExcluding": "10.0.22621.3880"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E199129F-7F75-42C8-ABA0-7439FE50676B",
"versionEndExcluding": "10.0.22631.3880"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "59C9A2A5-AE44-4583-A7B1-B8D62B0E83BB",
"versionEndExcluding": "10.0.14393.7159"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3401E6F7-2430-4247-8A22-0B733A03501A",
"versionEndExcluding": "10.0.17763.6054"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4E433A09-F730-4EBE-8050-8789755B0D35",
"versionEndExcluding": "10.0.20348.2582"
}
],
"operator": "OR"
}
]
}
]