Test Kennung:	1.3.6.1.4.1.25623.1.0.810815
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Windows IIS Privilege Escalation Vulnerability (4013074)
Zusammenfassung:	This host is missing an important security; update according to Microsoft Bulletin MS17-016
Beschreibung:	Summary: This host is missing an important security update according to Microsoft Bulletin MS17-016 Vulnerability Insight: The flaw exists due to Microsoft IIS Server fails to properly sanitize a specially crafted request. Vulnerability Impact: Successful exploitation will allow an attacker to perform cross-site scripting attacks on affected systems and run script in the security context of the current user. These attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions on behalf of the victim, and inject malicious content in the victim's browser. Affected Software/OS: - Microsoft Windows 8.1 x32/x64 - Microsoft Windows 10 x32/x64 - Microsoft Windows Server 2012/2012R2 - Microsoft Windows 10 Version 1511 x32/x64 - Microsoft Windows 10 Version 1607 x32/x64 - Microsoft Windows Vista x32/x64 Edition Service Pack 2 - Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 - Microsoft Windows 7 x32/x64 Edition Service Pack 1 - Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 - Microsoft Windows Server 2016 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	BugTraq ID: 96622 Common Vulnerability Exposure (CVE) ID: CVE-2017-0055 http://www.securityfocus.com/bid/96622 http://www.securitytracker.com/id/1038012
Copyright	Copyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.