Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.902499
Kategorie:Windows : Microsoft Bulletins
Titel:MS Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability (2646524)
Zusammenfassung:This host is missing an important security update according to; Microsoft Bulletin MS12-003.
Beschreibung:Summary:
This host is missing an important security update according to
Microsoft Bulletin MS12-003.

Vulnerability Insight:
The flaw is due to an error in the Client/Server Run-time Subsystem
(CSRSS) when processing specially crafted sequences of unicode characters.

NOTE : This vulnerability can only be exploited on systems configured with
a Chinese, Japanese or Korean system locale.

Vulnerability Impact:
Successful exploitation could allow attacker to execute arbitrary code with
system-level privileges. Successfully exploiting this issue will result in
the complete compromise of affected computers.

Affected Software/OS:
- Microsoft Windows XP Service Pack 3 and prior

- Microsoft Windows 2003 Service Pack 2 and prior

- Microsoft Windows Vista Service Pack 2 and prior

- Microsoft Windows Server 2008 Service Pack 2 and prior

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Querverweis: BugTraq ID: 51270
Common Vulnerability Exposure (CVE) ID: CVE-2012-0005
http://www.securityfocus.com/bid/51270
Cert/CC Advisory: TA12-010A
http://www.us-cert.gov/cas/techalerts/TA12-010A.html
Microsoft Security Bulletin: MS12-003
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-003
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14879
http://www.securitytracker.com/id?1026495
http://secunia.com/advisories/47479
CopyrightCopyright (C) 2012 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.