Test Kennung:	1.3.6.1.4.1.25623.1.0.902930
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Office Remote Code Execution Vulnerabilities (2720184)
Zusammenfassung:	This host is missing an important security update according to; Microsoft Bulletin MS12-076.
Beschreibung:	Summary: This host is missing an important security update according to Microsoft Bulletin MS12-076. Vulnerability Insight: - An error when processing the 'SerAuxErrBar' record can be exploited to cause a heap-based buffer overflow via a specially crafted file. - An input validation error can be exploited to corrupt memory via a specially crafted file. - A use-after-free error when processing the 'SST' record can be exploited via a specially crafted file. - An error when processing certain data structures can be exploited to cause a stack-based buffer overflow via a specially crafted file. Vulnerability Impact: Successful exploitation will allow attackers to execute arbitrary code with the privileges of the user running the affected application. Affected Software/OS: - Microsoft Excel Viewer - Microsoft Excel 2003 Service Pack 3 - Microsoft Excel 2010 Service Pack 1 and prior - Microsoft Office 2010 Service Pack 1 and prior - Microsoft Excel 2007 Service Pack 2 and Service Pack 3 - Microsoft Office 2007 Service Pack 2 and Service Pack 3 - Microsoft Office Compatibility Pack Service Pack 2 and Service Pack 3 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	BugTraq ID: 56425 BugTraq ID: 56426 BugTraq ID: 56430 BugTraq ID: 56431 Common Vulnerability Exposure (CVE) ID: CVE-2012-1885 http://www.securityfocus.com/bid/56425 Cert/CC Advisory: TA12-318A http://www.us-cert.gov/cas/techalerts/TA12-318A.html Microsoft Security Bulletin: MS12-076 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-076 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15752 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15916 http://www.securitytracker.com/id?1027752 XForce ISS Database: ms-excel-serauxerrbar-bo(78072) https://exchange.xforce.ibmcloud.com/vulnerabilities/78072 Common Vulnerability Exposure (CVE) ID: CVE-2012-1886 http://www.securityfocus.com/bid/56426 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15927 XForce ISS Database: microsoft-excel-code-exec(78073) https://exchange.xforce.ibmcloud.com/vulnerabilities/78073 Common Vulnerability Exposure (CVE) ID: CVE-2012-1887 http://www.securityfocus.com/bid/56430 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15717 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15970 XForce ISS Database: microsoft-excel-ssl-code-exec(78074) https://exchange.xforce.ibmcloud.com/vulnerabilities/78074 Common Vulnerability Exposure (CVE) ID: CVE-2012-2543 http://www.securityfocus.com/bid/56431 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15737 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15908
Copyright	Copyright (C) 2012 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.