Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.902971
Kategorie:Windows : Microsoft Bulletins
Titel:Microsoft Lync Remote Code Execution Vulnerability (2834695)
Zusammenfassung:This host is missing an important security update according to; Microsoft Bulletin MS13-041.
Beschreibung:Summary:
This host is missing an important security update according to
Microsoft Bulletin MS13-041.

Vulnerability Insight:
A use-after-free error within the Lync control can be exploited to
dereference already freed memory.

Vulnerability Impact:
Successful exploitation could allow an attacker could execute arbitrary
code in the context of the current user by sharing specially crafted
content, such as a file or a program, as a presentation in a Lync or
Communicator session and then convince a user to view or share the
specially crafted content.

Affected Software/OS:
- Microsoft Lync 2010

- Microsoft Communicator 2007 R2

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: BugTraq ID: 59791
Common Vulnerability Exposure (CVE) ID: CVE-2013-1302
Cert/CC Advisory: TA13-134A
http://www.us-cert.gov/ncas/alerts/TA13-134A
Microsoft Security Bulletin: MS13-041
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-041
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15952
CopyrightCopyright (C) 2013 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.