Windows : Cumulative Update for Outlook Express (837009)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.12208

Categoría: Windows

Título: Cumulative Update for Outlook Express (837009)

Resumen: NOSUMMARY

Descripción: Description:

The remote host has a version of Outlook express which has a bug in its
MHTML URL processor, which may allow an attacker to execute arbitrary
code on this host.

To exploit this flaw, an attacker would need to send a malformed email to
a user of this host using Outlook, or would need to lure him into visiting
a rogue website.

Solution : http://www.microsoft.com/technet/security/bulletin/ms04-013.mspx
Risk factor : High

Referencia Cruzada: BugTraq ID: 9105
BugTraq ID: 9107
BugTraq ID: 9658
Common Vulnerability Exposure (CVE) ID: CVE-2004-0380
http://www.securityfocus.com/bid/9105
http://www.securityfocus.com/bid/9658
Bugtraq: 20040219 Microsoft Internet Explorer Unspecified CHM File Processing Arbitrary Code Execution Vulnerability (bid 9658) (Google Search)
http://www.securityfocus.com/archive/1/354447
Bugtraq: 20040328 IE ms-its: and mk:@MSITStore: vulnerability (Google Search)
http://www.securityfocus.com/archive/1/358913
Cert/CC Advisory: TA04-099A
Cert/CC Advisory: TA04-104A
http://www.us-cert.gov/cas/techalerts/TA04-104A.html
CERT/CC vulnerability note: VU#323070
http://www.kb.cert.org/vuls/id/323070
http://www.k-otik.net/bugtraq/02.18.InternetExplorer.php
Microsoft Security Bulletin: MS04-013
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-013
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1010
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1028
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A882
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A990
http://secunia.com/advisories/10523
XForce ISS Database: outlook-mhtml-execute-code(15705)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15705

Copyright This script is Copyright (C) 2004 Tenable Network Security

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.12208
Categoría:	Windows
Título:	Cumulative Update for Outlook Express (837009)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host has a version of Outlook express which has a bug in its MHTML URL processor, which may allow an attacker to execute arbitrary code on this host. To exploit this flaw, an attacker would need to send a malformed email to a user of this host using Outlook, or would need to lure him into visiting a rogue website. Solution : http://www.microsoft.com/technet/security/bulletin/ms04-013.mspx Risk factor : High
Referencia Cruzada:	BugTraq ID: 9105 BugTraq ID: 9107 BugTraq ID: 9658 Common Vulnerability Exposure (CVE) ID: CVE-2004-0380 http://www.securityfocus.com/bid/9105 http://www.securityfocus.com/bid/9658 Bugtraq: 20040219 Microsoft Internet Explorer Unspecified CHM File Processing Arbitrary Code Execution Vulnerability (bid 9658) (Google Search) http://www.securityfocus.com/archive/1/354447 Bugtraq: 20040328 IE ms-its: and mk:@MSITStore: vulnerability (Google Search) http://www.securityfocus.com/archive/1/358913 Cert/CC Advisory: TA04-099A Cert/CC Advisory: TA04-104A http://www.us-cert.gov/cas/techalerts/TA04-104A.html CERT/CC vulnerability note: VU#323070 http://www.kb.cert.org/vuls/id/323070 http://www.k-otik.net/bugtraq/02.18.InternetExplorer.php Microsoft Security Bulletin: MS04-013 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-013 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1010 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1028 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A882 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A990 http://secunia.com/advisories/10523 XForce ISS Database: outlook-mhtml-execute-code(15705) https://exchange.xforce.ibmcloud.com/vulnerabilities/15705
Copyright	This script is Copyright (C) 2004 Tenable Network Security