Windows : Microsoft Internet Explorer RCE Vulnerability (979352)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.800429

Categoría: Windows

Título: Microsoft Internet Explorer RCE Vulnerability (979352)

Resumen: Internet Explorer is prone to a remote code execution (RCE) vulnerability.;; This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.901097.

Descripción: Summary:
Internet Explorer is prone to a remote code execution (RCE) vulnerability.

This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.901097.

Vulnerability Insight:
An invalid pointer reference error exists under certain conditions letting an
invalid pointer to be accessed after an object is deleted.

Vulnerability Impact:
Successful exploitation will allow remote attackers to execute arbitrary code
via specially crafted attack.

Affected Software/OS:
Internet Explorer Version 6.x, 7.x and 8.x.

Solution:
Apply the patch from the referenced advisory.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-0249
BugTraq ID: 37815
http://www.securityfocus.com/bid/37815
Cert/CC Advisory: TA10-055A
http://www.us-cert.gov/cas/techalerts/TA10-055A.html
CERT/CC vulnerability note: VU#492515
http://www.kb.cert.org/vuls/id/492515
http://www.exploit-db.com/exploits/11167
http://news.cnet.com/8301-27080_3-10435232-245.html
Microsoft Security Bulletin: MS10-002
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-002
Microsoft Knowledge Base article: 979352
http://support.microsoft.com/kb/979352
http://osvdb.org/61697
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6835
http://securitytracker.com/id?1023462
http://www.vupen.com/english/advisories/2010/0135
XForce ISS Database: ie-freed-object-code-execution(55642)
https://exchange.xforce.ibmcloud.com/vulnerabilities/55642

Copyright Copyright (C) 2010 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.800429
Categoría:	Windows
Título:	Microsoft Internet Explorer RCE Vulnerability (979352)
Resumen:	Internet Explorer is prone to a remote code execution (RCE) vulnerability.;; This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.901097.
Descripción:	Summary: Internet Explorer is prone to a remote code execution (RCE) vulnerability. This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.901097. Vulnerability Insight: An invalid pointer reference error exists under certain conditions letting an invalid pointer to be accessed after an object is deleted. Vulnerability Impact: Successful exploitation will allow remote attackers to execute arbitrary code via specially crafted attack. Affected Software/OS: Internet Explorer Version 6.x, 7.x and 8.x. Solution: Apply the patch from the referenced advisory. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0249 BugTraq ID: 37815 http://www.securityfocus.com/bid/37815 Cert/CC Advisory: TA10-055A http://www.us-cert.gov/cas/techalerts/TA10-055A.html CERT/CC vulnerability note: VU#492515 http://www.kb.cert.org/vuls/id/492515 http://www.exploit-db.com/exploits/11167 http://news.cnet.com/8301-27080_3-10435232-245.html Microsoft Security Bulletin: MS10-002 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-002 Microsoft Knowledge Base article: 979352 http://support.microsoft.com/kb/979352 http://osvdb.org/61697 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6835 http://securitytracker.com/id?1023462 http://www.vupen.com/english/advisories/2010/0135 XForce ISS Database: ie-freed-object-code-execution(55642) https://exchange.xforce.ibmcloud.com/vulnerabilities/55642
Copyright	Copyright (C) 2010 Greenbone AG