 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.812078 |
| Categoría: | Windows |
| Título: | Microsoft Publisher 'Dynamic Data Exchange (DDE)' Attacks Security Advisory (4053440) |
| Resumen: | This host is missing an important security; update according to Microsoft Security Advisory 4053440. |
| Descripción: | Summary: This host is missing an important security update according to Microsoft Security Advisory 4053440. Vulnerability Insight: The flaw exists as the Microsoft Office provides several methods for transferring data between applications and the 'DDE' protocol is one such set of messages and guidelines. It sends messages between applications that share data, and uses shared memory to exchange data between applications. Applications can use the DDE protocol for one-time data transfers and for continuous exchanges in which applications send updates to one another as new data becomes available. Vulnerability Impact: Successful exploitation will allow remote attackers to perform code execution on the targeted device. Affected Software/OS: - Microsoft Publisher 2016 - Microsoft Publisher 2013 - Microsoft Publisher 2010 - Microsoft Publisher 2007 Solution: Disable the DDE feature via the registry editor or user interface as given in advisory. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
| Copyright | Copyright (C) 2017 Greenbone AG |
| Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |