Test ID:	1.3.6.1.4.1.25623.1.0.102060
Category:	Windows : Microsoft Bulletins
Title:	Cumulative Security Update for Internet Explorer (939653)
Summary:	This critical security update resolves three privately reported; vulnerabilities and one publicly disclosed vulnerability.; The vulnerability with the most serious security impact could allow; remote code execution if a user viewed a specially crafted Web page; using Internet Explorer. Users whose accounts are configured to have; fewer user rights on the system could be less impacted than users; who operate with administrative user rights.
Description:	Summary: This critical security update resolves three privately reported vulnerabilities and one publicly disclosed vulnerability. The vulnerability with the most serious security impact could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3892 BugTraq ID: 25915 http://www.securityfocus.com/bid/25915 Cert/CC Advisory: TA07-282A http://www.us-cert.gov/cas/techalerts/TA07-282A.html HPdes Security Advisory: HPSBST02280 http://www.securityfocus.com/archive/1/482366/100/0/threaded HPdes Security Advisory: SSRT071480 Microsoft Security Bulletin: MS07-057 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-057 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2244 http://securitytracker.com/id?1018788 http://secunia.com/advisories/27133 http://www.vupen.com/english/advisories/2007/3437 Common Vulnerability Exposure (CVE) ID: CVE-2007-3893 BugTraq ID: 25916 http://www.securityfocus.com/bid/25916 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2284 http://secunia.com/advisories/23469 Common Vulnerability Exposure (CVE) ID: CVE-2007-3826 BugTraq ID: 24911 http://www.securityfocus.com/bid/24911 Bugtraq: 20070713 MSIE7 entrapment again (+ FF tidbit) (Google Search) http://www.securityfocus.com/archive/1/473702/100/0/threaded http://lcamtuf.coredump.cx/ietrap3/ http://osvdb.org/38212 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2324 http://secunia.com/advisories/26069 http://securityreason.com/securityalert/2892 http://www.vupen.com/english/advisories/2007/2540 XForce ISS Database: ie-open-addressbar-spoofing(35421) https://exchange.xforce.ibmcloud.com/vulnerabilities/35421
Copyright	Copyright (C) 2010 LSS

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.