Test ID:	1.3.6.1.4.1.25623.1.0.810834
Category:	Windows : Microsoft Bulletins
Title:	Microsoft Office Multiple RCE and Information Disclosure Vulnerabilities (4013075)
Summary:	This host is missing a critical security; update according to Microsoft Bulletin MS17-013.
Description:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS17-013. Vulnerability Insight: Multiple flaws exist due to the way that the Windows Graphics Device Interface (GDI) handles objects in memory. Vulnerability Impact: Successful exploitation will allow an attacker to execute arbitrary code, could take control of the affected system. An attacker could then install programs. View, change, or delete data, or create new accounts with full user rights. Affected Software/OS: - Microsoft Office 2007 Service Pack 3 - Microsoft Office 2010 Service Pack 2 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-0060 BugTraq ID: 96713 http://www.securityfocus.com/bid/96713 https://www.exploit-db.com/exploits/41656/ http://www.securitytracker.com/id/1038002 Common Vulnerability Exposure (CVE) ID: CVE-2017-0073 BugTraq ID: 96637 http://www.securityfocus.com/bid/96637 Common Vulnerability Exposure (CVE) ID: CVE-2017-0108 BugTraq ID: 96722 http://www.securityfocus.com/bid/96722 https://www.exploit-db.com/exploits/41647/ Common Vulnerability Exposure (CVE) ID: CVE-2017-0014 BugTraq ID: 96013 http://www.securityfocus.com/bid/96013 https://secuniaresearch.flexerasoftware.com/secunia_research/2017-9/
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.