Test ID:	1.3.6.1.4.1.25623.1.0.811663
Category:	Windows : Microsoft Bulletins
Title:	Microsoft Office 2010 Service Pack 2 Multiple Vulnerabilities (KB3213638)
Summary:	This host is missing a critical security; update according to Microsoft KB3213638
Description:	Summary: This host is missing a critical security update according to Microsoft KB3213638 Vulnerability Insight: Multiple flaws exist due to: - The way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. - The Windows font library improperly handles specially crafted embedded fonts. - Windows Uniscribe improperly discloses the contents of its memory. Vulnerability Impact: Successful exploitation will allow an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution. However, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability. Affected Software/OS: Microsoft Office 2010 Service Pack 2. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-8676 BugTraq ID: 100755 http://www.securityfocus.com/bid/100755 http://www.securitytracker.com/id/1039333 Common Vulnerability Exposure (CVE) ID: CVE-2017-8682 BugTraq ID: 100772 http://www.securityfocus.com/bid/100772 https://www.exploit-db.com/exploits/42744/ http://www.securitytracker.com/id/1039352 Common Vulnerability Exposure (CVE) ID: CVE-2017-8695 BugTraq ID: 100773 http://www.securityfocus.com/bid/100773 http://www.securitytracker.com/id/1039344
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.