Windows : Microsoft Bulletins : Microsoft Internet Explorer Multiple Vulnerabilities (KB4040685)

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.811934

Category: Windows : Microsoft Bulletins

Title: Microsoft Internet Explorer Multiple Vulnerabilities (KB4040685)

Summary: This host is missing a critical security; update according to Microsoft security updates KB4040685.

Description: Summary:
This host is missing a critical security
update according to Microsoft security updates KB4040685.

Vulnerability Insight:
Multiple flaws exist due to:

- Internet Explorer improperly accesses objects in memory.

- The way that the scripting engine handles objects in memory in Internet
Explorer.

- Internet Explorer improperly handles objects in memory.

Vulnerability Impact:
Successful exploitation will allow attacker
to execute arbitrary code in the context of the current user, gain access to
potentially sensitive information, spoof content or serve as a pivot and detect
specific files on the user's computer.

Affected Software/OS:
Microsoft Internet Explorer version 9.x, 10.x and 11.x.

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
7.6

CVSS Vector:
AV:N/AC:H/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2017-11790
BugTraq ID: 101077
http://www.securityfocus.com/bid/101077
http://www.securitytracker.com/id/1039532
Common Vulnerability Exposure (CVE) ID: CVE-2017-11793
BugTraq ID: 101141
http://www.securityfocus.com/bid/101141
https://www.exploit-db.com/exploits/43368/
Common Vulnerability Exposure (CVE) ID: CVE-2017-11810
BugTraq ID: 101081
http://www.securityfocus.com/bid/101081
https://www.exploit-db.com/exploits/43131/
Common Vulnerability Exposure (CVE) ID: CVE-2017-11813
BugTraq ID: 101083
http://www.securityfocus.com/bid/101083
Common Vulnerability Exposure (CVE) ID: CVE-2017-11822
BugTraq ID: 101122
http://www.securityfocus.com/bid/101122

Copyright Copyright (C) 2017 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.811934
Category:	Windows : Microsoft Bulletins
Title:	Microsoft Internet Explorer Multiple Vulnerabilities (KB4040685)
Summary:	This host is missing a critical security; update according to Microsoft security updates KB4040685.
Description:	Summary: This host is missing a critical security update according to Microsoft security updates KB4040685. Vulnerability Insight: Multiple flaws exist due to: - Internet Explorer improperly accesses objects in memory. - The way that the scripting engine handles objects in memory in Internet Explorer. - Internet Explorer improperly handles objects in memory. Vulnerability Impact: Successful exploitation will allow attacker to execute arbitrary code in the context of the current user, gain access to potentially sensitive information, spoof content or serve as a pivot and detect specific files on the user's computer. Affected Software/OS: Microsoft Internet Explorer version 9.x, 10.x and 11.x. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.6 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-11790 BugTraq ID: 101077 http://www.securityfocus.com/bid/101077 http://www.securitytracker.com/id/1039532 Common Vulnerability Exposure (CVE) ID: CVE-2017-11793 BugTraq ID: 101141 http://www.securityfocus.com/bid/101141 https://www.exploit-db.com/exploits/43368/ Common Vulnerability Exposure (CVE) ID: CVE-2017-11810 BugTraq ID: 101081 http://www.securityfocus.com/bid/101081 https://www.exploit-db.com/exploits/43131/ Common Vulnerability Exposure (CVE) ID: CVE-2017-11813 BugTraq ID: 101083 http://www.securityfocus.com/bid/101083 Common Vulnerability Exposure (CVE) ID: CVE-2017-11822 BugTraq ID: 101122 http://www.securityfocus.com/bid/101122
Copyright	Copyright (C) 2017 Greenbone AG