Test ID:	1.3.6.1.4.1.25623.1.0.903000
Category:	Windows : Microsoft Bulletins
Title:	Microsoft Expression Design Remote Code Execution Vulnerability (2651018)
Summary:	This host is missing an important security update according to; Microsoft Bulletin MS12-022.
Description:	Summary: This host is missing an important security update according to Microsoft Bulletin MS12-022. Vulnerability Insight: The flaw is due to the way that Microsoft Expression Design handles the loading of DLL files. An attacker can exploit this vulnerability to install programs, view, change, or delete data, or create new accounts with full user rights. Vulnerability Impact: Successful exploitation could allow remote attackers to execute arbitrary code on the target system. Affected Software/OS: - Microsoft Expression Design - Microsoft Expression Design 2 - Microsoft Expression Design 3 - Microsoft Expression Design 4 - Microsoft Expression Design Service Pack 1 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-0016 Cert/CC Advisory: TA12-073A http://www.us-cert.gov/cas/techalerts/TA12-073A.html Microsoft Security Bulletin: MS12-022 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-022 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14973
Copyright	Copyright (C) 2012 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.