Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.902192
Kategorie:Windows : Microsoft Bulletins
Titel:Microsoft Office COM Validation Remote Code Execution Vulnerability (983235)
Zusammenfassung:This host is missing a critical security update according to; Microsoft Bulletin MS10-036.
Beschreibung:Summary:
This host is missing a critical security update according to
Microsoft Bulletin MS10-036.

Vulnerability Insight:
The flaw is caused by an error when validating COM (Component Object Model)
object instantiation, which could allow attackers to execute arbitrary code
by tricking a user into opening a specially crafted Excel, PowerPoint, Publisher, Visio, or Word file.

Vulnerability Impact:
Successful exploitation could allow an attacker to execute arbitrary code on
the remote system.

Affected Software/OS:
- Microsoft Office 2003 SP3

- Microsoft Office Word 2007 SP2 and prior

- Microsoft Office Word 2003 SP3 and prior

- Microsoft Office Excel 2003 SP3 and prior

- Microsoft Office Excel 2007 SP2 and prior

- Microsoft Office Visio 2007 SP2 and prior

- Microsoft Office Visio 2003 SP3 and prior

- Microsoft Office System SP2 and prior

- Microsoft Office Publisher 2003 SP3 and prior

- Microsoft Office Publisher 2003 SP3 and prior

- Microsoft Office PowerPoint 2003 SP3 and prior

- Microsoft Office PowerPoint 2007 SP2 and prior

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: BugTraq ID: 40574
Common Vulnerability Exposure (CVE) ID: CVE-2010-1263
http://www.securityfocus.com/bid/40574
Cert/CC Advisory: TA10-159B
http://www.us-cert.gov/cas/techalerts/TA10-159B.html
Cert/CC Advisory: TA10-285A
http://www.us-cert.gov/cas/techalerts/TA10-285A.html
Microsoft Security Bulletin: MS10-036
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-036
Microsoft Security Bulletin: MS10-083
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-083
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7286
http://www.securitytracker.com/id?1024555
CopyrightCopyright (C) 2010 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.