Windows : Microsoft Bulletins : Vulnerability in Windows Media File Format Could Allow Remote Code Execution

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.801708

Kategorie: Windows : Microsoft Bulletins

Titel: Vulnerability in Windows Media File Format Could Allow Remote Code Execution

Zusammenfassung: This host is missing a critical security update according to; Microsoft Bulletin MS07-068.

Beschreibung: Summary:
This host is missing a critical security update according to
Microsoft Bulletin MS07-068.

Vulnerability Insight:
The flaws are due to boundary errors when parsing ASF
(Advanced Systems Format) files which can be exploited to cause heap-based
buffer overflows when a user views a specially crafted ASF file.

Vulnerability Impact:
Successful exploitation could allow attackers to execute arbitrary code with
SYSTEM-level privileges. Successfully exploiting this issue will result in
complete compromise of the affected computers.

Affected Software/OS:
Microsoft Windows 2K/XP/2003/Vista.

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: BugTraq ID: 26776
Common Vulnerability Exposure (CVE) ID: CVE-2007-0064
http://www.securityfocus.com/bid/26776
Cert/CC Advisory: TA07-345A
http://www.us-cert.gov/cas/techalerts/TA07-345A.html
CERT/CC vulnerability note: VU#319385
http://www.kb.cert.org/vuls/id/319385
HPdes Security Advisory: HPSBST02299
http://www.securityfocus.com/archive/1/485268/100/0/threaded
HPdes Security Advisory: SSRT071506
Microsoft Security Bulletin: MS07-068
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-068
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3622
http://www.securitytracker.com/id?1019074
http://secunia.com/advisories/28034
http://www.vupen.com/english/advisories/2007/4183

Copyright Copyright (C) 2011 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.801708
Kategorie:	Windows : Microsoft Bulletins
Titel:	Vulnerability in Windows Media File Format Could Allow Remote Code Execution
Zusammenfassung:	This host is missing a critical security update according to; Microsoft Bulletin MS07-068.
Beschreibung:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS07-068. Vulnerability Insight: The flaws are due to boundary errors when parsing ASF (Advanced Systems Format) files which can be exploited to cause heap-based buffer overflows when a user views a specially crafted ASF file. Vulnerability Impact: Successful exploitation could allow attackers to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in complete compromise of the affected computers. Affected Software/OS: Microsoft Windows 2K/XP/2003/Vista. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	BugTraq ID: 26776 Common Vulnerability Exposure (CVE) ID: CVE-2007-0064 http://www.securityfocus.com/bid/26776 Cert/CC Advisory: TA07-345A http://www.us-cert.gov/cas/techalerts/TA07-345A.html CERT/CC vulnerability note: VU#319385 http://www.kb.cert.org/vuls/id/319385 HPdes Security Advisory: HPSBST02299 http://www.securityfocus.com/archive/1/485268/100/0/threaded HPdes Security Advisory: SSRT071506 Microsoft Security Bulletin: MS07-068 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-068 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3622 http://www.securitytracker.com/id?1019074 http://secunia.com/advisories/28034 http://www.vupen.com/english/advisories/2007/4183
Copyright	Copyright (C) 2011 Greenbone Networks GmbH