Beschreibung: | Summary: This host is missing a critical security update according to Microsoft Bulletin MS08-052.
Vulnerability Insight: The issues are caused by memory corruptions, integer, heap and buffer overflows, and input validation errors in GDI+ when rendering malformed WMF, PNG, TIFF and BMP images, or when processing Office Art Property Tables in Office documents.
Vulnerability Impact: Successful exploitation could allow attackers to crash an affected application or execute arbitrary code.
Affected Software/OS: - Microsoft SQL Server 2005 SP 2/3
- Microsoft Office Excel Viewer 2007
- Microsoft Office XP/2003 SP 3 and prior
- Microsoft Office Visio 2002 SP 2 and prior
- Microsoft Office Groove 2007 SP1 and prior
- Microsoft Excel Viewer 2003 SP 3 and prior
- Microsoft Office 2007 System SP 1/2 and prior
- Microsoft Office Word Viewer 2003 SP 3 and prior
- Microsoft Office Visio Viewer 2007 SP 2 and prior
- Microsoft Office PowerPoint Viewer 2007 SP 2 and prior
- Microsoft Visual Studio 2008 SP 1 and prior
- Microsoft Visual Studio .NET 2003 SP 1 and prior
- Microsoft Windows 2000 SP4 with Internet Explorer 6 SP 1
- Microsoft Office Compatibility Pack for Word/Excel/PowerPoint 2007 File Formats SP 1/2
- Microsoft Office PowerPoint Viewer 2003
- Microsoft Office PowerPoint Viewer 2007 Service Pack 1
Solution: The vendor has released updates. Please see the references for more information.
CVSS Score: 9.3
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
|