Test Kennung:	1.3.6.1.4.1.25623.1.0.902669
Kategorie:	Windows : Microsoft Bulletins
Titel:	Windows Authenticode Signature Remote Code Execution Vulnerability (2653956)
Zusammenfassung:	This host is missing a critical security update according to; Microsoft Bulletin MS12-024.
Beschreibung:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS12-024. Vulnerability Insight: The flaw is due to the way Windows Authenticode Signature Verification function verifies portable executable (PE) files, which can be exploited to add malicious code to the file without invalidating the signature. Vulnerability Impact: Successful exploitation could allow remote attackers to execute arbitrary code as the logged-on user. Affected Software/OS: - Microsoft Windows 7 Service Pack 1 and prior - Microsoft Windows XP Service Pack 3 and prior - Microsoft Windows 2003 Service Pack 2 and prior - Microsoft Windows Vista Service Pack 2 and prior - Microsoft Windows Server 2008 Service Pack 2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	BugTraq ID: 52317 Common Vulnerability Exposure (CVE) ID: CVE-2012-0151 Cert/CC Advisory: TA12-101A http://www.us-cert.gov/cas/techalerts/TA12-101A.html Microsoft Security Bulletin: MS12-024 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-024 http://osvdb.org/81135 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15594 http://www.securitytracker.com/id?1026906 http://secunia.com/advisories/48581
Copyright	Copyright (C) 2012 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.