Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.902678
Kategorie:Mac OS X Local Security Checks
Titel:Microsoft Silverlight Code Execution Vulnerabilities - 2681578 (Mac OS X)
Zusammenfassung:This host is missing a critical security update according to; Microsoft Bulletin MS12-034.
Beschreibung:Summary:
This host is missing a critical security update according to
Microsoft Bulletin MS12-034.

Vulnerability Insight:
The flaws are due to an error exists when parsing TrueType fonts.

Vulnerability Impact:
Successful exploitation could allow attackers to execute arbitrary code by
tricking a user into opening a specially crafted file.

Affected Software/OS:
Microsoft Silverlight versions 4 and 5

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: BugTraq ID: 50462
BugTraq ID: 53335
Common Vulnerability Exposure (CVE) ID: CVE-2011-3402
Cert/CC Advisory: TA11-347A
http://www.us-cert.gov/cas/techalerts/TA11-347A.html
Cert/CC Advisory: TA12-129A
http://www.us-cert.gov/cas/techalerts/TA12-129A.html
Cert/CC Advisory: TA12-164A
http://www.us-cert.gov/cas/techalerts/TA12-164A.html
http://blogs.mcafee.com/mcafee-labs/the-day-of-the-golden-jackal-%E2%80%93-further-tales-of-the-stuxnet-files
http://isc.sans.edu/diary/Duqu+Mitigation/11950
http://www.securelist.com/en/blog/208193197/The_Mystery_of_Duqu_Part_Two
http://www.symantec.com/connect/w32-duqu_status-updates_installer-zero-day-exploit
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_duqu_the_precursor_to_the_next_stuxnet.pdf
http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-291-01E.pdf
Microsoft Security Bulletin: MS11-087
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-087
Microsoft Security Bulletin: MS12-034
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-034
Microsoft Security Bulletin: MS12-039
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-039
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13998
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15290
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15645
http://www.securitytracker.com/id?1027039
http://secunia.com/advisories/49121
http://secunia.com/advisories/49122
Common Vulnerability Exposure (CVE) ID: CVE-2012-0159
http://www.securityfocus.com/bid/53335
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15388
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15667
XForce ISS Database: microsoft-truetype-code-exec(75124)
https://exchange.xforce.ibmcloud.com/vulnerabilities/75124
CopyrightCopyright (C) 2012 SecPod

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.