Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.900031 |
Categoría: | Windows : Microsoft Bulletins |
Título: | Security Update for Outlook Express (951066) |
Resumen: | This host is missing a critical security update according to; Microsoft Bulletin MS08-048. |
Descripción: | Summary: This host is missing a critical security update according to Microsoft Bulletin MS08-048. Vulnerability Insight: The issue is due to the MHTML protocol handler incorrectly interpreting MHTML URL redirections that could potentially bypass Internet Explorer domain restrictions when returning MHTML content. Vulnerability Impact: Remote attackers can construct a specially crafted Web page, achieve information disclosure, and could read data from another Internet Explorer domain or the local computer. Affected Software/OS: - Outlook Express 5.5 & 6 on Windows 2000 - Outlook Express 6 on MS Windows 2003 and XP Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:N/A:N |
Referencia Cruzada: |
BugTraq ID: 30585 Common Vulnerability Exposure (CVE) ID: CVE-2008-1448 http://www.securityfocus.com/bid/30585 Bugtraq: 20080813 CORE-2008-0103: Internet Explorer Zone Elevation Restrictions Bypass and Security Zone Restrictions Bypass (Google Search) http://www.securityfocus.com/archive/1/495458/100/0/threaded Cert/CC Advisory: TA08-225A http://www.us-cert.gov/cas/techalerts/TA08-225A.html HPdes Security Advisory: HPSBST02360 http://marc.info/?l=bugtraq&m=121915960406986&w=2 HPdes Security Advisory: SSRT080117 http://www.coresecurity.com/content/internet-explorer-zone-elevation Microsoft Security Bulletin: MS08-048 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-048 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5886 http://www.securitytracker.com/id?1020679 http://www.securitytracker.com/id?1020680 http://secunia.com/advisories/31415 http://www.vupen.com/english/advisories/2008/2352 |
Copyright | Copyright (C) 2008 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |