ID de Prueba:	1.3.6.1.4.1.25623.1.0.900063
Categoría:	Windows : Microsoft Bulletins
Título:	Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173)
Resumen:	This host is missing a critical security update according to; Microsoft Bulletin MS08-072.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS08-072. Vulnerability Insight: Microsoft office is prone to multiple vulnerabilities. Please see the references for more information. Vulnerability Impact: Successful exploitation could execute arbitrary code on the remote system and corrupt memory via a specially crafted Excel Spreadsheet (XLS) file. Affected Software/OS: Microsoft Office 2K/XP/2003/2007. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	BugTraq ID: 32579 BugTraq ID: 32580 BugTraq ID: 32581 BugTraq ID: 32583 BugTraq ID: 32584 BugTraq ID: 32585 BugTraq ID: 32594 BugTraq ID: 32642 Common Vulnerability Exposure (CVE) ID: CVE-2008-4024 Bugtraq: 20081210 CORE-2008-0228: Microsoft Word Malformed FIB Arbitrary Free Vulnerability (Google Search) http://www.securityfocus.com/archive/1/499086/100/0/threaded Cert/CC Advisory: TA08-344A http://www.us-cert.gov/cas/techalerts/TA08-344A.html http://www.coresecurity.com/content/word-arbitrary-free http://www.coresecurity.com/files/attachments/CORE-2008-0228-Word.pdf Microsoft Security Bulletin: MS08-072 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-072 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5934 http://www.securitytracker.com/id?1021370 http://www.vupen.com/english/advisories/2008/3384 Common Vulnerability Exposure (CVE) ID: CVE-2008-4025 Bugtraq: 20081209 Secunia Research: Microsoft Word RTF Polyline/Polygon Integer Overflow (Google Search) http://www.securityfocus.com/archive/1/499054/100/0/threaded http://secunia.com/secunia_research/2008-21/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5682 Common Vulnerability Exposure (CVE) ID: CVE-2008-4026 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5807 Common Vulnerability Exposure (CVE) ID: CVE-2008-4027 Bugtraq: 20081209 ZDI-08-084: Microsoft Office RTF Consecutive Drawing Object Parsing Heap Corruption Vulnerability (Google Search) http://www.securityfocus.com/archive/1/499062/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-08-084 http://www.zerodayinitiative.com/advisories/ZDI-08-084/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6098 Common Vulnerability Exposure (CVE) ID: CVE-2008-4028 Bugtraq: 20081209 ZDI-08-085: Microsoft Office RTF Drawing Object Heap Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/499063/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-08-085 http://www.zerodayinitiative.com/advisories/ZDI-08-085/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6096 Common Vulnerability Exposure (CVE) ID: CVE-2008-4030 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5737 Common Vulnerability Exposure (CVE) ID: CVE-2008-4031 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5952 Common Vulnerability Exposure (CVE) ID: CVE-2008-4837 Bugtraq: 20081209 ZDI-08-086: Microsoft Office Word Document Table Property Stack Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/499064/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-08-086 http://www.zerodayinitiative.com/advisories/ZDI-08-086/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5982
Copyright	Copyright (C) 2008 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.