Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.902287 |
Categoría: | Windows : Microsoft Bulletins |
Título: | Microsoft Visio Remote Code Execution Vulnerabilities (2451879) |
Resumen: | This host is missing a critical security update according to; Microsoft Bulletin MS11-008. |
Descripción: | Summary: This host is missing a critical security update according to Microsoft Bulletin MS11-008. Vulnerability Insight: The flaws are due to: - A memory corruption error when handling certain objects while parsing malformed Visio files, which could be exploited by attackers to execute arbitrary code. - A memory corruption error when handling corrupted structures while parsing malformed Visio files, which could be exploited by attackers to execute arbitrary code. Vulnerability Impact: Successful exploitation could allow users to execute arbitrary code via a specially crafted Visio file. Affected Software/OS: - Microsoft Visio 2002 Service Pack 2 and prior - Microsoft Visio 2003 Service Pack 3 and prior - Microsoft Visio 2007 Service Pack 2 and pripr Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
Referencia Cruzada: |
BugTraq ID: 46138 BugTraq ID: 46137 Common Vulnerability Exposure (CVE) ID: CVE-2011-0092 http://www.securityfocus.com/bid/46137 Bugtraq: 20110208 ZDI-11-063: Microsoft Visio 2007 LZW Stream Decompression Exception Vulnerability (Google Search) http://www.securityfocus.com/archive/1/516274/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-11-063/ Microsoft Security Bulletin: MS11-008 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-008 http://osvdb.org/70828 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12403 http://www.securitytracker.com/id?1025043 http://secunia.com/advisories/43254 http://www.vupen.com/english/advisories/2011/0321 XForce ISS Database: ms-visio-object-code-execution(64923) https://exchange.xforce.ibmcloud.com/vulnerabilities/64923 Common Vulnerability Exposure (CVE) ID: CVE-2011-0093 http://www.securityfocus.com/bid/46138 http://osvdb.org/70829 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12469 XForce ISS Database: ms-visio-data-code-execution(64924) https://exchange.xforce.ibmcloud.com/vulnerabilities/64924 |
Copyright | Copyright (C) 2011 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |