Mac OS X Local Security Checks : Microsoft Office Remote Code Execution Vulnerabilities-2663830 (Mac OS X)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.902913

Categoría: Mac OS X Local Security Checks

Título: Microsoft Office Remote Code Execution Vulnerabilities-2663830 (Mac OS X)

Resumen: This host is missing a critical security update according to; Microsoft Bulletin MS12-030.

Descripción: Summary:
This host is missing a critical security update according to
Microsoft Bulletin MS12-030.

Vulnerability Insight:
The flaws are due to errors while handling OBJECTLINK record, SXLI
record, MergeCells record and a mismatch error when handling the Series
record within Excel files.

Vulnerability Impact:
Successful exploitation could allow attackers to execute arbitrary code
with the privileges of the user running the affected application.

Affected Software/OS:
- Microsoft Office 2008 for Mac

- Microsoft Office 2011 for Mac

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: BugTraq ID: 53342
BugTraq ID: 53373
BugTraq ID: 53374
BugTraq ID: 53375
BugTraq ID: 53379
Common Vulnerability Exposure (CVE) ID: CVE-2012-0141
http://www.securityfocus.com/bid/53342
Cert/CC Advisory: TA12-129A
http://www.us-cert.gov/cas/techalerts/TA12-129A.html
Microsoft Security Bulletin: MS12-030
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-030
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15152
http://www.securitytracker.com/id?1027041
http://secunia.com/advisories/49112
Common Vulnerability Exposure (CVE) ID: CVE-2012-0142
http://www.securityfocus.com/bid/53373
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15543
Common Vulnerability Exposure (CVE) ID: CVE-2012-0143
http://www.securityfocus.com/bid/53374
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15064
Common Vulnerability Exposure (CVE) ID: CVE-2012-0184
http://www.securityfocus.com/bid/53375
http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=982
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14789
XForce ISS Database: ms-excel-sxli-code-execution(75117)
https://exchange.xforce.ibmcloud.com/vulnerabilities/75117
Common Vulnerability Exposure (CVE) ID: CVE-2012-1847
http://www.securityfocus.com/bid/53379
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15575
XForce ISS Database: ms-excel-series-code-execution(75119)
https://exchange.xforce.ibmcloud.com/vulnerabilities/75119

Copyright Copyright (C) 2012 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.902913
Categoría:	Mac OS X Local Security Checks
Título:	Microsoft Office Remote Code Execution Vulnerabilities-2663830 (Mac OS X)
Resumen:	This host is missing a critical security update according to; Microsoft Bulletin MS12-030.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS12-030. Vulnerability Insight: The flaws are due to errors while handling OBJECTLINK record, SXLI record, MergeCells record and a mismatch error when handling the Series record within Excel files. Vulnerability Impact: Successful exploitation could allow attackers to execute arbitrary code with the privileges of the user running the affected application. Affected Software/OS: - Microsoft Office 2008 for Mac - Microsoft Office 2011 for Mac Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	BugTraq ID: 53342 BugTraq ID: 53373 BugTraq ID: 53374 BugTraq ID: 53375 BugTraq ID: 53379 Common Vulnerability Exposure (CVE) ID: CVE-2012-0141 http://www.securityfocus.com/bid/53342 Cert/CC Advisory: TA12-129A http://www.us-cert.gov/cas/techalerts/TA12-129A.html Microsoft Security Bulletin: MS12-030 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-030 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15152 http://www.securitytracker.com/id?1027041 http://secunia.com/advisories/49112 Common Vulnerability Exposure (CVE) ID: CVE-2012-0142 http://www.securityfocus.com/bid/53373 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15543 Common Vulnerability Exposure (CVE) ID: CVE-2012-0143 http://www.securityfocus.com/bid/53374 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15064 Common Vulnerability Exposure (CVE) ID: CVE-2012-0184 http://www.securityfocus.com/bid/53375 http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=982 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14789 XForce ISS Database: ms-excel-sxli-code-execution(75117) https://exchange.xforce.ibmcloud.com/vulnerabilities/75117 Common Vulnerability Exposure (CVE) ID: CVE-2012-1847 http://www.securityfocus.com/bid/53379 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15575 XForce ISS Database: ms-excel-series-code-execution(75119) https://exchange.xforce.ibmcloud.com/vulnerabilities/75119
Copyright	Copyright (C) 2012 Greenbone Networks GmbH