Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.801399
Kategorie:Windows
Titel:MS Windows Insecure Library Loading Remote Code Execution Vulnerabilities (2269637)
Zusammenfassung:This host is prone to Remote Code Execution vulnerabilities.
Beschreibung:Summary:
This host is prone to Remote Code Execution vulnerabilities.

Vulnerability Insight:
The flaws are due to:

- An error in the loading of dynamic link libraries (DLLs). If an application
does not securely load DLL files, an attacker may be able to cause the
application to load an arbitrary library.

- A specific insecure programming practices that allow so-called
'binary planting' or 'DLL preloading attacks', which allows the attacker to
execute arbitrary code in the context of the user running the vulnerable
application when the user opens a file from an untrusted location.

Vulnerability Impact:
Successful exploitation will allow attackers to execute arbitrary code or to
elevate privileges.

Affected Software/OS:
- Microsoft Windows 7

- Microsoft Windows XP Service Pack 3 and prior

- Microsoft Windows 2003 Service Pack 2 and prior

- Microsoft Windows Vista Service Pack 2 and prior

- Microsoft Windows Server 2008 Service Pack 2 and prior

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

CopyrightCopyright (C) 2010 Greenbone Networks GmbH

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.