Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.801677
Kategorie:Windows
Titel:Microsoft WMI Administrative Tools ActiveX Control Remote Code Execution Vulnerabilities
Zusammenfassung:This host is installed with Microsoft WMI Administrative Tools; and is prone to multiple remote code execution vulnerabilities.;; This NVT has been replaced by OID:1.3.6.1.4.1.25623.1.0.900281.
Beschreibung:Summary:
This host is installed with Microsoft WMI Administrative Tools
and is prone to multiple remote code execution vulnerabilities.

This NVT has been replaced by OID:1.3.6.1.4.1.25623.1.0.900281.

Vulnerability Insight:
The flaws are due to the 'AddContextRef()' and 'ReleaseContext()'
methods in the WMI Object Viewer Control using a value passed in the
'lCtxHandle' parameter as an object pointer.

Vulnerability Impact:
Successful exploitation will let the remote attackers execute arbitrary code
and can compromise a vulnerable system.

Affected Software/OS:
Microsoft WMI Administrative Tools 1.1.

Solution:
No known solution was made available for at least one year since the disclosure
of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer
release, disable respective features, remove the product or replace the product by another one.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: BugTraq ID: 45546
Common Vulnerability Exposure (CVE) ID: CVE-2010-3973
http://www.securityfocus.com/bid/45546
CERT/CC vulnerability note: VU#725596
http://www.kb.cert.org/vuls/id/725596
http://www.exploit-db.com/exploits/15809
http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx
http://www.wooyun.org/bug.php?action=view&id=1006
Microsoft Security Bulletin: MS11-027
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-027
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12475
http://secunia.com/advisories/42693
http://www.vupen.com/english/advisories/2010/3301
XForce ISS Database: ms-wmi-wbemsingleview-ce(64250)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64250
Common Vulnerability Exposure (CVE) ID: CVE-2010-4588
http://twitter.com/carsteneiram/status/17526155733110784
CopyrightCopyright (C) 2010 Greenbone Networks GmbH

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.