Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.801953
Kategorie:Windows
Titel:Fraudulent Digital Certificates Spoofing Vulnerability (2524375)
Zusammenfassung:The host is installed with Microsoft Windows operating system and is prone; to spoofing vulnerability.;; This NVT has been superseded by KB2641690 Which is addressed in NVT; gb_ms_fraudulent_digital_cert_spoofing_vuln.nasl (OID:1.3.6.1.4.1.25623.1.0.802403)
Beschreibung:Summary:
The host is installed with Microsoft Windows operating system and is prone
to spoofing vulnerability.

This NVT has been superseded by KB2641690 Which is addressed in NVT
gb_ms_fraudulent_digital_cert_spoofing_vuln.nasl (OID:1.3.6.1.4.1.25623.1.0.802403)

Vulnerability Insight:
The flaw is due to an error when handling the fraudulent digital
certificates issued by Comodo and it is not properly validating its
identity.

Vulnerability Impact:
Successful exploitation will allow remote attackers to spoof content, perform
phishing attacks or perform man-in-the-middle attacks against all Web browser
users including users of Internet Explorer.

Affected Software/OS:
- Microsoft Windows 7 Service Pack 1 and prior

- Microsoft Windows XP Service Pack 3 and prior

- Microsoft Windows Vista Service Pack 2 and prior

- Microsoft Windows Server 2003 Service Pack 2 and prior

- Microsoft Windows Server 2008 Service Pack 2 and prior

Solution:
Apply the Patch from the referenced advisory.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N

CopyrightCopyright (C) 2011 Greenbone Networks GmbH

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.