Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.802379
Kategorie:Windows
Titel:Microsoft Windows Kernel 'win32k.sys' Memory Corruption Vulnerability
Zusammenfassung:Microsoft Windows 7 Professional 64-bit is prone to memory; corruption vulnerability.;; This NVT has been replaced by OID:1.3.6.1.4.1.25623.1.0.902810.
Beschreibung:Summary:
Microsoft Windows 7 Professional 64-bit is prone to memory
corruption vulnerability.

This NVT has been replaced by OID:1.3.6.1.4.1.25623.1.0.902810.

Vulnerability Insight:
The flaw is due to an error in win32k.sys, when handling a
specially crafted web page containing an IFRAME with an overly large 'height'
attribute viewed using the Apple Safari browser.

Vulnerability Impact:
Successful exploitation will allow attackers to execute arbitrary
code on the system with kernel-level privileges.

Affected Software/OS:
Microsoft Windows 7 Professional 64-bit.

Solution:
No known solution was made available for at least one year
since the disclosure of this vulnerability. Likely none will be provided anymore.
General solution options are to upgrade to a newer release, disable respective
features, remove the product or replace the product by another one.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: BugTraq ID: 51122
Common Vulnerability Exposure (CVE) ID: CVE-2011-5046
Cert/CC Advisory: TA12-045A
http://www.us-cert.gov/cas/techalerts/TA12-045A.html
http://www.exploit-db.com/exploits/18275
http://twitter.com/w3bd3vil/statuses/148454992989261824
Microsoft Security Bulletin: MS12-008
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-008
http://osvdb.org/77908
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14603
http://www.securitytracker.com/id?1026450
http://secunia.com/advisories/47237
XForce ISS Database: ms-win32k-iframe-code-exec(71873)
https://exchange.xforce.ibmcloud.com/vulnerabilities/71873
CopyrightCopyright (C) 2012 Greenbone Networks GmbH

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.