Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.802912
Kategorie:Windows
Titel:Microsoft Unauthorized Digital Certificates Spoofing Vulnerability (2728973)
Zusammenfassung:This host is installed with Microsoft Windows operating system and; is prone to Spoofing vulnerability.
Beschreibung:Summary:
This host is installed with Microsoft Windows operating system and
is prone to Spoofing vulnerability.

Vulnerability Insight:
Microsoft certificate authorities, which are stored outside the recommended
secure storage practices can be misused. An attacker could use these
certificates to spoof content, perform phishing attacks, or perform
man-in-the-middle attacks.

Vulnerability Impact:
Successful exploitation could allow remote attackers to use the
certificates to spoof content, perform phishing attacks, or perform
man-in-the-middle attacks.

Affected Software/OS:
- Microsoft Windows XP x32 Edition Service Pack 3 and prior

- Microsoft Windows XP x64 Edition Service Pack 2 and prior

- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior

- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior

- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior

- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior

- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Solution:
Apply the patch from the referenced advisory.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

CopyrightThis script is Copyright (C) 2012 Greenbone Networks GmbH

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.