Test Kennung:	1.3.6.1.4.1.25623.1.0.808225
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Edge Multiple Vulnerabilities (3163656)
Zusammenfassung:	This host is missing a critical security; update according to Microsoft Bulletin MS16-068.
Beschreibung:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS16-068. Vulnerability Insight: Multiple flaws exist due to: - when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents. - when improperly handle objects in memory in Microsoft Edge. - when a user opens a specially crafted .pdf file. Vulnerability Impact: Successful exploitation will allow remote attackers to trick a user into loading a page containing malicious content, to trick the user into opening the .pdf file and read information in the context of the current user and to execute arbitrary code. Affected Software/OS: - Microsoft Windows 10 x32/x64 - Microsoft Windows 10 Version 1511 x32/x64 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-3198 Microsoft Security Bulletin: MS16-068 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-068 http://www.securitytracker.com/id/1036099 Common Vulnerability Exposure (CVE) ID: CVE-2016-3199 http://www.zerodayinitiative.com/advisories/ZDI-16-367 http://www.zerodayinitiative.com/advisories/ZDI-16-368 Common Vulnerability Exposure (CVE) ID: CVE-2016-3201 Microsoft Security Bulletin: MS16-080 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-080 Common Vulnerability Exposure (CVE) ID: CVE-2016-3202 Microsoft Security Bulletin: MS16-063 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-063 http://www.securitytracker.com/id/1036096 Common Vulnerability Exposure (CVE) ID: CVE-2016-3203 BugTraq ID: 91086 http://www.securityfocus.com/bid/91086 http://www.zerodayinitiative.com/advisories/ZDI-16-369 Common Vulnerability Exposure (CVE) ID: CVE-2016-3214 Common Vulnerability Exposure (CVE) ID: CVE-2016-3215 http://www.zerodayinitiative.com/advisories/ZDI-16-370 Common Vulnerability Exposure (CVE) ID: CVE-2016-3222 BugTraq ID: 91094 http://www.securityfocus.com/bid/91094 https://www.exploit-db.com/exploits/40880/ http://seclists.org/fulldisclosure/2016/Dec/16 http://blog.skylined.nl/20161205001.html http://packetstormsecurity.com/files/140043/Microsoft-Edge-CBase-Scriptable-Private-Query-Interface-Memory-Corruption.html http://www.zerodayinitiative.com/advisories/ZDI-16-371
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.