Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.812078
Kategorie:Windows
Titel:Microsoft Publisher 'Dynamic Data Exchange (DDE)' Attacks Security Advisory (4053440)
Zusammenfassung:This host is missing an important security; update according to Microsoft Security Advisory 4053440.
Beschreibung:Summary:
This host is missing an important security
update according to Microsoft Security Advisory 4053440.

Vulnerability Insight:
The flaw exists as the Microsoft Office provides
several methods for transferring data between applications and the 'DDE' protocol
is one such set of messages and guidelines. It sends messages between applications
that share data, and uses shared memory to exchange data between applications.
Applications can use the DDE protocol for one-time data transfers and for
continuous exchanges in which applications send updates to one another as new
data becomes available.

Vulnerability Impact:
Successful exploitation will allow remote
attackers to perform code execution on the targeted device.

Affected Software/OS:
- Microsoft Publisher 2016

- Microsoft Publisher 2013

- Microsoft Publisher 2010

- Microsoft Publisher 2007

Solution:
Disable the DDE feature via the registry
editor or user interface as given in advisory.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

CopyrightCopyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.