Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.900241 |
Kategorie: | Windows : Microsoft Bulletins |
Titel: | Microsoft Outlook Express and Windows Mail Remote Code Execution Vulnerability (978542) |
Zusammenfassung: | This host is missing a critical security update according to; Microsoft Bulletin MS10-030. |
Beschreibung: | Summary: This host is missing a critical security update according to Microsoft Bulletin MS10-030. Vulnerability Insight: The issue is due to an integer overflow while processing responses received from a POP3 or IMAP server. This can be exploited by an attacker to crash an affected client or potentially execute arbitrary code by tricking a user into connecting to a malicious POP3 or IMAP server via a specially crafted STAT response. Vulnerability Impact: Successful exploitation will let the remote attackers crash an affected client or can execute an arbitrary code by tricking a user into connecting to a malicious POP3 or IMAP server. Affected Software/OS: - Microsoft Outlook Express 5.5 Service Pack 2 - Microsoft Outlook Express 6 Service Pack 1 on Microsoft Windows 2K Service Pack 4 and prior - Microsoft Outlook Express 6 on Microsoft Windows XP Service Pack 3 and prior - Microsoft Windows 2K3 Service Pack 2 and prior - Microsoft Windows Live Mail on Microsoft Windows XP Service Pack 3 and prior - Microsoft Windows Vista Service Pack 1/2 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
Querverweis: |
BugTraq ID: 39927 Common Vulnerability Exposure (CVE) ID: CVE-2010-0816 BugTraq ID: 40052 http://www.securityfocus.com/bid/40052 Bugtraq: 20100511 {PRL} Microsoft Windows Outlook Express and Windows Mail Integer Overflow (Google Search) http://archives.neohapsis.com/archives/bugtraq/2010-05/0068.html Cert/CC Advisory: TA10-131A http://www.us-cert.gov/cas/techalerts/TA10-131A.html http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=13&Itemid=13 Microsoft Security Bulletin: MS10-030 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-030 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6734 |
Copyright | Copyright (C) 2010 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |