Test Kennung:	1.3.6.1.4.1.25623.1.0.801707
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Internet Explorer mshtml.dll Remote Memory Corruption Vulnerability (942615)
Zusammenfassung:	This host is missing a critical security update according to; Microsoft Bulletin MS07-069.
Beschreibung:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS07-069. Vulnerability Insight: The flaws are due to - A use-after-free error in mshtml.dll when handling 'setExpression()' method calls. - An error within the handling of the 'cloneNode()' and 'nodeValue()' methods. - An error when handling document objects that have been created, modified, deleted, and are then accessed. - An error when displaying web pages containing certain unexpected method calls. Vulnerability Impact: Successful exploitation will allow attacker to execute arbitrary code with the privileges of the application. Failed attacks may cause denial-of-service conditions. Affected Software/OS: Microsoft Internet Explorer version 5.x/6.x/7.x. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3902 BugTraq ID: 26506 http://www.securityfocus.com/bid/26506 Bugtraq: 20071211 ZDI-07-073: Microsoft Internet Explorer setExpression Vulnerability (Google Search) http://www.securityfocus.com/archive/1/484887/100/0/threaded Cert/CC Advisory: TA07-345A http://www.us-cert.gov/cas/techalerts/TA07-345A.html HPdes Security Advisory: HPSBST02299 http://www.securityfocus.com/archive/1/485268/100/0/threaded HPdes Security Advisory: SSRT071506 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=631 http://www.zerodayinitiative.com/advisories/ZDI-07-073.html Microsoft Security Bulletin: MS07-069 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-069 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4582 http://securitytracker.com/id?1019078 http://secunia.com/advisories/28036 http://www.vupen.com/english/advisories/2007/4184 XForce ISS Database: ie-uninit-object-code-execution(38713) https://exchange.xforce.ibmcloud.com/vulnerabilities/38713 Common Vulnerability Exposure (CVE) ID: CVE-2007-3903 BugTraq ID: 26816 http://www.securityfocus.com/bid/26816 Bugtraq: 20071211 ZDI-07-074: Microsoft Internet Explorer Node Manipulation Memory Corruption (Google Search) http://www.securityfocus.com/archive/1/484888/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-07-074.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4553 XForce ISS Database: ie-clonenode-nodevalue-code-execution(38714) https://exchange.xforce.ibmcloud.com/vulnerabilities/38714 Common Vulnerability Exposure (CVE) ID: CVE-2007-5344 BugTraq ID: 26817 http://www.securityfocus.com/bid/26817 Bugtraq: 20071211 ZDI-07-075: Microsoft Internet Explorer Element Tags Vulnerability (Google Search) http://www.securityfocus.com/archive/1/484890/100/100/threaded http://www.zerodayinitiative.com/advisories/ZDI-07-075.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4480 XForce ISS Database: ie-element-code-execution(38715) https://exchange.xforce.ibmcloud.com/vulnerabilities/38715 Common Vulnerability Exposure (CVE) ID: CVE-2007-5347 BugTraq ID: 26427 http://www.securityfocus.com/bid/26427 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4332 XForce ISS Database: ie-dhtml-object-code-execution(38716) https://exchange.xforce.ibmcloud.com/vulnerabilities/38716
Copyright	Copyright (C) 2011 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.