Test Kennung:	1.3.6.1.4.1.25623.1.0.805951
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Office XML Core Services Information Disclosure Vulnerability (3080129)
Zusammenfassung:	This host is missing an important security; update according to Microsoft Bulletin MS15-084.
Beschreibung:	Summary: This host is missing an important security update according to Microsoft Bulletin MS15-084. Vulnerability Insight: Flaw exists due to: - An error in Microsoft XML Core Services which allows forceful use of Secure Sockets Layer (SSL) 2.0. - An error in Microsoft XML Core Services which exposes memory addresses not intended for public disclosure. Vulnerability Impact: Successful exploitation will allow remote attackers to conduct man-in-the-middle (MiTM) attack and gain access to sensitive data. Affected Software/OS: - Microsoft Office 2007 Service Pack 3 and prior - Microsoft InfoPath 2007 Service Pack 3 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-2434 Microsoft Security Bulletin: MS15-084 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-084 http://www.securitytracker.com/id/1033241 Common Vulnerability Exposure (CVE) ID: CVE-2015-2471 Common Vulnerability Exposure (CVE) ID: CVE-2015-2440 BugTraq ID: 76232 http://www.securityfocus.com/bid/76232 http://www.zerodayinitiative.com/advisories/ZDI-15-381
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.