 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.900062 |
| Kategorie: | Windows : Microsoft Bulletins |
| Titel: | Cumulative Security Update for Internet Explorer (958215) |
| Zusammenfassung: | This host is missing a critical security update according to; Microsoft Bulletin MS08-073. |
| Beschreibung: | Summary: This host is missing a critical security update according to Microsoft Bulletin MS08-073. Vulnerability Insight: The flaws are due to - error when handling parameters passed to unspecified navigation methods. - error when fetching a file with an overly long path from a WebDAV share. - unspecified use-after-free error. - a boundary error when processing an overly long filename extension specified inside an EMBED tag. Vulnerability Impact: Successful exploitation could result in stack based buffer overflow by sending overly long specially crafted file via web page to corrupt heap memory. Affected Software/OS: Internet Explorer 7 on MS Windows Vista Internet Explorer 6 on MS Windows 2003 and XP Internet Explorer 7 on MS Windows 2003 and XP Internet Explorer 7 on MS Windows 2008 Server Internet Explorer 5.01 and 6 on MS Windows 2000 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2008-4258 Cert/CC Advisory: TA08-344A http://www.us-cert.gov/cas/techalerts/TA08-344A.html Microsoft Security Bulletin: MS08-073 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-073 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5231 http://www.securitytracker.com/id?1021371 http://www.vupen.com/english/advisories/2008/3385 Common Vulnerability Exposure (CVE) ID: CVE-2008-4259 Bugtraq: 20081209 ZDI-08-087: Microsoft Internet Explorer Webdav Request Parsing Heap Corruption Vulnerability (Google Search) http://www.securityfocus.com/archive/1/499065/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-08-087 http://www.zerodayinitiative.com/advisories/ZDI-08-087/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5706 Common Vulnerability Exposure (CVE) ID: CVE-2008-4260 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5903 Common Vulnerability Exposure (CVE) ID: CVE-2008-4261 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=761 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5829 |
| Copyright | Copyright (C) 2008 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |