Test Kennung:	1.3.6.1.4.1.25623.1.0.900278
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Internet Explorer Multiple Vulnerabilities (2497640)
Zusammenfassung:	This host is missing a critical security update according to; Microsoft Bulletin MS11-018.
Beschreibung:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS11-018. Vulnerability Insight: Multiple flaws are due to - memory corruptions when Internet Explorer attempts to access incorrectly initialized memory or an object under certain conditions. - during certain processes, Internet Explorer incorrectly allows attackers to access and read content from different domains. Vulnerability Impact: Successful exploitation could allow remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Affected Software/OS: Microsoft Internet Explorer version 6.x/7.x/8.x. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0094 Cert/CC Advisory: TA11-102A http://www.us-cert.gov/cas/techalerts/TA11-102A.html http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=900 Microsoft Security Bulletin: MS11-018 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-018 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12463 http://www.securitytracker.com/id?1025327 Common Vulnerability Exposure (CVE) ID: CVE-2011-0346 BugTraq ID: 45639 http://www.securityfocus.com/bid/45639 Bugtraq: 20110101 Announcing cross_fuzz, a potential 0-day in circulation, and more (Google Search) http://www.securityfocus.com/archive/1/515506/100/0/threaded CERT/CC vulnerability note: VU#427980 http://www.kb.cert.org/vuls/id/427980 http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0698.html http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx http://lcamtuf.blogspot.com/2011/01/announcing-crossfuzz-potential-0-day-in.html http://lcamtuf.coredump.cx/cross_fuzz/fuzzer_timeline.txt http://lcamtuf.coredump.cx/cross_fuzz/known_vuln.txt http://lcamtuf.coredump.cx/cross_fuzz/msie_crash.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11882 http://www.securitytracker.com/id?1024940 http://www.vupen.com/english/advisories/2011/0026 XForce ISS Database: ms-ie-releaseinterface-code-execution(64482) https://exchange.xforce.ibmcloud.com/vulnerabilities/64482 Common Vulnerability Exposure (CVE) ID: CVE-2011-1244 BugTraq ID: 47191 http://www.securityfocus.com/bid/47191 http://osvdb.org/71777 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11926 Common Vulnerability Exposure (CVE) ID: CVE-2011-1245 BugTraq ID: 47192 http://www.securityfocus.com/bid/47192 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12385 Common Vulnerability Exposure (CVE) ID: CVE-2011-1345 BugTraq ID: 46821 http://www.securityfocus.com/bid/46821 http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011 http://twitter.com/aaronportnoy/statuses/45642180118855680 http://twitter.com/msftsecresponse/statuses/45646985998516224 http://www.computerworld.com/s/article/9214002/Safari_IE_hacked_first_at_Pwn2Own http://www.zdnet.com/blog/security/pwn2own-2011-ie8-on-windows-7-hijacked-with-3-vulnerabilities/8367 https://threatpost.com/en_us/blogs/pwn2own-winner-stephen-fewer-031011 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12228 XForce ISS Database: ms-ie-unspec-code-exec(66062) https://exchange.xforce.ibmcloud.com/vulnerabilities/66062
Copyright	Copyright (C) 2011 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.