Windows : Microsoft Bulletins : Microsoft Foundation Class (MFC) Library Remote Code Execution Vulnerability (2500212)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.900285

Kategorie: Windows : Microsoft Bulletins

Titel: Microsoft Foundation Class (MFC) Library Remote Code Execution Vulnerability (2500212)

Zusammenfassung: This host is missing a critical security update according to; Microsoft Bulletin MS11-025.

Beschreibung: Summary:
This host is missing a critical security update according to
Microsoft Bulletin MS11-025.

Vulnerability Insight:
A flaw exists in the Microsoft Foundation Class (MFC) Library, when
applications built using MFC incorrectly restrict the path used for loading external libraries.

Vulnerability Impact:
Successful exploitation will let the attacker execute arbitrary code which
may result in memory corruption on the affected system.

Affected Software/OS:
- Microsoft Visual Studio 2010

- Microsoft Visual Studio 2005 SP 1 and prior

- Microsoft Visual Studio 2008 SP 1 and prior

- Microsoft Visual Studio .NET 2003 SP 1 and prior

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2010-3190
http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html
BugTraq ID: 42811
http://www.securityfocus.com/bid/42811
Cert/CC Advisory: TA11-102A
http://www.us-cert.gov/cas/techalerts/TA11-102A.html
http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/
Microsoft Security Bulletin: MS11-025
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-025
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12457
http://secunia.com/advisories/41212

Copyright Copyright (C) 2011 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.900285
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Foundation Class (MFC) Library Remote Code Execution Vulnerability (2500212)
Zusammenfassung:	This host is missing a critical security update according to; Microsoft Bulletin MS11-025.
Beschreibung:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS11-025. Vulnerability Insight: A flaw exists in the Microsoft Foundation Class (MFC) Library, when applications built using MFC incorrectly restrict the path used for loading external libraries. Vulnerability Impact: Successful exploitation will let the attacker execute arbitrary code which may result in memory corruption on the affected system. Affected Software/OS: - Microsoft Visual Studio 2010 - Microsoft Visual Studio 2005 SP 1 and prior - Microsoft Visual Studio 2008 SP 1 and prior - Microsoft Visual Studio .NET 2003 SP 1 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3190 http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html BugTraq ID: 42811 http://www.securityfocus.com/bid/42811 Cert/CC Advisory: TA11-102A http://www.us-cert.gov/cas/techalerts/TA11-102A.html http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/ Microsoft Security Bulletin: MS11-025 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-025 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12457 http://secunia.com/advisories/41212
Copyright	Copyright (C) 2011 Greenbone AG