Test Kennung:	1.3.6.1.4.1.25623.1.0.900364
Kategorie:	Windows : Microsoft Bulletins
Titel:	Cumulative Security Update for Internet Explorer (969897)
Zusammenfassung:	This host is missing a critical security update according to; Microsoft Bulletin MS09-019.
Beschreibung:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS09-019. Vulnerability Insight: Multiple flaws are due to: - Scripts may persist across navigations and let a malicious site interact with a site in an arbitrary external domain. - When application fails to properly enforce the same-origin policy. - In the way that Internet Explorer caches data and incorrectly allows the cached content to be called, potentially bypassing Internet Explorer domain restriction. - Error in the way Internet Explorer displays a Web page that contains certain unexpected method calls to HTML objects. - Error in the way Internet Explorer accesses an object that has not been correctly initialized or has been deleted by specially crafted Web page. Vulnerability Impact: Successful exploitation will let the attacker execute arbitrary codes into the context of the affected system, as a result in view, change, or delete data and can cause denial of service to legitimate users. Affected Software/OS: Microsoft Internet Explorer version 5.x/6.x/7.x/8.x. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3091 BugTraq ID: 24283 http://www.securityfocus.com/bid/24283 Bugtraq: 20070604 Assorted browser vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/470446/100/0/threaded Cert/CC Advisory: TA09-160A http://www.us-cert.gov/cas/techalerts/TA09-160A.html CERT/CC vulnerability note: VU#471361 http://www.kb.cert.org/vuls/id/471361 http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0026.html http://lcamtuf.coredump.cx/ierace/ Microsoft Security Bulletin: MS09-019 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-019 http://osvdb.org/38497 http://osvdb.org/54944 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6041 http://securitytracker.com/id?1018192 http://secunia.com/advisories/25564 http://securityreason.com/securityalert/2781 http://www.vupen.com/english/advisories/2007/2064 http://www.vupen.com/english/advisories/2009/1538 XForce ISS Database: ie-pageupdate-security-bypass(34696) https://exchange.xforce.ibmcloud.com/vulnerabilities/34696 Common Vulnerability Exposure (CVE) ID: CVE-2009-1140 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6278 http://www.securitytracker.com/id?1022350 Common Vulnerability Exposure (CVE) ID: CVE-2009-1141 Bugtraq: 20090610 FortiGuard Advisory: Microsoft Internet Explorer DHTML Handling Remote Memory Corruption Vulnerability (Google Search) http://www.securityfocus.com/archive/1/504207/100/0/threaded http://www.fortiguardcenter.com/advisory/FGA-2009-22.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5554 Common Vulnerability Exposure (CVE) ID: CVE-2009-1528 BugTraq ID: 35222 http://www.securityfocus.com/bid/35222 Bugtraq: 20090610 ZDI-09-037: Microsoft Internet Explorer Concurrent Ajax Request Memory Corruption Vulnerability (Google Search) http://www.securityfocus.com/archive/1/504206/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-09-037 http://osvdb.org/54947 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6260 Common Vulnerability Exposure (CVE) ID: CVE-2009-1529 BugTraq ID: 35223 http://www.securityfocus.com/bid/35223 Bugtraq: 20090610 ZDI-09-036: Microsoft Internet Explorer setCapture Memory Corruption Vulnerability (Google Search) http://www.securityfocus.com/archive/1/504205/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-09-036 http://osvdb.org/54948 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6295 Common Vulnerability Exposure (CVE) ID: CVE-2009-1530 Bugtraq: 20090610 ZDI-09-038: Microsoft Internet Explorer Event Handler Memory Corruption Vulnerability (Google Search) http://www.securityfocus.com/archive/1/504209/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-09-038 http://osvdb.org/54949 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6294 Common Vulnerability Exposure (CVE) ID: CVE-2009-1531 BugTraq ID: 35234 http://www.securityfocus.com/bid/35234 Bugtraq: 20090610 ZDI-09-039: Microsoft Internet Explorer onreadystatechange Memory Corruption Vulnerability (Google Search) http://www.securityfocus.com/archive/1/504216/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-09-039 http://osvdb.org/54950 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6308 Common Vulnerability Exposure (CVE) ID: CVE-2009-1532 Bugtraq: 20090610 ZDI-09-041: Microsoft Internet Explorer 8 Rows Property Dangling Pointer Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/504208/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-09-041 http://osvdb.org/54951 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6244
Copyright	Copyright (C) 2009 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.