Test Kennung:	1.3.6.1.4.1.25623.1.0.900568
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Windows Search Script Execution Vulnerability (963093)
Zusammenfassung:	This host is missing a critical security update according to; Microsoft Bulletin MS09-023.
Beschreibung:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS09-023. Vulnerability Insight: The flaw is caused because the search function does not properly restrict the environment within which scripts execute, which could allow sensitive information disclosure. Vulnerability Impact: Remote attackers could exploit this issue to obtain sensitive information or access to data on the affected system by convincing a user to download a crafted file to a specific location, and then open an application that loads the file. Affected Software/OS: - Microsoft Windows XP Service Pack 3 and prior - Microsoft Windows 2003 Service Pack 2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0239 Cert/CC Advisory: TA09-160A http://www.us-cert.gov/cas/techalerts/TA09-160A.html Microsoft Security Bulletin: MS09-023 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-023 http://osvdb.org/54935 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5428 http://www.securitytracker.com/id?1022353 http://secunia.com/advisories/35366 http://www.vupen.com/english/advisories/2009/1542
Copyright	Copyright (C) 2009 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.