Test Kennung:	1.3.6.1.4.1.25623.1.0.900837
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability (956844)
Zusammenfassung:	This host is missing a critical security update according to; Microsoft Bulletin MS09-046.
Beschreibung:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS09-046. Vulnerability Insight: The flaw is due to an error in the bundled DHTML Editing Component ActiveX control when formatting HTML markup and can be exploited via a specially crafted web page. Vulnerability Impact: Successful exploitation will let the attacker execute arbitrary code or compromise an affected system. Affected Software/OS: - Microsoft Windows 2k Service Pack 4 and prior - Microsoft Windows XP Service Pack 3 and prior - Microsoft Windows 2k3 Service Pack 2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2519 BugTraq ID: 36280 http://www.securityfocus.com/bid/36280 Cert/CC Advisory: TA09-251A http://www.us-cert.gov/cas/techalerts/TA09-251A.html Microsoft Security Bulletin: MS09-046 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-046 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6271 http://www.securitytracker.com/id?1022843 http://secunia.com/advisories/36592
Copyright	Copyright (C) 2009 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.