Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.902411
Kategorie:Windows : Microsoft Bulletins
Titel:Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2489283)
Zusammenfassung:This host is missing a critical security update according to; Microsoft Bulletin MS11-022.
Beschreibung:Summary:
This host is missing a critical security update according to
Microsoft Bulletin MS11-022.

Vulnerability Insight:
The flaws are caused by errors related to floating point techno-color time bandit,
persist directory and OfficeArt atoms, which could be exploited by attackers to
execute arbitrary code by tricking a user into opening a specially crafted PowerPoint file.

Vulnerability Impact:
Successful exploitation could allow attackers to execute arbitrary code by
tricking a user into opening a malicious PPT file.

Affected Software/OS:
- Microsoft PowerPoint 2010

- Microsoft PowerPoint Viewer 2010

- Microsoft PowerPoint 2002 Service Pack 3

- Microsoft PowerPoint 2003 Service Pack 3

- Microsoft PowerPoint 2007 Service Pack 2

- Microsoft PowerPoint Viewer 2007 Service Pack 2

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2011-0655
Cert/CC Advisory: TA11-102A
http://www.us-cert.gov/cas/techalerts/TA11-102A.html
Microsoft Security Bulletin: MS11-022
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-022
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12624
http://www.securitytracker.com/id?1025340
http://www.vupen.com/english/advisories/2011/0941
Common Vulnerability Exposure (CVE) ID: CVE-2011-0656
BugTraq ID: 47251
http://www.securityfocus.com/bid/47251
Bugtraq: 20110412 ZDI-11-125: Microsoft Office PowerPoint PersistDirectoryEntry Remote Code Execution Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/517482/100/0/threaded
http://www.zerodayinitiative.com/advisories/ZDI-11-125
http://osvdb.org/71770
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11761
Common Vulnerability Exposure (CVE) ID: CVE-2011-0976
Bugtraq: 20110207 ZDI-11-044: Microsoft PowerPoint 2007 OfficeArt Atom Remote Code Execution Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/516233/100/0/threaded
http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-microsoft
http://zerodayinitiative.com/advisories/ZDI-11-044/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11978
http://secunia.com/advisories/43213
CopyrightCopyright (C) 2011 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.