Test Kennung:	1.3.6.1.4.1.25623.1.0.902784
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Windows Object Packager Remote Code Execution Vulnerability (2603381)
Zusammenfassung:	This host is missing an important security update according to; Microsoft Bulletin MS12-002.
Beschreibung:	Summary: This host is missing an important security update according to Microsoft Bulletin MS12-002. Vulnerability Insight: The flaw is due to the way that Windows registers and uses Windows Object Packager. This can be exploited to load an executable file (packager.exe) in an insecure manner by tricking a user into opening a Publisher file '.pub' containing an embedded packaged object located on a remote WebDAV or SMB share. Vulnerability Impact: Successful exploitation could allow attackers to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. Affected Software/OS: - Microsoft Windows - Microsoft Windows XP Service Pack 3 and prior - Microsoft Windows 2003 Service Pack 2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2012-0009 BugTraq ID: 51297 http://www.securityfocus.com/bid/51297 Cert/CC Advisory: TA12-010A http://www.us-cert.gov/cas/techalerts/TA12-010A.html Microsoft Security Bulletin: MS12-002 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-002 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14393 http://www.securitytracker.com/id?1026494 http://secunia.com/advisories/45189
Copyright	Copyright (C) 2012 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.