Windows : Microsoft Bulletins : Microsoft VBScript Remote Code Execution Vulnerability (2928390)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.903229

Kategorie: Windows : Microsoft Bulletins

Titel: Microsoft VBScript Remote Code Execution Vulnerability (2928390)

Zusammenfassung: This host is missing a critical security update according to Microsoft; Bulletin MS14-011.

Beschreibung: Summary:
This host is missing a critical security update according to Microsoft
Bulletin MS14-011.

Vulnerability Insight:
Flaw is due to improper handling of memory objects in VBScript engine.

Vulnerability Impact:
Successful exploitation will allow attackers to execute arbitrary code and
corrupt memory.

Affected Software/OS:
- Microsoft Windows XP Service Pack 3 and prior

- Microsoft Windows XP x64 Edition Service Pack 2 and prior

- Microsoft Windows 2003 x32 Pack 3 and prior

- Microsoft Windows 2003 x64 Service Pack 2 and prior

- Microsoft Windows Vista x32/x64 Service Pack 2 and prior

- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior

- Microsoft Windows 7 x32/x64 Service Pack 1 and prior

- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

- Microsoft Windows 8 x32/x64

- Microsoft Windows 8.1 x32/x64

- Microsoft Windows Server 2012

- Microsoft Windows Server 2012 R2

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2014-0271
BugTraq ID: 65395
http://www.securityfocus.com/bid/65395
Microsoft Security Bulletin: MS14-010
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-010
Microsoft Security Bulletin: MS14-011
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-011
http://osvdb.org/103166
http://www.securitytracker.com/id/1029741
http://secunia.com/advisories/56796
http://secunia.com/advisories/56814
XForce ISS Database: ms-ie-cve20140271-code-exec(90757)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90757

Copyright Copyright (C) 2014 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.903229
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft VBScript Remote Code Execution Vulnerability (2928390)
Zusammenfassung:	This host is missing a critical security update according to Microsoft; Bulletin MS14-011.
Beschreibung:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS14-011. Vulnerability Insight: Flaw is due to improper handling of memory objects in VBScript engine. Vulnerability Impact: Successful exploitation will allow attackers to execute arbitrary code and corrupt memory. Affected Software/OS: - Microsoft Windows XP Service Pack 3 and prior - Microsoft Windows XP x64 Edition Service Pack 2 and prior - Microsoft Windows 2003 x32 Pack 3 and prior - Microsoft Windows 2003 x64 Service Pack 2 and prior - Microsoft Windows Vista x32/x64 Service Pack 2 and prior - Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior - Microsoft Windows 7 x32/x64 Service Pack 1 and prior - Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior - Microsoft Windows 8 x32/x64 - Microsoft Windows 8.1 x32/x64 - Microsoft Windows Server 2012 - Microsoft Windows Server 2012 R2 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0271 BugTraq ID: 65395 http://www.securityfocus.com/bid/65395 Microsoft Security Bulletin: MS14-010 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-010 Microsoft Security Bulletin: MS14-011 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-011 http://osvdb.org/103166 http://www.securitytracker.com/id/1029741 http://secunia.com/advisories/56796 http://secunia.com/advisories/56814 XForce ISS Database: ms-ie-cve20140271-code-exec(90757) https://exchange.xforce.ibmcloud.com/vulnerabilities/90757
Copyright	Copyright (C) 2014 Greenbone AG