Windows : Microsoft Bulletins : Microsoft Windows DVD Maker Cross-Site Request Forgery Vulnerability (3208223)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.107144

Categoría: Windows : Microsoft Bulletins

Título: Microsoft Windows DVD Maker Cross-Site Request Forgery Vulnerability (3208223)

Resumen: This host is missing an important security; update according to Microsoft Bulletin MS17-020.

Descripción: Summary:
This host is missing an important security
update according to Microsoft Bulletin MS17-020.

Vulnerability Insight:
The flaw exists when Windows DVD Maker fails
to properly parse a specially crafted '.msdvd' file.

Vulnerability Impact:
Successful exploitation will allow an attacker
to obtain information to further compromise a target system.

Affected Software/OS:
- Microsoft Windows Vista x32/x64 Edition Service Pack 2

- Microsoft Windows 7 x32/x64 Edition Service Pack 1

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2017-0045
BugTraq ID: 96103
http://www.securityfocus.com/bid/96103
https://www.exploit-db.com/exploits/41619/
http://hyp3rlinx.altervista.org/advisories/MICROSOFT-DVD-MAKER-XML-EXTERNAL-ENTITY-FILE-DISCLOSURE.txt
http://www.securitytracker.com/id/1038015

Copyright Copyright (C) 2017 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.107144
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Windows DVD Maker Cross-Site Request Forgery Vulnerability (3208223)
Resumen:	This host is missing an important security; update according to Microsoft Bulletin MS17-020.
Descripción:	Summary: This host is missing an important security update according to Microsoft Bulletin MS17-020. Vulnerability Insight: The flaw exists when Windows DVD Maker fails to properly parse a specially crafted '.msdvd' file. Vulnerability Impact: Successful exploitation will allow an attacker to obtain information to further compromise a target system. Affected Software/OS: - Microsoft Windows Vista x32/x64 Edition Service Pack 2 - Microsoft Windows 7 x32/x64 Edition Service Pack 1 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-0045 BugTraq ID: 96103 http://www.securityfocus.com/bid/96103 https://www.exploit-db.com/exploits/41619/ http://hyp3rlinx.altervista.org/advisories/MICROSOFT-DVD-MAKER-XML-EXTERNAL-ENTITY-FILE-DISCLOSURE.txt http://www.securitytracker.com/id/1038015
Copyright	Copyright (C) 2017 Greenbone AG