ID de Prueba:	1.3.6.1.4.1.25623.1.0.112000
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Office 2013 APP-V ASLR Bypass Vulnerability (3118268)
Resumen:	This host is missing a critical security update according to; Microsoft Bulletin MS16-107.;; This VT has been deprecated and replaced by the VT 'Microsoft Office Suite RCE Vulnerabilities (3185852)'; (1.3.6.1.4.1.25623.1.0.807361).
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS16-107. This VT has been deprecated and replaced by the VT 'Microsoft Office Suite RCE Vulnerabilities (3185852)' (1.3.6.1.4.1.25623.1.0.807361). Vulnerability Insight: An information disclosure vulnerability exists in the way that the Click-to-Run (C2R) components handle objects in memory, which could lead to an Address Space Layout Randomization (ASLR) bypass. Vulnerability Impact: Successful exploitation could allow remote code execution if a user opens a specially crafted Microsoft Office file. Affected Software/OS: Microsoft Office 2013 Service Pack 1. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-0137 BugTraq ID: 92785 http://www.securityfocus.com/bid/92785 Microsoft Security Bulletin: MS16-107 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-107 http://www.securitytracker.com/id/1036785
Copyright	Copyright (C) 2017 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.