ID de Prueba:	1.3.6.1.4.1.25623.1.0.801483
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Windows Search Remote Code Execution Vulnerability (959349)
Resumen:	This host is missing a critical security update according to; Microsoft Bulletin MS08-075.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS08-075. Vulnerability Insight: The flaws are due to - an error in Windows Explorer that does not correctly free memory when saving Windows Search files. - an error in Windows Explorer that does not correctly interpret parameters when parsing the search-ms protocol. Vulnerability Impact: Successful exploitation will let the remote attackers attackers to execute arbitrary code. Affected Software/OS: - Microsoft Windows Vista Service Pack 1 and prior - Microsoft Windows Server 2008 Service Pack 1 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 8.5 CVSS Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4268 Cert/CC Advisory: TA08-344A http://www.us-cert.gov/cas/techalerts/TA08-344A.html Microsoft Security Bulletin: MS08-075 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-075 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5853 http://www.securitytracker.com/id?1021366 http://secunia.com/advisories/33053 http://www.vupen.com/english/advisories/2008/3387 Common Vulnerability Exposure (CVE) ID: CVE-2008-4269 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6110
Copyright	Copyright (C) 2010 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.