Windows : Microsoft Bulletins : Microsoft Internet Explorer HTML Rendering Remote Memory Corruption Vulnerability (944533)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.801702

Categoría: Windows : Microsoft Bulletins

Título: Microsoft Internet Explorer HTML Rendering Remote Memory Corruption Vulnerability (944533)

Resumen: This host is missing a critical security update according to; Microsoft Bulletin MS08-010.

Descripción: Summary:
This host is missing a critical security update according to
Microsoft Bulletin MS08-010.

Vulnerability Insight:
The flaw is due to:

- Error in the way 'HTML' with certain layout combinations is interpreted
which can be exploited to corrupt memory via a specially crafted web page.

- Error in the way 'by' property of an 'animateMotion' SVG element is
handled.

- Error in the argument validation when processing images.

Vulnerability Impact:
Successful exploitation will allow attacker to execute arbitrary code with
the privileges of the application. Failed attacks may cause denial-of-service
conditions.

Affected Software/OS:
Microsoft Internet Explorer version 5.x/6.x/7.x.

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-0076
BugTraq ID: 27668
http://www.securityfocus.com/bid/27668
Cert/CC Advisory: TA08-043C
http://www.us-cert.gov/cas/techalerts/TA08-043C.html
HPdes Security Advisory: HPSBST02314
http://marc.info/?l=bugtraq&m=120361015026386&w=2
HPdes Security Advisory: SSRT080016
Microsoft Security Bulletin: MS08-010
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-010
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5487
http://www.securitytracker.com/id?1019379
http://secunia.com/advisories/28903
http://www.vupen.com/english/advisories/2008/0512/references

Copyright Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.801702
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Internet Explorer HTML Rendering Remote Memory Corruption Vulnerability (944533)
Resumen:	This host is missing a critical security update according to; Microsoft Bulletin MS08-010.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS08-010. Vulnerability Insight: The flaw is due to: - Error in the way 'HTML' with certain layout combinations is interpreted which can be exploited to corrupt memory via a specially crafted web page. - Error in the way 'by' property of an 'animateMotion' SVG element is handled. - Error in the argument validation when processing images. Vulnerability Impact: Successful exploitation will allow attacker to execute arbitrary code with the privileges of the application. Failed attacks may cause denial-of-service conditions. Affected Software/OS: Microsoft Internet Explorer version 5.x/6.x/7.x. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0076 BugTraq ID: 27668 http://www.securityfocus.com/bid/27668 Cert/CC Advisory: TA08-043C http://www.us-cert.gov/cas/techalerts/TA08-043C.html HPdes Security Advisory: HPSBST02314 http://marc.info/?l=bugtraq&m=120361015026386&w=2 HPdes Security Advisory: SSRT080016 Microsoft Security Bulletin: MS08-010 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-010 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5487 http://www.securitytracker.com/id?1019379 http://secunia.com/advisories/28903 http://www.vupen.com/english/advisories/2008/0512/references
Copyright	Copyright (C) 2011 Greenbone AG