ID de Prueba:	1.3.6.1.4.1.25623.1.0.804460
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Office Remote Code Execution Vulnerabilities (2967487)
Resumen:	This host is missing a critical security update according to; Microsoft Bulletin MS14-036.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS14-036. Vulnerability Insight: The flaws are due to: - An error within Unicode Scripts Processor can be exploited to execute arbitrary code via a specially crafted font file. - An error within GDI+ when validating images can be exploited to execute arbitrary code via a specially crafted image file. Vulnerability Impact: Successful exploitation will allow remote attackers to execute arbitrary code in the context of the currently logged-in user, which may lead to a complete compromise of an affected computer. Affected Software/OS: - Microsoft Office 2007 Service Pack 2 - Microsoft Office 2010 Service Pack 1 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-1817 BugTraq ID: 67897 http://www.securityfocus.com/bid/67897 Microsoft Security Bulletin: MS14-036 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-036 http://www.securitytracker.com/id/1030376 http://www.securitytracker.com/id/1030377 http://www.securitytracker.com/id/1030378 http://secunia.com/advisories/58583 Common Vulnerability Exposure (CVE) ID: CVE-2014-1818 BugTraq ID: 67904 http://www.securityfocus.com/bid/67904
Copyright	Copyright (C) 2014 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.