ID de Prueba:	1.3.6.1.4.1.25623.1.0.805015
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Windows OLE Object Handling Code Execution Vulnerabilities (3011443)
Resumen:	This host is missing a critical security; update according to Microsoft Bulletin MS14-064.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS14-064. Vulnerability Insight: A flaw exists due to unspecified errors when handling OLE objects within Microsoft Office files and Internet Explorer. Vulnerability Impact: Successful exploitation will allow remote attacker to execute arbitrary code and compromise a user's system. Affected Software/OS: - Microsoft Windows 8 x32/x64 - Microsoft Windows Server 2012/R2 - Microsoft Windows 8.1 x32/x64 - Microsoft Windows 7 x32/x64 Service Pack 1 and prior - Microsoft Windows Vista x32/x64 Service Pack 2 and prior - Microsoft Windows 2003 x32/x64 Service Pack 2 and prior - Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior - Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-6332 BugTraq ID: 70952 http://www.securityfocus.com/bid/70952 Cert/CC Advisory: TA14-318B http://www.us-cert.gov/ncas/alerts/TA14-318B CERT/CC vulnerability note: VU#158647 http://www.kb.cert.org/vuls/id/158647 https://www.exploit-db.com/exploits/37668/ https://www.exploit-db.com/exploits/37800/ https://www.exploit-db.com/exploits/38500/ https://www.exploit-db.com/exploits/38512/ http://packetstormsecurity.com/files/134053/Avant-Browser-Lite-Ultimate-Remote-Code-Execution.html http://packetstormsecurity.com/files/134061/The-World-Browser-3.0-Final-Remote-Code-Execution.html http://packetstormsecurity.com/files/134062/HTML-Compiler-Remote-Code-Execution.html http://packetstormsecurity.com/files/134064/Microsoft-Compiled-HTML-Help-Remote-Code-Execution.html http://packetstormsecurity.com/files/134079/Winamp-Bento-Browser-Remote-Code-Execution.html http://securityintelligence.com/ibm-x-force-researcher-finds-significant-vulnerability-in-microsoft-windows https://forsec.nl/wp-content/uploads/2014/11/ms14_064_ie_olerce.rb_.txt Microsoft Security Bulletin: MS14-064 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-064 http://www.securitytracker.com/id/1031184 Common Vulnerability Exposure (CVE) ID: CVE-2014-6352 BugTraq ID: 70690 http://www.securityfocus.com/bid/70690 http://twitter.com/ohjeongwook/statuses/524795124270653440 http://www.securitytracker.com/id/1031097 http://secunia.com/advisories/61803 XForce ISS Database: ms-win-ole-cve20146352-code-exec(97714) https://exchange.xforce.ibmcloud.com/vulnerabilities/97714
Copyright	Copyright (C) 2014 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.