ID de Prueba:	1.3.6.1.4.1.25623.1.0.805951
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Office XML Core Services Information Disclosure Vulnerability (3080129)
Resumen:	This host is missing an important security; update according to Microsoft Bulletin MS15-084.
Descripción:	Summary: This host is missing an important security update according to Microsoft Bulletin MS15-084. Vulnerability Insight: Flaw exists due to: - An error in Microsoft XML Core Services which allows forceful use of Secure Sockets Layer (SSL) 2.0. - An error in Microsoft XML Core Services which exposes memory addresses not intended for public disclosure. Vulnerability Impact: Successful exploitation will allow remote attackers to conduct man-in-the-middle (MiTM) attack and gain access to sensitive data. Affected Software/OS: - Microsoft Office 2007 Service Pack 3 and prior - Microsoft InfoPath 2007 Service Pack 3 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-2434 Microsoft Security Bulletin: MS15-084 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-084 http://www.securitytracker.com/id/1033241 Common Vulnerability Exposure (CVE) ID: CVE-2015-2471 Common Vulnerability Exposure (CVE) ID: CVE-2015-2440 BugTraq ID: 76232 http://www.securityfocus.com/bid/76232 http://www.zerodayinitiative.com/advisories/ZDI-15-381
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.