Windows : Microsoft Bulletins : Microsoft Office Suite Remote Code Execution Vulnerabilities (3089664)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.806109

Categoría: Windows : Microsoft Bulletins

Título: Microsoft Office Suite Remote Code Execution Vulnerabilities (3089664)

Resumen: This host is missing a critical security; update according to Microsoft Bulletin MS15-099.

Descripción: Summary:
This host is missing a critical security
update according to Microsoft Bulletin MS15-099.

Vulnerability Insight:
A remote code execution exists in Microsoft Office that could be exploited when
a user opens a file containing a malformed graphics image or when a user inserts
a malformed graphics image into an Office file.

Vulnerability Impact:
Successful exploitation will allow a
context-dependent attacker to corrupt memory and potentially
execute arbitrary code.

Affected Software/OS:
- Microsoft Office 2007 Service Pack 3 and prior

- Microsoft Office 2010 Service Pack 2 and prior

- Microsoft Office 2013 Service Pack 1 and prior

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-2545
http://blog.morphisec.com/exploit-bypass-emet-cve-2015-2545
Microsoft Security Bulletin: MS15-099
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-099
http://www.securitytracker.com/id/1033488

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.806109
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Office Suite Remote Code Execution Vulnerabilities (3089664)
Resumen:	This host is missing a critical security; update according to Microsoft Bulletin MS15-099.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS15-099. Vulnerability Insight: A remote code execution exists in Microsoft Office that could be exploited when a user opens a file containing a malformed graphics image or when a user inserts a malformed graphics image into an Office file. Vulnerability Impact: Successful exploitation will allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. Affected Software/OS: - Microsoft Office 2007 Service Pack 3 and prior - Microsoft Office 2010 Service Pack 2 and prior - Microsoft Office 2013 Service Pack 1 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-2545 http://blog.morphisec.com/exploit-bypass-emet-cve-2015-2545 Microsoft Security Bulletin: MS15-099 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-099 http://www.securitytracker.com/id/1033488
Copyright	Copyright (C) 2015 Greenbone AG