Windows : Microsoft Bulletins : Microsoft Windows Information Disclosure Vulnerability (KB4039038)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.811666

Categoría: Windows : Microsoft Bulletins

Título: Microsoft Windows Information Disclosure Vulnerability (KB4039038)

Resumen: This host is missing an important security; update according to Microsoft KB4039038

Descripción: Summary:
This host is missing an important security
update according to Microsoft KB4039038

Vulnerability Insight:
The flaw exists due to error in the Microsoft
Common Console Document which improperly parses XML input containing a reference
to an external entity.

Vulnerability Impact:
Successful exploitation will allow an attacker
to read arbitrary files via an XML external entity (XXE) declaration.

Affected Software/OS:
Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2.

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2017-8710
BugTraq ID: 100793
http://www.securityfocus.com/bid/100793
https://www.vulnerability-lab.com/get_content.php?id=2094
https://www.youtube.com/watch?v=bIFot3a-58I
http://www.securitytracker.com/id/1039325

Copyright Copyright (C) 2017 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.811666
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Windows Information Disclosure Vulnerability (KB4039038)
Resumen:	This host is missing an important security; update according to Microsoft KB4039038
Descripción:	Summary: This host is missing an important security update according to Microsoft KB4039038 Vulnerability Insight: The flaw exists due to error in the Microsoft Common Console Document which improperly parses XML input containing a reference to an external entity. Vulnerability Impact: Successful exploitation will allow an attacker to read arbitrary files via an XML external entity (XXE) declaration. Affected Software/OS: Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-8710 BugTraq ID: 100793 http://www.securityfocus.com/bid/100793 https://www.vulnerability-lab.com/get_content.php?id=2094 https://www.youtube.com/watch?v=bIFot3a-58I http://www.securitytracker.com/id/1039325
Copyright	Copyright (C) 2017 Greenbone AG