Windows : Microsoft Bulletins : Microsoft PowerPoint Could Allow Remote Code Execution Vulnerabilities (949785)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.900033

Categoría: Windows : Microsoft Bulletins

Título: Microsoft PowerPoint Could Allow Remote Code Execution Vulnerabilities (949785)

Resumen: This host is missing critical security update according to; Microsoft Bulletin MS08-051.

Descripción: Summary:
This host is missing critical security update according to
Microsoft Bulletin MS08-051.

Vulnerability Insight:
Multiple flaws exist due to:

- an integer overflow error when handling CString objects.

- a memory calculation error when processing malformed picture
indexes and list values.

Vulnerability Impact:
Remote attackers could be able to corrupt memory locations via
a specially crafted PowerPoint files.

Affected Software/OS:
- Microsoft PowerPoint 2002/XP/2003/2007

- Microsoft PowerPoint Viewer 2003/2007

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-0120
BugTraq ID: 30552
http://www.securityfocus.com/bid/30552
Cert/CC Advisory: TA08-225A
http://www.us-cert.gov/cas/techalerts/TA08-225A.html
HPdes Security Advisory: HPSBST02360
http://marc.info/?l=bugtraq&m=121915960406986&w=2
HPdes Security Advisory: SSRT080117
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=739
Microsoft Security Bulletin: MS08-051
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-051
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5768
http://www.securitytracker.com/id?1020676
http://secunia.com/advisories/31453
http://www.vupen.com/english/advisories/2008/2355
Common Vulnerability Exposure (CVE) ID: CVE-2008-0121
BugTraq ID: 30554
http://www.securityfocus.com/bid/30554
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=738
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5724
Common Vulnerability Exposure (CVE) ID: CVE-2008-1455
BugTraq ID: 30579
http://www.securityfocus.com/bid/30579
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5555

Copyright Copyright (C) 2008 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.900033
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft PowerPoint Could Allow Remote Code Execution Vulnerabilities (949785)
Resumen:	This host is missing critical security update according to; Microsoft Bulletin MS08-051.
Descripción:	Summary: This host is missing critical security update according to Microsoft Bulletin MS08-051. Vulnerability Insight: Multiple flaws exist due to: - an integer overflow error when handling CString objects. - a memory calculation error when processing malformed picture indexes and list values. Vulnerability Impact: Remote attackers could be able to corrupt memory locations via a specially crafted PowerPoint files. Affected Software/OS: - Microsoft PowerPoint 2002/XP/2003/2007 - Microsoft PowerPoint Viewer 2003/2007 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0120 BugTraq ID: 30552 http://www.securityfocus.com/bid/30552 Cert/CC Advisory: TA08-225A http://www.us-cert.gov/cas/techalerts/TA08-225A.html HPdes Security Advisory: HPSBST02360 http://marc.info/?l=bugtraq&m=121915960406986&w=2 HPdes Security Advisory: SSRT080117 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=739 Microsoft Security Bulletin: MS08-051 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-051 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5768 http://www.securitytracker.com/id?1020676 http://secunia.com/advisories/31453 http://www.vupen.com/english/advisories/2008/2355 Common Vulnerability Exposure (CVE) ID: CVE-2008-0121 BugTraq ID: 30554 http://www.securityfocus.com/bid/30554 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=738 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5724 Common Vulnerability Exposure (CVE) ID: CVE-2008-1455 BugTraq ID: 30579 http://www.securityfocus.com/bid/30579 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5555
Copyright	Copyright (C) 2008 Greenbone AG