ID de Prueba:	1.3.6.1.4.1.25623.1.0.900262
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Internet Explorer Multiple Vulnerabilities (2416400)
Resumen:	This host is missing a critical security update according to; Microsoft Bulletin MS10-090.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS10-090. Vulnerability Insight: - An error occurs when IE attempts to access incorrectly initialized memory under certain conditions, causing memory corruption in such a way that an attacker could execute arbitrary code. - An error occurs when IE caches data and incorrectly allows the cached content to be rendered as HTML, potentially bypassing Internet Explorer domain restriction. - An error occurs when IE attempts to access an object that has not been initialized or has been deleted, causing memory corruption in such a way that an attacker could execute arbitrary code in the context of the logged-on user. Vulnerability Impact: Successful exploitation could allow remote attackers to execute arbitrary code in the context of the logged-on user and potentially bypassing Internet Explorer domain restriction. Affected Software/OS: Microsoft Internet Explorer version 6.x/7.x/8.x. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3340 Cert/CC Advisory: TA10-348A http://www.us-cert.gov/cas/techalerts/TA10-348A.html Microsoft Security Bulletin: MS10-090 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-090 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12204 http://www.securitytracker.com/id?1024872 Common Vulnerability Exposure (CVE) ID: CVE-2010-3342 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11447 Common Vulnerability Exposure (CVE) ID: CVE-2010-3343 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12372 Common Vulnerability Exposure (CVE) ID: CVE-2010-3345 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11849 Common Vulnerability Exposure (CVE) ID: CVE-2010-3346 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12322 Common Vulnerability Exposure (CVE) ID: CVE-2010-3348 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12055 Common Vulnerability Exposure (CVE) ID: CVE-2010-3962 BugTraq ID: 44536 http://www.securityfocus.com/bid/44536 CERT/CC vulnerability note: VU#899748 http://www.kb.cert.org/vuls/id/899748 http://www.exploit-db.com/exploits/15418 http://www.exploit-db.com/exploits/15421 http://www.symantec.com/connect/blogs/new-ie-0-day-used-targeted-attacks https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12279 http://www.securitytracker.com/id?1024676 http://secunia.com/advisories/42091 http://www.vupen.com/english/advisories/2010/2880 XForce ISS Database: ms-ie-flag-code-execution(62962) https://exchange.xforce.ibmcloud.com/vulnerabilities/62962
Copyright	Copyright (C) 2010 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.