Windows : Microsoft Bulletins : Microsoft Excel Remote Code Execution Vulnerabilities (968557)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.900476

Categoría: Windows : Microsoft Bulletins

Título: Microsoft Excel Remote Code Execution Vulnerabilities (968557)

Resumen: This host is missing a critical security update according to; Microsoft Bulletin MS09-009.

Descripción: Summary:
This host is missing a critical security update according to
Microsoft Bulletin MS09-009.

Vulnerability Insight:
Flaws are due to Memory corruption error and an invalid object access when
processing a malformed Excel document, which in cause an application crash.

Vulnerability Impact:
Successful exploitation could allow execution of arbitrary code by tricking
a user into opening a specially crafted Excel file.

Affected Software/OS:
- Microsoft Office Excel 2K SP3

- Microsoft Office Excel 2k2 SP3

- Microsoft Office Excel 2k3 SP3

- Microsoft Office Excel 2k7 SP1

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-0238
BugTraq ID: 33870
http://www.securityfocus.com/bid/33870
Cert/CC Advisory: TA09-104A
http://www.us-cert.gov/cas/techalerts/TA09-104A.html
http://blogs.zdnet.com/security/?p=2658
http://isc.sans.org/diary.html?storyid=5923
http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99
Microsoft Security Bulletin: MS09-009
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5968
http://securitytracker.com/id?1021744
http://www.vupen.com/english/advisories/2009/1023
XForce ISS Database: ms-excel-unspecified-code-execution(48875)
https://exchange.xforce.ibmcloud.com/vulnerabilities/48875
Common Vulnerability Exposure (CVE) ID: CVE-2009-0100
Bugtraq: 20090415 Microsoft Office Excel Remote Memory Corruption Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/502696/100/0/threaded
http://www.fortiguardcenter.com/advisory/FGA-2009-16.html
http://osvdb.org/53665
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6043
http://www.securitytracker.com/id?1022039

Copyright Copyright (C) 2009 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.900476
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Excel Remote Code Execution Vulnerabilities (968557)
Resumen:	This host is missing a critical security update according to; Microsoft Bulletin MS09-009.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS09-009. Vulnerability Insight: Flaws are due to Memory corruption error and an invalid object access when processing a malformed Excel document, which in cause an application crash. Vulnerability Impact: Successful exploitation could allow execution of arbitrary code by tricking a user into opening a specially crafted Excel file. Affected Software/OS: - Microsoft Office Excel 2K SP3 - Microsoft Office Excel 2k2 SP3 - Microsoft Office Excel 2k3 SP3 - Microsoft Office Excel 2k7 SP1 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0238 BugTraq ID: 33870 http://www.securityfocus.com/bid/33870 Cert/CC Advisory: TA09-104A http://www.us-cert.gov/cas/techalerts/TA09-104A.html http://blogs.zdnet.com/security/?p=2658 http://isc.sans.org/diary.html?storyid=5923 http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99 Microsoft Security Bulletin: MS09-009 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5968 http://securitytracker.com/id?1021744 http://www.vupen.com/english/advisories/2009/1023 XForce ISS Database: ms-excel-unspecified-code-execution(48875) https://exchange.xforce.ibmcloud.com/vulnerabilities/48875 Common Vulnerability Exposure (CVE) ID: CVE-2009-0100 Bugtraq: 20090415 Microsoft Office Excel Remote Memory Corruption Vulnerability (Google Search) http://www.securityfocus.com/archive/1/502696/100/0/threaded http://www.fortiguardcenter.com/advisory/FGA-2009-16.html http://osvdb.org/53665 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6043 http://www.securitytracker.com/id?1022039
Copyright	Copyright (C) 2009 Greenbone AG