 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.900878 |
| Categoría: | Windows : Microsoft Bulletins |
| Título: | Microsoft Products GDI Plus Code Execution Vulnerabilities (957488) |
| Resumen: | This host is missing a critical security update according to; Microsoft Bulletin MS09-062. |
| Descripción: | Summary: This host is missing a critical security update according to Microsoft Bulletin MS09-062. Vulnerability Insight: These issues are caused by memory corruptions, integer, heap and buffer overflows, and input validation errors in GDI+ when rendering malformed WMF, PNG, TIFF and BMP images, or when processing Office Art Property Tables in Office documents. Vulnerability Impact: Successful exploitation could allow attackers to crash an affected application or execute arbitrary code. Affected Software/OS: - Microsoft SQL Server 2005 SP 2/3 - Microsoft Office Excel Viewer 2007 - Microsoft Office XP/2003 SP 3 and prior - Microsoft Office Visio 2002 SP 2 and prior - Microsoft Office Groove 2007 SP1 and prior - Microsoft Excel Viewer 2003 SP 3 and prior - Microsoft Office 2007 System SP 1/2 and prior - Microsoft Office Word Viewer 2003 SP 3 and prior - Microsoft Office Visio Viewer 2007 SP 2 and prior - Microsoft Office PowerPoint Viewer 2007 SP 2 and prior - Microsoft Visual Studio 2008 SP 1 and prior - Microsoft Visual Studio .NET 2003 SP 1 and prior - Microsoft Windows 2000 SP4 with Internet Explorer 6 SP 1 - Microsoft Office Compatibility Pack for Word/Excel/PowerPoint 2007 File Formats SP 1/2 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2009-2500 Cert/CC Advisory: TA09-286A http://www.us-cert.gov/cas/techalerts/TA09-286A.html Microsoft Security Bulletin: MS09-062 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5967 Common Vulnerability Exposure (CVE) ID: CVE-2009-2501 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5800 Common Vulnerability Exposure (CVE) ID: CVE-2009-2502 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5898 Common Vulnerability Exposure (CVE) ID: CVE-2009-2503 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6491 Common Vulnerability Exposure (CVE) ID: CVE-2009-2504 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6282 Common Vulnerability Exposure (CVE) ID: CVE-2009-2518 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6430 Common Vulnerability Exposure (CVE) ID: CVE-2009-2528 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6426 Common Vulnerability Exposure (CVE) ID: CVE-2009-3126 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6134 |
| Copyright | Copyright (C) 2009 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |