ID de Prueba:	1.3.6.1.4.1.25623.1.0.902068
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Office Excel Remote Code Execution Vulnerabilities (2027452)
Resumen:	This host is missing a critical security update according to; Microsoft Bulletin MS10-038.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS10-038. Vulnerability Insight: These issues are caused by memory corruption and buffer overflow errors when parsing certain objects or records in a specially crafted Excel document. Vulnerability Impact: Successful exploitation could allow attackers to execute arbitrary code by tricking a user into opening a specially crafted Excel document. Affected Software/OS: - Microsoft Office Excel 2002 Service Pack 3 - Microsoft Office Excel 2003 Service Pack 3 - Microsoft Office Excel 2007 Service Pack 1/2 - Microsoft Office Excel Viewer Service Pack 1/2 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0821 Bugtraq: 20100608 ZDI-10-104: Microsoft Office Excel SxView Record Parsing Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/511729/100/0/threaded Cert/CC Advisory: TA10-159B http://www.us-cert.gov/cas/techalerts/TA10-159B.html http://www.zerodayinitiative.com/advisories/ZDI-10-104 Microsoft Security Bulletin: MS10-038 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-038 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6771 Common Vulnerability Exposure (CVE) ID: CVE-2010-0822 BugTraq ID: 40520 http://www.securityfocus.com/bid/40520 Bugtraq: 20100608 VUPEN Security Research - Microsoft Office Excel OBJ Stack Overflow Vulnerability (CVE-2010-0822) (Google Search) http://www.securityfocus.com/archive/1/511752/100/0/threaded http://osvdb.org/65236 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7265 Common Vulnerability Exposure (CVE) ID: CVE-2010-0823 http://osvdb.org/65233 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7240 Common Vulnerability Exposure (CVE) ID: CVE-2010-0824 BugTraq ID: 40522 http://www.securityfocus.com/bid/40522 Bugtraq: 20100608 VUPEN Security Research - Microsoft Office Excel WOPT Heap Corruption Vulnerability (CVE-2010-0824) (Google Search) http://www.securityfocus.com/archive/1/511760/100/0/threaded https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6768 Common Vulnerability Exposure (CVE) ID: CVE-2010-1246 Bugtraq: 20100608 VUPEN Security Research - Microsoft Office Excel RTD Stack Overflow Vulnerability (CVE-2010-1246) (Google Search) http://www.securityfocus.com/archive/1/511755/100/0/threaded https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6839 Common Vulnerability Exposure (CVE) ID: CVE-2010-1245 Bugtraq: 20100608 VUPEN Security Research - Microsoft Office Excel SxView Memory Corruption Vulnerability (CVE-2010-1245) (Google Search) http://www.securityfocus.com/archive/1/511753/100/0/threaded https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6877 Common Vulnerability Exposure (CVE) ID: CVE-2010-1247 Bugtraq: 20100608 VUPEN Security Research - Microsoft Office Excel RTD Heap Corruption Vulnerability (CVE-2010-1247) (Google Search) http://www.securityfocus.com/archive/1/511754/100/0/threaded http://osvdb.org/65237 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6630 Common Vulnerability Exposure (CVE) ID: CVE-2010-1249 BugTraq ID: 40527 http://www.securityfocus.com/bid/40527 Bugtraq: 20100608 VUPEN Security Research - Microsoft Office Excel ExternName Buffer Overflow Vulnerability (CVE-2010-1249) (Google Search) http://www.securityfocus.com/archive/1/511767/100/0/threaded http://osvdb.org/65232 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6634 Common Vulnerability Exposure (CVE) ID: CVE-2010-1248 BugTraq ID: 40526 http://www.securityfocus.com/bid/40526 Bugtraq: 20100608 VUPEN Security Research - Microsoft Office Excel HFPicture Buffer Overflow Vulnerability (CVE-2010-1248) (Google Search) http://www.securityfocus.com/archive/1/511765/100/0/threaded http://osvdb.org/65235 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7223 Common Vulnerability Exposure (CVE) ID: CVE-2010-1250 BugTraq ID: 40528 http://www.securityfocus.com/bid/40528 Bugtraq: 20100608 VUPEN Security Research - Microsoft Office Excel EDG Heap Overflow Vulnerability (CVE-2010-1250) (Google Search) http://www.securityfocus.com/archive/1/511756/100/0/threaded https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7593 Common Vulnerability Exposure (CVE) ID: CVE-2010-1251 BugTraq ID: 40529 http://www.securityfocus.com/bid/40529 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6761 Common Vulnerability Exposure (CVE) ID: CVE-2010-1252 BugTraq ID: 40530 http://www.securityfocus.com/bid/40530 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7369 Common Vulnerability Exposure (CVE) ID: CVE-2010-1253 Bugtraq: 20100608 ZDI-10-103: Microsoft Office Excel DBQueryExt Record Unspecified ADO Object Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/511728/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-10-103 http://osvdb.org/65228 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6842
Copyright	Copyright (C) 2010 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.