 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.902483 |
| Categoría: | Windows : Microsoft Bulletins |
| Título: | Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (2567053) |
| Resumen: | This host is missing an important security update according to; Microsoft Bulletin MS11-077. |
| Descripción: | Summary: This host is missing an important security update according to Microsoft Bulletin MS11-077. Vulnerability Insight: Multiple flaws are due to: - A privilege elevation vulnerability exists in the way that kernel-mode drivers validate data supplied from user mode to kernel mode. - A denial of service vulnerability exists in implementations of windows when the system improperly processes a specially crafted TrueType font file. - An remote code execution vulnerability exists in the Windows kernel due to improper handling of a specially crafted font (.fon) file. - A privilege elevation vulnerability exists due to the way that Windows Kernel-mode drivers manage kernel-mode driver objects. Vulnerability Impact: Successful exploitation could allow local attackers to gain elevated privileges or to run arbitrary code in kernel mode and take complete control of an affected system. An attacker could then install programs view, change, or delete data or create new accounts with full administrative rights. Affected Software/OS: - Microsoft Windows 7 Service Pack 1 and prior - Microsoft Windows XP Service Pack 3 and prior - Microsoft Windows 2003 Service Pack 2 and prior - Microsoft Windows Vista Service Pack 2 and prior - Microsoft Windows Server 2008 Service Pack 2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-2011 BugTraq ID: 49981 http://www.securityfocus.com/bid/49981 Microsoft Security Bulletin: MS11-077 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-077 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12904 http://www.securitytracker.com/id?1026165 Common Vulnerability Exposure (CVE) ID: CVE-2011-2003 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13103 http://securityreason.com/securityalert/8473 Common Vulnerability Exposure (CVE) ID: CVE-2011-2002 BugTraq ID: 49973 http://www.securityfocus.com/bid/49973 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13024 Common Vulnerability Exposure (CVE) ID: CVE-2011-1985 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12935 |
| Copyright | Copyright (C) 2011 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |