ID de Prueba:	1.3.6.1.4.1.25623.1.0.902522
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft .NET Framework Remote Code Execution Vulnerability (2538814)
Resumen:	This host is missing a critical security update according to; Microsoft Bulletin MS11-044.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS11-044. Vulnerability Insight: The flaw is due to the JIT compiler, when IsJITOptimizerDisabled is false, does not properly handle expressions related to null strings, which allows context-dependent attackers to bypass intended access restrictions. Vulnerability Impact: Successful exploitation could allow context-dependent attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a crafted application. Affected Software/OS: - Microsoft .NET Framework 4.0 - Microsoft .NET Framework 3.5 - Microsoft .NET Framework 3.5.1 - Microsoft .NET Framework 3.5 Service Pack 1 - Microsoft .NET Framework 2.0 Service Pack 2 - Microsoft .NET Framework 2.0 Service Pack 1 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1271 http://stackoverflow.com/questions/2135509/bug-only-occurring-when-compile-optimization-enabled/ Microsoft Security Bulletin: MS11-044 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-044 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12686
Copyright	Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.