ID de Prueba:	1.3.6.1.4.1.25623.1.0.902678
Categoría:	Mac OS X Local Security Checks
Título:	Microsoft Silverlight Code Execution Vulnerabilities (2681578) - Mac OS X
Resumen:	This host is missing a critical security update according to; Microsoft Bulletin MS12-034.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS12-034. Vulnerability Insight: The flaws are due to an error exists when parsing TrueType fonts. Vulnerability Impact: Successful exploitation could allow attackers to execute arbitrary code by tricking a user into opening a specially crafted file. Affected Software/OS: Microsoft Silverlight versions 4 and 5. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-3402 Cert/CC Advisory: TA11-347A http://www.us-cert.gov/cas/techalerts/TA11-347A.html Cert/CC Advisory: TA12-129A http://www.us-cert.gov/cas/techalerts/TA12-129A.html Cert/CC Advisory: TA12-164A http://www.us-cert.gov/cas/techalerts/TA12-164A.html http://blogs.mcafee.com/mcafee-labs/the-day-of-the-golden-jackal-%E2%80%93-further-tales-of-the-stuxnet-files http://isc.sans.edu/diary/Duqu+Mitigation/11950 http://www.securelist.com/en/blog/208193197/The_Mystery_of_Duqu_Part_Two http://www.symantec.com/connect/w32-duqu_status-updates_installer-zero-day-exploit http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_duqu_the_precursor_to_the_next_stuxnet.pdf http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-291-01E.pdf Microsoft Security Bulletin: MS11-087 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-087 Microsoft Security Bulletin: MS12-034 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-034 Microsoft Security Bulletin: MS12-039 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-039 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13998 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15290 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15645 http://www.securitytracker.com/id?1027039 http://secunia.com/advisories/49121 http://secunia.com/advisories/49122 Common Vulnerability Exposure (CVE) ID: CVE-2012-0159 BugTraq ID: 53335 http://www.securityfocus.com/bid/53335 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15388 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15667 XForce ISS Database: microsoft-truetype-code-exec(75124) https://exchange.xforce.ibmcloud.com/vulnerabilities/75124
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.