Windows : Microsoft Bulletins : Microsoft Internet Explorer Multiple Vulnerabilities (2722913)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.902923

Categoría: Windows : Microsoft Bulletins

Título: Microsoft Internet Explorer Multiple Vulnerabilities (2722913)

Resumen: This host is missing a critical security update according to; Microsoft Bulletin MS12-052.

Descripción: Summary:
This host is missing a critical security update according to
Microsoft Bulletin MS12-052.

Vulnerability Insight:
- An error in the layout handling when accessing an improperly initialized
or deleted object can be exploited to corrupt memory.

- A use-after-free error when asynchronously accessing NULL objects can be
exploited to dereference an already deleted object.

- An error may cause a corrupted virtual function table that has already
been deleted to be accessed.

- An integer overflow error in the JavaScript parsing when calculating the
size of an object in memory during a copy operation can be exploited
to corrupt memory.

Vulnerability Impact:
Successful exploitation could allow remote attackers to execute arbitrary
code in the context of the of the current user.

Affected Software/OS:
Microsoft Internet Explorer version 6.x/7.x/8.x/9.x.

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-1526
Cert/CC Advisory: TA12-227A
http://www.us-cert.gov/cas/techalerts/TA12-227A.html
Microsoft Security Bulletin: MS12-052
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-052
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15240
Common Vulnerability Exposure (CVE) ID: CVE-2012-2521
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15742
Common Vulnerability Exposure (CVE) ID: CVE-2012-2522
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15498
Common Vulnerability Exposure (CVE) ID: CVE-2012-2523
Microsoft Security Bulletin: MS12-056
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-056
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15790

Copyright Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.902923
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Internet Explorer Multiple Vulnerabilities (2722913)
Resumen:	This host is missing a critical security update according to; Microsoft Bulletin MS12-052.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS12-052. Vulnerability Insight: - An error in the layout handling when accessing an improperly initialized or deleted object can be exploited to corrupt memory. - A use-after-free error when asynchronously accessing NULL objects can be exploited to dereference an already deleted object. - An error may cause a corrupted virtual function table that has already been deleted to be accessed. - An integer overflow error in the JavaScript parsing when calculating the size of an object in memory during a copy operation can be exploited to corrupt memory. Vulnerability Impact: Successful exploitation could allow remote attackers to execute arbitrary code in the context of the of the current user. Affected Software/OS: Microsoft Internet Explorer version 6.x/7.x/8.x/9.x. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1526 Cert/CC Advisory: TA12-227A http://www.us-cert.gov/cas/techalerts/TA12-227A.html Microsoft Security Bulletin: MS12-052 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-052 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15240 Common Vulnerability Exposure (CVE) ID: CVE-2012-2521 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15742 Common Vulnerability Exposure (CVE) ID: CVE-2012-2522 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15498 Common Vulnerability Exposure (CVE) ID: CVE-2012-2523 Microsoft Security Bulletin: MS12-056 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-056 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15790
Copyright	Copyright (C) 2012 Greenbone AG