ID de Prueba:	1.3.6.1.4.1.25623.1.0.902931
Categoría:	Mac OS X Local Security Checks
Título:	Microsoft Office Remote Code Execution Vulnerabilities (2720184) - Mac OS X
Resumen:	This host is missing an important security update according to; Microsoft Bulletin MS12-076.
Descripción:	Summary: This host is missing an important security update according to Microsoft Bulletin MS12-076. Vulnerability Insight: - An error when processing the 'SerAuxErrBar' record can be exploited to cause a heap-based buffer overflow via a specially crafted file. - An input validation error can be exploited to corrupt memory via a specially crafted file. - A use-after-free error when processing the 'SST' record can be exploited via a specially crafted file. - An error when processing certain data structures can be exploited to cause a stack-based buffer overflow via a specially crafted file. Vulnerability Impact: Successful exploitation will allow attackers to execute arbitrary code with the privileges of the user running the affected application. Affected Software/OS: - Microsoft Office 2008 for Mac - Microsoft Office 2011 for Mac Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1885 BugTraq ID: 56425 http://www.securityfocus.com/bid/56425 Cert/CC Advisory: TA12-318A http://www.us-cert.gov/cas/techalerts/TA12-318A.html Microsoft Security Bulletin: MS12-076 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-076 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15752 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15916 http://www.securitytracker.com/id?1027752 XForce ISS Database: ms-excel-serauxerrbar-bo(78072) https://exchange.xforce.ibmcloud.com/vulnerabilities/78072 Common Vulnerability Exposure (CVE) ID: CVE-2012-1886 BugTraq ID: 56426 http://www.securityfocus.com/bid/56426 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15927 XForce ISS Database: microsoft-excel-code-exec(78073) https://exchange.xforce.ibmcloud.com/vulnerabilities/78073 Common Vulnerability Exposure (CVE) ID: CVE-2012-1887 BugTraq ID: 56430 http://www.securityfocus.com/bid/56430 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15717 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15970 XForce ISS Database: microsoft-excel-ssl-code-exec(78074) https://exchange.xforce.ibmcloud.com/vulnerabilities/78074 Common Vulnerability Exposure (CVE) ID: CVE-2012-2543 BugTraq ID: 56431 http://www.securityfocus.com/bid/56431 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15737 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15908
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.