Windows : Microsoft Bulletins : Microsoft Windows Media Decompression Remote Code Execution Vulnerability (2780091)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.902947

Categoría: Windows : Microsoft Bulletins

Título: Microsoft Windows Media Decompression Remote Code Execution Vulnerability (2780091)

Resumen: This host is missing a critical security update according to; Microsoft Bulletin MS13-011.

Descripción: Summary:
This host is missing a critical security update according to
Microsoft Bulletin MS13-011.

Vulnerability Insight:
The flaw is due to an error in DirectShow when handling the decompression
of media content, which can be exploited via specially crafted media content.

Vulnerability Impact:
Successful exploitation could allow remote attackers to execute arbitrary
code with kernel-mode privileges.

Affected Software/OS:
- Microsoft Windows XP x32 Edition Service Pack 3 and prior

- Microsoft Windows XP x64 Edition Service Pack 2 and prior

- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior

- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior

- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-0077
Cert/CC Advisory: TA13-043B
http://www.us-cert.gov/cas/techalerts/TA13-043B.html
Microsoft Security Bulletin: MS13-011
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-011
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15873

Copyright Copyright (C) 2013 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.902947
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Windows Media Decompression Remote Code Execution Vulnerability (2780091)
Resumen:	This host is missing a critical security update according to; Microsoft Bulletin MS13-011.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS13-011. Vulnerability Insight: The flaw is due to an error in DirectShow when handling the decompression of media content, which can be exploited via specially crafted media content. Vulnerability Impact: Successful exploitation could allow remote attackers to execute arbitrary code with kernel-mode privileges. Affected Software/OS: - Microsoft Windows XP x32 Edition Service Pack 3 and prior - Microsoft Windows XP x64 Edition Service Pack 2 and prior - Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior - Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior - Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-0077 Cert/CC Advisory: TA13-043B http://www.us-cert.gov/cas/techalerts/TA13-043B.html Microsoft Security Bulletin: MS13-011 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-011 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15873
Copyright	Copyright (C) 2013 Greenbone AG