 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.903418 |
| Categoría: | Windows : Microsoft Bulletins |
| Título: | Microsoft Exchange Server Remote Code Execution Vulnerabilities (2915705) |
| Resumen: | This host is missing a critical security update according to Microsoft;Bulletin MS13-105. |
| Descripción: | Summary: This host is missing a critical security update according to Microsoft Bulletin MS13-105. Vulnerability Insight: Multiple flaws are due to: - An unspecified error in the Outlook Web Access (OWA) service account. - Certain unspecified input is not properly sanitised before being returned to the user. Vulnerability Impact: Successful exploitation will allow an attacker to run arbitrary code and execute arbitrary HTML and script code in a user's browser session in context of an affected site. Affected Software/OS: - Microsoft Exchange Server 2013 - Microsoft Exchange Server 2007 Service Pack 3 - Microsoft Exchange Server 2010 Service Pack 2 - Microsoft Exchange Server 2010 Service Pack 3 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2013-1330 Cert/CC Advisory: TA13-253A http://www.us-cert.gov/ncas/alerts/TA13-253A Microsoft Security Bulletin: MS13-067 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-067 Microsoft Security Bulletin: MS13-105 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-105 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19040 Common Vulnerability Exposure (CVE) ID: CVE-2013-5072 BugTraq ID: 64085 http://www.securityfocus.com/bid/64085 Common Vulnerability Exposure (CVE) ID: CVE-2013-5763 BugTraq ID: 63741 http://www.securityfocus.com/bid/63741 http://www.securitytracker.com/id/1029190 http://secunia.com/advisories/56237 http://secunia.com/advisories/56241 http://secunia.com/advisories/56243 Common Vulnerability Exposure (CVE) ID: CVE-2013-5791 BugTraq ID: 63076 http://www.securityfocus.com/bid/63076 CERT/CC vulnerability note: VU#953241 http://www.kb.cert.org/vuls/id/953241 http://www.exploit-db.com/exploits/31222 http://www.citadelo.com/en/ms13-105-oracle-outside-in-mdb-parsing-vulnerability-cve-2013-5791/ |
| Copyright | Copyright (C) 2013 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |