 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.802426 |
| Category: | Windows |
| Title: | Microsoft Windows ActiveX Control Multiple Vulnerabilities (2647518) |
| Summary: | This script will list all the vulnerable activex controls installed; on the remote windows machine with references and cause. |
| Description: | Summary: This script will list all the vulnerable activex controls installed on the remote windows machine with references and cause. Vulnerability Insight: The flaws are due to errors in the handling of Biostat SamplePower, Blueberry Software Flashback Component and HP Photo Creative ActiveX controls. Vulnerability Impact: Successful exploitation will let the remote attackers execute arbitrary code, and can compromise a vulnerable system. Affected Software/OS: - Microsoft Windows 7 Service Pack 1 and prior - Microsoft Windows XP Service Pack 3 and prior - Microsoft Windows 2003 Service Pack 2 and prior - Microsoft Windows Vista Service Pack 2 and prior - Microsoft Windows Server 2008 Service Pack 2 and prior Solution: Apply the patch Workaround: Set the killbit for the following CLSIDs, {6e84d662-9599-11d2-9367-20cc03c10627}, {7e00a3b0-8f5c-11d2-baa4-04f205c10000}, {4ba9089c-ddfc-4206-b937-74484b06d305}, {A3CD4BF9-EC17-47A4-833C-50A324D6FF35}, {57733FF6-E100-4A4B-A7D1-A85AD17ABC54}, {9B8E377B-7291-491A-B611-BB3E1D5F99F0}, {ee5e14b0-4abf-409e-9c39-74f3d35bd85a}, {b34b19f4-7ebe-46cb-807c-746e72ebb4b6}, {7a7b986c-31e9-4286-88ca-b9dc481ca989}, {8290cb76-9f61-458b-ad2c-3f6fd2e8cd7d}, {dd7b057d-9020-4630-baf8-7a0cda04588d}, {fc7F9cc6-e049-4698-8a25-59ad87c7dce2}. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-1388 http://secunia.com/advisories/47286 http://secunia.com/advisories/47310 XForce ISS Database: rr-bcf-code-execution(71694) https://exchange.xforce.ibmcloud.com/vulnerabilities/71694 Common Vulnerability Exposure (CVE) ID: CVE-2011-1391 XForce ISS Database: irr-bbf-code-execution(71803) https://exchange.xforce.ibmcloud.com/vulnerabilities/71803 Common Vulnerability Exposure (CVE) ID: CVE-2011-1392 XForce ISS Database: ibm-ratth-bbfb-code-execution(71804) https://exchange.xforce.ibmcloud.com/vulnerabilities/71804 Common Vulnerability Exposure (CVE) ID: CVE-2012-0189 http://secunia.com/advisories/47605 XForce ISS Database: spss-vsview6-activex-code-execution(72119) https://exchange.xforce.ibmcloud.com/vulnerabilities/72119 |
| Copyright | Copyright (C) 2012 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |