 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2022-30190 |
| Description: | A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights. Please see the MSRC Blog Entry for important information about steps you can take to protect your system from this vulnerability. |
| Test IDs: | 1.3.6.1.4.1.25623.1.0.817781 1.3.6.1.4.1.25623.1.0.821253 1.3.6.1.4.1.25623.1.0.817784 1.3.6.1.4.1.25623.1.0.817780 1.3.6.1.4.1.25623.1.0.817782 |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2022-30190 http://packetstormsecurity.com/files/167438/Microsoft-Office-Word-MSDTJS-Code-Execution.html http://packetstormsecurity.com/files/167438/Microsoft-Office-Word-MSDTJS-Code-Execution.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30190 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30190 |