Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.806661
Category:Windows : Microsoft Bulletins
Title:Microsoft Visual Basic ASLR Bypass Vulnerability (3124585)
Summary:This host is missing an important security; update according to Microsoft Bulletin MS16-004.
Description:Summary:
This host is missing an important security
update according to Microsoft Bulletin MS16-004.

Vulnerability Insight:
The flaw exists due to error within Microsoft
Office which fails to use the Address Space Layout Randomization (ASLR) security
feature, allowing an attacker to more reliably predict the memory offsets of
specific instructions in a given call stack.

Vulnerability Impact:
Successful exploitation will allow remote
attackers to bypass Address Space Layout Randomization (ASLR) security feature.

Affected Software/OS:
Microsoft Visual Basic 6.0 Runtime.

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:N/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2016-0012
Microsoft Security Bulletin: MS16-004
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-004
http://www.securitytracker.com/id/1034651
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.