MS14-035:Internet Explorer 的累積安全性更新 (2969262)
critical Nessus Plugin ID 74427
語系:
概要
遠端主機具有受到多個弱點影響的網頁瀏覽器。說明
遠端主機缺少 Internet Explorer (IE) 安全性更新 2969262。遠端主機上安裝的 Internet Explorer 版本受到多個弱點影響,其中大多數為遠端程式碼執行弱點。攻擊者可透過誘騙使用者造訪特製網頁,惡意利用這些弱點。
解決方案
Microsoft 已發佈一組適用於 Internet Explorer 6、7、8、9、10 和 11 的修補程式。另請參閱
https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2014/ms14-035
https://www.securityfocus.com/archive/1/532798/30/0/threaded
https://www.securityfocus.com/archive/1/532799/30/0/threaded
https://www.zerodayinitiative.com/advisories/ZDI-14-194/
https://www.zerodayinitiative.com/advisories/ZDI-14-193/
https://www.zerodayinitiative.com/advisories/ZDI-14-192/
https://www.zerodayinitiative.com/advisories/ZDI-14-191/
https://www.zerodayinitiative.com/advisories/ZDI-14-190/
https://www.zerodayinitiative.com/advisories/ZDI-14-189/
https://www.zerodayinitiative.com/advisories/ZDI-14-188/
https://www.zerodayinitiative.com/advisories/ZDI-14-187/
https://www.zerodayinitiative.com/advisories/ZDI-14-186/
https://www.zerodayinitiative.com/advisories/ZDI-14-185/
https://www.zerodayinitiative.com/advisories/ZDI-14-184/
https://www.zerodayinitiative.com/advisories/ZDI-14-183/
https://www.zerodayinitiative.com/advisories/ZDI-14-182/
https://www.zerodayinitiative.com/advisories/ZDI-14-181/
https://www.zerodayinitiative.com/advisories/ZDI-14-180/
https://www.zerodayinitiative.com/advisories/ZDI-14-179/
https://www.zerodayinitiative.com/advisories/ZDI-14-178/
https://www.zerodayinitiative.com/advisories/ZDI-14-177/
https://www.zerodayinitiative.com/advisories/ZDI-14-176/
https://www.zerodayinitiative.com/advisories/ZDI-14-175/
Plugin 詳細資訊
嚴重性: Critical
ID: 74427
檔案名稱: smb_nt_ms14-035.nasl
版本: 1.22
類型: local
代理程式: windows
已發布: 2014/6/11
已更新: 2019/11/26
支援的感應器: Nessus
風險資訊
VPR
風險因素: High
分數: 8.9
CVSS v2
風險因素: Critical
基本分數: 10
時間分數: 8.7
媒介: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS 評分資料來源: CVE-2014-1764
弱點資訊
CPE: cpe:/o:microsoft:windows, cpe:/a:microsoft:ie
必要的 KB 項目: SMB/MS_Bulletin_Checks/Possible
可被惡意程式利用: true
可輕鬆利用: Exploits are available
修補程式發佈日期: 2014/6/10
弱點發布日期: 2014/5/21
可惡意利用
Core Impact
參考資訊
CVE: CVE-2014-0282, CVE-2014-1762, CVE-2014-1764, CVE-2014-1766, CVE-2014-1769, CVE-2014-1770, CVE-2014-1771, CVE-2014-1772, CVE-2014-1773, CVE-2014-1774, CVE-2014-1775, CVE-2014-1777, CVE-2014-1778, CVE-2014-1779, CVE-2014-1780, CVE-2014-1781, CVE-2014-1782, CVE-2014-1783, CVE-2014-1784, CVE-2014-1785, CVE-2014-1786, CVE-2014-1788, CVE-2014-1789, CVE-2014-1790, CVE-2014-1791, CVE-2014-1792, CVE-2014-1794, CVE-2014-1795, CVE-2014-1796, CVE-2014-1797, CVE-2014-1799, CVE-2014-1800, CVE-2014-1802, CVE-2014-1803, CVE-2014-1804, CVE-2014-1805, CVE-2014-2753, CVE-2014-2754, CVE-2014-2755, CVE-2014-2756, CVE-2014-2757, CVE-2014-2758, CVE-2014-2759, CVE-2014-2760, CVE-2014-2761, CVE-2014-2763, CVE-2014-2764, CVE-2014-2765, CVE-2014-2766, CVE-2014-2767, CVE-2014-2768, CVE-2014-2769, CVE-2014-2770, CVE-2014-2771, CVE-2014-2772, CVE-2014-2773, CVE-2014-2775, CVE-2014-2776, CVE-2014-2777, CVE-2014-2782
BID: 67295, 67846, 67847, 67848, 67849, 67850, 67851, 67852, 67854, 67855, 67856, 67857, 67858, 67859, 67860, 67861, 67862, 67864, 67866, 67867, 67869, 67871, 67873, 67874, 67875, 67876, 67877, 67878, 67879, 67880, 67881, 67882, 67883, 67884, 67885, 67886, 67887, 67889, 67890, 67891, 67892, 67915, 68101, 67511, 67518, 67544, 67827, 67831, 67833, 67834, 67835, 67836, 67838, 67839, 67840, 67841, 67842, 67843, 67845