Lucene search
This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.SMB_NT_MS07-016.NASLHistoryFeb 13, 2007 - 12:00 a.m.
MS07-016: Cumulative Security Update for Internet Explorer (928090)
2007-02-1300:00:00
This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
www.tenable.com
13
The remote host is missing the IE cumulative security update 92808.
The remote version of IE is vulnerable to several flaws that could allow an attacker to execute arbitrary code on the remote host.
#
# Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(24340);
script_version("1.36");
script_cvs_date("Date: 2018/11/15 20:50:30");
script_cve_id("CVE-2006-4697", "CVE-2007-0219", "CVE-2007-0217");
script_bugtraq_id(22486, 22489, 22504);
script_xref(name:"MSFT", value:"MS07-016");
script_xref(name:"MSKB", value:"928090");
script_xref(name:"CERT", value:"613564");
script_xref(name:"CERT", value:"753924");
script_xref(name:"CERT", value:"771788");
script_xref(name:"EDB-ID", value:"3444");
script_name(english:"MS07-016: Cumulative Security Update for Internet Explorer (928090)");
script_summary(english:"Determines the presence of update 925454");
script_set_attribute(attribute:"synopsis", value:
"Arbitrary code can be executed on the remote host through the web
client.");
script_set_attribute(attribute:"description", value:
"The remote host is missing the IE cumulative security update 92808.
The remote version of IE is vulnerable to several flaws that could allow
an attacker to execute arbitrary code on the remote host.");
script_set_attribute(attribute:"see_also", value:"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2007/ms07-016");
script_set_attribute(attribute:"solution", value:
"Microsoft has released a set of patches for Windows 2000, XP and
2003.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2007/02/13");
script_set_attribute(attribute:"patch_publication_date", value:"2007/02/13");
script_set_attribute(attribute:"plugin_publication_date", value:"2007/02/13");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows");
script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:ie");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.");
script_family(english:"Windows : Microsoft Bulletins");
script_dependencies("smb_hotfixes.nasl", "ms_bulletin_checks_possible.nasl");
script_require_keys("SMB/MS_Bulletin_Checks/Possible");
script_require_ports(139, 445, 'Host/patch_management_checks');
exit(0);
}
include("audit.inc");
include("smb_hotfixes_fcheck.inc");
include("smb_hotfixes.inc");
include("smb_func.inc");
include("misc_func.inc");
get_kb_item_or_exit("SMB/MS_Bulletin_Checks/Possible");
bulletin = 'MS07-016';
kb = "928090";
kbs = make_list(kb);
if (get_kb_item("Host/patch_management_checks")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);
get_kb_item_or_exit("SMB/Registry/Enumerated");
get_kb_item_or_exit("SMB/WindowsVersion", exit_code:1);
if (hotfix_check_sp_range(win2k:'4,5', xp:'2', win2003:'0,1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);
rootfile = hotfix_get_systemroot();
if (!rootfile) exit(1, "Failed to get the system root.");
share = hotfix_path2share(path:rootfile);
if (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);
if (
hotfix_is_vulnerable(os:"5.2", sp:0, file:"Mshtml.dll", version:"6.0.3790.630", dir:"\system32", bulletin:bulletin, kb:kb) ||
hotfix_is_vulnerable(os:"5.2", sp:1, file:"Mshtml.dll", version:"6.0.3790.2858", dir:"\system32", bulletin:bulletin, kb:kb) ||
hotfix_is_vulnerable(os:"5.2", file:"Mshtml.dll", version:"7.0.6000.16414", min_version:"7.0.0.0", dir:"\system32", bulletin:bulletin, kb:kb) ||
hotfix_is_vulnerable(os:"5.1", sp:2, file:"Mshtml.dll", version:"6.0.2900.3059", dir:"\system32", bulletin:bulletin, kb:kb) ||
hotfix_is_vulnerable(os:"5.1", sp:2, file:"Mshtml.dll", version:"7.0.6000.16414", min_version:"7.0.0.0", dir:"\system32", bulletin:bulletin, kb:kb) ||
hotfix_is_vulnerable(os:"5.0", file:"Mshtml.dll", version:"6.0.2800.1589", min_version:"6.0.0.0", dir:"\system32", bulletin:bulletin, kb:kb) ||
hotfix_is_vulnerable(os:"5.0", file:"Mshtml.dll", version:"5.0.3849.500", dir:"\system32", bulletin:bulletin, kb:kb)
)
{
set_kb_item(name:"SMB/Missing/"+bulletin, value:TRUE);
hotfix_security_hole();
hotfix_check_fversion_end();
exit(0);
}
else
{
hotfix_check_fversion_end();
audit(AUDIT_HOST_NOT, 'affected');
}
Related
securityvulns
securityvulns
openvas
openvas
Cumulative Security Update for Internet Explorer (928090)
2010-07-08 00:00:00
Cumulative Security Update for Internet Explorer (928090)
2010-07-08 00:00:00
prion
prion
Code injection
2007-02-13 23:28:00
Buffer overflow
2007-02-13 22:28:00
Code injection
2007-06-21 23:30:00
cve
cve
cert
cert
Microsoft Internet Explorer fails to properly instantiate COM objects
2007-02-13 00:00:00
Microsoft Internet Explorer vulnerable to remote code execution
2007-02-14 00:00:00
checkpoint_advisories
checkpoint_advisories
Related for SMB_NT_MS07-016.NASL