Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2008-2018 Tenable Network Security, Inc.SMB_NT_MS08-010.NASL
HistoryFeb 12, 2008 - 12:00 a.m.

MS08-010: Cumulative Security Update for Internet Explorer (944533)

2008-02-1200:00:00
This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.
www.tenable.com
17
JSON

The remote host is missing the IE cumulative security update 944533.

The remote version of IE is vulnerable to several flaws that could allow an attacker to execute arbitrary code on the remote host.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
 script_id(31044);
 script_version("1.33");
 script_cvs_date("Date: 2018/11/15 20:50:30");

 script_cve_id(
  "CVE-2007-4790",
  "CVE-2007-5322",
  "CVE-2008-0076",
  "CVE-2008-0077",
  "CVE-2008-0078"
 );
 script_bugtraq_id(25571, 25977, 27666, 27668, 27689);
 script_xref(name:"MSFT", value:"MS08-010");
 script_xref(name:"MSKB", value:"944533");

 script_name(english:"MS08-010: Cumulative Security Update for Internet Explorer (944533)");
 script_summary(english:"Determines the presence of update 944533");

 script_set_attribute(attribute:"synopsis", value:
"Arbitrary code can be executed on the remote host through the web
client.");
 script_set_attribute(attribute:"description", value:
"The remote host is missing the IE cumulative security update 944533.

The remote version of IE is vulnerable to several flaws that could allow
an attacker to execute arbitrary code on the remote host.");
 script_set_attribute(attribute:"see_also", value:"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2008/ms08-010");
 script_set_attribute(attribute:"solution", value:
"Microsoft has released a set of patches for Windows 2000, XP, 2003 and
Vista.");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"true");
 script_set_attribute(attribute:"exploited_by_malware", value:"true");
 script_cwe_id(78, 94, 119, 399);

 script_set_attribute(attribute:"vuln_publication_date", value:"2007/10/18");
 script_set_attribute(attribute:"patch_publication_date", value:"2008/02/12");
 script_set_attribute(attribute:"plugin_publication_date", value:"2008/02/12");

 script_set_attribute(attribute:"plugin_type", value:"local");
 script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows");
 script_end_attributes();

 script_category(ACT_GATHER_INFO);

 script_copyright(english:"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.");
 script_family(english:"Windows : Microsoft Bulletins");

 script_dependencies("smb_hotfixes.nasl", "ms_bulletin_checks_possible.nasl");
 script_require_keys("SMB/MS_Bulletin_Checks/Possible");
 script_require_ports(139, 445, 'Host/patch_management_checks');
 exit(0);
}


include("audit.inc");
include("smb_hotfixes_fcheck.inc");
include("smb_hotfixes.inc");
include("smb_func.inc");
include("misc_func.inc");

get_kb_item_or_exit("SMB/MS_Bulletin_Checks/Possible");

bulletin = 'MS08-010';
kb = '944533';

kbs = make_list(kb);
if (get_kb_item("Host/patch_management_checks")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);

get_kb_item_or_exit("SMB/Registry/Enumerated");
get_kb_item_or_exit("SMB/WindowsVersion", exit_code:1);

if (hotfix_check_sp_range(win2k:'4,5', xp:'2', win2003:'1,2', vista:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);

rootfile = hotfix_get_systemroot();
if (!rootfile) exit(1, "Failed to get the system root.");

share = hotfix_path2share(path:rootfile);
if (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);

if (
  hotfix_is_vulnerable(os:"6.0", sp:0, file:"Mshtml.dll", version:"7.0.6000.20734", min_version:"7.0.6000.20000", dir:"\system32", bulletin:bulletin, kb:kb) ||
  hotfix_is_vulnerable(os:"6.0", sp:0, file:"Mshtml.dll", version:"7.0.6000.16609", dir:"\system32", bulletin:bulletin, kb:kb) ||

  hotfix_is_vulnerable(os:"5.2", sp:1, file:"Mshtml.dll", version:"6.0.3790.3064", dir:"\system32", bulletin:bulletin, kb:kb) ||
  hotfix_is_vulnerable(os:"5.2", sp:2, file:"Mshtml.dll", version:"6.0.3790.4210", dir:"\system32", bulletin:bulletin, kb:kb) ||
  hotfix_is_vulnerable(os:"5.2", file:"Mshtml.dll", version:"7.0.6000.20733", min_version:"7.0.6000.20000", dir:"\system32", bulletin:bulletin, kb:kb) ||
  hotfix_is_vulnerable(os:"5.2", file:"Mshtml.dll", version:"7.0.6000.16608", min_version:"7.0.0.0", dir:"\system32", bulletin:bulletin, kb:kb) ||

  hotfix_is_vulnerable(os:"5.1", sp:2, file:"Mshtml.dll", version:"6.0.2900.3268", dir:"\system32", bulletin:bulletin, kb:kb) ||
  hotfix_is_vulnerable(os:"5.1", sp:2, file:"Mshtml.dll", version:"7.0.6000.20733", min_version:"7.0.6000.20000", dir:"\system32", bulletin:bulletin, kb:kb) ||
  hotfix_is_vulnerable(os:"5.1", sp:2, file:"Mshtml.dll", version:"7.0.6000.16608", min_version:"7.0.0.0", dir:"\system32", bulletin:bulletin, kb:kb) ||

  hotfix_is_vulnerable(os:"5.0", file:"Mshtml.dll", version:"6.0.2800.1607", min_version:"6.0.0.0", dir:"\system32", bulletin:bulletin, kb:kb) ||
  hotfix_is_vulnerable(os:"5.0", file:"Mshtml.dll", version:"5.0.3860.1000", dir:"\system32", bulletin:bulletin, kb:kb)
)
{
  set_kb_item(name:"SMB/Missing/"+bulletin, value:TRUE);
  hotfix_security_hole();
  hotfix_check_fversion_end();
  exit(0);
}
else
{
  hotfix_check_fversion_end();
  audit(AUDIT_HOST_NOT, 'affected');
}
VendorProductVersionCPE
microsoftwindowscpe:/o:microsoft:windows

Related

securityvulns 3
prion 5
cve 5
seebug 5
checkpoint_advisories 5
openvas 2
cert 1
zdi 1
securityvulns
securityvulns
Microsoft Internet Explorer multiple security vulnerabilities
2008-02-13 00:00:00
Microsoft Security Bulletin MS08-010 - Critical Cumulative Security Update for Internet Explorer &#40;944533&#41;
2008-02-12 00:00:00
iDefense Security Advisory 02.12.08: Microsoft Internet Explorer Property Memory Corruption Vulnerability
2008-02-13 00:00:00
prion
prion
Design/Logic Flaw
2007-10-09 22:17:00
Stack overflow
2007-09-10 21:17:00
Memory corruption
2008-02-12 23:00:00
cve
cve
CVE-2007-5322
2007-10-09 22:17:00
CVE-2007-4790
2007-09-10 21:17:00
CVE-2008-0078
2008-02-12 23:00:00
seebug
seebug
Microsoft Visual FoxPro FPOLE.OCX ActiveX控件任意命令执行漏洞
2007-10-28 00:00:00
Microsoft Visual FoxPro FPOLE.OCX ActiveX控件远程栈溢出漏洞(MS08-010)
2008-02-20 00:00:00
Microsoft IE参数处理内存破坏漏洞(MS08-010)
2008-02-20 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Visual FoxPro ActiveX Control Buffer Overflow (MS08-010; CVE-2007-4790)
2008-02-12 00:00:00
Internet Explorer Image Processing Memory Corruption (MS08-010; CVE-2008-0078)
2008-02-12 00:00:00
Internet Explorer HTML Rendering Memory Corruption (MS08-010; CVE-2008-0076)
2008-02-12 00:00:00
openvas
openvas
Microsoft Internet Explorer HTML Rendering Remote Memory Corruption Vulnerability (944533)
2011-01-13 00:00:00
Microsoft Internet Explorer HTML Rendering Remote Memory Corruption Vulnerability (944533)
2011-01-13 00:00:00
cert
cert
Microsoft Internet Explorer property memory corruption vulnerability
2008-02-13 00:00:00
zdi
zdi
Microsoft Internet Explorer SVG animateMotion.by Code Execution Vulnerability
2008-02-12 00:00:00
JSON
Related for SMB_NT_MS08-010.NASL
securityvulns3prion5cve5seebug5checkpoint_advisories5openvas2cert1zdi1