Lucene search
This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.SMB_NT_MS13-047.NASLHistoryJun 11, 2013 - 12:00 a.m.
MS13-047: Cumulative Security Update for Internet Explorer (2838727)
2013-06-1100:00:00
This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.
www.tenable.com
16
The remote host is missing Internet Explorer (IE) Security Update 2838727.
The installed version of IE is affected by multiple vulnerabilities that could allow an attacker to execute arbitrary code on the remote host.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(66863);
script_version("1.13");
script_cvs_date("Date: 2018/11/15 20:50:31");
script_cve_id(
"CVE-2013-3110",
"CVE-2013-3111",
"CVE-2013-3112",
"CVE-2013-3113",
"CVE-2013-3114",
"CVE-2013-3116",
"CVE-2013-3117",
"CVE-2013-3118",
"CVE-2013-3119",
"CVE-2013-3120",
"CVE-2013-3121",
"CVE-2013-3122",
"CVE-2013-3123",
"CVE-2013-3124",
"CVE-2013-3125",
"CVE-2013-3126",
"CVE-2013-3139",
"CVE-2013-3141",
"CVE-2013-3142"
);
script_bugtraq_id(
60374,
60376,
60377,
60378,
60379,
60380,
60381,
60382,
60383,
60384,
60385,
60386,
60387,
60388,
60389,
60390,
60391,
60392,
60393
);
script_xref(name:"MSFT", value:"MS13-047");
script_xref(name:"MSKB", value:"2838727");
script_name(english:"MS13-047: Cumulative Security Update for Internet Explorer (2838727)");
script_summary(english:"Checks version of Mshtml.dll");
script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by multiple code execution
vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The remote host is missing Internet Explorer (IE) Security Update
2838727.
The installed version of IE is affected by multiple vulnerabilities that
could allow an attacker to execute arbitrary code on the remote host.");
script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-13-133/");
script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-13-134/");
script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-13-135/");
script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-13-136/");
script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-13-137/");
script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-13-138/");
script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-13-139/");
script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-13-140/");
script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-13-141/");
script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-13-143/");
script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-13-144/");
script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-13-145/");
script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-13-146/");
script_set_attribute(attribute:"see_also", value:"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2013/ms13-047");
script_set_attribute(attribute:"solution", value:
"Microsoft has released a set of patches for XP, 2003, Vista, 2008, 7,
2008 R2, 8, and 2012.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2013/06/11");
script_set_attribute(attribute:"patch_publication_date", value:"2013/06/11");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/06/11");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:ie");
script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows : Microsoft Bulletins");
script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.");
script_dependencies("smb_hotfixes.nasl", "ms_bulletin_checks_possible.nasl");
script_require_keys("SMB/MS_Bulletin_Checks/Possible");
script_require_ports(139, 445, "Host/patch_management_checks");
exit(0);
}
include("audit.inc");
include("smb_func.inc");
include("smb_hotfixes.inc");
include("smb_hotfixes_fcheck.inc");
include("misc_func.inc");
get_kb_item_or_exit("SMB/MS_Bulletin_Checks/Possible");
bulletin = 'MS13-047';
kb = '2838727';
kbs = make_list(kb);
if (get_kb_item("Host/patch_management_checks")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);
get_kb_item_or_exit("SMB/Registry/Enumerated");
get_kb_item_or_exit("SMB/WindowsVersion", exit_code:1);
if (hotfix_check_sp_range(xp:'3', win2003:'2', vista:'2', win7:'1', win8:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);
if (hotfix_check_server_core() == 1) audit(AUDIT_WIN_SERVER_CORE);
rootfile = hotfix_get_systemroot();
if (!rootfile) exit(1, "Failed to get the system root.");
share = hotfix_path2share(path:rootfile);
if (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);
if (
# Windows 8 / 2012
#
# - Internet Explorer 10
hotfix_is_vulnerable(os:"6.2", file:"Mshtml.dll", version:"10.0.9200.20717", min_version:"10.0.9200.20000", dir:"\system32", bulletin:bulletin, kb:kb) ||
hotfix_is_vulnerable(os:"6.2", file:"Mshtml.dll", version:"10.0.9200.16612", min_version:"10.0.9200.16000", dir:"\system32", bulletin:bulletin, kb:kb) ||
# Windows 7 / 2008 R2
#
# - Internet Explorer 10
hotfix_is_vulnerable(os:"6.1", sp:1, file:"Mshtml.dll", version:"10.0.9200.20719", min_version:"10.0.9200.20000", dir:"\system32", bulletin:bulletin, kb:kb) ||
hotfix_is_vulnerable(os:"6.1", sp:1, file:"Mshtml.dll", version:"10.0.9200.16614", min_version:"10.0.9200.16000", dir:"\system32", bulletin:bulletin, kb:kb) ||
# - Internet Explorer 9
hotfix_is_vulnerable(os:"6.1", sp:1, file:"Mshtml.dll", version:"9.0.8112.20600", min_version:"9.0.8112.20000", dir:"\system32", bulletin:bulletin, kb:kb) ||
hotfix_is_vulnerable(os:"6.1", sp:1, file:"Mshtml.dll", version:"9.0.8112.16490", min_version:"9.0.8112.16000", dir:"\system32", bulletin:bulletin, kb:kb) ||
# - Internet Explorer 8
hotfix_is_vulnerable(os:"6.1", sp:1, file:"Mshtml.dll", version:"8.0.7601.22326", min_version:"8.0.7601.20000", dir:"\system32", bulletin:bulletin, kb:kb) ||
hotfix_is_vulnerable(os:"6.1", sp:1, file:"Mshtml.dll", version:"8.0.7601.18156", min_version:"8.0.7601.17000", dir:"\system32", bulletin:bulletin, kb:kb) ||
# Vista / 2008
#
# - Internet Explorer 9
hotfix_is_vulnerable(os:"6.0", sp:2, file:"Mshtml.dll", version:"9.0.8112.20600", min_version:"9.0.8112.20000", dir:"\system32", bulletin:bulletin, kb:kb) ||
hotfix_is_vulnerable(os:"6.0", sp:2, file:"Mshtml.dll", version:"9.0.8112.16490", min_version:"9.0.8112.16000", dir:"\system32", bulletin:bulletin, kb:kb) ||
# - Internet Explorer 8
hotfix_is_vulnerable(os:"6.0", sp:2, file:"Mshtml.dll", version:"8.0.6001.23501", min_version:"8.0.6001.20000", dir:"\system32", bulletin:bulletin, kb:kb) ||
hotfix_is_vulnerable(os:"6.0", sp:2, file:"Mshtml.dll", version:"8.0.6001.19437", min_version:"8.0.6001.18000", dir:"\system32", bulletin:bulletin, kb:kb) ||
# - Internet Explorer 7
hotfix_is_vulnerable(os:"6.0", sp:2, file:"Mshtml.dll", version:"7.0.6002.23109", min_version:"7.0.6002.20000", dir:"\system32", bulletin:bulletin, kb:kb) ||
hotfix_is_vulnerable(os:"6.0", sp:2, file:"Mshtml.dll", version:"7.0.6002.18837", min_version:"7.0.6002.18000", dir:"\system32", bulletin:bulletin, kb:kb) ||
# Windows 2003 / XP 64-bit
#
# - Internet Explorer 8
hotfix_is_vulnerable(os:"5.2", sp:2, file:"Mshtml.dll", version:"8.0.6001.23501", min_version:"8.0.0.0", dir:"\system32", bulletin:bulletin, kb:kb) ||
# - Internet Explorer 7
hotfix_is_vulnerable(os:"5.2", sp:2, file:"Mshtml.dll", version:"7.0.6000.21337", min_version:"7.0.0.0", dir:"\system32", bulletin:bulletin, kb:kb) ||
# - Internet Explorer 6
hotfix_is_vulnerable(os:"5.2", sp:2, file:"Mshtml.dll", version:"6.0.3790.5161", min_version:"6.0.0.0", dir:"\system32", bulletin:bulletin, kb:kb) ||
# Windows XP x86
#
# - Internet Explorer 8
hotfix_is_vulnerable(os:"5.1", sp:3, file:"Mshtml.dll", version:"8.0.6001.23501", min_version:"8.0.0.0", dir:"\system32", bulletin:bulletin, kb:kb) ||
# - Internet Explorer 7
hotfix_is_vulnerable(os:"5.1", sp:3, file:"Mshtml.dll", version:"7.0.6000.21337", min_version:"7.0.0.0", dir:"\system32", bulletin:bulletin, kb:kb) ||
# - Internet Explorer 6
hotfix_is_vulnerable(os:"5.1", sp:3, file:"Mshtml.dll", version:"6.0.2900.6391", min_version:"6.0.2900.0", dir:"\system32", bulletin:bulletin, kb:kb)
)
{
set_kb_item(name:"SMB/Missing/"+bulletin, value:TRUE);
hotfix_security_hole();
hotfix_check_fversion_end();
exit(0);
}
else
{
hotfix_check_fversion_end();
audit(AUDIT_HOST_NOT, 'affected');
}
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3110
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3111
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3112
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3113
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3114
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3116
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3117
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3118
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3119
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3120
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3121
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3122
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3123
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3124
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3125
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3126
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3139
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3141
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3142
docs.microsoft.com/en-us/security-updates/SecurityBulletins/2013/ms13-047
www.zerodayinitiative.com/advisories/ZDI-13-133/
www.zerodayinitiative.com/advisories/ZDI-13-134/
www.zerodayinitiative.com/advisories/ZDI-13-135/
www.zerodayinitiative.com/advisories/ZDI-13-136/
www.zerodayinitiative.com/advisories/ZDI-13-137/
www.zerodayinitiative.com/advisories/ZDI-13-138/
www.zerodayinitiative.com/advisories/ZDI-13-139/
www.zerodayinitiative.com/advisories/ZDI-13-140/
www.zerodayinitiative.com/advisories/ZDI-13-141/
www.zerodayinitiative.com/advisories/ZDI-13-143/
www.zerodayinitiative.com/advisories/ZDI-13-144/
www.zerodayinitiative.com/advisories/ZDI-13-145/
www.zerodayinitiative.com/advisories/ZDI-13-146/
Related
openvas
openvas
Microsoft Internet Explorer Multiple Vulnerabilities (2838727)
2013-06-12 00:00:00
Microsoft Internet Explorer Multiple Vulnerabilities (2838727)
2013-06-12 00:00:00
securityvulns
securityvulns
Microsoft Internet Explorer multiple security vulnerabilities
2013-06-12 00:00:00
mskb
mskb
MS13-047: Cumulative security update for Internet Explorer: June 11, 2013
2013-06-11 00:00:00
prion
prion
Memory corruption
2013-06-12 03:29:00
Memory corruption
2013-06-12 03:30:00
Memory corruption
2013-06-12 03:30:00
cve
cve
checkpoint_advisories
checkpoint_advisories
Internet Explorer Memory Attribute Use After Free (MS13-047; CVE-2013-3118)
2013-06-11 00:00:00
Internet Explorer Object Use After Free Arbitrary Code Execution (MS13-047; CVE-2013-3110)
2013-06-11 00:00:00
Internet Explorer CSS Use After Free (MS13-047; CVE-2013-3117)
2013-06-11 00:00:00
zdi
zdi
symantec
symantec
Microsoft Internet Explorer CVE-2013-3117 Memory Corruption Vulnerability
2013-06-11 00:00:00
Microsoft Internet Explorer CVE-2013-3123 Memory Corruption Vulnerability
2013-06-11 00:00:00
Microsoft Internet Explorer CVE-2013-3119 Memory Corruption Vulnerability
2013-06-11 00:00:00
seebug
seebug
Microsoft Internet Explorer 内存破坏漏洞(CVE-2013-3112)(MS13-047)
2013-06-17 00:00:00
zdt
zdt
packetstorm
packetstorm
Related for SMB_NT_MS13-047.NASL