Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:26055
HistoryDec 15, 2011 - 12:00 a.m.

Microsoft Windows OLE属性远程代码执行漏洞(MS11-093)

2011-12-1500:00:00
Root
www.seebug.org
14

0.97 High

EPSS

Percentile

99.7%

JSON

BUGTRAQ ID: 50977
CVE ID: CVE-2011-3400

OLE即对象连接与嵌入技术。OLE不仅是桌面应用程序集成,而且还定义和实现了一种允许应用程序作为软件“对象彼此进行“连接”的机制。

Microsoft Windows处理特制OLE对象文件的方式中存在远程代码执行漏洞,成功利用后可允许攻击者以当前用户权限执行任意代码

Microsoft Windows XP
Microsoft Server 2003
临时解决方法:

  • 不打开可疑源或从可信源意外收到的office文件。

厂商补丁:

Microsoft

Microsoft已经为此发布了一个安全公告(MS11-093)以及相应补丁:

MS11-093:Vulnerability in OLE Could Allow Remote Code Execution (2624667)

链接:http://www.microsoft.com/technet/security/bulletin/MS11-093.asp

Related

checkpoint_advisories 1
symantec 1
prion 1
nessus 1
openvas 2
saint 4
seebug 2
cve 1
packetstorm 1
attackerkb 1
metasploit 1
exploitdb 1
securityvulns 1
securelist 1
checkpoint_advisories
checkpoint_advisories
Microsoft OLE Property Code Execution (MS11-093; CVE-2011-3400)
2011-12-13 00:00:00
symantec
symantec
Microsoft Windows OLE Property CVE-2011-3400 Remote Code Execution Vulnerability
2011-12-13 00:00:00
prion
prion
Code injection
2011-12-14 00:55:00
nessus
nessus
MS11-093: Vulnerability in OLE Could Allow Remote Code Execution (2624667)
2011-12-13 00:00:00
openvas
openvas
Microsoft Windows OLE Remote Code Execution Vulnerability (2624667)
2011-12-14 00:00:00
Microsoft Windows OLE Remote Code Execution Vulnerability (2624667)
2011-12-14 00:00:00
saint
saint
Microsoft OLE Object File Handling vulnerability
2012-06-15 00:00:00
Microsoft OLE Object File Handling vulnerability
2012-06-15 00:00:00
Microsoft OLE Object File Handling vulnerability
2012-06-15 00:00:00
seebug
seebug
Microsoft Windows OLE Object File Handling Remote Code Execution(CVE-2011-3400)
2012-06-08 00:00:00
Microsoft Windows OLE Object File Handling Remote Code Execution
2014-07-01 00:00:00
cve
cve
CVE-2011-3400
2011-12-14 00:55:00
packetstorm
packetstorm
Microsoft Windows OLE Object File Handling Remote Code Execution
2012-06-07 00:00:00
attackerkb
attackerkb
CVE-2011-3400 Microsoft OLE for Windows
2011-12-14 00:00:00
metasploit
metasploit
MS11-093 Microsoft Windows OLE Object File Handling Remote Code Execution
2012-06-05 16:21:55
exploitdb
exploitdb
Microsoft Windows - OLE Object File Handling Remote Code Execution (Metasploit)
2012-06-06 00:00:00
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2011-12-26 00:00:00
securelist
securelist
Investigation Report for the September 2014 Equation malware detection incident in the US
2017-11-16 10:00:34

0.97 High

EPSS

Percentile

99.7%

JSON
Related for SSV:26055
checkpoint_advisories1symantec1prion1nessus1openvas2saint4seebug2cve1packetstorm1attackerkb1metasploit1exploitdb1securityvulns1securelist1