Microsoft .NET Framework 的安全更新(2022 年 12 月)
high Nessus 插件 ID 168745
语言:
简介
远程主机上安装的 Microsoft .NET Framework 缺少安全更新。描述
远程主机上安装的 Microsoft .NET Framework 缺少安全更新。由于未正确处理 XPS 文件,因而会受到远程代码执行漏洞的影响。解决方案
Microsoft 已发布用于 Microsoft .NET Framework 的安全更新。另见
http://www.nessus.org/u?0d29de7c
http://www.nessus.org/u?e40dadbd
https://support.microsoft.com/en-us/help/5020859
https://support.microsoft.com/en-us/help/5020860
https://support.microsoft.com/en-us/help/5020861
https://support.microsoft.com/en-us/help/5020862
https://support.microsoft.com/en-us/help/5020866
https://support.microsoft.com/en-us/help/5020867
https://support.microsoft.com/en-us/help/5020868
https://support.microsoft.com/en-us/help/5020869
https://support.microsoft.com/en-us/help/5020872
https://support.microsoft.com/en-us/help/5020873
https://support.microsoft.com/en-us/help/5020874
https://support.microsoft.com/en-us/help/5020875
https://support.microsoft.com/en-us/help/5020876
https://support.microsoft.com/en-us/help/5020877
https://support.microsoft.com/en-us/help/5020878
https://support.microsoft.com/en-us/help/5020879
https://support.microsoft.com/en-us/help/5020880
https://support.microsoft.com/en-us/help/5020881
https://support.microsoft.com/en-us/help/5020882
https://support.microsoft.com/en-us/help/5020883
https://support.microsoft.com/en-us/help/5020894
https://support.microsoft.com/en-us/help/5020895
https://support.microsoft.com/en-us/help/5020896
https://support.microsoft.com/en-us/help/5020897
https://support.microsoft.com/en-us/help/5020898
https://support.microsoft.com/en-us/help/5020899
https://support.microsoft.com/en-us/help/5020900
https://support.microsoft.com/en-us/help/5020901
插件详情
严重性: High
ID: 168745
文件名: smb_nt_ms22_dec_dotnet.nasl
版本: 1.10
类型: local
代理: windows
发布时间: 2022/12/15
最近更新时间: 2023/11/20
支持的传感器: Nessus
风险信息
VPR
风险因素: Medium
分数: 6.7
CVSS v2
风险因素: High
基本分数: 7.2
时间分数: 5.3
矢量: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS 分数来源: CVE-2022-41089
CVSS v3
风险因素: High
基本分数: 7.8
时间分数: 6.8
矢量: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
时间矢量: CVSS:3.0/E:U/RL:O/RC:C
漏洞信息
CPE: cpe:/a:microsoft:.net_framework
必需的 KB 项: SMB/MS_Bulletin_Checks/Possible
易利用性: No known exploits are available
补丁发布日期: 2022/12/13
漏洞发布日期: 2022/12/13
参考资料信息
CVE: CVE-2022-41089
IAVA: 2022-A-0534-S
MSFT: MS22-5020859, MS22-5020860, MS22-5020861, MS22-5020862, MS22-5020866, MS22-5020867, MS22-5020868, MS22-5020869, MS22-5020872, MS22-5020873, MS22-5020874, MS22-5020875, MS22-5020876, MS22-5020877, MS22-5020878, MS22-5020879, MS22-5020880, MS22-5020881, MS22-5020882, MS22-5020883, MS22-5020894, MS22-5020895, MS22-5020896, MS22-5020897, MS22-5020898, MS22-5020899, MS22-5020900, MS22-5020901, MS22-5020902, MS22-5020903
MSKB: 5020859, 5020860, 5020861, 5020862, 5020866, 5020867, 5020868, 5020869, 5020872, 5020873, 5020874, 5020875, 5020876, 5020877, 5020878, 5020879, 5020880, 5020881, 5020882, 5020883, 5020894, 5020895, 5020896, 5020897, 5020898, 5020899, 5020900, 5020901, 5020902, 5020903