MS14-035:Internet Explorer 累积安全更新 (2969262)
critical Nessus 插件 ID 74427
语言:
简介
远程主机包含受到多种漏洞影响的 Web 浏览器。描述
远程主机缺少 Internet Explorer (IE) 安全更新 2969262。远程主机上安装的 Internet Explorer 版本受到多种漏洞的影响,其中多数为远程代码执行漏洞。攻击者只需诱使用户访问某个特别构建的网页即可利用这些漏洞。
解决方案
Microsoft 已发布一系列用于 Internet Explorer 6、7、8、9、10 和 11 的修补程序。另见
https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2014/ms14-035
https://www.securityfocus.com/archive/1/532798/30/0/threaded
https://www.securityfocus.com/archive/1/532799/30/0/threaded
https://www.zerodayinitiative.com/advisories/ZDI-14-194/
https://www.zerodayinitiative.com/advisories/ZDI-14-193/
https://www.zerodayinitiative.com/advisories/ZDI-14-192/
https://www.zerodayinitiative.com/advisories/ZDI-14-191/
https://www.zerodayinitiative.com/advisories/ZDI-14-190/
https://www.zerodayinitiative.com/advisories/ZDI-14-189/
https://www.zerodayinitiative.com/advisories/ZDI-14-188/
https://www.zerodayinitiative.com/advisories/ZDI-14-187/
https://www.zerodayinitiative.com/advisories/ZDI-14-186/
https://www.zerodayinitiative.com/advisories/ZDI-14-185/
https://www.zerodayinitiative.com/advisories/ZDI-14-184/
https://www.zerodayinitiative.com/advisories/ZDI-14-183/
https://www.zerodayinitiative.com/advisories/ZDI-14-182/
https://www.zerodayinitiative.com/advisories/ZDI-14-181/
https://www.zerodayinitiative.com/advisories/ZDI-14-180/
https://www.zerodayinitiative.com/advisories/ZDI-14-179/
https://www.zerodayinitiative.com/advisories/ZDI-14-178/
https://www.zerodayinitiative.com/advisories/ZDI-14-177/
https://www.zerodayinitiative.com/advisories/ZDI-14-176/
https://www.zerodayinitiative.com/advisories/ZDI-14-175/
插件详情
严重性: Critical
ID: 74427
文件名: smb_nt_ms14-035.nasl
版本: 1.22
类型: local
代理: windows
发布时间: 2014/6/11
最近更新时间: 2019/11/26
支持的传感器: Nessus
风险信息
VPR
风险因素: High
分数: 8.9
CVSS v2
风险因素: Critical
基本分数: 10
时间分数: 8.7
矢量: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS 分数来源: CVE-2014-1764
漏洞信息
CPE: cpe:/o:microsoft:windows, cpe:/a:microsoft:ie
必需的 KB 项: SMB/MS_Bulletin_Checks/Possible
可利用: true
易利用性: Exploits are available
补丁发布日期: 2014/6/10
漏洞发布日期: 2014/5/21
可利用的方式
Core Impact
参考资料信息
CVE: CVE-2014-0282, CVE-2014-1762, CVE-2014-1764, CVE-2014-1766, CVE-2014-1769, CVE-2014-1770, CVE-2014-1771, CVE-2014-1772, CVE-2014-1773, CVE-2014-1774, CVE-2014-1775, CVE-2014-1777, CVE-2014-1778, CVE-2014-1779, CVE-2014-1780, CVE-2014-1781, CVE-2014-1782, CVE-2014-1783, CVE-2014-1784, CVE-2014-1785, CVE-2014-1786, CVE-2014-1788, CVE-2014-1789, CVE-2014-1790, CVE-2014-1791, CVE-2014-1792, CVE-2014-1794, CVE-2014-1795, CVE-2014-1796, CVE-2014-1797, CVE-2014-1799, CVE-2014-1800, CVE-2014-1802, CVE-2014-1803, CVE-2014-1804, CVE-2014-1805, CVE-2014-2753, CVE-2014-2754, CVE-2014-2755, CVE-2014-2756, CVE-2014-2757, CVE-2014-2758, CVE-2014-2759, CVE-2014-2760, CVE-2014-2761, CVE-2014-2763, CVE-2014-2764, CVE-2014-2765, CVE-2014-2766, CVE-2014-2767, CVE-2014-2768, CVE-2014-2769, CVE-2014-2770, CVE-2014-2771, CVE-2014-2772, CVE-2014-2773, CVE-2014-2775, CVE-2014-2776, CVE-2014-2777, CVE-2014-2782
BID: 67295, 67511, 67518, 67544, 67827, 67831, 67833, 67834, 67835, 67836, 67838, 67839, 67840, 67841, 67842, 67843, 67845, 67874, 67875, 67876, 67877, 67878, 67879, 67880, 67881, 67882, 67883, 67884, 67885, 67886, 67887, 67889, 67890, 67891, 67892, 67915, 68101, 67846, 67847, 67848, 67849, 67850, 67851, 67852, 67854, 67855, 67856, 67857, 67858, 67859, 67860, 67861, 67862, 67864, 67866, 67867, 67869, 67871, 67873