Vulnerability Bulletins |
Ejecución remota de código en Explorer |
|
Vulnerability classification |
|
| Property | Value |
| Confidence level | Oficial |
| Impact | Obtener acceso |
| Dificulty | Principiante |
| Required attacker level | Acceso remoto sin cuenta a un servicio estandar |
System information |
|
| Property | Value |
| Affected manufacturer | Microsoft |
| Affected software |
Microsoft Windows 2000 Service Pack 3 Microsoft Windows 2000 Service Pack 4 Microsoft Windows XP Service Pack 1 Microsoft Windows XP Service Pack 2 Microsoft Windows XP 64-Bit Edition Service Pack 1 Microsoft Windows XP 64-Bit Edition Version 2003 Microsoft Windows Server 2003 Microsoft Windows Server 2003 64-Bit Edition Microsoft Windows 98 Microsoft Windows 98 Second Edition (SE) Microsoft Windows Millennium Edition (Me) |
Description |
|
|
Existe una vulnerabilidad en el control HTML Help ActiveX que de ser explotada podría permitir la ejecución remota de código o una fuga de información. Un atacante podría explotar la vulnerabilidad mediante el diseño de una página web maliciosa, la cual una vez visitada por la víctima, permitiría al atacante la ejecución remota de código. |
|
Solution |
|
|
Actualización de software Microsoft Windows Microsoft Windows 2000 Service Pack 3 / Microsoft Windows 2000 Service Pack 4 http://www.microsoft.com/downloads/thankyou.aspx?FamilyID=be1b11c0-ef09-4295-8fb2-0ff17ba65460&displaylang=es Microsoft Windows XP Service Pack 1 / Microsoft Windows XP Service Pack 2 http://www.microsoft.com/downloads/thankyou.aspx?FamilyID=43201b00-298d-4c0c-a26f-aaedf163feb7&displaylang=es Microsoft Windows XP 64-Bit Edition Service Pack 1 http://www.microsoft.com/downloads/thankyou.aspx?FamilyID=1fc58c5f-3a97-4b89-96c3-aaeffce28535&displaylang=es Microsoft Windows XP 64-Bit Edition Version 2003 / Microsoft Windows Server 2003 64-Bit Edition http://www.microsoft.com/downloads/thankyou.aspx?FamilyID=3b3878c9-57fb-45a9-b5c2-234ad538d6cc&displaylang=en Microsoft Windows Server 2003 http://www.microsoft.com/downloads/details.aspx?familyid=23E619FE-F6DB-4666-A247-339F55B059CC&displaylang=en Microsoft Windows 98 / Microsoft Windows 98 Second Edition (SE) http://go.microsoft.com/fwlink/?LinkId=21130 |
|
Standar resources |
|
| Property | Value |
| CVE | CAN-2004-1043 |
| BID | |
Other resources |
|
|
Microsoft Security Bulletin MS05-001 http://www.microsoft.com/technet/security/Bulletin/MS05-001.mspx |
|
Version history |
||
| Version | Comments | Date |
| 1.0 | Aviso emitido | 2005-01-12 |