Microsoft Office Privilege Elevation Vulnerability - 2721015 (Mac OS X) Network Vulnerability

Summary

This host is missing an important security update according to Microsoft Bulletin MS12-051.

Impact

Successful exploitation could allow attackers to execute arbitrary code in the security context of the current user. Impact Level: System/Application

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/ms12-051

Insight

The application being installed with insecure folder permissions and can be exploited to create arbitrary files in certain directories.

Affected

Microsoft Office 2011 for Mac

References

http://osvdb.org/show/osvdb/83654
http://secunia.com/advisories/49876/
http://technet.microsoft.com/en-us/security/bulletin/ms12-051

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-1894

CVSS	Base Score: 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Apple Mac OS X iWork 9.1 Update
Apple Mac OS X PackageKit Format String Vulnerability
Mac OS X 'Internet plug-ins' Unspecified Vulnerability (2012-003)
Mac OS X Certificate Trust Policy Information Disclosure Vulnerability (2011-005)
Apple Mac OS X Keychain Certificate Settings Security Bypass Vulnerability

Take action and discover your vulnerabilities