Summary
This host is missing a critical security update according to Microsoft Bulletin MS08-049.
Impact
Remote exploitation allows attackers to execute arbitrary code with system privileges.
Impact Level : System
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link.
http://www.microsoft.com/technet/security/bulletin/ms08-049.mspx
Insight
Issues are due to the Microsoft Windows Event System does not properly validate the range of indexes when calling an array of function pointers and fails to handle per-user subscription requests.
Affected
Microsoft Windows 2K/XP/2003
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2008-1456, CVE-2008-1457 -
CVSS Base Score: 9.0
AV:N/AC:L/Au:S/C:C/I:C/A:C
Related Vulnerabilities
- Microsoft Internet Explorer Memory Corruption Vulnerability (2755801)
- Microsoft .NET Framework Remote Code Execution Vulnerabilities (2878890)
- Microsoft IIS FTP Server 'Malformed FTP List Request' DOS Vulnerability
- Microsoft Groove Remote Code Execution Vulnerability (2494047)
- Cumulative Security Update for Internet Explorer (958215)