Lucene search
This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.SMB_NT_MS05-025.NASLHistoryJun 14, 2005 - 12:00 a.m.
MS05-025: Cumulative Security Update for Internet Explorer (883939)
2005-06-1400:00:00
This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
www.tenable.com
30
CVSS2
5.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
EPSS
0.699
Percentile
98.1%
The remote host is missing IE Cumulative Security Update 883939.
The remote version of IE is vulnerable to several flaws that could allow an attacker to execute arbitrary code on the remote host.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(18490);
script_version("1.56");
script_cvs_date("Date: 2018/11/15 20:50:29");
script_cve_id("CVE-2005-1211", "CVE-2002-0648");
script_bugtraq_id(5560, 13947, 13946, 13943, 13941);
script_xref(name:"MSFT", value:"MS05-025");
script_xref(name:"CERT", value:"189754");
script_xref(name:"EDB-ID", value:"21749");
script_xref(name:"MSKB", value:"883939");
script_name(english:"MS05-025: Cumulative Security Update for Internet Explorer (883939)");
script_summary(english:"Determines the presence of update 883939");
script_set_attribute(attribute:"synopsis", value:
"Arbitrary code can be executed on the remote host through the web
client.");
script_set_attribute(attribute:"description", value:
"The remote host is missing IE Cumulative Security Update 883939.
The remote version of IE is vulnerable to several flaws that could allow
an attacker to execute arbitrary code on the remote host.");
script_set_attribute(attribute:"see_also", value:"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2005/ms05-025");
script_set_attribute(attribute:"solution", value:
"Microsoft has released a set of patches for Windows 2000, XP and
2003.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2004/04/09");
script_set_attribute(attribute:"patch_publication_date", value:"2005/06/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2005/06/14");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows");
script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:ie");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.");
script_family(english:"Windows : Microsoft Bulletins");
script_dependencies("smb_hotfixes.nasl","smb_nt_ms05-038.nasl", "ms_bulletin_checks_possible.nasl");
script_require_keys("SMB/MS_Bulletin_Checks/Possible");
script_require_ports(139, 445, 'Host/patch_management_checks');
exit(0);
}
include("audit.inc");
include("smb_hotfixes_fcheck.inc");
include("smb_hotfixes.inc");
include("smb_func.inc");
include("misc_func.inc");
get_kb_item_or_exit("SMB/MS_Bulletin_Checks/Possible");
bulletin = 'MS05-025';
kb = '883939';
kbs = make_list(kb);
if (get_kb_item("Host/patch_management_checks")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);
get_kb_item_or_exit("SMB/Registry/Enumerated");
get_kb_item_or_exit("SMB/WindowsVersion", exit_code:1);
if (hotfix_check_sp_range(win2k:'3,5', xp:'1,2', win2003:'0,1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);
rootfile = hotfix_get_systemroot();
if (!rootfile) exit(1, "Failed to get the system root.");
share = hotfix_path2share(path:rootfile);
if (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);
if (
hotfix_is_vulnerable(os:"5.2", sp:0, file:"Mshtml.dll", version:"6.0.3790.327", dir:"\system32", bulletin:bulletin, kb:kb) ||
hotfix_is_vulnerable(os:"5.2", sp:1, file:"Mshtml.dll", version:"6.0.3790.2440", dir:"\system32", bulletin:bulletin, kb:kb) ||
hotfix_is_vulnerable(os:"5.1", sp:1, file:"Mshtml.dll", version:"6.0.2800.1505", dir:"\system32", bulletin:bulletin, kb:kb) ||
hotfix_is_vulnerable(os:"5.1", sp:2, file:"Mshtml.dll", version:"6.0.2900.2668", dir:"\system32", bulletin:bulletin, kb:kb) ||
hotfix_is_vulnerable(os:"5.0", file:"Mshtml.dll", version:"6.0.2800.1505", min_version:"6.0.0.0", dir:"\system32", bulletin:bulletin, kb:kb) ||
hotfix_is_vulnerable(os:"5.0", sp:3, file:"Mshtml.dll", version:"5.0.3541.2700", dir:"\system32", bulletin:bulletin, kb:kb) ||
hotfix_is_vulnerable(os:"5.0", sp:4, file:"Mshtml.dll", version:"5.0.3828.2700", dir:"\system32", bulletin:bulletin, kb:kb) ||
hotfix_is_vulnerable(os:"5.0", sp:5, file:"Mshtml.dll", version:"5.0.3828.2700", dir:"\system32", bulletin:bulletin, kb:kb)
)
{
set_kb_item(name:"SMB/Missing/"+bulletin, value:TRUE);
hotfix_security_hole();
hotfix_check_fversion_end();
exit(0);
}
else
{
hotfix_check_fversion_end();
audit(AUDIT_HOST_NOT, 'affected');
}
Related
securityvulns
securityvulns
nvd
nvd
CVE-2002-0648
2002-09-24 04:00:00
CVE-2005-1211
2005-06-14 04:00:00
cvelist
cvelist
CVE-2002-0648
2003-04-02 05:00:00
CVE-2005-1211
2005-06-15 04:00:00
cve
cve
CVE-2002-0648
2003-04-02 05:00:00
CVE-2005-1211
2005-06-15 04:00:00
checkpoint_advisories
checkpoint_advisories
cert
cert
Microsoft Internet Explorer buffer overflow in PNG image rendering component
2005-06-14 00:00:00
CVSS2
5.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
EPSS
0.699
Percentile
98.1%
Related for SMB_NT_MS05-025.NASL