Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SMB_NT_MS21_JUN_INTERNET_EXPLORER.NASL
HistoryAug 16, 2021 - 12:00 a.m.

Security Updates for Internet Explorer (June 2021)

2021-08-1600:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

8.2 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.4%

JSON

The Internet Explorer installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerabilities:

  • A memory corruption error exists in the scripting engine. An unauthenticated, remote attacker can exploit this to execute arbitrary commands. (CVE-2021-31959)

  • A security bypass vulnerability exists in the HTML platforms component. An unauthenticated, remote attacker can exploit this to bypass security in order to gain full access to the system. (CVE-2021-31971)

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(152587);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/01");

  script_cve_id("CVE-2021-31959", "CVE-2021-31971");
  script_xref(name:"MSKB", value:"5003636");
  script_xref(name:"MSKB", value:"5003661");
  script_xref(name:"MSKB", value:"5003667");
  script_xref(name:"MSKB", value:"5003671");
  script_xref(name:"MSKB", value:"5003697");
  script_xref(name:"MSFT", value:"MS21-5003636");
  script_xref(name:"MSFT", value:"MS21-5003661");
  script_xref(name:"MSFT", value:"MS21-5003667");
  script_xref(name:"MSFT", value:"MS21-5003671");
  script_xref(name:"MSFT", value:"MS21-5003697");

  script_name(english:"Security Updates for Internet Explorer (June 2021)");

  script_set_attribute(attribute:"synopsis", value:
"The Internet Explorer installation on the remote host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"The Internet Explorer installation on the remote host is missing a security update. It is, therefore, affected by the
following vulnerabilities:

  - A memory corruption error exists in the scripting engine. An unauthenticated, remote attacker can exploit
    this to execute arbitrary commands. (CVE-2021-31959)

  - A security bypass vulnerability exists in the HTML platforms component. An unauthenticated, remote attacker
    can exploit this to bypass security in order to gain full access to the system. (CVE-2021-31971)");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/topic/5003636");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/topic/5003661");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/topic/5003667");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/topic/5003671");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/topic/5003697");
  script_set_attribute(attribute:"solution", value:
"Microsoft has released the following security updates to address this issue:  
  -KB5003636
  -KB5003661
  -KB5003667
  -KB5003671
  -KB5003697");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-31971");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/06/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/06/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/08/16");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:ie");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows : Microsoft Bulletins");

  script_copyright(english:"This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("smb_check_rollup.nasl", "smb_hotfixes.nasl", "ms_bulletin_checks_possible.nasl");
  script_require_keys("SMB/MS_Bulletin_Checks/Possible");
  script_require_ports(139, 445, "Host/patch_management_checks");

  exit(0);
}
include('smb_hotfixes_fcheck.inc');
include('smb_hotfixes.inc');
include('smb_func.inc');

get_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');

var bulletin = 'MS21-06';
var kbs = make_list(
  '5003636',
  '5003661',
  '5003667',
  '5003671',
  '5003697'
);

if (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_WARNING);

get_kb_item_or_exit('SMB/Registry/Enumerated');
var os = get_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);

if (hotfix_check_sp_range(vista:'2', win7:'1', win8:'0',  win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);

var productname = get_kb_item_or_exit('SMB/ProductName', exit_code:1);
if ('Windows 8' >< productname && '8.1' >!< productname)
 audit(AUDIT_OS_SP_NOT_VULN);
if ('Vista' >< productname) audit(AUDIT_OS_SP_NOT_VULN);

if (hotfix_check_server_core() == 1) audit(AUDIT_WIN_SERVER_CORE);

var share = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);
if (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);

if (
  # Windows 8.1 / Windows Server 2012 R2
  # Internet Explorer 11
  hotfix_is_vulnerable(os:'6.3', sp:0, file:'mshtml.dll', version:'11.0.9600.20038', min_version:'11.0.9600.16000', dir:'\\system32', bulletin:bulletin, kb:'5003636') ||

  # Windows Server 2012
  # Internet Explorer 11
  hotfix_is_vulnerable(os:'6.2', sp:0, file:'mshtml.dll', version:'11.0.9600.20038', min_version:'11.0.9600.16000', dir:'\\system32', bulletin:bulletin, kb:'5003636') ||

  # Windows 7 / Server 2008 R2
  # Internet Explorer 11
  hotfix_is_vulnerable(os:'6.1', sp:1, file:'mshtml.dll', version:'11.0.9600.20038', min_version:'11.0.9600.16000', dir:'\\system32', bulletin:bulletin, kb:'5003636') ||

  # Windows Server 2008
  # Internet Explorer 9
  hotfix_is_vulnerable(os:'6.0', sp:2, file:'mshtml.dll', version:'9.0.8112.21561', min_version:'9.0.8112.16000', dir:'\\system32', bulletin:bulletin, kb:'5003636')
)
{
  var report =  '\nNote: The fix for this issue is available in either of the following updates:\n';
  report += '  - KB5003636 : Cumulative Security Update for Internet Explorer\n';

  if(os == '6.3')
  {
    report += '  - KB5003671 : Windows 8.1 / Server 2012 R2 Monthly Rollup\n';
    hotfix_add_report(bulletin:bulletin, kb:'5003671', report);
  }
  else if(os == '6.2')
  {
    report += '  - KB5003697 : Windows Server 2012 Monthly Rollup\n';
    hotfix_add_report(bulletin:bulletin, kb:'5003697', report);
  }
  else if(os == '6.1')
  {
    report += '  - KB5003667 : Windows 7 / Server 2008 R2 Monthly Rollup\n';
    hotfix_add_report(bulletin:bulletin, kb:'5003667', report);
  }
  else if(os == '6.0')
  {
    report += '  - KB5003661 : Windows Server 2008 Monthly Rollup\n';
    hotfix_add_report(bulletin:bulletin, kb:'5003661', report);
  }

  set_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);

  var port = kb_smb_transport();

  hotfix_security_warning();
  hotfix_check_fversion_end();
}
else
{
  hotfix_check_fversion_end();
  audit(AUDIT_HOST_NOT, hotfix_get_audit_report());
}
VendorProductVersionCPE
microsoftiecpe:/a:microsoft:ie

Related

mskb 10
nvd 2
cve 2
cvelist 2
checkpoint_advisories 1
prion 2
mscve 2
googleprojectzero 1
openvas 7
nessus 9
kaspersky 2
krebs 1
malwarebytes 1
rapid7blog 1
qualysblog 1
mskb
mskb
KB5003636: Cumulative security update for Internet Explorer: June 8, 2021
2021-06-08 07:00:00
June 8, 2021—KB5003667 (Monthly Rollup)
2021-06-08 07:00:00
June 8, 2021—KB5003697 (Monthly Rollup)
2021-06-08 07:00:00
nvd
nvd
CVE-2021-31971
2021-06-08 23:15:09
CVE-2021-31959
2021-06-08 23:15:08
cve
cve
CVE-2021-31971
2021-06-08 23:15:09
CVE-2021-31959
2021-06-08 23:15:08
cvelist
cvelist
CVE-2021-31971 Windows HTML Platforms Security Feature Bypass Vulnerability
2021-06-08 22:46:35
CVE-2021-31959 Scripting Engine Memory Corruption Vulnerability
2021-06-08 22:46:27
checkpoint_advisories
checkpoint_advisories
Microsoft Scripting Engine Memory Corruption (CVE-2021-31959)
2021-06-09 00:00:00
prion
prion
Security feature bypass
2021-06-08 23:15:00
Memory corruption
2021-06-08 23:15:00
mscve
mscve
Windows HTML Platforms Security Feature Bypass Vulnerability
2021-06-08 07:00:00
Scripting Engine Memory Corruption Vulnerability
2021-06-08 07:00:00
googleprojectzero
googleprojectzero
Fuzzing Closed-Source JavaScript Engines with Coverage Feedback
2021-09-14 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5003667)
2021-06-09 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5003671)
2021-06-09 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5003687)
2021-06-10 00:00:00
nessus
nessus
KB5003694: Windows 7 and Windows Server 2008 R2 Security Update (June 2021)
2021-06-08 00:00:00
KB5003681: Windows 8.1 and Windows Server 2012 R2 Security Update (June 2021)
2021-06-08 00:00:00
KB5003697: Windows Server 2012 Security Update (June 2021)
2021-06-08 00:00:00
kaspersky
kaspersky
KLA12198 Multiple vulnerabilities in Microsoft Products (ESU)
2021-06-08 00:00:00
KLA12202 Multiple vulnerabilities in Microsoft Windows
2021-06-08 00:00:00
krebs
krebs
Microsoft Patches Six Zero-Day Security Holes
2021-06-08 20:53:28
malwarebytes
malwarebytes
Microsoft fixes seven zero-days, including two PuzzleMaker targets, Google fixes serious Android flaw
2021-06-09 14:50:52
rapid7blog
rapid7blog
Patch Tuesday - June 2021
2021-06-08 10:00:00
qualysblog
qualysblog
Microsoft & Adobe Patch Tuesday (June 2021) – Microsoft 50 Vulnerabilities with 5 Critical, Adobe 21 Critical Vulnerabilities
2021-06-08 21:19:29

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

8.2 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.4%

JSON
Related for SMB_NT_MS21_JUN_INTERNET_EXPLORER.NASL
mskb10nvd2cve2cvelist2checkpoint_advisories1prion2mscve2googleprojectzero1openvas7nessus9kaspersky2krebs1malwarebytes1rapid7blog1qualysblog1