|
Family: Windows : Microsoft Bulletins --> Category: infos
Flaw in WinXP Help center could enable file deletion Vulnerability Scan
Vulnerability Scan Summary Checks for MS Hotfix Q328940
Detailed Explanation for this Vulnerability Test
Synopsis :
Arbitrary files can be deleted on the remote host through the web client.
Description :
There is a security vulnerability in the remote Windows XP Help and Support
Center which can be exploited by a possible hacker to delete arbitrary file
on this host.
To do so, a possible hacker needs to create malicious web pages that must
be visited by the owner of the remote system.
Solution :
Microsoft has released a set of patches for Windows XP and 2000 :
http://www.microsoft.com/technet/security/bulletin/ms02-060.mspx
Threat Level:
Medium / CVSS Base Score : 4
(AV:R/AC:H/Au:NR/C:N/A:N/I:C/B:I)
Click HERE for more information and discussions on this network vulnerability scan.
|