[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Fri Nov 12 05:20:10 PST 2010
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 227 Published: Fri, 12 Nov 2010 01:24:32 GMT
New Fixlets:
============
***************************************************************
Title: Untrusted search path vulnerability in Microsoft Office Groove 2007
Severity: High
Fixlet ID: 1191001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11910.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3146
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Untrusted search path vulnerability in Microsoft Office Groove 2007 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse mso.dll or GroovePerfmon.dll that is located in the same folder as a .vcg or .gta file.
More information about the WinVulns-Announcements
mailing list