JVN Info.

Id
39954  
Name
JVNDB-2009-000039  
Title
Microsoft Works コンバーターにおけるバッファオーバーフローの脆弱性  
Summary
Microsoft Works コンバーターには、バッファオーバーフローの脆弱性が存在します。  
Nvdinfo
CVE-2009-1533  
Cvssv2
6.8  
Jvnurl
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000039.html  
Published Date
2009-06-11  
Registered Date
2009-06-18  
Last Updated Date
2009-06-18  

Actions

Related Nessuslogs

Id Log ID Jvninfo Id Plugin ID CVE CVSS Risk Host Protocol Port Name Synopsis Description Solution See Also Plugin Output Actions
51172 H28_MUN_DWEB_Q4_172_16_240_seg.csv 39954 87674 CVE-2013-4332 5 Medium 172.16.240.115 tcp 443 VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2014-0002) The remote VMware ESX / ESXi host is missing a security-related patch. The remote VMware ESX / ESXi host is affected by multiple vulnerabilities : - Multiple integer overflow conditions exist in the glibc package in file malloc/malloc.c. An unauthenticated, remote attacker can exploit these to cause heap memory corruption by passing large values to the pvalloc(), valloc(), posix_memalign(), memalign(), or aligned_alloc() functions, resulting in a denial of service. (CVE-2013-4332) - A distributed denial of service (DDoS) vulnerability exists in the NTP daemon due to improper handling of the "monlist" command. A remote attacker can exploit this, via a forged request to an affected NTP server, to cause an amplified response to the intended target of the DDoS attack. (CVE-2013-5211) Apply the appropriate patch according to the vendor advisory that pertains to ESX version 4.0 / 4.1 and ESXi version 4.0 / 4.1 / 5.0 / 5.1 / 5.5. https://www.vmware.com/security/advisories/VMSA-2014-0002 http://lists.vmware.com/pipermail/security-announce/2014/000281.html Version : ESX 4.0 Installed build : 208167 Fixed build : 1682696
51967 H28_MUN_DWEB_Q4_172_16_240_seg.csv 39954 87674 CVE-2013-4332 5 Medium 172.16.240.131 tcp 443 VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2014-0002) The remote VMware ESX / ESXi host is missing a security-related patch. The remote VMware ESX / ESXi host is affected by multiple vulnerabilities : - Multiple integer overflow conditions exist in the glibc package in file malloc/malloc.c. An unauthenticated, remote attacker can exploit these to cause heap memory corruption by passing large values to the pvalloc(), valloc(), posix_memalign(), memalign(), or aligned_alloc() functions, resulting in a denial of service. (CVE-2013-4332) - A distributed denial of service (DDoS) vulnerability exists in the NTP daemon due to improper handling of the "monlist" command. A remote attacker can exploit this, via a forged request to an affected NTP server, to cause an amplified response to the intended target of the DDoS attack. (CVE-2013-5211) Apply the appropriate patch according to the vendor advisory that pertains to ESX version 4.0 / 4.1 and ESXi version 4.0 / 4.1 / 5.0 / 5.1 / 5.5. https://www.vmware.com/security/advisories/VMSA-2014-0002 http://lists.vmware.com/pipermail/security-announce/2014/000281.html Version : ESXi 4.1 Installed build : 800380 Fixed build : 1682698
56753 H28_DWEB_NW_Scan_Q1_172_16_240_Seg_20160518_hepxqa.csv 39954 87674 CVE-2013-4332 5 Medium 172.16.240.115 tcp 443 VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2014-0002) The remote VMware ESX / ESXi host is missing a security-related patch. The remote VMware ESX / ESXi host is affected by multiple vulnerabilities : - Multiple integer overflow conditions exist in the glibc package in file malloc/malloc.c. An unauthenticated, remote attacker can exploit these to cause heap memory corruption by passing large values to the pvalloc(), valloc(), posix_memalign(), memalign(), or aligned_alloc() functions, resulting in a denial of service. (CVE-2013-4332) - A distributed denial of service (DDoS) vulnerability exists in the NTP daemon due to improper handling of the "monlist" command. A remote attacker can exploit this, via a forged request to an affected NTP server, to cause an amplified response to the intended target of the DDoS attack. (CVE-2013-5211) Apply the appropriate patch according to the vendor advisory that pertains to ESX version 4.0 / 4.1 and ESXi version 4.0 / 4.1 / 5.0 / 5.1 / 5.5. https://www.vmware.com/security/advisories/VMSA-2014-0002 http://lists.vmware.com/pipermail/security-announce/2014/000281.html Version : ESX 4.0 Installed build : 208167 Fixed build : 1682696
57543 H28_DWEB_NW_Scan_Q1_172_16_240_Seg_20160518_hepxqa.csv 39954 87674 CVE-2013-4332 5 Medium 172.16.240.131 tcp 443 VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2014-0002) The remote VMware ESX / ESXi host is missing a security-related patch. The remote VMware ESX / ESXi host is affected by multiple vulnerabilities : - Multiple integer overflow conditions exist in the glibc package in file malloc/malloc.c. An unauthenticated, remote attacker can exploit these to cause heap memory corruption by passing large values to the pvalloc(), valloc(), posix_memalign(), memalign(), or aligned_alloc() functions, resulting in a denial of service. (CVE-2013-4332) - A distributed denial of service (DDoS) vulnerability exists in the NTP daemon due to improper handling of the "monlist" command. A remote attacker can exploit this, via a forged request to an affected NTP server, to cause an amplified response to the intended target of the DDoS attack. (CVE-2013-5211) Apply the appropriate patch according to the vendor advisory that pertains to ESX version 4.0 / 4.1 and ESXi version 4.0 / 4.1 / 5.0 / 5.1 / 5.5. https://www.vmware.com/security/advisories/VMSA-2014-0002 http://lists.vmware.com/pipermail/security-announce/2014/000281.html Version : ESXi 4.1 Installed build : 800380 Fixed build : 1682698