This host is installed with Microsoft Visual Studio and is prone to insecure library loading vulnerability. This NVT has been replaced by NVT secpod_ms11-025.nasl (OID:22.214.171.124.4.1.256126.96.36.1990285).
Successful exploitation will allow the attackers to execute arbitrary code and conduct DLL hijacking attacks. Impact Level: Application
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link. http://www.microsoft.com/technet/security/Bulletin/MS11-025.mspx
The flaw is due to 'ATL MFC Trace Tool'(AtlTraceTool8.exe) loading libraries in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into opening a TRC file located on a remote WebDAV or SMB share.
Microsoft Visual Studio
Updated on 2017-03-28
- Microsoft Visual Studio Insecure Library Loading Vulnerability
- Microsoft HTML Help Workshop buffer overflow vulnerability
- Microsoft Autorun Arbitrary Code Execution Vulnerability (08-038)
- Microsoft Windows 32-bit Platforms Unspecified vulnerabilities
- Microsoft Unauthorized Digital Certificates Spoofing Vulnerability (2728973)