How to Buy
This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.
An application on the remote Windows host has an information disclosure
The version of Windows Essentials 2011 or 2012 installed on the remote
host has an information disclosure vulnerability. Windows Writer, part
of Windows Essentials, fails to properly handle specially crafted URLs.
A remote attacker could exploit this by tricking a user into opening a
maliciously crafted URL to override Windows Writer proxy settings and
overwrite files accessible to the user.
See also :
Microsoft has released a patch for Windows Essentials 2012.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.6
Public Exploit Available : true
Family: Windows : Microsoft Bulletins
Nessus Plugin ID: 66421 ()
Bugtraq ID: 59783
CVE ID: CVE-2013-0096
Get Nessus Professional to scan unlimited IPs, run compliance checks & more
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.