Malwarebytes Anti-Exploit < 1.04.1.1012 RCE

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote host has an anti-exploitation application installed that is
affected by a remote code execution vulnerability.

Description :

The Malwarebytes Anti-Exploit installed on the remote Windows host is
a version prior to 1.04.1.1012. It is, therefore, affected by a
vulnerability that allows a man-in-the-middle attacker to spoof the
update server in order to upload and execute arbitrary code on the
remote host.

See also :

https://www.malwarebytes.org/support/releasehistory/
http://www.nessus.org/u?00012152

Solution :

Upgrade to Malwarebytes Anti-Exploit 1.04.1.1012 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 83957 ()

Bugtraq ID:

CVE ID: CVE-2014-4936

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now