This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote Windows host has a browser plugin installed that is
affected by multiple vulnerabilities.
The remote Windows host is missing security update 4014329. It is,
therefore, affected by multiple vulnerabilities :
- A buffer overflow condition exists that allows an
attacker to execute arbitrary code. (CVE-2017-2997)
- Multiple memory corruption issues exist that allow an
attacker to execute arbitrary code. (CVE-2017-2998,
- An unspecified flaw exists in the random number
generator used for constant binding that allows an
attacker to disclose sensitive information.
- Multiple use-after-free errors exist that allow an
attacker to execute arbitrary code. (CVE-2017-3001,
See also :
Microsoft has released a set of patches for Windows 2012, 8.1, RT 8.1,
2012 R2, 10, and 2016.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 6.9
Public Exploit Available : false
Family: Windows : Microsoft Bulletins
Nessus Plugin ID: 97735 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now