This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:microsoft:forefront_client_security:1.0
Detail
VendorMicrosoftFirst view 2008-09-10
ProductForefront Client SecurityLast view 2009-10-14
Version1.0TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:microsoft:forefront_client_security

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
9.3 2009-10-14 CVE-2009-3126 Network Medium None Requ...
9.3 2009-10-14 CVE-2009-2528 Network Medium None Requ...
9.3 2009-10-14 CVE-2009-2518 Network Medium None Requ...
9.3 2009-10-14 CVE-2009-2504 Network Medium None Requ...
9.3 2009-10-14 CVE-2009-2503 Network Medium None Requ...
Hide | Show 8 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
9.3 2009-10-14 CVE-2009-2502 Network Medium None Requ...
9.3 2009-10-14 CVE-2009-2501 Network Medium None Requ...
9.3 2009-10-14 CVE-2009-2500 Network Medium None Requ...
9.3 2008-09-10 CVE-2008-3015 Network Medium None Requ...
9.3 2008-09-10 CVE-2008-3014 Network Medium None Requ...
9.3 2008-09-10 CVE-2008-3013 Network Medium None Requ...
9.3 2008-09-10 CVE-2008-3012 Network Medium None Requ...
9.3 2008-09-10 CVE-2007-5348 Network Medium None Requ...

CWE : Common Weakness Enumeration

%idName
46% (6)CWE-189Numeric Errors
30% (4)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
15% (2)CWE-94Failure to Control Generation of Code ('Code Injection')
7% (1)CWE-399Resource Management Errors

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:6055GDI+ VML Buffer Overrun Vulnerability
oval:org.mitre.oval:def:6040GDI+ EMF Memory Corruption Vulnerability
oval:org.mitre.oval:def:5986GDI+ GIF Parsing Vulnerability
oval:org.mitre.oval:def:6004GDI+ WMF Buffer Overrun Vulnerability
oval:org.mitre.oval:def:5881GDI+ BMP Integer Overflow Vulnerability
Hide | Show 8 More...
idName
oval:org.mitre.oval:def:5967GDI+ WMF Integer Overflow Vulnerability
oval:org.mitre.oval:def:5800GDI+ PNG Heap Overflow Vulnerability
oval:org.mitre.oval:def:5898GDI+ TIFF Buffer Overflow Vulnerability
oval:org.mitre.oval:def:6491GDI+ TIFF Buffer Overflow Vulnerability
oval:org.mitre.oval:def:6282GDI+ .NET API Vulnerability
oval:org.mitre.oval:def:6430Office BMP Integer Overflow Vulnerability
oval:org.mitre.oval:def:6426Memory Corruption Vulnerability
oval:org.mitre.oval:def:6134GDI+ PNG Integer Overflow Vulnerability

Open Source Vulnerability Database (OSVDB)

idDescription
58870Microsoft Office BMP Image Color Processing Overflow
58869Microsoft Office Malformed Object Handling Memory Corruption Arbitrary Code E...
58868Microsoft Multiple Products GDI+ PNG Image Handling Integer Overflow
58867Microsoft Multiple Products GDI+ .NET API Code Execution Privilege Escalation
58866Microsoft Multiple Products GDI+ TIFF Image Handling Memory Corruption Arbitr...
Hide | Show 8 More...
idDescription
58865Microsoft Multiple Products GDI+ TIFF Image Handling Overflow
58864Microsoft Multiple Products GDI+ PNG Image Handling Heap Overflow
58863Microsoft Multiple Products GDI+ WMF Image Handling Overflow
47969Microsoft Multiple Products GDI+ BMP Integer Calculation Overflow
47968Microsoft Multiple Products GDI+ WMF Image Handling Overflow
47967Microsoft Multiple Products GDI+ GIF Image Handling Arbitrary Code Execution
47966Microsoft Multiple Products GDI+ EMF File Handling Memory Corruption
47965Microsoft Multiple Products GDI+ VML Gradient Size Handling Overflow

Milw0rm Exploits

idDescription
2008-10-09MS Windows GDI+ Proof of Concept (MS08-052) #2
2008-09-28MS Internet Explorer GDI+ Proof of Concept (MS08-052)

OpenVAS Exploits

idDescription
2011-01-18Name : Microsoft Products GDI Plus Remote Code Execution Vulnerabilities (954593)
File : nvt/gb_ms08-052.nasl
2009-10-21Name : Microsoft Products GDI Plus Code Execution Vulnerabilities (957488)
File : nvt/secpod_ms09-062.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2009-A-0099Multiple Vulnerabilities in Microsoft GDI+
Severity : Category I - VMSKEY : V0021759
2008-T-0053WinZip gdiplus.dll Microsoft Module Unspecified Security Vulnerability
Severity : Category II - VMSKEY : V0017532

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2014-01-10Microsoft Multiple Products malformed PNG detected tEXt overflow attempt
RuleID : 6700 - Type : FILE-IMAGE - Revision : 19
2014-01-10Microsoft Windows Bitmap width integer overflow multipacket attempt
RuleID : 3634 - Type : WEB-CLIENT - Revision : 9
2014-01-10Microsoft Windows Bitmap width integer overflow attempt
RuleID : 3632 - Type : FILE-IMAGE - Revision : 19
2014-03-27Microsoft Multiple Products potentially malicious PNG detected - large or inv...
RuleID : 29945 - Type : EXPLOIT - Revision : 2
2014-03-27Microsoft Multiple Products potentially malicious PNG detected - large or inv...
RuleID : 29944 - Type : EXPLOIT - Revision : 2
Hide | Show 20 More...
DateDescription
2014-01-10Microsoft Multiple Products malformed PNG detected tEXt overflow attempt
RuleID : 26865 - Type : FILE-IMAGE - Revision : 3
2014-01-10Microsoft GDI EMF malformed file buffer overflow attempt
RuleID : 25502 - Type : FILE-MULTIMEDIA - Revision : 3
2014-01-10Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 23590 - Type : FILE-IMAGE - Revision : 4
2014-01-10Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 23589 - Type : FILE-IMAGE - Revision : 5
2014-01-10Microsoft Office Excel GDI+ Office Art Property Table remote code execution a...
RuleID : 23541 - Type : FILE-OFFICE - Revision : 3
2014-01-10Microsoft Office Word GDI+ Office Art Property Table remote code execution at...
RuleID : 23540 - Type : FILE-OFFICE - Revision : 3
2014-01-10Microsoft Office BMP header biClrUsed integer overflow attempt
RuleID : 23525 - Type : FILE-OFFICE - Revision : 3
2014-01-10Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 21160 - Type : FILE-IMAGE - Revision : 6
2014-01-10Microsoft Office BMP header biClrUsed integer overflow attempt
RuleID : 16361 - Type : FILE-OFFICE - Revision : 9
2014-01-10Microsoft Windows GDI+ TIFF RLE compressed data buffer overflow attempt
RuleID : 16327 - Type : OS-WINDOWS - Revision : 7
2014-01-10Microsoft Windows GDI+ interlaced PNG file parsing heap overflow attempt
RuleID : 16186 - Type : FILE-IMAGE - Revision : 11
2014-01-10Microsoft Windows GDI+ compressed TIFF file parsing remote code execution att...
RuleID : 16185 - Type : OS-WINDOWS - Revision : 7
2014-01-10Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 16184 - Type : FILE-IMAGE - Revision : 13
2014-01-10Microsoft Office Excel GDI+ Office Art Property Table remote code execution a...
RuleID : 16178 - Type : FILE-OFFICE - Revision : 11
2014-01-10Microsoft Office Word GDI+ Office Art Property Table remote code execution at...
RuleID : 16177 - Type : FILE-OFFICE - Revision : 11
2014-01-10GDI+ .NET image property parsing memory corruption
RuleID : 16154 - Type : WEB-CLIENT - Revision : 6
2014-01-10Microsoft Windows malformed WMF meta escape record memory corruption
RuleID : 16153 - Type : FILE-IMAGE - Revision : 11
2014-01-10Microsoft RSClientPrint ActiveX clsid unicode access
RuleID : 14636 - Type : WEB-ACTIVEX - Revision : 7
2014-01-10Microsoft RSClientPrint ActiveX clsid access
RuleID : 14635 - Type : BROWSER-PLUGINS - Revision : 12
2014-01-10Microsoft Windows GDI VML gradient size heap overflow attempt
RuleID : 14261 - Type : OS-WINDOWS - Revision : 13

Nessus® Vulnerability Scanner

idDescription
2014-03-10Name : Arbitrary code can be executed on the remote host through the Microsoft GDI r...
File : smb_kb957488.nasl - Type : ACT_GATHER_INFO
2009-10-15Name : Arbitrary code can be executed on the remote host through the Microsoft GDI r...
File : smb_nt_ms09-062.nasl - Type : ACT_GATHER_INFO
2008-09-10Name : Arbitrary code can be executed on the remote host through the Microsoft GDI r...
File : smb_nt_ms08-052.nasl - Type : ACT_GATHER_INFO