This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
Summuary | |
---|---|
CPE Name | cpe:/a:microsoft:forefront_client_security:1.0 |
Detail | |||
---|---|---|---|
Vendor | Microsoft | First view | 2008-09-10 |
Product | Forefront Client Security | Last view | 2009-10-14 |
Version | 1.0 | Type | Application |
Edition | |||
Language | |||
Update | |||
CPE Product | cpe:/a:microsoft:forefront_client_security |
Activity : Overall
Related : CVE
Date | Alert | Access Vector | Access Complexity | Authentication | ||
---|---|---|---|---|---|---|
9.3 | 2009-10-14 | CVE-2009-3126 | Network | Medium | None Requ... | |
9.3 | 2009-10-14 | CVE-2009-2528 | Network | Medium | None Requ... | |
9.3 | 2009-10-14 | CVE-2009-2504 | Network | Medium | None Requ... | |
9.3 | 2009-10-14 | CVE-2009-2503 | Network | Medium | None Requ... | |
9.3 | 2009-10-14 | CVE-2009-2502 | Network | Medium | None Requ... | |
Date | Alert | Access Vector | Access Complexity | Authentication | ||
---|---|---|---|---|---|---|
9.3 | 2009-10-14 | CVE-2009-2501 | Network | Medium | None Requ... | |
9.3 | 2009-10-14 | CVE-2009-2500 | Network | Medium | None Requ... | |
9.3 | 2008-09-10 | CVE-2008-3015 | Network | Medium | None Requ... | |
9.3 | 2008-09-10 | CVE-2008-3014 | Network | Medium | None Requ... | |
9.3 | 2008-09-10 | CVE-2008-3013 | Network | Medium | None Requ... | |
9.3 | 2008-09-10 | CVE-2008-3012 | Network | Medium | None Requ... | |
9.3 | 2008-09-10 | CVE-2007-5348 | Network | Medium | None Requ... |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
41% (5) | CWE-189 | Numeric Errors |
33% (4) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
16% (2) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
8% (1) | CWE-399 | Resource Management Errors |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:5986 | GDI+ GIF Parsing Vulnerability |
oval:org.mitre.oval:def:6491 | GDI+ TIFF Buffer Overflow Vulnerability |
oval:org.mitre.oval:def:6134 | GDI+ PNG Integer Overflow Vulnerability |
oval:org.mitre.oval:def:5800 | GDI+ PNG Heap Overflow Vulnerability |
oval:org.mitre.oval:def:5881 | GDI+ BMP Integer Overflow Vulnerability |
id | Name |
---|---|
oval:org.mitre.oval:def:6004 | GDI+ WMF Buffer Overrun Vulnerability |
oval:org.mitre.oval:def:5967 | GDI+ WMF Integer Overflow Vulnerability |
oval:org.mitre.oval:def:5898 | GDI+ TIFF Buffer Overflow Vulnerability |
oval:org.mitre.oval:def:6040 | GDI+ EMF Memory Corruption Vulnerability |
oval:org.mitre.oval:def:6282 | GDI+ .NET API Vulnerability |
oval:org.mitre.oval:def:6055 | GDI+ VML Buffer Overrun Vulnerability |
oval:org.mitre.oval:def:6426 | Memory Corruption Vulnerability |
SAINT Exploits
Description | Link |
---|---|
Microsoft Office Art Property Table Memory Corruption | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
58869 | Microsoft Office Malformed Object Handling Memory Corruption Arbitrary Code E... |
58868 | Microsoft Multiple Products GDI+ PNG Image Handling Integer Overflow |
58867 | Microsoft Multiple Products GDI+ .NET API Code Execution Privilege Escalation |
58866 | Microsoft Multiple Products GDI+ TIFF Image Handling Memory Corruption Arbitr... |
58865 | Microsoft Multiple Products GDI+ TIFF Image Handling Overflow |
id | Description |
---|---|
58864 | Microsoft Multiple Products GDI+ PNG Image Handling Heap Overflow |
58863 | Microsoft Multiple Products GDI+ WMF Image Handling Overflow |
47969 | Microsoft Multiple Products GDI+ BMP Integer Calculation Overflow |
47968 | Microsoft Multiple Products GDI+ WMF Image Handling Overflow |
47967 | Microsoft Multiple Products GDI+ GIF Image Handling Arbitrary Code Execution |
47966 | Microsoft Multiple Products GDI+ EMF File Handling Memory Corruption |
47965 | Microsoft Multiple Products GDI+ VML Gradient Size Handling Overflow |
OpenVAS Exploits
id | Description |
---|---|
2011-01-18 | Name : Microsoft Products GDI Plus Remote Code Execution Vulnerabilities (954593) File : nvt/gb_ms08-052.nasl |
2009-10-21 | Name : Microsoft Products GDI Plus Code Execution Vulnerabilities (957488) File : nvt/secpod_ms09-062.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2009-A-0099 | Multiple Vulnerabilities in Microsoft GDI+ Severity : Category I - VMSKEY : V0021759 |
2008-T-0053 | WinZip gdiplus.dll Microsoft Module Unspecified Security Vulnerability Severity : Category II - VMSKEY : V0017532 |
Snort® IPS/IDS
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date | Description |
---|---|
2014-01-10 | Microsoft Multiple Products malformed PNG detected tEXt overflow attempt RuleID : 6700 - Type : FILE-IMAGE - Revision : 20 |
2017-08-23 | Microsoft Internet Explorer GDI VML gradient size heap overflow attempt RuleID : 43622 - Type : BROWSER-IE - Revision : 1 |
2016-03-14 | Microsoft Windows malformed WMF meta escape record memory corruption attempt RuleID : 36856 - Type : FILE-IMAGE - Revision : 1 |
2014-01-10 | Microsoft Windows Bitmap width integer overflow multipacket attempt RuleID : 3634 - Type : WEB-CLIENT - Revision : 9 |
2014-01-10 | Microsoft Windows Bitmap width integer overflow attempt RuleID : 3632 - Type : FILE-IMAGE - Revision : 25 |
Date | Description |
---|---|
2015-10-01 | Microsoft Windows Bitmap width integer overflow attempt RuleID : 35848 - Type : FILE-IMAGE - Revision : 3 |
2015-03-19 | Microsoft Windows GDI+ TIFF file parsing heap overflow attempt RuleID : 33518 - Type : FILE-IMAGE - Revision : 1 |
2015-03-19 | Microsoft Windows GDI+ TIFF file parsing heap overflow attempt RuleID : 33517 - Type : FILE-IMAGE - Revision : 1 |
2015-03-19 | Microsoft Windows GDI+ TIFF file parsing heap overflow attempt RuleID : 33516 - Type : FILE-IMAGE - Revision : 1 |
2015-03-19 | Microsoft Windows GDI+ TIFF file parsing heap overflow attempt RuleID : 33515 - Type : FILE-IMAGE - Revision : 1 |
2015-01-15 | Microsoft Windows GDI+ TIFF file parsing heap overflow attempt RuleID : 32833 - Type : FILE-IMAGE - Revision : 1 |
2015-01-15 | Microsoft Windows GDI+ TIFF file parsing heap overflow attempt RuleID : 32832 - Type : FILE-IMAGE - Revision : 1 |
2015-01-15 | Microsoft Windows GDI+ TIFF file parsing heap overflow attempt RuleID : 32831 - Type : FILE-IMAGE - Revision : 1 |
2015-01-15 | Microsoft Windows GDI+ TIFF file parsing heap overflow attempt RuleID : 32830 - Type : FILE-IMAGE - Revision : 1 |
2015-01-15 | Microsoft Windows GDI+ TIFF file parsing heap overflow attempt RuleID : 32829 - Type : FILE-IMAGE - Revision : 1 |
2015-01-15 | Microsoft Windows GDI+ TIFF file parsing heap overflow attempt RuleID : 32828 - Type : FILE-IMAGE - Revision : 1 |
2014-03-27 | Microsoft Multiple Products potentially malicious PNG detected - large or inv... RuleID : 29945 - Type : FILE-IMAGE - Revision : 4 |
2014-03-27 | Microsoft Multiple Products potentially malicious PNG detected - large or inv... RuleID : 29944 - Type : FILE-IMAGE - Revision : 4 |
2014-01-10 | Microsoft Multiple Products malformed PNG detected tEXt overflow attempt RuleID : 26865 - Type : FILE-IMAGE - Revision : 4 |
2014-01-10 | Microsoft GDI EMF malformed file buffer overflow attempt RuleID : 25502 - Type : FILE-MULTIMEDIA - Revision : 4 |
2014-01-10 | Microsoft Windows GDI+ TIFF file parsing heap overflow attempt RuleID : 23590 - Type : FILE-IMAGE - Revision : 5 |
2014-01-10 | Microsoft Windows GDI+ TIFF file parsing heap overflow attempt RuleID : 23589 - Type : FILE-IMAGE - Revision : 6 |
2014-01-10 | Microsoft Office Excel GDI+ Office Art Property Table remote code execution a... RuleID : 23541 - Type : FILE-OFFICE - Revision : 3 |
2014-01-10 | Microsoft Office Word GDI+ Office Art Property Table remote code execution at... RuleID : 23540 - Type : FILE-OFFICE - Revision : 3 |
2014-01-10 | Microsoft Windows GDI+ TIFF file parsing heap overflow attempt RuleID : 21160 - Type : FILE-IMAGE - Revision : 7 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2014-03-10 | Name : Arbitrary code can be executed on the remote host through the Microsoft GDI r... File : smb_kb957488.nasl - Type : ACT_GATHER_INFO |
2009-10-15 | Name : Arbitrary code can be executed on the remote host through the Microsoft GDI r... File : smb_nt_ms09-062.nasl - Type : ACT_GATHER_INFO |
2008-09-10 | Name : Arbitrary code can be executed on the remote host through the Microsoft GDI r... File : smb_nt_ms08-052.nasl - Type : ACT_GATHER_INFO |