This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:microsoft:forefront_client_security:1.0 |
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2008-09-10 |
| Product | Forefront Client Security | Last view | 2009-10-14 |
| Version | 1.0 | Type | Application |
| Edition | |||
| Language | |||
| Update | |||
| CPE Product | cpe:/a:microsoft:forefront_client_security | ||
Activity : Yearly
Related : CVE
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 9.3 | 2009-10-14 | CVE-2009-3126 | Network | Medium | None Requ... | |
| 9.3 | 2009-10-14 | CVE-2009-2528 | Network | Medium | None Requ... | |
| 9.3 | 2009-10-14 | CVE-2009-2518 | Network | Medium | None Requ... | |
| 9.3 | 2009-10-14 | CVE-2009-2504 | Network | Medium | None Requ... | |
| 9.3 | 2009-10-14 | CVE-2009-2503 | Network | Medium | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 9.3 | 2009-10-14 | CVE-2009-2502 | Network | Medium | None Requ... | |
| 9.3 | 2009-10-14 | CVE-2009-2501 | Network | Medium | None Requ... | |
| 9.3 | 2009-10-14 | CVE-2009-2500 | Network | Medium | None Requ... | |
| 9.3 | 2008-09-10 | CVE-2008-3015 | Network | Medium | None Requ... | |
| 9.3 | 2008-09-10 | CVE-2008-3014 | Network | Medium | None Requ... | |
| 9.3 | 2008-09-10 | CVE-2008-3013 | Network | Medium | None Requ... | |
| 9.3 | 2008-09-10 | CVE-2008-3012 | Network | Medium | None Requ... | |
| 9.3 | 2008-09-10 | CVE-2007-5348 | Network | Medium | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 46% (6) | CWE-189 | Numeric Errors |
| 30% (4) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 15% (2) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 7% (1) | CWE-399 | Resource Management Errors |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:6055 | GDI+ VML Buffer Overrun Vulnerability |
| oval:org.mitre.oval:def:6040 | GDI+ EMF Memory Corruption Vulnerability |
| oval:org.mitre.oval:def:5986 | GDI+ GIF Parsing Vulnerability |
| oval:org.mitre.oval:def:6004 | GDI+ WMF Buffer Overrun Vulnerability |
| oval:org.mitre.oval:def:5881 | GDI+ BMP Integer Overflow Vulnerability |
| id | Name |
|---|---|
| oval:org.mitre.oval:def:5967 | GDI+ WMF Integer Overflow Vulnerability |
| oval:org.mitre.oval:def:5800 | GDI+ PNG Heap Overflow Vulnerability |
| oval:org.mitre.oval:def:5898 | GDI+ TIFF Buffer Overflow Vulnerability |
| oval:org.mitre.oval:def:6491 | GDI+ TIFF Buffer Overflow Vulnerability |
| oval:org.mitre.oval:def:6282 | GDI+ .NET API Vulnerability |
| oval:org.mitre.oval:def:6430 | Office BMP Integer Overflow Vulnerability |
| oval:org.mitre.oval:def:6426 | Memory Corruption Vulnerability |
| oval:org.mitre.oval:def:6134 | GDI+ PNG Integer Overflow Vulnerability |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 58870 | Microsoft Office BMP Image Color Processing Overflow |
| 58869 | Microsoft Office Malformed Object Handling Memory Corruption Arbitrary Code E... |
| 58868 | Microsoft Multiple Products GDI+ PNG Image Handling Integer Overflow |
| 58867 | Microsoft Multiple Products GDI+ .NET API Code Execution Privilege Escalation |
| 58866 | Microsoft Multiple Products GDI+ TIFF Image Handling Memory Corruption Arbitr... |
| id | Description |
|---|---|
| 58865 | Microsoft Multiple Products GDI+ TIFF Image Handling Overflow |
| 58864 | Microsoft Multiple Products GDI+ PNG Image Handling Heap Overflow |
| 58863 | Microsoft Multiple Products GDI+ WMF Image Handling Overflow |
| 47969 | Microsoft Multiple Products GDI+ BMP Integer Calculation Overflow |
| 47968 | Microsoft Multiple Products GDI+ WMF Image Handling Overflow |
| 47967 | Microsoft Multiple Products GDI+ GIF Image Handling Arbitrary Code Execution |
| 47966 | Microsoft Multiple Products GDI+ EMF File Handling Memory Corruption |
| 47965 | Microsoft Multiple Products GDI+ VML Gradient Size Handling Overflow |
Milw0rm Exploits
| id | Description |
|---|---|
| 2008-10-09 | MS Windows GDI+ Proof of Concept (MS08-052) #2 |
| 2008-09-28 | MS Internet Explorer GDI+ Proof of Concept (MS08-052) |
OpenVAS Exploits
| id | Description |
|---|---|
| 2011-01-18 | Name : Microsoft Products GDI Plus Remote Code Execution Vulnerabilities (954593) File : nvt/gb_ms08-052.nasl |
| 2009-10-21 | Name : Microsoft Products GDI Plus Code Execution Vulnerabilities (957488) File : nvt/secpod_ms09-062.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2009-A-0099 | Multiple Vulnerabilities in Microsoft GDI+ Severity : Category I - VMSKEY : V0021759 |
| 2008-T-0053 | WinZip gdiplus.dll Microsoft Module Unspecified Security Vulnerability Severity : Category II - VMSKEY : V0017532 |
