Executive Summary

Summary
TitleStorage Management Appliance (SMA), Microsoft Patch Applicability MS08-056 to MS08-066
Informations
NameHPSBST02379 SSRT080143First vendor Publication2008-10-20
VendorHPLast vendor Modification2008-10-20
Severity (Vendor) N/ARevision1

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score10Attack RangeNetwork
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.

Original Source

Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01579861

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-3Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-7Blind SQL Injection
CAPEC-8Buffer Overflow in an API Call
CAPEC-9Buffer Overflow in Local Command-Line Utilities
CAPEC-10Buffer Overflow via Environment Variables
CAPEC-13Subverting Environment Variable Values
CAPEC-14Client-side Injection-induced Buffer Overflow
CAPEC-18Embedding Scripts in Nonscript Elements
CAPEC-22Exploiting Trust in Client (aka Make the Client Invisible)
CAPEC-24Filter Failure through Buffer Overflow
CAPEC-26Leveraging Race Conditions
CAPEC-28Fuzzing
CAPEC-29Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
CAPEC-31Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-32Embedding Scripts in HTTP Query Strings
CAPEC-42MIME Conversion
CAPEC-43Exploiting Multiple Input Interpretation Layers
CAPEC-45Buffer Overflow via Symbolic Links
CAPEC-46Overflow Variables and Tags
CAPEC-47Buffer Overflow via Parameter Expansion
CAPEC-52Embedding NULL Bytes
CAPEC-53Postfix, Null Terminate, and Backslash
CAPEC-63Simple Script Injection
CAPEC-64Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-66SQL Injection
CAPEC-67String Format Overflow in syslog()
CAPEC-71Using Unicode Encoding to Bypass Validation Logic
CAPEC-72URL Encoding
CAPEC-73User-Controlled Filename
CAPEC-78Using Escaped Slashes in Alternate Encoding
CAPEC-79Using Slashes in Alternate Encoding
CAPEC-80Using UTF-8 Encoding to Bypass Validation Logic
CAPEC-81Web Logs Tampering
CAPEC-83XPath Injection
CAPEC-85Client Network Footprinting (using AJAX/XSS)
CAPEC-86Embedding Script (XSS ) in HTTP Headers
CAPEC-88OS Command Injection
CAPEC-91XSS in IMG Tags
CAPEC-99XML Parser Attack
CAPEC-101Server Side Include (SSI) Injection
CAPEC-104Cross Zone Scripting
CAPEC-106Cross Site Scripting through Log Files
CAPEC-108Command Line Execution through SQL Injection
CAPEC-109Object Relational Mapping Injection
CAPEC-110SQL Injection through SOAP Parameter Tampering
CAPEC-171Variable Manipulation
CAPEC-172Time and State Attacks

CWE : Common Weakness Enumeration

idName
CWE-20Improper Input Validation
CWE-665Improper Initialization
CWE-399Resource Management Errors
CWE-264Permissions, Privileges, and Access Controls
CWE-189Numeric Errors
CWE-287Improper Authentication
CWE-200Information Exposure
CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
CWE-20Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:5764
 
Oval ID: oval:org.mitre.oval:def:5764
Title: Integer Overflow in IPP Service Vulnerability
Description: Integer overflow in the Internet Printing Protocol (IPP) ISAPI extension in Microsoft Internet Information Services (IIS) 5.0 through 7.0 on Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to execute arbitrary code via an HTTP POST request that triggers an outbound IPP connection from a web server to a machine operated by the attacker, aka "Integer Overflow in IPP Service Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-1446
Version: 4
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5902
 
Oval ID: oval:org.mitre.oval:def:5902
Title: Windows Kernel Window Creation Vulnerability
Description: The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate window properties sent from a parent window to a child window during creation of a new window, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Window Creation Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-2250
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6010
 
Oval ID: oval:org.mitre.oval:def:6010
Title: Windows Kernel Unhandled Exception Vulnerability
Description: Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows local users to gain privileges via a crafted application that makes system calls within multiple threads, aka "Windows Kernel Unhandled Exception Vulnerability." NOTE: according to Microsoft, this is not a duplicate of CVE-2008-4510.
Family: windows Class: vulnerability
Reference(s): CVE-2008-2251
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6045
 
Oval ID: oval:org.mitre.oval:def:6045
Title: Windows Kernel Memory Corruption Vulnerability
Description: The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate parameters sent from user mode to the kernel, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-2252
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5901
 
Oval ID: oval:org.mitre.oval:def:5901
Title: Window Location Property Cross-Domain Vulnerability
Description: Cross-domain vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 7 allows remote attackers to access restricted information from other domains via JavaScript that uses the Object data type for the value of a (1) location or (2) location.href property, related to incorrect determination of the origin of web script, aka "Window Location Property Cross-Domain Vulnerability." NOTE: according to Microsoft, CVE-2008-2948 and CVE-2008-2949 are duplicates of this issue, probably different attack vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2008-2947
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5825
 
Oval ID: oval:org.mitre.oval:def:5825
Title: Messaging Queue Service Remote Code Execution Vulnerability
Description: afd.sys in the Ancillary Function Driver (AFD) component in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP1 and SP2 does not properly validate input sent from user mode to the kernel, which allows local users to gain privileges via a crafted application, as demonstrated using crafted pointers and lengths that bypass intended ProbeForRead and ProbeForWrite restrictions, aka "AFD Kernel Overwrite Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-3464
Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6075
 
Oval ID: oval:org.mitre.oval:def:6075
Title: HIS Command Execution Vulnerability
Description: Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using opcode 1 or 6 to call the CreateProcess function, aka "HIS Command Execution Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-3466
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Product(s): Microsoft Host Integration Server 2000
Microsoft Host Integration Server 2004 Client
Microsoft Host Integration Server 2004
Microsoft Host Integration Server 2006
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5750
 
Oval ID: oval:org.mitre.oval:def:5750
Title: File Format Parsing Vulnerability
Description: Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via a BIFF file with a malformed record that triggers a user-influenced size calculation, aka "File Format Parsing Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-3471
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Excel 2000
Microsoft Excel 2002
Microsoft Excel 2003
Microsoft Excel 2007
Microsoft Office Excel Viewer 2003
Microsoft Office Excel Viewer 2007
Microsoft Office Compatibility Pack
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12364
 
Oval ID: oval:org.mitre.oval:def:12364
Title: Information disclosure vulnerability in Internet Explorer due to HTML element
Description: Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origin of web script, which allows remote attackers to bypass the intended cross-domain security policy, and execute arbitrary code or obtain sensitive information, via a crafted HTML document, aka "HTML Element Cross-Domain Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-3472
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13255
 
Oval ID: oval:org.mitre.oval:def:13255
Title: Information disclosure vulnerability in Internet Explorer due to improper event-handling
Description: Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origin of web script, which allows remote attackers to bypass the intended cross-domain security policy, and execute arbitrary code or obtain sensitive information, via a crafted HTML document, aka "Event Handling Cross-Domain Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-3473
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13299
 
Oval ID: oval:org.mitre.oval:def:13299
Title: Cross-Domain Information Disclosure Vulnerability in Internet Explorer
Description: Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origin of web script, which allows remote attackers to bypass the intended cross-domain security policy and obtain sensitive information via a crafted HTML document, aka "Cross-Domain Information Disclosure Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-3474
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13151
 
Oval ID: oval:org.mitre.oval:def:13151
Title: Uninitialized Memory Corruption Vulnerability in Internet Explorer
Description: Microsoft Internet Explorer 6 does not properly handle errors related to using the componentFromPoint method on xml objects that have been (1) incorrectly initialized or (2) deleted, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "Uninitialized Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-3475
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Internet Explorer 6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13344
 
Oval ID: oval:org.mitre.oval:def:13344
Title: HTML Objects Memory Corruption Vulnerability in Internet Explorer
Description: Microsoft Internet Explorer 5.01 SP4 and 6 does not properly handle errors associated with access to uninitialized memory, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "HTML Objects Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-3476
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5870
 
Oval ID: oval:org.mitre.oval:def:5870
Title: Calendar Object Validation Vulnerability
Description: Microsoft Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3 does not properly validate data in the VBA Performance Cache when processing an Office document with an embedded object, which allows remote attackers to execute arbitrary code via an Excel file containing a crafted value, leading to heap-based buffer overflows, integer overflows, array index errors, and memory corruption, aka "Calendar Object Validation Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-3477
Version: 4
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Excel 2000
Microsoft Excel 2002
Microsoft Excel 2003
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5998
 
Oval ID: oval:org.mitre.oval:def:5998
Title: Messaging Queue Service Remote Code Execution Vulnerability
Description: Heap-based buffer overflow in the Microsoft Message Queuing (MSMQ) service (mqsvc.exe) in Microsoft Windows 2000 SP4 allows remote attackers to read memory contents and execute arbitrary code via a crafted RPC call, related to improper processing of parameters to string APIs, aka "Message Queuing Service Remote Code Execution Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-3479
Version: 1
Platform(s): Microsoft Windows 2000
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6102
 
Oval ID: oval:org.mitre.oval:def:6102
Title: Formula Parsing Vulnerability
Description: Integer overflow in the REPT function in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office SharePoint Server 2007 Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file containing a formula within a cell, aka "Formula Parsing Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-4019
Version: 10
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Excel 2000
Microsoft Excel 2002
Microsoft Excel 2003
Microsoft Excel 2007
Microsoft Office Excel Viewer 2003
Microsoft Office Excel Viewer 2007
Microsoft Office SharePoint Server 2007
Microsoft Office Compatibility Pack
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5969
 
Oval ID: oval:org.mitre.oval:def:5969
Title: Vulnerability in Content-Disposition Header Vulnerability
Description: Cross-site scripting (XSS) vulnerability in Microsoft Office XP SP3 allows remote attackers to inject arbitrary web script or HTML via a document that contains a "Content-Disposition: attachment" header and is accessed through a cdo: URL, which renders the content instead of raising a File Download dialog box, aka "Vulnerability in Content-Disposition Header Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-4020
Version: 2
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Product(s): Microsoft Office XP
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6107
 
Oval ID: oval:org.mitre.oval:def:6107
Title: Active Directory Overflow Vulnerability
Description: Active Directory in Microsoft Windows 2000 SP4 does not properly allocate memory for (1) LDAP and (2) LDAPS requests, which allows remote attackers to execute arbitrary code via a crafted request, aka "Active Directory Overflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-4023
Version: 1
Platform(s): Microsoft Windows 2000
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5343
 
Oval ID: oval:org.mitre.oval:def:5343
Title: Virtual Address Descriptor Elevation of Privilege Vulnerability (MS08-064)
Description: Integer overflow in Memory Manager in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows local users to gain privileges via a crafted application that triggers an erroneous decrement of a variable, related to validation of parameters for Virtual Address Descriptors (VADs) and a "memory allocation mapping error," aka "Virtual Address Descriptor Elevation of Privilege Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-4036
Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5787
 
Oval ID: oval:org.mitre.oval:def:5787
Title: SMB Buffer Underflow Vulnerability
Description: Buffer underflow in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a Server Message Block (SMB) request that contains a filename with a crafted length, aka "SMB Buffer Underflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-4038
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application7
Application1
Application3
Application5
Application4
Application8
Application2
Application3
Application4
Os1
Os6
Os6
Os4
Os4
Os6

SAINT Exploits

DescriptionLink
Microsoft Host Integration Server SNA RPC authentication bypassMore info here
Microsoft Excel formula parsing integer overflowMore info here

OpenVAS Exploits

DateDescription
2010-06-09Name : Message Queuing Remote Code Execution Vulnerability (951071) - Remote
File : nvt/secpod_ms08-065_remote.nasl
2008-10-15Name : Microsoft Office nformation Disclosure Vulnerability (957699)
File : nvt/secpod_ms08-056_900047.nasl
2008-10-15Name : Microsoft Excel Remote Code Execution Vulnerability (956416)
File : nvt/secpod_ms08-057_900048.nasl
2008-10-15Name : Cumulative Security Update for Internet Explorer (956390)
File : nvt/secpod_ms08-058_900054.nasl
2008-10-15Name : Host Integration Server RPC Service Remote Code Execution Vulnerability (956695)
File : nvt/secpod_ms08-059_900049.nasl
2008-10-15Name : Active Directory Could Allow Remote Code Execution Vulnerability (957280)
File : nvt/secpod_ms08-060_900050.nasl
2008-10-15Name : Windows Kernel Elevation of Privilege Vulnerability (954211)
File : nvt/secpod_ms08-061_900051.nasl
2008-10-15Name : Windows Internet Printing Service Allow Remote Code Execution Vulnerability (...
File : nvt/secpod_ms08-062_900052.nasl
2008-10-15Name : SMB Remote Code Execution Vulnerability (957095)
File : nvt/secpod_ms08-063_900053.nasl
2008-10-15Name : Virtual Address Descriptor Manipulation Elevation of Privilege Vulnerability ...
File : nvt/secpod_ms08-064_900225.nasl
2008-10-15Name : Message Queuing Remote Code Execution Vulnerability (951071)
File : nvt/secpod_ms08-065_900224.nasl
2008-10-15Name : Microsoft Ancillary Function Driver Elevation of Privilege Vulnerability (956...
File : nvt/secpod_ms08-066_900223.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
49118Microsoft IE HTML Object Handling Memory Corruption
49117Microsoft IE componentFromPoint Unitialized Memory Corruption
49116Microsoft IE Unspecified Cross-domain Information Disclosure
49115Microsoft IE Unspecified Cross-domain Arbitrary Script Execution
49114Microsoft IE Unspecified HTML Element Cross-Domain Code Execution
49113Microsoft IE Window Location Property Cross-Domain Code Execution
49078Microsoft Excel Embedded Formula Parsing Arbitrary Code Execution
49077Microsoft Excel Calendar Object Validation VBA Performance Cache Processing A...
49076Microsoft Excel BIFF File Malformed Object Handling Arbitrary Code Execution
49068Microsoft Host Integration Server (HIS) SNA RPC Request Remote Overflow
49061Microsoft Windows Ancillary Function Driver (afd.sys) Local Privilege Escalation
49060Microsoft Windows Message Queuing Service RPC Request Handling Remote Code Ex...
49059Microsoft IIS IPP Service Unspecified Remote Overflow
49058Microsoft Windows Active Directory LDAP(S) Request Handling Remote Overflow
49057Microsoft Windows SMB File Name Handling Remote Underflow
49056Microsoft Windows Kernel Memory Corruption Local Privilege Escalation
49055Microsoft Windows Kernel New Window Creation Process Arbitrary Code Execution
49054Microsoft Windows Kernel Double-free Unspecified Local Privilege Escalation
49053Microsoft Windows Virtual Address Descriptors (VAD) Local Privilege Escalation
49052Microsoft Office CDO Protocol (cdo:) Content-Disposition: Attachment Header XSS
46630Microsoft IE location Window Object Handling XSS

Information Assurance Vulnerability Management (IAVM)

DateDescription
2009-07-02IAVM : 2009-A-0049 - Microsoft Windows AFD Driver Local Privilege Escalation Vulnerability
Severity : Category I - VMSKEY : V0019589
2008-10-16IAVM : 2008-T-0055 - Microsoft Office Information Disclosure Vulnerability
Severity : Category II - VMSKEY : V0017779
2008-10-16IAVM : 2008-T-0056 - Microsoft Message Queuing Service Remote Code Execution Vulnerability
Severity : Category I - VMSKEY : V0017781
2008-10-16IAVM : 2008-B-0075 - Microsoft Internet Printing Service Remote Code Execution Vulnerability
Severity : Category I - VMSKEY : V0017793
2008-10-16IAVM : 2008-B-0074 - Microsoft Host Integration Server RPC Service Remote Code Execution Vulnerabi...
Severity : Category I - VMSKEY : V0017794

Snort® IPS/IDS

DateDescription
2014-01-10Microsoft Office Excel invalid FRTWrapper record buffer overflow attempt
RuleID : 26175 - Revision : 3 - Type : FILE-OFFICE
2014-01-10Microsoft Office Excel FRTWrapper record buffer overflow attempt
RuleID : 26174 - Revision : 3 - Type : FILE-OFFICE
2014-01-10SMB Trans2 Find_First2 filename overflow attempt
RuleID : 21529 - Revision : 7 - Type : OS-WINDOWS
2014-01-10Microsoft Office Excel REPT integer underflow attempt
RuleID : 17734 - Revision : 8 - Type : FILE-OFFICE
2014-01-10Microsoft Office Excel FRTWrapper record buffer overflow attempt
RuleID : 16800 - Revision : 13 - Type : FILE-OFFICE
2014-01-10DCERPC NCACN-IP-TCP host-integration bind attempt
RuleID : 14737 - Revision : 11 - Type : OS-WINDOWS
2014-01-10DCERPC NCADG-IP-UDP mqqm QMGetRemoteQueueName overflow attempt
RuleID : 14726 - Revision : 12 - Type : OS-WINDOWS
2014-01-10DCERPC NCACN-IP-TCP mqqm QMGetRemoteQueueName overflow attempt
RuleID : 14725 - Revision : 13 - Type : OS-WINDOWS
2014-01-10SMB spoolss EnumJobs response WriteAndX unicode andx attempt
RuleID : 14724 - Revision : 12 - Type : NETBIOS
2014-01-10SMB spoolss EnumJobs response WriteAndX andx attempt
RuleID : 14723 - Revision : 12 - Type : NETBIOS
2014-01-10SMB spoolss EnumJobs response unicode andx attempt
RuleID : 14722 - Revision : 12 - Type : NETBIOS
2014-01-10SMB spoolss EnumJobs response andx attempt
RuleID : 14721 - Revision : 12 - Type : NETBIOS
2014-01-10SMB spoolss EnumJobs response WriteAndX little endian andx attempt
RuleID : 14720 - Revision : 12 - Type : NETBIOS
2014-01-10SMB spoolss EnumJobs response little endian andx attempt
RuleID : 14719 - Revision : 12 - Type : NETBIOS
2014-01-10SMB spoolss EnumJobs response unicode little endian andx attempt
RuleID : 14718 - Revision : 12 - Type : NETBIOS
2014-01-10SMB spoolss EnumJobs response WriteAndX unicode little endian andx attempt
RuleID : 14717 - Revision : 12 - Type : NETBIOS
2014-01-10SMB spoolss EnumJobs response WriteAndX unicode attempt
RuleID : 14716 - Revision : 10 - Type : NETBIOS
2014-01-10SMB spoolss EnumJobs response WriteAndX attempt
RuleID : 14715 - Revision : 10 - Type : NETBIOS
2014-01-10SMB spoolss EnumJobs response unicode attempt
RuleID : 14714 - Revision : 10 - Type : NETBIOS
2014-01-10SMB spoolss EnumJobs response attempt
RuleID : 14713 - Revision : 10 - Type : NETBIOS
2014-01-10SMB spoolss EnumJobs response WriteAndX little endian attempt
RuleID : 14712 - Revision : 10 - Type : NETBIOS
2014-01-10SMB spoolss EnumJobs response little endian attempt
RuleID : 14711 - Revision : 10 - Type : NETBIOS
2014-01-10DCERPC NCACN-IP-TCP spoolss EnumJobs attempt
RuleID : 14710 - Revision : 16 - Type : OS-WINDOWS
2014-01-10SMB spoolss EnumJobs response WriteAndX unicode little endian attempt
RuleID : 14709 - Revision : 10 - Type : NETBIOS
2014-01-10DCERPC NCACN-IP-TCP spoolss EnumJobs attempt
RuleID : 14661 - Revision : 17 - Type : NETBIOS
2014-01-10Microsoft Internet Explorer cross domain componentFromPoint memory corruption...
RuleID : 14657 - Revision : 10 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer XSS mouseevent PII disclosure attempt
RuleID : 14656 - Revision : 12 - Type : BROWSER-IE
2014-01-10Excel rept integer underflow attempt
RuleID : 14655 - Revision : 8 - Type : WEB-CLIENT
2014-01-10SMB Search unicode andx Search filename size integer underflow attempt
RuleID : 14654 - Revision : 12 - Type : OS-WINDOWS
2014-01-10SMB Search andx Search filename size integer underflow attempt
RuleID : 14653 - Revision : 12 - Type : OS-WINDOWS
2014-01-10SMB Search unicode andx Search filename size integer underflow attempt
RuleID : 14652 - Revision : 9 - Type : OS-WINDOWS
2014-01-10SMB Search andx Search filename size integer underflow attempt
RuleID : 14651 - Revision : 9 - Type : OS-WINDOWS
2014-01-10SMB Search unicode Search filename size integer underflow attempt
RuleID : 14650 - Revision : 10 - Type : OS-WINDOWS
2014-01-10SMB Search Search filename size integer underflow attempt
RuleID : 14649 - Revision : 11 - Type : OS-WINDOWS
2014-01-10SMB Search unicode Search filename size integer underflow attempt
RuleID : 14648 - Revision : 9 - Type : OS-WINDOWS
2014-01-10SMB Search Search filename size integer underflow attempt
RuleID : 14647 - Revision : 9 - Type : OS-WINDOWS
2014-01-10Active Directory malformed baseObject denial of service attempt
RuleID : 14646 - Revision : 5 - Type : DOS
2014-01-10Microsoft Internet Explorer cross domain setExpression exploit attempt
RuleID : 14645 - Revision : 14 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer cross domain unfocusable HTML element
RuleID : 14644 - Revision : 14 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer location and location.href cross domain security ...
RuleID : 14643 - Revision : 10 - Type : BROWSER-IE
2014-01-10Microsoft Office Excel file with embedded ActiveX control
RuleID : 14642 - Revision : 13 - Type : FILE-OFFICE
2014-01-10Microsoft Office Excel invalid FRTWrapper record buffer overflow attempt
RuleID : 14641 - Revision : 17 - Type : FILE-OFFICE

Metasploit Database

idDescription
2008-10-14 Microsoft Host Integration Server 2006 Command Execution Vulnerability

Nessus® Vulnerability Scanner

DateDescription
2010-10-20Name : Arbitrary code can be executed on the remote host through Microsoft Excel.
File : macosx_ms08-057.nasl - Type : ACT_GATHER_INFO
2008-10-15Name : The remote installation of Microsoft Office is vulnerable to an information d...
File : smb_nt_ms08-056.nasl - Type : ACT_GATHER_INFO
2008-10-15Name : Arbitrary code can be executed on the remote host through Microsoft Excel.
File : smb_nt_ms08-057.nasl - Type : ACT_GATHER_INFO
2008-10-15Name : Arbitrary code can be executed on the remote host through the web client.
File : smb_nt_ms08-058.nasl - Type : ACT_GATHER_INFO
2008-10-15Name : Arbitrary code can be executed on the remote host through Host Integration Se...
File : smb_nt_ms08-059.nasl - Type : ACT_GATHER_INFO
2008-10-15Name : It is possible to execute arbitrary code through Active Directory on the remo...
File : smb_nt_ms08-060.nasl - Type : ACT_GATHER_INFO
2008-10-15Name : A local user can elevate his privileges on the remote host.
File : smb_nt_ms08-061.nasl - Type : ACT_GATHER_INFO
2008-10-15Name : It is possible to execute arbitrary code on the remote host via the internet ...
File : smb_nt_ms08-062.nasl - Type : ACT_GATHER_INFO
2008-10-15Name : It is possible to crash the remote host due to a flaw in the 'server' service.
File : smb_nt_ms08-063.nasl - Type : ACT_GATHER_INFO
2008-10-15Name : A local user can elevate privileges on the remote host.
File : smb_nt_ms08-064.nasl - Type : ACT_GATHER_INFO
2008-10-15Name : Arbitrary code can be executed on the remote host.
File : smb_nt_ms08-065.nasl - Type : ACT_GATHER_INFO
2008-10-15Name : A local user can elevate privileges on the remote host.
File : smb_nt_ms08-066.nasl - Type : ACT_GATHER_INFO
2008-10-15Name : Arbitrary code can be executed on the remote host.
File : smb_kb951071.nasl - Type : ACT_GATHER_INFO
2008-10-15Name : Arbitrary code can be executed on the remote host through Host Integration Se...
File : smb_kb956695.nasl - Type : ACT_GATHER_INFO