9.3 - TA09-041A

Executive Summary

Summary
Title	Microsoft Updates for Multiple Vulnerabilities

Informations
Name	TA09-041A	First vendor Publication	2009-02-10
Vendor	US-CERT	Last vendor Modification	2009-02-10
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score	9.3	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Microsoft has released updates that address vulnerabilities in Microsoft Windows and Windows Server.

I. Description

As part of the Microsoft Security Bulletin Summary for February
2009, Microsoft released updates to address vulnerabilities that affect Microsoft Windows, Internet Explorer, Exchange Server, SQL Server, Office, and other related components.

II. Impact

A remote, unauthenticated attacker could gain elevated privileges, execute arbitrary code or cause a vulnerable application to crash.

III. Solution

Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for February 2009. The security bulletin describes any known issues related to the updates.
Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS).

Original Source

Url : http://www.us-cert.gov/cas/techalerts/TA09-041A.html

CWE : Common Weakness Enumeration

%	Id	Name
75 %	CWE-399	Resource Management Errors
12 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
12 %	CWE-20	Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:6000

Oval ID:	oval:org.mitre.oval:def:6000
Title:	Uninitialized Memory Corruption Vulnerability
Description:	Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to CFunctionPointer and the appending of document objects, aka "Uninitialized Memory Corruption Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-0075	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008	Product(s):	Microsoft Internet Explorer
Definition Synopsis:
IE7/XP Microsoft Windows XP is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is less than 7.0.6000.16809 OR IE7/Server 2003 (32-bit) Microsoft Windows Server 2003 (32-bit) is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is less than 7.0.6000.16809 OR Mshtml.dll/Vista (32-bit) Microsoft Windows Vista (32-bit) is installed AND Mshtml.dll version is greater than 7.0.6000.16000 AND Mshtml.dll version is less than 7.0.6000.16809 OR Mshtml.dll/Vista (32-bit) Microsoft Windows Vista (32-bit) is installed AND Mshtml.dll version is greater than 7.0.6000.20000 AND Mshtml.dll version is less than 7.0.6000.20996 OR Mshtml.dll/Vista (32-bit) Microsoft Windows Vista (32-bit) is installed AND Mshtml.dll version is greater than 7.0.6001.16000 AND Mshtml.dll version is less than 7.0.6001.18203 OR Mshtml.dll/Vista (32-bit) Microsoft Windows Vista (32-bit) is installed AND Mshtml.dll version is greater than 7.0.6001.20000 AND Mshtml.dll version is less than 7.0.6001.22355 OR Mshtml.dll/Server 2008 (32-bit) Microsoft Windows Server 2008 (32-bit) is installed AND Mshtml.dll version is greater than 7.0.6001.16000 AND Mshtml.dll version is less than 7.0.6001.18203 OR Mshtml.dll/Server 2008 (32-bit) Microsoft Windows Server 2008 (32-bit) is installed AND Mshtml.dll version is greater than 7.0.6001.20000 AND Mshtml.dll version is less than 7.0.6001.22355 OR IE7/XP x86/x64 XP x64/Server 2003 x64 Microsoft Windows XP x64 is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.16000 AND Mshtml.dll version is less than 7.0.6000.16809 OR IE7/XP x64/Server 2003 x64 XP x64/Server 2003 x64 Microsoft Windows XP x64 is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.20000 AND Mshtml.dll version is less than 7.0.6000.20996 OR IE7/Vista x64 Microsoft Windows Vista x64 Edition is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.16000 AND Mshtml.dll version is less than 7.0.6000.16809 OR IE7/Vista x64 Microsoft Windows Vista x64 Edition is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.20000 AND Mshtml.dll version is less than 7.0.6000.20996 OR IE7/Vista x64/Server 2008 x64 Vista x64/Server 2008 x64 Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6001.16000 AND Mshtml.dll version is less than 7.0.6001.18203 OR IE7/Vista x64/Server 2008 x64 Vista x64/Server 2008 x64 Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.20000 AND Mshtml.dll version is less than 7.0.6001.22355

Definition Id: oval:org.mitre.oval:def:6081

Oval ID:	oval:org.mitre.oval:def:6081
Title:	CSS Memory Corruption Vulnerability
Description:	Microsoft Internet Explorer 7, when XHTML strict mode is used, allows remote attackers to execute arbitrary code via the zoom style directive in conjunction with unspecified other directives in a malformed Cascading Style Sheets (CSS) stylesheet in a crafted HTML document, aka "CSS Memory Corruption Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-0076	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008	Product(s):	Microsoft Internet Explorer
Definition Synopsis:
Mshtml.dll/Server 2003 (32-bit) Microsoft Windows XP is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is less than 7.0.6000.16809 OR Mshtml.dll/Server 2003 (32-bit) Microsoft Windows Server 2003 (32-bit) is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is less than 7.0.6000.16809 OR Mshtml.dll/Vista (32-bit) Microsoft Windows Vista (32-bit) is installed AND Mshtml.dll version is greater than 7.0.6000.16000 AND Mshtml.dll version is less than 7.0.6000.16809 OR Mshtml.dll/Vista (32-bit) Microsoft Windows Vista (32-bit) is installed AND Mshtml.dll version is greater than 7.0.6000.20000 AND Mshtml.dll version is less than 7.0.6000.20996 OR Mshtml.dll/Vista (32-bit) Microsoft Windows Vista (32-bit) is installed AND Mshtml.dll version is greater than 7.0.6001.16000 AND Mshtml.dll version is less than 7.0.6001.18203 OR Mshtml.dll/Vista (32-bit) Microsoft Windows Vista (32-bit) is installed AND Mshtml.dll version is greater than 7.0.6001.20000 AND Mshtml.dll version is less than 7.0.6001.22355 OR Mshtml.dll/Server 2008 (32-bit) Microsoft Windows Server 2008 (32-bit) is installed AND Mshtml.dll version is greater than 7.0.6001.16000 AND Mshtml.dll version is less than 7.0.6001.18203 OR Mshtml.dll/Server 2008 (32-bit) Microsoft Windows Server 2008 (32-bit) is installed AND Mshtml.dll version is greater than 7.0.6001.20000 AND Mshtml.dll version is less than 7.0.6001.22355 OR IE7/XP x64/Server 2003 x64 XP x64/Server 2003 x64 Microsoft Windows XP x64 is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.16000 AND Mshtml.dll version is less than 7.0.6000.16809 OR IE7/XP x64/Server 2003 x64 XP x64/Server 2003 x64 Microsoft Windows XP x64 is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.20000 AND Mshtml.dll version is less than 7.0.6000.20996 OR IE7/Vista x64 Microsoft Windows Vista x64 Edition is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.16000 AND Mshtml.dll version is less than 7.0.6000.16809 OR IE7/Vista x64 Microsoft Windows Vista x64 Edition is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.20000 AND Mshtml.dll version is less than 7.0.6000.20996 OR IE7/Vista x64/Server 2008 x64 Vista x64/Server 2008 x64 Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6001.16000 AND Mshtml.dll version is less than 7.0.6001.18203 OR IE7/Vista x64/Server 2008 x64 Vista x64/Server 2008 x64 Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Internet Explorer 7 is installed AND Mshtml.dll version is greater than 7.0.6000.20000 AND Mshtml.dll version is less than 7.0.6001.22355

Definition Id: oval:org.mitre.oval:def:6114

Oval ID:	oval:org.mitre.oval:def:6114
Title:	Memory Corruption Vulnerability
Description:	Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and Exchange Server 2007 SP1 do not properly interpret Transport Neutral Encapsulation (TNEF) properties, which allows remote attackers to execute arbitrary code via a crafted TNEF message, aka "Memory Corruption Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-0098	Version:	11
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008	Product(s):	Microsoft Exchange Server 2000 Microsoft Exchange Server 2003 Microsoft Exchange Server 2007 Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1
Definition Synopsis:
Microsoft Exchange 2000 Server Service Pack 3 Microsoft Exchange Server 2000 Service Pack 3 is installed AND The version of cdo.dll is less than 6.0.6620.9 OR Microsoft Exchange Server 2003 Service Pack 2 and cdoex.dll version less than 6.5.7654.12 Microsoft Exchange Server 2003 Service Pack 2 is installed AND The version of cdoex.dll is less than 6.5.7654.12 OR Microsoft Exchange Server 2007 SP1 and cdoex.dll version less than 8.01.0338.0000 Microsoft Exchange Server 2007 SP1 is installed AND The version of cdoex.dll is less than 8.01.0338.0000 OR exmapi32.dll is less than 6.05.8069.0000 The version of exmapi32.dll is less than 6.05.8069.0000 AND HKLM\SOFTWARE\Clients\Mail\ExchangeMAPI!DLLPathEx exists

Definition Id: oval:org.mitre.oval:def:6159

Oval ID:	oval:org.mitre.oval:def:6159
Title:	Literal Processing Vulnerability
Description:	The Electronic Messaging System Microsoft Data Base (EMSMDB32) provider in Microsoft Exchange 2000 Server SP3 and Exchange Server 2003 SP2, as used in Exchange System Attendant, allows remote attackers to cause a denial of service (application outage) via a malformed MAPI command, aka "Literal Processing Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-0099	Version:	11
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008	Product(s):	Microsoft Exchange Server 2000 Microsoft Exchange Server 2003 Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1
Definition Synopsis:
Microsoft Exchange 2000 Server Service Pack 3 Microsoft Exchange Server 2000 Service Pack 3 is installed AND The version of cdo.dll is less than 6.0.6620.9 OR Microsoft Exchange Server 2003 Service Pack 2 and cdoex.dll version less than 6.5.7654.12 Microsoft Exchange Server 2003 Service Pack 2 is installed AND The version of cdoex.dll is less than 6.5.7654.12 OR exmapi32.dll is version less than 6.5.7654.12 The version of exmapi32.dll is less than 6.05.8069.0000 AND HKLM\SOFTWARE\Clients\Mail\ExchangeMAPI!DLLPathEx exists

Definition Id: oval:org.mitre.oval:def:6172

Oval ID:	oval:org.mitre.oval:def:6172
Title:	Memory Corruption Vulnerability
Description:	Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 does not properly perform memory copy operations for object data, which allows remote attackers to execute arbitrary code via a crafted Visio document, aka "Memory Corruption Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-0096	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista	Product(s):	Microsoft Office Visio 2002 Microsoft Office Visio 2003 Microsoft Office Visio 2007
Definition Synopsis:
IF Microsoft Office Visio 2002 SP2 is installed AND Vislib.dll version is less than 10.0.6885.4 OR Microsoft Office Visio 2003 is installed AND Vislib.dll version is less than 11.0.8223.0 OR Microsoft Office Visio 2007 is installed AND Vislib.dll version is less than 12.0.6336.5001

Definition Id: oval:org.mitre.oval:def:6179

Oval ID:	oval:org.mitre.oval:def:6179
Title:	Memory Validation Vulnerability
Description:	Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 does not properly validate object data in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Memory Validation Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-0095	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista	Product(s):	Microsoft Office Visio 2002 Microsoft Office Visio 2003 Microsoft Office Visio 2007
Definition Synopsis:
IF Microsoft Office Visio 2002 SP2 is installed AND Vislib.dll version is less than 10.0.6885.4 OR Microsoft Office Visio 2003 is installed AND Vislib.dll version is less than 11.0.8223.0 OR Microsoft Office Visio 2007 is installed AND Vislib.dll version is less than 12.0.6336.5001

Definition Id: oval:org.mitre.oval:def:6188

Oval ID:	oval:org.mitre.oval:def:6188
Title:	Memory Corruption Vulnerability
Description:	Microsoft Office Visio 2002 SP2 and 2003 SP3 does not properly validate memory allocation for Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Memory Corruption Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-0097	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista	Product(s):	Microsoft Office Visio 2002 Microsoft Office Visio 2003 Microsoft Office Visio 2007
Definition Synopsis:
IF Microsoft Office Visio 2002 SP2 is installed AND Vislib.dll version is less than 10.0.6885.4 OR Microsoft Office Visio 2003 is installed AND Vislib.dll version is less than 11.0.8223.0

Definition Id: oval:org.mitre.oval:def:6217

Oval ID:	oval:org.mitre.oval:def:6217
Title:	SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability
Description:	Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 and SP2; and Windows Internal Database (WYukon) SP2 allows remote authenticated users to cause a denial of service (access violation exception) or execute arbitrary code by calling the sp_replwritetovarbin extended stored procedure with a set of invalid parameters that trigger memory overwrite, aka "SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2008-5416	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008	Product(s):	Microsoft SQL Server 2000 Microsoft SQL Server 2005 Microsoft SQL Server 2000 Desktop Engine (WMSDE) Windows Internal Database (WYukon)
Definition Synopsis:
SQL Server 2000 SP4 32-bit editions - GDR SQL Server 2000 is installed AND SQL Server 2000 GDR - the version of sqlservr.exe is greater than 2000.80.2000.0 AND the version of sqlservr.exe is less than 2000.80.2055.0 OR SQL Server 2000 SP4 32-bit editions - QFE SQL Server 2000 is installed AND SQL Server 2000 QFE - the version of sqlservr.exe is greater than 2000.80.2000.0 AND the version of sqlservr.exe is less than 2000.80.2282.0 OR SQL Server 2005 SP2 - GDR IF Microsoft SQL Server 2005 SP2 is installed AND the version of sqlservr.exe is less than 2005.90.3077.0 AND the version of sqlservr.exe is greater than or equal to 2005.90.3042.0 OR Microsoft SQL Server 2005 is installed AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\Setup\\SP equals 2 AND SQL Server 2005 GDR - the version of msdtssrvr.exe is greater than 9.0.3000.0 AND the version of msdtssrvr.exe is less than 9.0.3077.0 OR SQL Server 2005 SP2 - QFE IF Microsoft SQL Server 2005 SP2 is installed AND the version of sqlservr.exe is less than 2005.90.3310.0 AND the version of sqlservr.exe is greater than or equal to 2005.90.3150.0 OR Microsoft SQL Server 2005 is installed AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\Setup\\SP equals 2 AND SQL Server 2005 QFE - the version of msdtssrvr.exe is greater than 9.0.3300.0 AND the version of msdtssrvr.exe is less than 9.0.3310.0

CPE : Common Platform Enumeration

Type	Description	Count
Application	Microsoft Exchange Server cpe:2.3:a:microsoft:exchange_server:2007:sp1:::::: cpe:2.3:a:microsoft:exchange_server:2003:sp2:::::: cpe:2.3:a:microsoft:exchange_server:2000:sp3::::::	3
Application	Microsoft Internet Explorer cpe:2.3:a:microsoft:internet_explorer:7:::::::*	1
Application	Microsoft Sql Server cpe:2.3:a:microsoft:sql_server:2005:-:::::: cpe:2.3:a:microsoft:sql_server:2000:-::::::	2
Application	Microsoft Visio cpe:2.3:a:microsoft:visio:2007:sp1:::::: cpe:2.3:a:microsoft:visio:2003:sp3:::::: cpe:2.3:a:microsoft:visio:2002:sp2::::::	3

SAINT Exploits

Description	Link
Internet Explorer deleted object memory corruption	More info here
Microsoft SQL Server spreplwritetovarbin Buffer Overflow	More info here

OpenVAS Exploits

Date	Description
2012-03-16	Name : VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCe... File : nvt/gb_VMSA-2011-0003.nasl
2009-02-11	Name : Cumulative Security Update for Internet Explorer (961260) File : nvt/secpod_ms09-002.nasl
2009-02-11	Name : Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239) File : nvt/secpod_ms09-003.nasl
2009-02-11	Name : Vulnerabilities in Microsoft Office Visio Could Allow Remote Code Execution (... File : nvt/secpod_ms09-005.nasl
2008-12-16	Name : Microsoft SQL Server sp_replwritetovarbin() BOF Vulnerability File : nvt/gb_mssql_sp_replwritetovarbin_bof_vuln.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
51840	Microsoft IE XHTML Strict Mode CSS Handling Memory Corruption Arbitrary Code ... A memory corruption flaw exists in Internet Explorer. The program fails to validate CSS styles resulting in memory corruption. With a specially crafted web page, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.
51839	Microsoft IE Document Object Handling Memory Corruption Arbitrary Code Execution A memory corruption flaw exists in Internet Explorer. The program fails to validate web page content resulting in memory corruption. With a specially crafted web page, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.
51838	Microsoft Exchange Server EMSMDB2 Invalid MAPI Command Remote DoS Exchange Server contains a flaw that may allow a remote denial of service. The issue is triggered when the EMSMDB2 encounters a malformed MAPI message, and will result in loss of availability for the System Attendant service.
51837	Microsoft Exchange Server Message Transport Neutral Encapsulation Format (TNE... A memory corruption flaw exists in Exchange Server. It fails to validate TNEF data resulting in memory corruption. With a specially crafted message, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.
51836	Microsoft Office Visio File Opening Memory Functions Arbitrary Code Execution An unspecified memory corruption flaw exists in Visio. The application fails to validate Visio files resulting in memory corruption. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.
51835	Microsoft Office Visio Object Data Memory Functions Arbitrary Code Execution A memory corruption flaw exists in Visio. The program fails to validate object data in documents resulting in memory corruption. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.
51834	Microsoft Office Visio File Opening Object Data Handling Arbitrary Code Execu...
50589	Microsoft SQL Server 2000 sp_replwritetovarbin() Stored Procedure Overflow An overflow exists in Microsoft SQL Server 2000. The sp_replwritetovarbin() stored procedure fails to check invalid parameters, trigger memory overwrite, resulting in a heap overflow. With a specially crafted request, an attacker can cause a denial of service or execute arbitrary code resulting in a loss of integrity and/or availability.

Information Assurance Vulnerability Management (IAVM)

Date	Description
2011-05-12	IAVM : 2011-A-0066 - Multiple Vulnerabilities in VMware Products Severity : Category I - VMSKEY : V0027158
2009-02-12	IAVM : 2009-A-0012 - Microsoft SQL Server Remote Code Execution Vulnerability Severity : Category I - VMSKEY : V0018387
2009-02-12	IAVM : 2009-A-0013 - Multiple Remote Code Execution Vulnerabilities in Microsoft Exchange Severity : Category I - VMSKEY : V0018388

Snort® IPS/IDS

Date	Description
2018-01-11	Microsoft Internet Explorer dynamic style update memory corruption attempt RuleID : 45154 - Revision : 2 - Type : BROWSER-IE
2015-03-17	Microsoft Internet Explorer dynamic style update memory corruption attempt RuleID : 33495 - Revision : 2 - Type : BROWSER-IE
2015-03-17	Microsoft Internet Explorer dynamic style update memory corruption attempt RuleID : 33494 - Revision : 2 - Type : BROWSER-IE
2015-03-17	Microsoft Internet Explorer dynamic style update memory corruption attempt RuleID : 33493 - Revision : 2 - Type : BROWSER-IE
2015-03-17	Microsoft Internet Explorer dynamic style update memory corruption attempt RuleID : 33492 - Revision : 3 - Type : BROWSER-IE
2014-03-15	Microsoft Internet Explorer dynamic style update memory corruption attempt RuleID : 29806 - Revision : 2 - Type : BROWSER-IE
2014-03-15	Microsoft Internet Explorer dynamic style update memory corruption attempt RuleID : 29805 - Revision : 2 - Type : BROWSER-IE
2014-03-15	Microsoft Internet Explorer dynamic style update memory corruption attempt RuleID : 29804 - Revision : 2 - Type : BROWSER-IE
2014-01-10	Microsoft Office Visio VSD file icon memory corruption attempt RuleID : 24815 - Revision : 4 - Type : FILE-OFFICE
2014-01-10	Microsoft Internet Explorer object clone deletion memory corruption RuleID : 21086 - Revision : 11 - Type : BROWSER-IE
2014-01-10	Microsoft Office Visio VSD file icon memory corruption attempt RuleID : 18515 - Revision : 18 - Type : FILE-OFFICE
2014-01-10	Microsoft Internet Explorer object clone deletion memory corruption attempt RuleID : 17644 - Revision : 8 - Type : BROWSER-IE
2014-01-10	Microsoft Internet Explorer object clone deletion memory corruption attempt -... RuleID : 16339 - Revision : 15 - Type : BROWSER-IE
2014-01-10	Microsoft Office Visio invalid ho tag attempt RuleID : 16318 - Revision : 15 - Type : FILE-OFFICE
2014-01-10	Microsoft Internet Explorer dynamic style update memory corruption attempt RuleID : 16169 - Revision : 15 - Type : BROWSER-IE
2014-01-10	Microsoft Internet Explorer dynamic style update memory corruption attempt RuleID : 15305 - Revision : 17 - Type : BROWSER-IE
2014-01-10	Microsoft Internet Explorer object clone deletion memory corruption attempt RuleID : 15304 - Revision : 13 - Type : BROWSER-IE
2014-01-10	Microsoft Office Visio Malformed IconBitsComponent arbitrary code execution a... RuleID : 15303 - Revision : 14 - Type : FILE-OFFICE
2014-01-10	Microsoft Windows Exchange System Attendant denial of service attempt RuleID : 15302 - Revision : 13 - Type : SERVER-MAIL
2014-01-10	Exchange compressed RTF remote code execution attempt RuleID : 15301 - Revision : 5 - Type : SERVER-MAIL
2014-01-10	Microsoft Office Visio invalid ho tag attempt RuleID : 15299 - Revision : 14 - Type : FILE-OFFICE
2014-01-10	Microsoft Visio could allow remote code execution RuleID : 15298 - Revision : 12 - Type : FILE-OFFICE
2014-01-10	sp_replwritetovarbin vulnerable function attempt RuleID : 15144 - Revision : 12 - Type : SERVER-MSSQL
2014-01-10	sp_replwritetovarbin unicode vulnerable function attempt RuleID : 15143 - Revision : 15 - Type : SERVER-MSSQL
2014-01-10	Microsoft Windows SMB sp_replwritetovarbin vulnerable function unicode attempt RuleID : 15142 - Revision : 9 - Type : OS-WINDOWS
2014-01-10	Microsoft Windows SMB sp_replwritetovarbin vulnerable function unicode andx a... RuleID : 15141 - Revision : 9 - Type : OS-WINDOWS
2014-01-10	Microsoft Windows SMB sp_replwritetovarbin vulnerable function attempt RuleID : 15140 - Revision : 9 - Type : OS-WINDOWS
2014-01-10	Microsoft Windows SMB sp_replwritetovarbin vulnerable function andx attempt RuleID : 15139 - Revision : 9 - Type : OS-WINDOWS
2014-01-10	Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX unic... RuleID : 15138 - Revision : 9 - Type : OS-WINDOWS
2014-01-10	Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX unic... RuleID : 15137 - Revision : 9 - Type : OS-WINDOWS
2014-01-10	Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX attempt RuleID : 15136 - Revision : 9 - Type : OS-WINDOWS
2014-01-10	Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX andx... RuleID : 15135 - Revision : 9 - Type : OS-WINDOWS
2014-01-10	Microsoft Windows SMB sp_replwritetovarbin vulnerable function unicode attempt RuleID : 15134 - Revision : 10 - Type : OS-WINDOWS
2014-01-10	Microsoft Windows SMB sp_replwritetovarbin vulnerable function unicode andx a... RuleID : 15133 - Revision : 10 - Type : OS-WINDOWS
2014-01-10	Microsoft Windows SMB sp_replwritetovarbin vulnerable function attempt RuleID : 15132 - Revision : 10 - Type : OS-WINDOWS
2014-01-10	Microsoft Windows SMB sp_replwritetovarbin vulnerable function andx attempt RuleID : 15131 - Revision : 10 - Type : OS-WINDOWS
2014-01-10	Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX unic... RuleID : 15130 - Revision : 10 - Type : OS-WINDOWS
2014-01-10	Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX unic... RuleID : 15129 - Revision : 10 - Type : OS-WINDOWS
2014-01-10	Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX attempt RuleID : 15128 - Revision : 10 - Type : OS-WINDOWS
2014-01-10	Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX andx... RuleID : 15127 - Revision : 10 - Type : OS-WINDOWS

Nessus® Vulnerability Scanner

Date	Description
2018-04-03	Name : Arbitrary code can be executed on the remote host through the email server. File : exchange_ms09-003.nasl - Type : ACT_GATHER_INFO
2016-03-04	Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2011-0003_remote.nasl - Type : ACT_GATHER_INFO
2011-02-14	Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2011-0003.nasl - Type : ACT_GATHER_INFO
2009-02-11	Name : A database application installed on the remote host is affected by a remote c... File : smb_kb959420.nasl - Type : ACT_GATHER_INFO
2009-02-11	Name : Arbitrary code can be executed on the remote host through the web client. File : smb_nt_ms09-002.nasl - Type : ACT_GATHER_INFO
2009-02-11	Name : Arbitrary code can be executed on the remote host through the email server. File : smb_nt_ms09-003.nasl - Type : ACT_GATHER_INFO
2009-02-11	Name : Arbitrary code can be executed on the remote host through Microsoft SQL Server. File : smb_nt_ms09-004.nasl - Type : ACT_GATHER_INFO
2009-02-11	Name : Arbitrary code can be executed on the remote host through Visio. File : smb_nt_ms09-005.nasl - Type : ACT_GATHER_INFO

Global Informations

Type	Count
CWE ID(s)	8
Oval ID(s)	8
CPE ID(s)	9
Saint Exploit(s)	2
osvdb(s)	8
Openvas Exploit(s)	5
IAVM(s)	3
Snort® Rule(s)	40
Nessus® Exploit(s)	8

	Related
9.3	CVE-2009-0098
9.3	CVE-2009-0097
9.3	CVE-2009-0096
9.3	CVE-2009-0095
9.3	CVE-2009-0076
9.3	CVE-2009-0075
9	VU#696644
9	CVE-2008-5416
5	CVE-2009-0099
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 9 more Alert(s)