Executive Summary
Summary | |
---|---|
Title | Microsoft Updates for Multiple Vulnerabilities |
Informations | |||
---|---|---|---|
Name | TA11-102A | First vendor Publication | 2011-04-12 |
Vendor | US-CERT | Last vendor Modification | 2011-04-12 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
There are multiple vulnerabilities in Microsoft Windows, Office, Internet Explorer, and Visual Studio. Microsoft has released updates to address these vulnerabilities. I. Description The Microsoft Security Bulletin Summary for April 2011 describes multiple vulnerabilities in Microsoft Windows, Office, Internet Explorer, and Visual Studio. Microsoft has released updates to address the vulnerabilities. II. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. III. Solution Apply updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for April 2011. That bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). |
Original Source
Url : http://www.us-cert.gov/cas/techalerts/TA11-102A.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
44 % | CWE-399 | Resource Management Errors |
19 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
15 % | CWE-20 | Improper Input Validation |
8 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
4 % | CWE-264 | Permissions, Privileges, and Access Controls |
2 % | CWE-476 | NULL Pointer Dereference |
2 % | CWE-426 | Untrusted Search Path |
2 % | CWE-200 | Information Exposure |
2 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
2 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11676 | |||
Oval ID: | oval:org.mitre.oval:def:11676 | ||
Title: | Excel Record Parsing WriteAV Vulnerability | ||
Description: | Microsoft Excel 2002 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted RealTimeData record, related to a stTopic field, doubly-byte characters, and an incorrect pointer calculation, aka "Excel Record Parsing WriteAV Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0101 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:11708 | |||
Oval ID: | oval:org.mitre.oval:def:11708 | ||
Title: | Win32k Use After Free Vulnerability (CVE-2011-0674) | ||
Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0674 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11726 | |||
Oval ID: | oval:org.mitre.oval:def:11726 | ||
Title: | Win32k Use After Free Vulnerability (CVE-2011-1239) | ||
Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1239 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11761 | |||
Oval ID: | oval:org.mitre.oval:def:11761 | ||
Title: | Persist Directory RCE Vulnerability | ||
Description: | Microsoft PowerPoint 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; PowerPoint Viewer; PowerPoint Viewer 2007 SP2; and PowerPoint Web App do not properly validate PersistDirectoryEntry records in PowerPoint documents, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Slide with a malformed record, which triggers an exception and later use of an unspecified method, aka "Persist Directory RCE Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0656 | Version: | 13 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Microsoft Office PowerPoint 2002 Microsoft Office PowerPoint 2003 Microsoft Office PowerPoint 2007 Microsoft Office PowerPoint 2010 Microsoft Office Compatibility Pack Microsoft PowerPoint Viewer 2007 Microsoft PowerPoint Viewer soft PowerPoint Web App |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11767 | |||
Oval ID: | oval:org.mitre.oval:def:11767 | ||
Title: | Excel Buffer Overwrite Vulnerability | ||
Description: | Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HLink record in an Excel file, aka "Excel Buffer Overwrite Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0104 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 Microsoft Excel 2003 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11812 | |||
Oval ID: | oval:org.mitre.oval:def:11812 | ||
Title: | Win32k Null Pointer De-reference Vulnerability (CVE-2011-1233) | ||
Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1233 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11838 | |||
Oval ID: | oval:org.mitre.oval:def:11838 | ||
Title: | DEPRECATED: Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 8.0.7600.16385 | ||
Description: | Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 8.0.7600.16385 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the DOM implementation and the BreakAASpecial and BreakCircularMemoryReferences functions, as demonstrated by cross_fuzz, involving circular memory references. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0346 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:11854 | |||
Oval ID: | oval:org.mitre.oval:def:11854 | ||
Title: | GDI+ Integer Overflow Vulnerability | ||
Description: | Integer overflow in gdiplus.dll in GDI+ in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold and SP2, and Office XP SP3 allows remote attackers to execute arbitrary code via a crafted EMF image, aka "GDI+ Integer Overflow Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0041 | Version: | 12 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 | Product(s): | Microsoft Office XP |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11882 | |||
Oval ID: | oval:org.mitre.oval:def:11882 | ||
Title: | MSHTML Memory Corruption Vulnerability | ||
Description: | Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the DOM implementation and the BreakAASpecial and BreakCircularMemoryReferences functions, as demonstrated by cross_fuzz, aka "MSHTML Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0346 | Version: | 10 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11902 | |||
Oval ID: | oval:org.mitre.oval:def:11902 | ||
Title: | DNS Query Vulnerability | ||
Description: | DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process DNS queries, which allows remote attackers to execute arbitrary code via (1) a crafted LLMNR broadcast query or (2) a crafted application, aka "DNS Query Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0657 | Version: | 5 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11942 | |||
Oval ID: | oval:org.mitre.oval:def:11942 | ||
Title: | Win32k Use After Free Vulnerability (CVE-2011-0671) | ||
Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0671 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11978 | |||
Oval ID: | oval:org.mitre.oval:def:11978 | ||
Title: | OfficeArt Atom RCE Vulnerability | ||
Description: | Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and PowerPoint Viewer 2007 SP2 do not properly handle Office Art containers that have invalid records, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PowerPoint document with a container that triggers certain access to an uninitialized object, aka "OfficeArt Atom RCE Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0976 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Microsoft Office PowerPoint 2002 Microsoft Office PowerPoint 2003 Microsoft Office PowerPoint 2007 Microsoft Office Compatibility Pack Microsoft PowerPoint Viewer 2007 Microsoft PowerPoint Viewer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11995 | |||
Oval ID: | oval:org.mitre.oval:def:11995 | ||
Title: | SMB Client Response Parsing Vulnerability | ||
Description: | The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote SMB servers to execute arbitrary code via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Client Response Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0660 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12014 | |||
Oval ID: | oval:org.mitre.oval:def:12014 | ||
Title: | Win32k Null Pointer De-reference Vulnerability (CVE-2011-1225) | ||
Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1225 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12017 | |||
Oval ID: | oval:org.mitre.oval:def:12017 | ||
Title: | Win32k Null Pointer De-reference Vulnerability (CVE-2011-1228) | ||
Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1228 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12018 | |||
Oval ID: | oval:org.mitre.oval:def:12018 | ||
Title: | Excel Dangling Pointer Vulnerability | ||
Description: | Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly parse Office Art objects, which allows remote attackers to execute arbitrary code via vectors related to a function pointer, aka "Excel Dangling Pointer Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0980 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 Microsoft Excel 2003 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12034 | |||
Oval ID: | oval:org.mitre.oval:def:12034 | ||
Title: | Excel Heap Overflow Vulnerability | ||
Description: | Integer signedness error in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via an XLS file with a large record size, aka "Excel Heap Overflow Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0098 | Version: | 12 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 Microsoft Excel 2003 Microsoft Excel 2010 Microsoft Office Excel Viewer Microsoft Office Compatibility Pack |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12036 | |||
Oval ID: | oval:org.mitre.oval:def:12036 | ||
Title: | Win32k Null Pointer De-reference Vulnerability (CVE-2011-1231) | ||
Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1231 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12076 | |||
Oval ID: | oval:org.mitre.oval:def:12076 | ||
Title: | SMB Transaction Parsing Vulnerability | ||
Description: | The SMB Server service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate fields in SMB requests, which allows remote attackers to execute arbitrary code via a malformed request in a (1) SMBv1 or (2) SMBv2 packet, aka "SMB Transaction Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0661 | Version: | 5 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12164 | |||
Oval ID: | oval:org.mitre.oval:def:12164 | ||
Title: | Win32k Null Pointer De-reference Vulnerability (CVE-2011-1230) | ||
Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1230 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12167 | |||
Oval ID: | oval:org.mitre.oval:def:12167 | ||
Title: | Win32k Use After Free Vulnerability (CVE-2011-0672) | ||
Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0672 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12183 | |||
Oval ID: | oval:org.mitre.oval:def:12183 | ||
Title: | Win32k Use After Free Vulnerability (CVE-2011-0675) | ||
Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0675 | Version: | 10 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12221 | |||
Oval ID: | oval:org.mitre.oval:def:12221 | ||
Title: | Win32k Use After Free Vulnerability (CVE-2011-1234) | ||
Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1234 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12228 | |||
Oval ID: | oval:org.mitre.oval:def:12228 | ||
Title: | Object Management Memory Corruption Vulnerability | ||
Description: | Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, as demonstrated by Stephen Fewer as the first of three chained vulnerabilities during a Pwn2Own competition at CanSecWest 2011, aka "Object Management Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1345 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12301 | |||
Oval ID: | oval:org.mitre.oval:def:12301 | ||
Title: | WordPad Converter Parsing Vulnerability | ||
Description: | WordPad in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly parse fields in Word documents, which allows remote attackers to execute arbitrary code via a crafted .doc file, aka "WordPad Converter Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0028 | Version: | 8 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12302 | |||
Oval ID: | oval:org.mitre.oval:def:12302 | ||
Title: | Win32k Use After Free Vulnerability (CVE-2011-1235) | ||
Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1235 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12337 | |||
Oval ID: | oval:org.mitre.oval:def:12337 | ||
Title: | Win32k Use After Free Vulnerability (CVE-2011-0670) | ||
Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0670 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12339 | |||
Oval ID: | oval:org.mitre.oval:def:12339 | ||
Title: | Microsoft Office Graphic Object Dereferencing Vulnerability | ||
Description: | Use-after-free vulnerability in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via malformed shape data in the Office drawing file format, aka "Microsoft Office Graphic Object Dereferencing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0977 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Office XP Microsoft Office 2003 Microsoft Office 2007 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12340 | |||
Oval ID: | oval:org.mitre.oval:def:12340 | ||
Title: | Win32k Use After Free Vulnerability (CVE-2011-0667) | ||
Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0667 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12347 | |||
Oval ID: | oval:org.mitre.oval:def:12347 | ||
Title: | Win32k Use After Free Vulnerability (CVE-2011-0666) | ||
Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0666 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12385 | |||
Oval ID: | oval:org.mitre.oval:def:12385 | ||
Title: | Javascript Information Disclosure Vulnerability | ||
Description: | Microsoft Internet Explorer 6 and 7 does not properly restrict script access to content from a (1) different domain or (2) different zone, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Javascript Information Disclosure Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1245 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12390 | |||
Oval ID: | oval:org.mitre.oval:def:12390 | ||
Title: | Fax Cover Page Editor Memory Corruption Vulnerability | ||
Description: | fxscover.exe in the Fax Cover Page Editor in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly parse FAX cover pages, which allows remote attackers to execute arbitrary code via a crafted .cov file, aka "Fax Cover Page Editor Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3974 | Version: | 5 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12392 | |||
Oval ID: | oval:org.mitre.oval:def:12392 | ||
Title: | Win32k Null Pointer De-reference Vulnerability (CVE-2011-1232) | ||
Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1232 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12406 | |||
Oval ID: | oval:org.mitre.oval:def:12406 | ||
Title: | .NET Framework Stack Corruption Vulnerability | ||
Description: | The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 does not properly compile function calls, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka ".NET Framework Stack Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3958 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | Microsoft .NET Framework |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12416 | |||
Oval ID: | oval:org.mitre.oval:def:12416 | ||
Title: | Win32k Null Pointer De-reference Vulnerability (CVE-2011-0676) | ||
Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0676 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12417 | |||
Oval ID: | oval:org.mitre.oval:def:12417 | ||
Title: | Win32k Use After Free Vulnerability (CVE-2011-1238) | ||
Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1238 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12439 | |||
Oval ID: | oval:org.mitre.oval:def:12439 | ||
Title: | Excel Array Indexing Vulnerability | ||
Description: | Stack-based buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via vectors related to an axis properties record, and improper incrementing of an array index, aka "Excel Array Indexing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0978 | Version: | 11 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 Microsoft Excel 2003 Microsoft Office Excel Viewer Microsoft Office Compatibility Pack |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12457 | |||
Oval ID: | oval:org.mitre.oval:def:12457 | ||
Title: | MFC Insecure Library Loading Vulnerability | ||
Description: | Untrusted search path vulnerability in the Microsoft Foundation Class (MFC) Library in Microsoft Visual Studio .NET 2003 SP1; Visual Studio 2005 SP1, 2008 SP1, and 2010; and Visual C++ 2005 SP1, 2008 SP1, and 2010 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory during execution of an MFC application such as AtlTraceTool8.exe (aka ATL MFC Trace Tool), as demonstrated by a directory that contains a TRC, cur, rs, rct, or res file, aka "MFC Insecure Library Loading Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3190 | Version: | 19 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Visual Studio .NET 2003 Microsoft Visual Studio 2005 Microsoft Visual Studio 2008 Microsoft Visual Studio 2010 Microsoft Visual C++ 2005 Redistributable Package Microsoft Visual C++ 2008 Redistributable Package Microsoft Visual C++ 2010 Redistributable Package |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12463 | |||
Oval ID: | oval:org.mitre.oval:def:12463 | ||
Title: | Layouts Handling Memory Corruption Vulnerability | ||
Description: | Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Layouts Handling Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0094 | Version: | 8 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12467 | |||
Oval ID: | oval:org.mitre.oval:def:12467 | ||
Title: | Win32k Use After Free Vulnerability (CVE-2011-1237) | ||
Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1237 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12474 | |||
Oval ID: | oval:org.mitre.oval:def:12474 | ||
Title: | DEPRECATED: Win32k Null Pointer De-reference Vulnerability (CVE-2011-0676) | ||
Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0676 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12478 | |||
Oval ID: | oval:org.mitre.oval:def:12478 | ||
Title: | Win32k Use After Free Vulnerability (CVE-2011-1236) | ||
Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1236 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12503 | |||
Oval ID: | oval:org.mitre.oval:def:12503 | ||
Title: | Win32k Null Pointer De-reference Vulnerability (CVE-2011-1229) | ||
Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1229 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12525 | |||
Oval ID: | oval:org.mitre.oval:def:12525 | ||
Title: | Win32k Use After Free Vulnerability (CVE-2011-1242) | ||
Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1242 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12526 | |||
Oval ID: | oval:org.mitre.oval:def:12526 | ||
Title: | Win32k Use After Free Vulnerability (CVE-2011-0665) | ||
Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0665 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12540 | |||
Oval ID: | oval:org.mitre.oval:def:12540 | ||
Title: | Win32k Use After Free Vulnerability (CVE-2011-1241) | ||
Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1241 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12543 | |||
Oval ID: | oval:org.mitre.oval:def:12543 | ||
Title: | Win32k Use After Free Vulnerability (CVE-2011-0662) | ||
Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0662 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12546 | |||
Oval ID: | oval:org.mitre.oval:def:12546 | ||
Title: | Win32k Null Pointer De-reference Vulnerability (CVE-2011-0673) | ||
Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, aka "Win32k Null Pointer De-reference Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0673 | Version: | 3 |
Platform(s): | Microsoft Windows XP | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12547 | |||
Oval ID: | oval:org.mitre.oval:def:12547 | ||
Title: | Win32k Use After Free Vulnerability (CVE-2011-1240) | ||
Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1240 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12595 | |||
Oval ID: | oval:org.mitre.oval:def:12595 | ||
Title: | Excel Linked List Corruption Vulnerability | ||
Description: | Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; and Excel Viewer SP2 do not properly handle errors during the parsing of Office Art records in Excel spreadsheets, which allows remote attackers to execute arbitrary code via a malformed object record, related to a "stray reference," aka "Excel Linked List Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0979 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 Microsoft Excel 2003 Microsoft Excel 2010 Microsoft Office Excel Viewer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12612 | |||
Oval ID: | oval:org.mitre.oval:def:12612 | ||
Title: | Excel Integer Overrun Vulnerability | ||
Description: | Integer underflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via a crafted 400h substream in an Excel file, which triggers a stack-based buffer overflow, aka "Excel Integer Overrun Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0097 | Version: | 12 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 Microsoft Excel 2003 Microsoft Excel 2010 Microsoft Office Excel Viewer Microsoft Office Compatibility Pack |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12613 | |||
Oval ID: | oval:org.mitre.oval:def:12613 | ||
Title: | Win32k Null Pointer De-reference Vulnerability (CVE-2011-1226) | ||
Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1226 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12616 | |||
Oval ID: | oval:org.mitre.oval:def:12616 | ||
Title: | Excel Memory Corruption Vulnerability | ||
Description: | Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted record information in an Excel file, aka "Excel Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0103 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 Microsoft Excel 2003 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12618 | |||
Oval ID: | oval:org.mitre.oval:def:12618 | ||
Title: | Excel Data Initialization Vulnerability | ||
Description: | Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac obtain a certain length value from an uninitialized memory location, which allows remote attackers to trigger a buffer overflow and execute arbitrary code via a crafted Excel file, aka "Excel Data Initialization Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0105 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12624 | |||
Oval ID: | oval:org.mitre.oval:def:12624 | ||
Title: | Floating Point Techno-color Time Bandit RCE Vulnerability | ||
Description: | Microsoft PowerPoint 2007 SP2 and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; PowerPoint Viewer; PowerPoint Viewer 2007 SP2; and PowerPoint Web App do not properly validate TimeColorBehaviorContainer Floating Point records in PowerPoint documents, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document containing an invalid record, aka "Floating Point Techno-color Time Bandit RCE Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0655 | Version: | 11 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Microsoft Office PowerPoint 2007 Microsoft Office PowerPoint 2010 Microsoft Office Compatibility Pack Microsoft PowerPoint Viewer 2007 Microsoft PowerPoint Viewer Microsoft PowerPoint Web App |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12637 | |||
Oval ID: | oval:org.mitre.oval:def:12637 | ||
Title: | Browser Pool Corruption Vulnerability | ||
Description: | Integer underflow in the BowserWriteErrorLogEntry function in the Common Internet File System (CIFS) browser service in Mrxsmb.sys or bowser.sys in Active Directory in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via a malformed BROWSER ELECTION message, leading to a heap-based buffer overflow, aka "Browser Pool Corruption Vulnerability." NOTE: some of these details are obtained from third party information. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0654 | Version: | 8 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12653 | |||
Oval ID: | oval:org.mitre.oval:def:12653 | ||
Title: | Win32k Null Pointer De-reference Vulnerability (CVE-2011-0677) | ||
Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0677 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12655 | |||
Oval ID: | oval:org.mitre.oval:def:12655 | ||
Title: | Office Component Insecure Library Loading Vulnerability | ||
Description: | Untrusted search path vulnerability in Microsoft Office XP SP3, Office 2003 SP3, and Office 2007 SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .docx file, aka "Office Component Insecure Library Loading Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0107 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Office XP Microsoft Office 2003 Microsoft Office 2007 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12673 | |||
Oval ID: | oval:org.mitre.oval:def:12673 | ||
Title: | Scripting Memory Reallocation Vulnerability | ||
Description: | Multiple integer overflows in the Microsoft (1) JScript 5.6 through 5.8 and (2) VBScript 5.6 through 5.8 scripting engines allow remote attackers to execute arbitrary code via a crafted web page, aka "Scripting Memory Reallocation Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0663 | Version: | 17 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | VBScript 5.6 VBScript 5.7 VBScript 5.8 JScript 5.6 JScript 5.7 JScript 5.8 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12681 | |||
Oval ID: | oval:org.mitre.oval:def:12681 | ||
Title: | Win32k Null Pointer De-reference Vulnerability (CVE-2011-1227) | ||
Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1227 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12689 | |||
Oval ID: | oval:org.mitre.oval:def:12689 | ||
Title: | Fax Cover Page Use After Free Vulnerability | ||
Description: | Heap-based buffer overflow in the CDrawPoly::Serialize function in fxscover.exe in Microsoft Windows Fax Services Cover Page Editor 5.2 r2 in Windows XP Professional SP3, Server 2003 R2 Enterprise Edition SP2, and Windows 7 Professional allows remote attackers to execute arbitrary code via a long record in a Fax Cover Page (.cov) file. NOTE: some of these details are obtained from third party information. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-4701 | Version: | 6 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6956 | |||
Oval ID: | oval:org.mitre.oval:def:6956 | ||
Title: | MHTML Mime-Formatted Request Vulnerability | ||
Description: | The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for content blocks in a document, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site that is visited in Internet Explorer, aka "MHTML Mime-Formatted Request Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0096 | Version: | 11 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7378 | |||
Oval ID: | oval:org.mitre.oval:def:7378 | ||
Title: | DEPRECATED: Untrusted search path vulnerability in ATL MFC Trace Tool as used in Microsoft Visual Studio 2010 | ||
Description: | Untrusted search path vulnerability in ATL MFC Trace Tool (AtlTraceTool8.exe), as used in Microsoft Visual Studio, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a TRC, cur, rs, rct, or res file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3190 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Visual Studio |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Microsoft Excel Substream Parsing Integer Overflow | More info here |
Microsoft Excel Data Validation Record Parsing Overflow | More info here |
Microsoft PowerPoint Floating Point Techno-color Time Bandit vulnerability | More info here |
Microsoft Windows Fax Cover Page Editor Double Free Memory Corruption Vulnerability | More info here |
ExploitDB Exploits
id | Description |
---|---|
2011-11-05 | MS11-021 Microsoft Office 2007 Excel .xlb Buffer Overflow |
2011-07-18 | GDI+ CreateDashedPath Integer overflow in gdiplus.dll |
2011-04-29 | Microsoft Office Excel Axis Properties Record Parsing Buffer Overflow PoC |
OpenVAS Exploits
Date | Description |
---|---|
2012-03-06 | Name : Microsoft SMB Transaction Parsing Remote Code Execution Vulnerability File : nvt/secpod_ms11-020_remote.nasl |
2011-04-13 | Name : Microsoft Windows SMB Server Remote Code Execution Vulnerability (2508429) File : nvt/secpod_ms11-020.nasl |
2011-04-13 | Name : Microsoft .NET Framework Remote Code Execution Vulnerability (2484015) File : nvt/secpod_ms11-028.nasl |
2011-04-13 | Name : Windows MHTML Information Disclosure Vulnerability (2503658) File : nvt/secpod_ms11-026.nasl |
2011-04-13 | Name : Microsoft Foundation Class (MFC) Library Remote Code Execution Vulnerability ... File : nvt/secpod_ms11-025.nasl |
2011-04-13 | Name : Windows Fax Cover Page Editor Remote Code Execution Vulnerability (2527308) File : nvt/secpod_ms11-024.nasl |
2011-04-13 | Name : Microsoft Office Remote Code Execution Vulnerabilites (2489293) File : nvt/secpod_ms11-023.nasl |
2011-04-13 | Name : Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2489283) File : nvt/secpod_ms11-022.nasl |
2011-04-13 | Name : Microsoft Office Excel Remote Code Execution Vulnerabilities (2489279) File : nvt/secpod_ms11-021.nasl |
2011-04-13 | Name : Microsoft SMB Client Remote Code Execution Vulnerabilities (2511455) File : nvt/secpod_ms11-019.nasl |
2011-04-13 | Name : Microsoft Internet Explorer Multiple Vulnerabilities (2497640) File : nvt/secpod_ms11-018.nasl |
2011-04-13 | Name : Microsoft GDI+ Remote Code Execution Vulnerability (2489979) File : nvt/secpod_ms11-029.nasl |
2011-04-13 | Name : Microsoft DNS Resolution Remote Code Execution Vulnerability (2509553) File : nvt/secpod_ms11-030.nasl |
2011-04-13 | Name : Microsoft JScript and VBScript Scripting Engines Remote Code Execution Vulner... File : nvt/secpod_ms11-031.nasl |
2011-04-13 | Name : Windows OpenType Compact Font Format (CFF) Driver Remote Code Execution Vulne... File : nvt/secpod_ms11-032.nasl |
2011-04-13 | Name : WordPad Text Converters Remote Code Execution Vulnerability (2485663) File : nvt/secpod_ms11-033.nasl |
2011-04-13 | Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2506223) File : nvt/secpod_ms11-034.nasl |
2011-02-23 | Name : Microsoft Office Excel 2003 Invalid Object Type Remote Code Execution Vulnera... File : nvt/gb_ms_office_excel_art_object_code_exec_vuln.nasl |
2011-02-23 | Name : Microsoft PowerPoint 2007 OfficeArt Atom Remote Code Execution Vulnerability File : nvt/gb_ms_power_point_code_exec_vuln.nasl |
2011-02-23 | Name : Microsoft Office Excel Axis and Art Object Parsing Remote Code Execution Vuln... File : nvt/gb_ms_office_excel_mult_code_exec_vuln.nasl |
2011-02-23 | Name : Microsoft Excel 2007 Office Drawing Layer Remote Code Execution Vulnerability File : nvt/gb_ms_office_excel_drawing_layer_code_exec_vuln.nasl |
2011-02-18 | Name : Microsoft Windows2k3 Active Directory 'BROWSER ELECTION' Buffer Overflow Vuln... File : nvt/gb_ms_windows2k3_active_directory_bof_vuln.nasl |
2011-02-05 | Name : Microsoft Internet Explorer Information Disclosure Vulnerability (2501696) File : nvt/secpod_ms_ie_mhtml_info_disc_vuln.nasl |
2011-02-01 | Name : Microsoft Internet Explorer 'ReleaseInterface()' Remote Code Execution Vulner... File : nvt/gb_ms_ie_releaseinterface_code_execution_vuln.nasl |
2011-01-27 | Name : Microsoft Windows Fax Cover Page Editor BOF Vulnerabilities File : nvt/gb_ms_windows_fscpe_bof_vuln.nasl |
2010-09-29 | Name : Microsoft Visual Studio Insecure Library Loading Vulnerability File : nvt/secpod_ms_visual_studio_insecure_lib_load_vuln.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
71782 | Microsoft .NET Framework x86 JIT Compiler XAML Browser Application (XBAP) Pro... A memory corruption flaw exists in Microsoft .NET Framework. The x86 JIT compiler fails to sanitize user-supplied input when compiling function calls, resulting in memory corruption. With a specially crafted XAML browser, ASP.NET or .NET Framework application, a context-dependent attacker can execute arbitrary code. |
71781 | Microsoft Windows SMB Transaction Parsing Unspecified Remote Code Execution Microsoft Windows contains a flaw related to the SMB Server service. This may allow a remote attacker to use a crafted SMB packet to execute arbitrary code. |
71780 | Microsoft Windows DNS Client Service LLMNR Query Processing Remote Code Execu... Microsoft Windows contains a flaw related to the DNSAPI.dll component in the DNS client failing to properly process DNS queries. This may allow a remote attacker to use a crafted LLMNR broadcast query to TCP/UDP port 5355, or a crafted application to execute arbitrary code. |
71779 | Microsoft Windows/Office GDI+ (gdiplus.dll) EMF File Processing Overflow Microsoft Windows and Office are prone to an overflow condition. The gdiplus.dll library in GDI+ fails to properly sanitize user-supplied input resulting in an integer overflow. With a specially crafted EMF image, a context-dependent attacker can potentially execute arbitrary code. |
71778 | Microsoft Windows Wordpad Word 97 Converter sprmTTextFlow / sprmTSplit PRLs P... A memory corruption flaw exists in Microsoft Windows. The Word 97 converter, mswrd8.wpc or mswrd864.wpc, fails to sanitize user-supplied input when parsing cell ranges supplied in sprmTTextFlow and sprmTSplit PRLs, resulting in memory corruption. With a specially crafted .doc file, a context-dependent attacker can execute arbitrary code. |
71776 | Microsoft Windows OpenType Font (OTF) Driver Font Processing Overflow Microsoft Windows is prone to an overflow condition. The OpenType Compact Font Format driver fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With specially crafted parameter values in an OpenType font, a context-dependent attacker can potentially execute arbitrary code. |
71775 | Microsoft Windows Fax Cover Page Editor Memory Corruption A memory corruption flaw exists in Microsoft Windows. The fxscover.exe application in the Fax Cover Page Editor fails to sanitize user-supplied input when parsing FAX cover pages, resulting in memory corruption. With a specially crafted .cov file, a context-dependent attacker can execute arbitrary code. |
71774 | Microsoft Windows JScript / VBScript Engine Scripting Memory Reallocation Ove... Microsoft Windows is prone to an overflow condition. The JScript and VBScript scripting engines fail to properly sanitize user-supplied input resulting in an integer overflow. With a specially crafted web page, a context-dependent attacker can potentially execute arbitrary code. |
71773 | Microsoft Windows Common Internet File System (CIFS) Malformed Browser Messag... Microsoft Windows is prone to an overflow condition. The 'BowserWriteErrorLogEntry' function in the CIFS browser service in 'Mrxsmb.sys' or 'bowser.sys' in Active Directory fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted BROWSER ELECTION message, a remote attacker can potentially execute arbitrary code. |
71772 | Microsoft Windows SMB Client Response Parsing Unspecified Remote Code Execution Microsoft Windows contains a flaw related to the Microsoft Server Message Block's validation of SMB responses. This may allow a remote attacker to use a crafted SBM response to execute arbitrary code. |
71771 | Microsoft Office PowerPoint TimeColorBehaviorContainer (Techno-color Time Ban... Multiple Microsoft products contain a flaw related to the failure to properly validate TimeColorBehaviorContainer Floating Point records and structures in PowerPoint documents. This may allow a context-dependent attacker using a crafted PowerPoint document to execute arbitrary code. |
71770 | Microsoft Office PowerPoint PersistDirectoryEntry Processing Remote Code Exec... Multiple Microsoft products contain a flaw related to the handling of PersistDirectoryEntry record exceptions. The issue is triggered when the program uses a method derived from a malformed object created by this flaw. This may allow a context-dependent attacker to use a crafted document containing an invalid record to execute arbitrary code. |
71769 | Microsoft Office PowerPoint OfficeArt Atom Parsing Remote Code Execution Microsoft PowerPoint, Office for Mac, PowerPoint Viewer, Open XML File Format Converter for Mac and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 contain a flaw related to the parsing of external objects within Office Art containers. The issue is triggered when program accesses nonexistent methods when destroying the object while closing documents. This may allow a context-dependent attacker using a crafted PowerPoint document to execute arbitrary code. |
71768 | Microsoft Office Graphic Object Parsing Remote Code Execution Microsoft Office and Open XML File Format Converter for Mac contain a flaw related to the office drawing file format. The issue is triggered when an error occurs during parsing of shape data and freeing used elements without removing references to them. This may allow a context-dependent attacker using a crafted shape data in the Office drawing file format to execute arbitrary code. |
71767 | Microsoft Office Path Subversion Arbitrary DLL Injection Code Execution Microsoft Office is prone to a flaw in the way it loads dynamic-link libraries (DLL). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening a .docx file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source. |
71766 | Microsoft Office Excel RealTimeData Record Parsing WriteAV Remote Code Execution Microsoft Excel contains a flaw related to RealTimeData Record Parsing methods. The issue is triggered when a the program uses an improperly calculated pointer in a memcpy operation with a user supplied data source. This may allow a context-dependent attacker to use a crafted Excel file to execute arbitrary code. |
71765 | Microsoft Office Excel File Validation Record Handling Overflow Microsoft Excel, Office for Mac, and Open XML File Format Converter for Mac are prone to an overflow condition. The programs fail to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted record within a Microsoft Excel Compound document, a context-dependent attacker can potentially execute arbitrary code. |
71764 | Microsoft Office Excel File Handling Dangling Pointer Remote Code Execution Microsoft Excel, Office for Mac, and Open XML File Format Converter for Mac contain a flaw related to improper parsing of office art object. The issue is triggered when the program adds the object to a linked list and trusts a function pointer of the object. This may allow a context-dependent attacker using a crafted Excel document to replace this pointer to execute arbitrary code. |
71763 | Microsoft Office Excel File Handling Linked List Corruption Remote Code Execu... Multiple Microsoft products contain a flaw related to improper error handling in office art object records. The issue is triggered when the program receives a window message and navigates to a linked list which accesses a malformed object. This may allow a context-dependent attacker to execute arbitrary code. |
71762 | Microsoft Excel Axis Properties Record Parsing Overflow Microsoft Excel is prone to an overflow condition. The program fails to properly sanitize user-supplied input, specifically a specific field used in array index incrementing, resulting in a stack-based buffer overflow. With a specially crafted axis properties record in an Excel file, a context-dependent attacker can potentially execute arbitrary code. |
71761 | Microsoft Office Excel File Handling Memory Corruption A memory corruption flaw exists in Microsoft Excel, Office for Mac, and Open XML File Format Converter for Mac. The programs fail to sanitize user-supplied input while validating record information during parsing of Excel files, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code. |
71760 | Microsoft Office Excel File Handling Unspecified Memory Corruption A memory corruption flaw exists in Microsoft Excel, Office for Mac, and Open XML File Format Converter for Mac. The programs fail to sanitize user-supplied input while parsing an Excel file containing certain unspecified specific values, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code. |
71759 | Microsoft Excel External Record Parsing Signedness Overflow Multiple Microsoft products are prone to an overflow condition. The programs fails to properly sanitize user-supplied input and encounter a signedness error, resulting in a heap-based buffer overflow. With specially crafted record information in an Excel file, a context-dependent attacker can potentially execute arbitrary code. |
71758 | Microsoft Excel Substream Parsing Integer Underflow Multiple Microsoft products are prone to an overflow condition. The programs encounter an integer underflow error when parsing data included in a 400h substream, resulting in a stack-based buffer overflow. With specially crafted crafted record information in an Excel file, a context-dependent attacker can potentially execute arbitrary code/ |
71757 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
71756 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
71755 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
71754 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
71753 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
71752 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
71751 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
71750 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
71749 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
71748 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
71747 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
71746 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
71745 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
71744 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
71743 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
71742 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
71741 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
71740 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
71739 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges. |
71738 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges. |
71737 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges. |
71736 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges. |
71735 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges. |
71734 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges. |
71732 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges. |
71731 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges. |
71730 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges. |
71729 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges. |
71728 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges. |
71727 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges. |
71726 | Microsoft IE JavaScript Unspecified Cross-domain Information Disclosure Microsoft IE contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the program fails to restrict scripts from accessing cross-domain or zone content, which will disclose sensitive information to a context-dependent attacker using a crafted web page. |
71725 | Microsoft IE Object Management onPropertyManagement Processing Memory Corruption A memory corruption flaw exists in Microsoft IE. The program fails to sanitize user-supplied input during onPropertyChange function calls, resulting in memory corruption. With a specially crafted web page, a context-dependent attacker can execute arbitrary code. |
71724 | Microsoft IE Layouts Handling Memory Corruption A memory corruption flaw exists in Microsoft IE. The program fails to sanitize user-supplied input when handling objects in memory which were not previously initialized or have been deleted, resulting in memory corruption. With a specially crafted web page, a context-dependent attacker can execute arbitrary code. |
70904 | Microsoft Office Excel OfficeArt Container Parsing Memory Corruption A memory corruption flaw exists in Microsoft Office Excel. The program fails to properly handle errors during Office Art record parsing, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code. |
70693 | Microsoft Windows MHTML Protocol Handler MIME Formatted Request XSS Microsoft Windows contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the MHTML protocol handler does not properly interpret MIME-formatted requests for content blocks. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
70391 | Microsoft IE MSHTML.DLL ReleaseInterface Function Use-after-free Arbitrary Co... Microsoft IE contains a user-after-free vulnerability related to the ReleaseInterface function in MSHTML.DLL. This may allow a context-dependent attacker to use a crafted web page to execute arbitrary code via vectors related to DOM implementation and the BreakAASpecial and BreakCircularMemoryReferences functions. |
70126 | Microsoft Windows Fax Cover Page Editor CDrawPoly::Serialize() Function Overflow Microsoft Windows is prone to an overflow condition. The Windows Fax Cover Page Editor component (fxscover.exe) fails to properly sanitize user-supplied input when the 'CDrawPoly::Serialize()' function reads in data, resulting in a heap-based buffer overflow. With a specially crafted Fax Cover Page file (.cov), a context-dependent attacker can potentially execute arbitrary code. |
67674 | Microsft Visual Studio Path Subversion Arbitrary DLL Injection Code Execution Microsoft Visual Studio ATL MFC Trace Tool (AtlTraceTool8.exe) is prone to a flaw in the way it loads dynamic-link libraries (e.g. dwmapi.dll). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening a TRC file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2011-04-14 | IAVM : 2011-B-0045 - Microsoft Windows Fax Cover Page Editor Vulnerability Severity : Category II - VMSKEY : V0026509 |
2011-04-14 | IAVM : 2011-B-0046 - Remote Code Execution Vulnerability in Microsoft Foundation Class (MFC) Library Severity : Category II - VMSKEY : V0026512 |
2011-04-14 | IAVM : 2011-A-0039 - Microsoft DNS Resolution Remote Code Execution Vulnerability Severity : Category I - VMSKEY : V0026514 |
2011-04-14 | IAVM : 2011-B-0048 - Microsoft WordPad Text Converters Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0026517 |
2011-04-14 | IAVM : 2011-A-0050 - Microsoft SMB Server Remote Code Execution Vulnerability Severity : Category I - VMSKEY : V0026521 |
2011-04-14 | IAVM : 2011-A-0047 - Multiple Vulnerabilities in Microsoft Office PowerPoint Severity : Category II - VMSKEY : V0026525 |
2011-04-14 | IAVM : 2011-A-0048 - Microsoft Windows Scripting Memory Reallocation Vulnerability Severity : Category II - VMSKEY : V0026526 |
2011-04-14 | IAVM : 2011-A-0045 - Multiple Vulnerabilities in Microsoft Office Severity : Category II - VMSKEY : V0026527 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft Office Excel url unicode overflow attempt RuleID : 7002 - Revision : 20 - Type : FILE-OFFICE |
2020-01-14 | Microsoft Windows Wordpad Converter sprmT record heap overflow attempt RuleID : 52422 - Revision : 1 - Type : FILE-OFFICE |
2020-01-14 | Microsoft Windows Wordpad Converter sprmT record heap overflow attempt RuleID : 52421 - Revision : 1 - Type : FILE-OFFICE |
2020-01-03 | Microsoft Windows MHTML XSS attempt RuleID : 52335 - Revision : 1 - Type : OS-WINDOWS |
2019-09-12 | Microsoft Office PowerPoint OfficeArt atom memory corruption attempt RuleID : 50962 - Revision : 1 - Type : FILE-OFFICE |
2019-09-05 | Microsoft Fax Cover Page Editor heap corruption attempt RuleID : 50873 - Revision : 1 - Type : OS-WINDOWS |
2019-09-05 | Microsoft Fax Cover Page Editor heap corruption attempt RuleID : 50872 - Revision : 1 - Type : OS-WINDOWS |
2016-09-13 | Microsoft Windows win32k.sys escalation of privilege attempt RuleID : 39863 - Revision : 2 - Type : OS-WINDOWS |
2016-04-05 | Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt RuleID : 37881 - Revision : 2 - Type : BROWSER-IE |
2016-03-14 | Microsoft Office Word request for rpawinet.dll over SMB attempt RuleID : 37319 - Revision : 5 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office Word rpawinet.dll dll-load exploit attempt RuleID : 37318 - Revision : 5 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office PowerPoint malformed record call to freed object attempt RuleID : 37035 - Revision : 2 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office PowerPoint malformed record call to freed object attempt RuleID : 37034 - Revision : 2 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office PowerPoint malformed record call to freed object attempt RuleID : 37033 - Revision : 2 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office PowerPoint malformed record call to freed object attempt RuleID : 37032 - Revision : 2 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office PowerPoint malformed record call to freed object attempt RuleID : 37031 - Revision : 2 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office PowerPoint malformed record call to freed object attempt RuleID : 37030 - Revision : 2 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office PowerPoint malformed record call to freed object attempt RuleID : 37029 - Revision : 2 - Type : FILE-OFFICE |
2015-03-31 | Microsoft Windows Fax Services Cover Page Editor Double Free Memory Corruptio... RuleID : 33604 - Revision : 2 - Type : FILE-OTHER |
2015-03-31 | Microsoft Windows Fax Services Cover Page Editor Double Free Memory Corruptio... RuleID : 33603 - Revision : 2 - Type : FILE-OTHER |
2015-01-31 | Microsoft Office Excel malformed Label record exploit attempt RuleID : 32940 - Revision : 4 - Type : FILE-OFFICE |
2015-01-06 | Microsoft Office Excel DV record buffer overflow attempt RuleID : 32625 - Revision : 3 - Type : FILE-OFFICE |
2014-11-16 | Microsoft Office Word Converter sprmTTextFflow overflow attempt RuleID : 31379 - Revision : 4 - Type : FILE-OFFICE |
2014-11-16 | Microsoft Office Word Converter sprmTSplit overflow attempt RuleID : 31378 - Revision : 4 - Type : FILE-OFFICE |
2014-07-03 | Microsoft Office Excel rtToolbarDef record integer overflow attempt RuleID : 31127 - Revision : 3 - Type : FILE-OFFICE |
2014-07-03 | Microsoft Office Excel rtToolbarDef record integer overflow attempt RuleID : 31126 - Revision : 3 - Type : FILE-OFFICE |
2014-07-03 | Microsoft Office Excel rtToolbarDef record integer overflow attempt RuleID : 31125 - Revision : 3 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel rtToolbarDef record integer overflow attempt RuleID : 28550 - Revision : 4 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel rtToolbarDef record integer overflow attempt RuleID : 28549 - Revision : 4 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel RealTimeData record memory corruption attempt RuleID : 28546 - Revision : 4 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel RealTimeData record memory corruption attempt RuleID : 28545 - Revision : 3 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel RealTimeData record memory corruption attempt RuleID : 28544 - Revision : 3 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Internet Explorer object management memory corruption attempt RuleID : 28259 - Revision : 7 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer object management memory corruption attempt RuleID : 28258 - Revision : 7 - Type : BROWSER-IE |
2014-01-10 | Microsoft Office Excel Workspace file FontCount record memory corruption attempt RuleID : 28103 - Revision : 4 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel IPMT record buffer overflow attempt RuleID : 25296 - Revision : 4 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel IPMT record buffer overflow attempt RuleID : 25295 - Revision : 3 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel IPMT record buffer overflow attempt RuleID : 25294 - Revision : 4 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel IPMT record buffer overflow attempt RuleID : 25293 - Revision : 6 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt RuleID : 24872 - Revision : 8 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt RuleID : 24871 - Revision : 8 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt RuleID : 24870 - Revision : 6 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt RuleID : 24869 - Revision : 6 - Type : BROWSER-IE |
2014-01-10 | Microsoft Office Excel drawing layer use after free attempt RuleID : 24242 - Revision : 7 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel drawing layer use after free attempt RuleID : 24241 - Revision : 7 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel drawing layer use after free attempt RuleID : 24240 - Revision : 7 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel catLabel pointer manipulation attempt RuleID : 24130 - Revision : 5 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel catLabel pointer manipulation attempt RuleID : 24129 - Revision : 6 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Windows MHTML XSS attempt RuleID : 23563 - Revision : 4 - Type : FILE-OTHER |
2014-01-10 | Microsoft MHTML XSS attempt RuleID : 23562 - Revision : 3 - Type : FILE-OTHER |
2014-01-10 | Microsoft Office PowerPoint malformed record call to freed object attempt RuleID : 21647 - Revision : 7 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Windows GDI+ arbitrary code execution attempt RuleID : 21439 - Revision : 7 - Type : FILE-IMAGE |
2014-01-10 | Microsoft Fax Cover Page Editor heap corruption attempt RuleID : 21352 - Revision : 5 - Type : OS-WINDOWS |
2014-01-10 | Microsoft product fputlsat.dll dll-load exploit attempt RuleID : 21310 - Revision : 7 - Type : OS-WINDOWS |
2014-01-10 | Microsoft product request for fputlsat.dll over SMB attempt RuleID : 21309 - Revision : 7 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows OpenType font parsing stack overflow attempt RuleID : 20904 - Revision : 10 - Type : FILE-OTHER |
2014-01-10 | Microsoft Windows OpenType font parsing stack overflow attempt RuleID : 20903 - Revision : 13 - Type : FILE-OTHER |
2014-01-10 | Microsoft Windows OpenType font parsing stack overflow attempt RuleID : 20902 - Revision : 10 - Type : FILE-OTHER |
2014-01-10 | Microsoft Office Excel rtToolbarDef record integer overflow attempt RuleID : 20534 - Revision : 12 - Type : FILE-OFFICE |
2014-01-10 | MHTML XSS attempt RuleID : 20133 - Revision : 10 - Type : FILE-OTHER |
2014-01-10 | Microsoft Office PowerPoint malformed record call to freed object attempt RuleID : 19811 - Revision : 13 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Word Converter sprmTSplit overflow attempt RuleID : 19707 - Revision : 13 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Windows .NET Framework XAML browser applications stack corruption RuleID : 19170 - Revision : 12 - Type : FILE-OTHER |
2014-01-10 | Microsoft Windows 2003 browser election remote heap overflow attempt RuleID : 18994 - Revision : 8 - Type : OS-WINDOWS |
2015-05-28 | Microsoft SMB CIFS split response message overflow attempt RuleID : 18677 - Revision : 3 - Type : SPECIFIC-THREATS |
2014-01-10 | Microsoft Office Excel DV record buffer overflow attempt RuleID : 18676 - Revision : 11 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Fax Cover Page Editor heap corruption attempt RuleID : 18673 - Revision : 7 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Internet Explorer object management memory corruption attempt RuleID : 18671 - Revision : 17 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer object management memory corruption attempt RuleID : 18670 - Revision : 17 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer cross-domain object manipulation attempt RuleID : 18669 - Revision : 7 - Type : BROWSER-IE |
2014-01-10 | Microsoft Windows win32k.sys escalation of privilege attempt RuleID : 18667 - Revision : 8 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows win32k.sys escalation of privilege attempt RuleID : 18666 - Revision : 8 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows win32k.sys escalation of privilege attempt RuleID : 18665 - Revision : 8 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows win32k.sys escalation of privilege attempt RuleID : 18664 - Revision : 8 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows win32k.sys escalation of privilege attempt RuleID : 18663 - Revision : 8 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows win32k.sys escalation of privilege attempt RuleID : 18662 - Revision : 9 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows win32k.sys escalation of privilege attempt RuleID : 18661 - Revision : 8 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows SMB2 write packet buffer overflow attempt RuleID : 18660 - Revision : 7 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows LLMNR invalid reverse name lookup stack corruption attempt RuleID : 18655 - Revision : 12 - Type : OS-WINDOWS |
2015-05-28 | Common Internet File System Browser Protocol BowserWriteErrorLogEntry RuleID : 18653 - Revision : 4 - Type : NETBIOS |
2015-05-28 | Microsoft Word .dll dll-load exploit attempt RuleID : 18650 - Revision : 4 - Type : NETBIOS |
2015-05-28 | Microsoft Word .dll dll-load exploit attempt RuleID : 18647 - Revision : 3 - Type : WEB-CLIENT |
2014-01-10 | Microsoft Internet Explorer 6/7 CSS swapNode memory corruption attempt RuleID : 18646 - Revision : 6 - Type : SPECIFIC-THREATS |
2014-01-10 | Microsoft Windows GDI+ arbitrary code execution attempt RuleID : 18645 - Revision : 16 - Type : FILE-IMAGE |
2014-01-10 | Microsoft Windows OpenType Fonts CompactFontFormat FontMatrix tranform memory... RuleID : 18644 - Revision : 11 - Type : FILE-OTHER |
2014-01-10 | Microsoft Office Word Converter sprmTTextFflow overflow attempt RuleID : 18643 - Revision : 17 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Word Converter sprmTSplit overflow attempt RuleID : 18642 - Revision : 14 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel OBJ record invalid cmo.ot exploit attempt RuleID : 18641 - Revision : 7 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel malformed SupBook record attempt RuleID : 18640 - Revision : 8 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel CatSerRange record exploit attempt RuleID : 18639 - Revision : 12 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel drawing layer use after free attempt RuleID : 18638 - Revision : 20 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office PowerPoint OfficeArt atom memory corruption attempt RuleID : 18637 - Revision : 16 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office PowerPoint SlideAtom record exploit attempt RuleID : 18636 - Revision : 14 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office PowerPoint malformed record call to freed object attempt RuleID : 18635 - Revision : 17 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel Workspace file FontCount record memory corruption attempt RuleID : 18634 - Revision : 15 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel RealTimeData record memory corruption attempt RuleID : 18633 - Revision : 14 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel malformed Label record exploit attempt RuleID : 18632 - Revision : 19 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel rtToolbarDef record integer overflow attempt RuleID : 18631 - Revision : 11 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel rtToolbarDef record integer overflow attempt RuleID : 18630 - Revision : 11 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Foundation Class applications mfc100.dll dll-load exploit attempt RuleID : 18629 - Revision : 13 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Foundation Class applications mfc90.dll dll-load exploit attempt RuleID : 18628 - Revision : 13 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Foundation Class applications mfc80.dll dll-load exploit attempt RuleID : 18627 - Revision : 13 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Foundation Class applications mfc42.dll dll-load exploit attempt RuleID : 18626 - Revision : 13 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Foundation Class applications mfc40.dll dll-load exploit attempt RuleID : 18625 - Revision : 13 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows .NET framework optimizer escalation attempt RuleID : 18624 - Revision : 8 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Visual Studio MFC applications mfc100.dll dll-load exploit attempt RuleID : 18623 - Revision : 11 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Visual Studio MFC applications mfc90.dll dll-load exploit attempt RuleID : 18622 - Revision : 11 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Visual Studio MFC applications mfc80.dll dll-load exploit attempt RuleID : 18621 - Revision : 11 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Visual Studio MFC applications mfc42.dll dll-load exploit attempt RuleID : 18620 - Revision : 11 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Visual Studio MFC applications mfc40.dll dll-load exploit attempt RuleID : 18619 - Revision : 11 - Type : OS-WINDOWS |
2014-01-10 | Microsoft product .dll dll-load exploit attempt RuleID : 18495 - Revision : 21 - Type : OS-WINDOWS |
2014-01-10 | Microsoft product .dll dll-load exploit attempt RuleID : 18494 - Revision : 25 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows 2003 browser election remote heap overflow attempt RuleID : 18462 - Revision : 10 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows MHTML XSS attempt RuleID : 18335 - Revision : 21 - Type : OS-WINDOWS |
2014-01-10 | SMB client TRANS response ring0 remote code execution attempt RuleID : 16531 - Revision : 11 - Type : NETBIOS |
2014-01-10 | Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt RuleID : 16377 - Revision : 18 - Type : BROWSER-IE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-10-26 | Name : The remote host contains an application that is affected by multiple vulnerab... File : itunes_12_3_0_banner.nasl - Type : ACT_GATHER_INFO |
2015-09-18 | Name : The remote host contains an application that is affected by multiple vulnerab... File : itunes_12_3_0.nasl - Type : ACT_GATHER_INFO |
2011-04-21 | Name : Arbitrary code can be executed on the remote host through the installed Windo... File : llmnr-ms11-030.nasl - Type : ACT_GATHER_INFO |
2011-04-20 | Name : It is possible to execute arbitrary code on the remote Windows host due to fl... File : smb_kb2508429.nasl - Type : ACT_GATHER_INFO |
2011-04-13 | Name : Arbitrary code can be executed on the remote host through the Microsoft Found... File : smb_nt_ms11-025.nasl - Type : ACT_GATHER_INFO |
2011-04-13 | Name : The remote Windows kernel is affected by multiple vulnerabilities. File : smb_nt_ms11-034.nasl - Type : ACT_GATHER_INFO |
2011-04-13 | Name : Arbitrary code can be executed on the remote host through the installed versi... File : smb_nt_ms11-033.nasl - Type : ACT_GATHER_INFO |
2011-04-13 | Name : The remote Windows host contains a font driver that is affected by a privileg... File : smb_nt_ms11-032.nasl - Type : ACT_GATHER_INFO |
2011-04-13 | Name : Arbitrary code can be executed on the remote host through the installed JScri... File : smb_nt_ms11-031.nasl - Type : ACT_GATHER_INFO |
2011-04-13 | Name : Arbitrary code can be executed on the remote host through the installed Windo... File : smb_nt_ms11-030.nasl - Type : ACT_GATHER_INFO |
2011-04-13 | Name : Arbitrary code can be executed on the remote Windows host through Microsoft's... File : smb_nt_ms11-029.nasl - Type : ACT_GATHER_INFO |
2011-04-13 | Name : The version of the .NET Framework installed on the remote host allows arbitra... File : smb_nt_ms11-028.nasl - Type : ACT_GATHER_INFO |
2011-04-13 | Name : The remote Windows host is affected by an information disclosure vulnerability. File : smb_nt_ms11-026.nasl - Type : ACT_GATHER_INFO |
2011-04-13 | Name : A fax cover page editor on the remote host has a memory corruption vulnerabil... File : smb_nt_ms11-024.nasl - Type : ACT_GATHER_INFO |
2011-04-13 | Name : Arbitrary code can be executed on the remote host through Microsoft Office. File : smb_nt_ms11-023.nasl - Type : ACT_GATHER_INFO |
2011-04-13 | Name : Arbitrary code can be executed on the remote host through Microsoft PowerPoint. File : smb_nt_ms11-022.nasl - Type : ACT_GATHER_INFO |
2011-04-13 | Name : Arbitrary code can be executed on the remote host through Microsoft Excel. File : smb_nt_ms11-021.nasl - Type : ACT_GATHER_INFO |
2011-04-13 | Name : It is possible to execute arbitrary code on the remote Windows host due to fl... File : smb_nt_ms11-020.nasl - Type : ACT_GATHER_INFO |
2011-04-13 | Name : Arbitrary code can be executed on the remote host through the installed SMB c... File : smb_nt_ms11-019.nasl - Type : ACT_GATHER_INFO |
2011-04-13 | Name : Arbitrary code can be executed on the remote host through a web browser. File : smb_nt_ms11-018.nasl - Type : ACT_GATHER_INFO |
2011-04-13 | Name : An application installed on the remote Mac OS X host is affected by multiple ... File : macosx_ms_office_apr2011.nasl - Type : ACT_GATHER_INFO |