Executive Summary
Summary | |
---|---|
Title | Microsoft Updates for Multiple Vulnerabilities |
Informations | |||
---|---|---|---|
Name | TA11-221A | First vendor Publication | 2011-08-09 |
Vendor | US-CERT | Last vendor Modification | 2011-08-09 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
There are multiple vulnerabilities in Microsoft Windows, Microsoft Office, Internet Explorer, .NET Framework, and Microsoft Developer Tools. Microsoft has released updates to address these vulnerabilities. I. Description The Microsoft Security Bulletin Summary for August 2011 describes multiple vulnerabilities in Microsoft Windows, Microsoft Office, Internet Explorer, .NET Framework, and Microsoft Developer Tools. II. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. III. Solution Apply updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for August 2011. That bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated-update distribution system such as Windows Server Update Services (WSUS). |
Original Source
Url : http://www.us-cert.gov/cas/techalerts/TA11-221A.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
21 % | CWE-399 | Resource Management Errors |
21 % | CWE-20 | Improper Input Validation |
14 % | CWE-264 | Permissions, Privileges, and Access Controls |
14 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
7 % | CWE-668 | Exposure of Resource to Wrong Sphere |
7 % | CWE-362 | Race Condition |
7 % | CWE-200 | Information Exposure |
7 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12318 | |||
Oval ID: | oval:org.mitre.oval:def:12318 | ||
Title: | TCP/IP QOS Denial of Service Vulnerability | ||
Description: | Tcpip.sys in the TCP/IP stack in Microsoft Windows 7 Gold and SP1 and Windows Server 2008 R2 and R2 SP1 does not properly implement URL-based QoS, which allows remote attackers to cause a denial of service (reboot) via a crafted URL to a web server, aka "TCP/IP QOS Denial of Service Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1965 | Version: | 3 |
Platform(s): | Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12383 | |||
Oval ID: | oval:org.mitre.oval:def:12383 | ||
Title: | Event Handlers Information Disclosure Vulnerability | ||
Description: | Microsoft Internet Explorer 6 through 9 does not properly implement JavaScript event handlers, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Event Handlers Information Disclosure Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1960 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12617 | |||
Oval ID: | oval:org.mitre.oval:def:12617 | ||
Title: | Style Object Memory Corruption Vulnerability | ||
Description: | Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Style Object Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1964 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12659 | |||
Oval ID: | oval:org.mitre.oval:def:12659 | ||
Title: | Move Around the Block RCE Vulnerability | ||
Description: | Microsoft Visio 2003 SP3 and 2007 SP2 does not properly validate objects in memory during Visio file parsing, which allows remote attackers to execute arbitrary code via a crafted file, aka "Move Around the Block RCE Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1979 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | Microsoft Office Visio 2003 Microsoft Office Visio 2007 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12684 | |||
Oval ID: | oval:org.mitre.oval:def:12684 | ||
Title: | Telnet Handler Remote Code Execution Vulnerability | ||
Description: | The telnet URI handler in Microsoft Internet Explorer 6 through 9 does not properly launch the handler application, which allows remote attackers to execute arbitrary programs via a crafted web site, aka "Telnet Handler Remote Code Execution Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1961 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12753 | |||
Oval ID: | oval:org.mitre.oval:def:12753 | ||
Title: | XSLT Memory Corruption Vulnerability | ||
Description: | Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "XSLT Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1963 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12764 | |||
Oval ID: | oval:org.mitre.oval:def:12764 | ||
Title: | DNS NAPTR Query Vulnerability | ||
Description: | The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 does not properly handle NAPTR queries that trigger recursive processing, which allows remote attackers to execute arbitrary code via a crafted query, aka "DNS NAPTR Query Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1966 | Version: | 5 |
Platform(s): | Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12773 | |||
Oval ID: | oval:org.mitre.oval:def:12773 | ||
Title: | Report Viewer Controls XSS Vulnerability | ||
Description: | Cross-site scripting (XSS) vulnerability in the Report Viewer Control in Microsoft Visual Studio 2005 SP1 and Report Viewer 2005 SP1 allows remote attackers to inject arbitrary web script or HTML via a parameter in a data source, aka "Report Viewer Controls XSS Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1976 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | Microsoft Visual Studio 2005 Microsoft Report Viewer 2005 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12787 | |||
Oval ID: | oval:org.mitre.oval:def:12787 | ||
Title: | Window Open Race Condition Vulnerability | ||
Description: | Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors involving access to an object, aka "Window Open Race Condition Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1257 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12792 | |||
Oval ID: | oval:org.mitre.oval:def:12792 | ||
Title: | Remote Desktop Web Access Vulnerability | ||
Description: | Cross-site scripting (XSS) vulnerability in the logon page in Remote Desktop Web Access (RD Web Access) in Microsoft Windows Server 2008 R2 and R2 SP1 allows remote attackers to inject arbitrary web script or HTML via the URI, aka "Remote Desktop Web Access Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1263 | Version: | 3 |
Platform(s): | Microsoft Windows Server 2008 R2 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12806 | |||
Oval ID: | oval:org.mitre.oval:def:12806 | ||
Title: | Remote Desktop Protocol Vulnerability | ||
Description: | The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly process packets in memory, which allows remote attackers to cause a denial of service (reboot) by sending crafted RDP packets triggering access to an object that (1) was not properly initialized or (2) is deleted, as exploited in the wild in 2011, aka "Remote Desktop Protocol Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1968 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12852 | |||
Oval ID: | oval:org.mitre.oval:def:12852 | ||
Title: | pStream Release RCE Vulnerability | ||
Description: | Microsoft Visio 2003 SP3, 2007 SP2, and 2010 Gold and SP1 does not properly validate objects in memory during Visio file parsing, which allows remote attackers to execute arbitrary code via a crafted file, aka "pStream Release RCE Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1972 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | Microsoft Office Visio 2003 Microsoft Office Visio 2007 Microsoft Office Visio 2010 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12870 | |||
Oval ID: | oval:org.mitre.oval:def:12870 | ||
Title: | DNS Uninitialized Memory Corruption Vulnerability | ||
Description: | The DNS server in Microsoft Windows Server 2003 SP2 and Windows Server 2008 SP2, R2, and R2 SP1 does not properly initialize memory, which allows remote attackers to cause a denial of service (service outage) via a query for a nonexistent domain, aka "DNS Uninitialized Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1970 | Version: | 5 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12911 | |||
Oval ID: | oval:org.mitre.oval:def:12911 | ||
Title: | CSRSS Vulnerability | ||
Description: | Winsrv.dll in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly check permissions for sending inter-process device-event messages from low-integrity processes to high-integrity processes, which allows local users to gain privileges via a crafted application, aka "CSRSS Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1967 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12912 | |||
Oval ID: | oval:org.mitre.oval:def:12912 | ||
Title: | NDISTAPI Elevation of Privilege Vulnerability | ||
Description: | NDISTAPI.sys in the NDISTAPI driver in Remote Access Service (RAS) in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "NDISTAPI Elevation of Privilege Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1974 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12936 | |||
Oval ID: | oval:org.mitre.oval:def:12936 | ||
Title: | Data Access Components Insecure Library Loading Vulnerability | ||
Description: | Untrusted search path vulnerability in the Data Access Tracing component in Windows Data Access Components (Windows DAC) 6.0 in Microsoft Windows 7 Gold and SP1 and Windows Server 2008 R2 and R2 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an Excel .xlsx file, aka "Data Access Components Insecure Library Loading Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1975 | Version: | 3 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 R2 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12970 | |||
Oval ID: | oval:org.mitre.oval:def:12970 | ||
Title: | Chart Control Information Disclosure Vulnerability | ||
Description: | The ASP.NET Chart controls in Microsoft .NET Framework 4, and Chart Control for Microsoft .NET Framework 3.5 SP1, do not properly verify functions in URIs, which allows remote attackers to read arbitrary files via special characters in a URI in an HTTP request, aka "Chart Control Information Disclosure Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1977 | Version: | 5 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | Microsoft .NET Framework Chart Control for Microsoft .NET Framework 3.5 Service Pack 1 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12971 | |||
Oval ID: | oval:org.mitre.oval:def:12971 | ||
Title: | ICMP Denial of Service Vulnerability | ||
Description: | Tcpip.sys in the TCP/IP stack in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (reboot) via a series of crafted ICMP messages, aka "ICMP Denial of Service Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1871 | Version: | 3 |
Platform(s): | Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 4 | |
Application | 2 | |
Application | 6 | |
Application | 1 | |
Os | 1 | |
Os | 3 | |
Os | 1 | |
Os |
| 5 |
Os | 1 | |
Os | 2 |
SAINT Exploits
Description | Link |
---|---|
Internet Explorer Telnet URI Insecure Loading | More info here |
ExploitDB Exploits
id | Description |
---|---|
2011-10-15 | MS11-064 TCP/IP Stack Denial of Service |
OpenVAS Exploits
Date | Description |
---|---|
2011-08-11 | Name : Microsoft Internet Explorer Multiple Vulnerabilities (2559049) File : nvt/secpod_ms11-057.nasl |
2011-08-11 | Name : Microsoft Windows DNS Server Remote Code Execution Vulnerability (2562485) File : nvt/secpod_ms11-058.nasl |
2011-08-11 | Name : Microsoft Data Access Components Remote Code Execution Vulnerabilities (2560656) File : nvt/secpod_ms11-059.nasl |
2011-08-11 | Name : Microsoft Visio Remote Code Execution Vulnerabilities (2560978) File : nvt/secpod_ms11-060.nasl |
2011-08-11 | Name : MS Windows Remote Access Service NDISTAPI Driver Privilege Elevation Vulnerab... File : nvt/secpod_ms11-062.nasl |
2011-08-11 | Name : Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulne... File : nvt/secpod_ms11-063.nasl |
2011-08-11 | Name : Microsoft Windows TCP/IP Stack Denial of Service Vulnerability (2563894) File : nvt/secpod_ms11-064.nasl |
2011-08-11 | Name : Microsoft Remote Desktop Protocol Denial of Service Vulnerability (2570222) File : nvt/secpod_ms11-065.nasl |
2011-08-11 | Name : Microsoft .NET Framework Chart Control Information Disclosure Vulnerability (... File : nvt/secpod_ms11-066.nasl |
2011-08-11 | Name : Microsoft Report Viewer Information Disclosure Vulnerability (2578230) File : nvt/secpod_ms11-067.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
74500 | Microsoft IE STYLE Object Parsing Memory Corruption |
74499 | Microsoft IE SetViewSlave() Function XSLT Object Markup Reloading Memory Corr... |
74497 | Microsoft IE Event Handler Cross-domain Remote Information Disclosure |
74495 | Microsoft IE window.open() Function Race Condition Memory Corruption A memory corruption flaw exists in Microsoft Internet Explorer. The window.open() function fails to sanitize user-supplied input when the user performs specific sequences of clicks in different IE windows, resulting in memory corruption. With a specially crafted web page or ActiveX control, a context-dependent attacker can execute arbitrary code. |
74494 | Microsoft IE Crafted Link Telnet URI Handler Remote Program Execution |
74483 | Microsoft Windows TCP/IP Stack (Tcpip.sys) QoS URL Request Parsing Remote DoS Microsoft Windows contains a flaw that may allow a remote denial of service. The issue is triggered when Tcpip.sys fails to properly parse URL requests when URL-based Quality of Service (QoS) is enabled, and will result in loss of availability for the platform. |
74482 | Microsoft Windows TCP/IP Stack (Tcpip.sys) ICMP Message Parsing Remote DoS Microsoft Windows contains a flaw that may allow a remote denial of service. The issue is triggered when Tcpip.sys fails to properly parse ICMP messages, and will result in loss of availability for the platform. |
74408 | Microsoft Windows Data Access Tracing Component Path Subversion Arbitrary DLL... Windows Data Access Tracing Component is prone to a flaw in the way it loads dynamic-link libraries (DLL). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening a Excel file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source. |
74406 | Microsoft Windows Remote Desktop Web Access Logon Page Unspecified XSS Microsoft Windows Remote Desktop Web Access contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input to the Logon page before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
74405 | Microsoft Windows Remote Desktop Protocol RDP Packet Parsing Remote DoS Microsoft Windows contains a flaw that may allow a remote denial of service. The issue is triggered when the Remote Desktop Protocol fails to properly parse RDP packets, and will result in loss of availability for the platform. |
74403 | Microsoft .NET Framework Chart Control Special URI Character GET Request Pars... |
74402 | Microsoft Windows Remote Access Service NDISTAPI Driver User Input Validation... |
74401 | Microsoft Windows Client/Server Run-time Subsystem (CSRSS) Inter-Process Devi... |
74400 | Microsoft Windows DNS Service Non-Existent Domain Query Parsing Remote DoS |
74399 | Microsoft Windows DNS Service NAPTR Query Parsing Overflow |
74398 | Microsoft Visio Move Around the Block Visio File Handling Remote Code Execution Microsoft Visio contains a flaw related to the parsing of certain objects in memory when handling Visio files that may allow a context-dependent attacker to execute arbitrary code. |
74397 | Microsoft Visio pStream Release Visio File Handling Remote Code Execution Microsoft Visio contains a flaw related to the parsing of certain objects in memory when handling Visio files that may allow a context-dependent attacker to execute arbitrary code. |
74396 | Microsoft Report Viewer Control Unspecified XSS Microsoft Report Viewer contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input passed to the Microsoft Report Viewer control before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2011-08-11 | IAVM : 2011-A-0115 - Microsoft Windows Client/Server Run-time Subsystem Elevation of Privilege Vul... Severity : Category I - VMSKEY : V0029760 |
2011-08-11 | IAVM : 2011-A-0117 - Microsoft Windows Remote Access Service Elevation of Privilege Vulnerability Severity : Category I - VMSKEY : V0029767 |
2011-08-11 | IAVM : 2011-B-0097 - Multiple Vulnerabilities in Microsoft Office Visio Severity : Category II - VMSKEY : V0029776 |
2011-08-11 | IAVM : 2011-B-0099 - Microsoft Report Viewer Information Disclosure Vulnerability Severity : Category II - VMSKEY : V0029780 |
2011-08-11 | IAVM : 2011-B-0100 - Microsoft ASP.NET Chart Control Information Disclosure Vulnerability Severity : Category II - VMSKEY : V0029781 |
2011-08-11 | IAVM : 2011-B-0101 - Microsoft Windows Data Access Components Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0029783 |
2011-08-11 | IAVM : 2011-B-0103 - Microsoft Windows Remote Desktop Web Access Privilege Escalation Vulnerability Severity : Category II - VMSKEY : V0029786 |
Snort® IPS/IDS
Date | Description |
---|---|
2015-07-28 | Microsoft Office Visio UML string object heap buffer overflow attempt RuleID : 34975 - Revision : 3 - Type : FILE-OFFICE |
2015-07-28 | Microsoft Office Visio UML string object heap buffer overflow attempt RuleID : 34974 - Revision : 3 - Type : FILE-OFFICE |
2014-11-16 | Microsoft Internet Explorer XSLT memory corruption attempt RuleID : 31301 - Revision : 5 - Type : BROWSER-IE |
2014-01-10 | Microsoft Windows Remote Desktop web access cross site scripting attempt - PO... RuleID : 25567 - Revision : 4 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows DNS NAPTR remote unauthenticated code execution vulnerabili... RuleID : 23951 - Revision : 5 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows DNS NAPTR remote unauthenticated code execution vulnerabili... RuleID : 23950 - Revision : 6 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows .NET Chart Control directory traversal attempt RuleID : 19694 - Revision : 7 - Type : SERVER-WEBAPP |
2014-01-10 | Microsoft Report Viewer reflect XSS attempt RuleID : 19681 - Revision : 5 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows CSRSS SrvDeviceEvent exploit attempt RuleID : 19680 - Revision : 10 - Type : FILE-EXECUTABLE |
2014-01-10 | Microsoft Windows NDISTAPI Driver code execution attempt RuleID : 19679 - Revision : 10 - Type : FILE-EXECUTABLE |
2016-11-19 | multiple products blacknurse ICMP denial of service attempt RuleID : 19678-community - Revision : 10 - Type : SERVER-OTHER |
2014-01-10 | multiple products blacknurse ICMP denial of service attempt RuleID : 19678 - Revision : 10 - Type : SERVER-OTHER |
2014-01-10 | Microsoft Windows DNS NAPTR remote unauthenticated code execution vulnerabili... RuleID : 19677 - Revision : 12 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Office Visio invalid UMLDTOptions object exploit attempt RuleID : 19676 - Revision : 12 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Visio invalid UMLString data length exploit attempt RuleID : 19675 - Revision : 15 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Data Access Components bidlab.dll dll-load exploit attempt RuleID : 19674 - Revision : 9 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Data Access Components bidlab.dll dll-load exploit attempt RuleID : 19673 - Revision : 9 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Internet Explorer stylesheet dynamic access memory corruption attempt RuleID : 19672 - Revision : 13 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer XSLT memory corruption attempt RuleID : 19671 - Revision : 18 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer telnet.exe file load exploit attempt RuleID : 19670 - Revision : 12 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer telnet.exe file load exploit attempt RuleID : 19668 - Revision : 12 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer cross-domain scripting attack RuleID : 19667 - Revision : 8 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer multi-window access memory corruption attempt RuleID : 19666 - Revision : 9 - Type : BROWSER-IE |
2014-01-10 | Microsoft Windows Remote Desktop web access cross site scripting attempt - GE... RuleID : 19665 - Revision : 11 - Type : OS-WINDOWS |
2014-01-10 | Generic HyperLink buffer overflow attempt RuleID : 17410 - Revision : 27 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-03-05 | Name : The DNS server running on the remote host has multiple vulnerabilities. File : ms_dns_kb2562485.nasl - Type : ACT_GATHER_INFO |
2011-09-01 | Name : The remote Windows host is susceptible to denial of service attacks. File : qos_kb2563894.nasl - Type : ACT_GATHER_INFO |
2011-08-17 | Name : The DNS server running on the remote host is affected by a memory corruption ... File : dns_ms11-058.nasl - Type : ACT_GATHER_INFO |
2011-08-09 | Name : A web application running on the remote Windows host has a cross-site scripti... File : ms11-061_remote.nasl - Type : ACT_ATTACK |
2011-08-09 | Name : Arbitrary code can be executed on the remote host through a web browser. File : smb_nt_ms11-057.nasl - Type : ACT_GATHER_INFO |
2011-08-09 | Name : The DNS server running on the remote host has multiple vulnerabilities. File : smb_nt_ms11-058.nasl - Type : ACT_GATHER_INFO |
2011-08-09 | Name : Arbitrary code can be executed on the remote host through Microsoft Data Acce... File : smb_nt_ms11-059.nasl - Type : ACT_GATHER_INFO |
2011-08-09 | Name : Arbitrary code can be executed on the remote Windows host through Visio. File : smb_nt_ms11-060.nasl - Type : ACT_GATHER_INFO |
2011-08-09 | Name : A web application running on the remote Windows host has a cross-site scripti... File : smb_nt_ms11-061.nasl - Type : ACT_GATHER_INFO |
2011-08-09 | Name : The remote Windows host has a privilege escalation vulnerability. File : smb_nt_ms11-062.nasl - Type : ACT_GATHER_INFO |
2011-08-09 | Name : The remote Windows host has a privilege escalation vulnerability. File : smb_nt_ms11-063.nasl - Type : ACT_GATHER_INFO |
2011-08-09 | Name : The remote Windows host is susceptible to denial of service attacks. File : smb_nt_ms11-064.nasl - Type : ACT_GATHER_INFO |
2011-08-09 | Name : The remote Windows host is susceptible to a denial of service attack. File : smb_nt_ms11-065.nasl - Type : ACT_GATHER_INFO |
2011-08-09 | Name : The remote Windows host has an ASP.NET control that could allow information d... File : smb_nt_ms11-066.nasl - Type : ACT_GATHER_INFO |
2011-08-09 | Name : The remote Windows host contains a web control that could allow information d... File : smb_nt_ms11-067.nasl - Type : ACT_GATHER_INFO |