Executive Summary
Summary | |
---|---|
Title | Microsoft Updates for Multiple Vulnerabilities |
Informations | |||
---|---|---|---|
Name | TA11-347A | First vendor Publication | 2011-12-13 |
Vendor | US-CERT | Last vendor Modification | 2011-12-13 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
There are multiple vulnerabilities in Microsoft Windows, Office, and Internet Explorer. Microsoft has released updates to address these vulnerabilities. I. Description The Microsoft Security Bulletin Summary for December 2011 describes multiple vulnerabilities in Microsoft Windows. Microsoft has released updates to address the vulnerabilities. Additional details for MS11-091 can be found in US-CERT vulnerability note VU#361441. II. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. III. Solution Apply updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for December 2011. That bulletin describes any known issues related to the updates. |
Original Source
Url : http://www.us-cert.gov/cas/techalerts/TA11-347A.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
39 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
28 % | CWE-264 | Permissions, Privileges, and Access Controls |
11 % | CWE-399 | Resource Management Errors |
6 % | CWE-426 | Untrusted Search Path |
6 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
6 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
6 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:13884 | |||
Oval ID: | oval:org.mitre.oval:def:13884 | ||
Title: | Internet Explorer Insecure Library Loading Vulnerability | ||
Description: | Untrusted search path vulnerability in Microsoft Internet Explorer 9 on Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an HTML file, aka "Internet Explorer Insecure Library Loading Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-2019 | Version: | 5 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 R2 | Product(s): | Microsoft Internet Explorer 9 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13998 | |||
Oval ID: | oval:org.mitre.oval:def:13998 | ||
Title: | Vulnerability in TrueType Font Parsing Could Allow Elevation of Privilege | ||
Description: | Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via crafted font data in a Word document or web page, as exploited in the wild in November 2011 by Duqu, aka "TrueType Font Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3402 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14037 | |||
Oval ID: | oval:org.mitre.oval:def:14037 | ||
Title: | Active Directory Buffer Overflow Vulnerability | ||
Description: | Buffer overflow in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote authenticated users to execute arbitrary code via a crafted query that leverages incorrect memory initialization, aka "Active Directory Buffer Overflow Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3406 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14281 | |||
Oval ID: | oval:org.mitre.oval:def:14281 | ||
Title: | Windows Media Player DVR-MS Memory Corruption Vulnerability | ||
Description: | ENCDEC.DLL in Windows Media Player and Media Center in Microsoft Windows XP SP2 and SP3, Windows Vista SP2, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted .dvr-ms file, aka "Windows Media Player DVR-MS Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3401 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14346 | |||
Oval ID: | oval:org.mitre.oval:def:14346 | ||
Title: | Publisher Invalid Pointer Vulnerability | ||
Description: | Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that leverages incorrect handling of values in memory, aka "Publisher Invalid Pointer Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3411 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | Microsoft Office Publisher 2003 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14558 | |||
Oval ID: | oval:org.mitre.oval:def:14558 | ||
Title: | TrueType Font Parsing Vulnerability | ||
Description: | Use-after-free vulnerability in Microsoft Office 2007 SP2 and SP3, Office 2010 Gold and SP1, and Office for Mac 2011 allows remote attackers to execute arbitrary code via a crafted Word document, aka "Word Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1983 | Version: | 5 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Office 2007 Microsoft Office 2010 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14581 | |||
Oval ID: | oval:org.mitre.oval:def:14581 | ||
Title: | OfficeArt Shape RCE Vulnerability | ||
Description: | Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and PowerPoint Viewer 2007 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via an invalid OfficeArt record in a PowerPoint document, aka "OfficeArt Shape RCE Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3413 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | Microsoft Office PowerPoint 2007 Microsoft Office Compatibility Pack Microsoft Office PowerPoint Viewer 2007 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14598 | |||
Oval ID: | oval:org.mitre.oval:def:14598 | ||
Title: | CSRSS Local Privilege Elevation Vulnerability | ||
Description: | Csrsrv.dll in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly check permissions for sending inter-process device-event messages from low-integrity processes to high-integrity processes, which allows local users to gain privileges via a crafted application, aka "CSRSS Local Privilege Elevation Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3408 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14635 | |||
Oval ID: | oval:org.mitre.oval:def:14635 | ||
Title: | Windows Kernel Exception Handler Vulnerability | ||
Description: | The kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, and Windows 7 Gold and SP1 does not properly initialize objects, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Exception Handler Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-2018 | Version: | 5 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14665 | |||
Oval ID: | oval:org.mitre.oval:def:14665 | ||
Title: | PowerPoint Insecure Library Loading Vulnerability | ||
Description: | Untrusted search path vulnerability in Microsoft PowerPoint 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "PowerPoint Insecure Library Loading Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3396 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | Microsoft Office PowerPoint 2007 Microsoft Office PowerPoint 2010 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14668 | |||
Oval ID: | oval:org.mitre.oval:def:14668 | ||
Title: | OLE Property Vulnerability | ||
Description: | Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 do not properly handle OLE objects in memory, which allows remote attackers to execute arbitrary code via a crafted object in a file, aka "OLE Property Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3400 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14702 | |||
Oval ID: | oval:org.mitre.oval:def:14702 | ||
Title: | Record Memory Corruption Vulnerability | ||
Description: | Microsoft Excel 2003 SP3 and Office 2004 for Mac do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a crafted Excel spreadsheet, aka "Record Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3403 | Version: | 5 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Excel 2003 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14745 | |||
Oval ID: | oval:org.mitre.oval:def:14745 | ||
Title: | XSS Filter Information Disclosure Vulnerability | ||
Description: | The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to read content from a different (1) domain or (2) zone via a "trial and error" attack, aka "XSS Filter Information Disclosure Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1992 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | Microsoft Internet Explorer 8 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14750 | |||
Oval ID: | oval:org.mitre.oval:def:14750 | ||
Title: | Publisher Out-of-bounds Array Index Vulnerablility | ||
Description: | Array index error in Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, allows remote attackers to execute arbitrary code via a crafted Publisher file that leverages incorrect handling of values in memory, aka "Publisher Out-of-bounds Array Index Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3410 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | Microsoft Office Publisher 2003 Microsoft Office Publisher 2007 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14808 | |||
Oval ID: | oval:org.mitre.oval:def:14808 | ||
Title: | Publisher Memory Corruption Vulnerability | ||
Description: | Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, allows remote attackers to execute arbitrary code via a crafted Publisher file that leverages incorrect memory handling, aka "Publisher Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3412 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | Microsoft Office Publisher 2003 Microsoft Office Publisher 2007 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15290 | |||
Oval ID: | oval:org.mitre.oval:def:15290 | ||
Title: | TrueType Font Parsing Vulnerability (CVE-2011-3402) | ||
Description: | Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via crafted font data in a Word document or web page, as exploited in the wild in November 2011 by Duqu, aka "TrueType Font Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3402 | Version: | 5 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Lync 2010 Microsoft Lync 2010 Attendee |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15645 | |||
Oval ID: | oval:org.mitre.oval:def:15645 | ||
Title: | TrueType Font Parsing Vulnerability (CVE-2011-3402) | ||
Description: | Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via crafted font data in a Word document or web page, as exploited in the wild in November 2011 by Duqu, aka "TrueType Font Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3402 | Version: | 30 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Microsoft Silverlight 4 Microsoft Silverlight 5 Microsoft Office 2003 Microsoft Office 2007 Microsoft Office 2010 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Microsoft OLE Object File Handling vulnerability | More info here |
ExploitDB Exploits
id | Description |
---|---|
2012-06-06 | Microsoft Windows OLE Object File Handling Remote Code Execution |
OpenVAS Exploits
Date | Description |
---|---|
2012-06-13 | Name : Microsoft Lync Remote Code Execution Vulnerabilities (2707956) File : nvt/secpod_ms12-039.nasl |
2012-05-14 | Name : Microsoft Silverlight Code Execution Vulnerabilities - 2681578 (Mac OS X) File : nvt/secpod_ms12-034_macosx.nasl |
2012-05-09 | Name : MS Security Update For Microsoft Office, .NET Framework, and Silverlight (268... File : nvt/secpod_ms12-034.nasl |
2011-12-30 | Name : Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2638420) File : nvt/secpod_ms11-100.nasl |
2011-12-14 | Name : Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (2567053) File : nvt/secpod_ms11-087.nasl |
2011-12-14 | Name : Microsoft Internet Explorer Multiple Vulnerabilities (2618444) File : nvt/secpod_ms11-099.nasl |
2011-12-14 | Name : Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability (2... File : nvt/secpod_ms11-097.nasl |
2011-12-14 | Name : Microsoft Office Excel Remote Code Execution Vulnerability (2640241) File : nvt/secpod_ms11-096.nasl |
2011-12-14 | Name : Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2639142) File : nvt/secpod_ms11-094.nasl |
2011-12-14 | Name : Microsoft Windows OLE Remote Code Execution Vulnerability (2624667) File : nvt/secpod_ms11-093.nasl |
2011-12-14 | Name : Microsoft Windows Media Remote Code Execution Vulnerability (2648048) File : nvt/secpod_ms11-092.nasl |
2011-12-14 | Name : Microsoft Publisher Remote Code Execution Vulnerabilities (2607702) File : nvt/secpod_ms11-091.nasl |
2011-12-14 | Name : Microsoft Windows Time Component Remote Code Execution Vulnerability (2618451) File : nvt/secpod_ms11-090.nasl |
2011-12-14 | Name : Microsoft Office Remote Code Execution Vulnerability (2590602) File : nvt/secpod_ms11-089.nasl |
2011-12-14 | Name : Microsoft Office IME (Chinese) Privilege Elevation Vulnerability (2652016) File : nvt/secpod_ms11-088.nasl |
2011-12-13 | Name : MS Windows Active Directory Remote Code Execution Vulnerability (2640045) File : nvt/secpod_ms11-095.nasl |
2011-12-13 | Name : Microsoft Windows Kernel Privilege Elevation Vulnerability (2633171) File : nvt/secpod_ms11-098.nasl |
2011-11-07 | Name : Microsoft Windows TrueType Font Parsing Privilege Elevation Vulnerability File : nvt/gb_ms_truetype_font_privilege_elevation_vuln.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
78057 | Microsoft .NET Framework ASP.NET Hash Collision Web Form Post Parsing Remote DoS |
78056 | Microsoft .NET Framework Forms Authentication Sliding Expiry Cached Content P... |
78055 | Microsoft .NET Framework ASP.NET Username Parsing Authentication Bypass |
77674 | Microsoft IE Path Subversion Arbitrary DLL Injection Code Execution Microsoft IE is prone to a flaw in the way it loads dynamic-link libraries (DLL). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening an HTML file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source. |
77673 | Microsoft IE XSS Filter Event Parsing Cross-Domain Remote Information Disclosure |
77672 | Microsoft Office Publisher Unspecified Publisher File Handling Remote Memory ... |
77671 | Microsoft Office Publisher Invalid Pointer Publisher File Handling Remote Mem... |
77670 | Microsoft Office Publisher Array Indexing Publisher File Handling Remote Memo... |
77669 | Microsoft Office Pinyin IME for Simplified Chinese Insecure Configuration Opt... |
77668 | Microsoft Office PowerPoint Path Subversion Arbitrary DLL Injection Code Exec... Microsoft Office PowerPoint is prone to a flaw in the way it loads dynamic-link libraries (DLL). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening a PowerPoint file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source. |
77667 | Microsoft Windows Active Directory Query Parsing Remote Overflow |
77666 | Microsoft Windows Kernel Exception Handler Local Privilege Escalation |
77665 | Microsoft Time ActiveX (DATIME.DLL) Unspecified IE Web Page Handling Remote C... |
77664 | Microsoft Office PowerPoint OfficeArt Shape Record PowerPoint File Handling R... |
77663 | Microsoft Windows Object Linking and Embedding (OLE) Object File Handling Rem... |
77662 | Microsoft Windows CSRSS Device Event Message Parsing Local Privilege Escalation |
77661 | Microsoft Office Excel Record Parsing Object Handling Remote Memory Corruption |
77660 | Microsoft Windows Media Player / Center DVR-MS File Handling Remote Memory Co... |
77659 | Microsoft Office Use-after-free Border Property Word Document Handling Remote... |
76843 | Microsoft Windows Win32k TrueType Font Handling Privilege Escalation Microsoft Windows contains a flaw related to the Win32k TrueType font parsing engine that may allow a context-dependent attacker to execute arbitrary code via malicious font data contained in a Word document. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2012-05-10 | IAVM : 2012-A-0079 - Combined Security Update for Microsoft Office Windows .NET Framework and Silv... Severity : Category I - VMSKEY : V0032304 |
2012-01-05 | IAVM : 2012-A-0001 - Multiple Vulnerabilities in Microsoft .NET Framework Severity : Category I - VMSKEY : V0030927 |
2011-12-15 | IAVM : 2011-B-0146 - Microsoft Office Input Method Editor (IME) Privilege Escalation Vulnerability Severity : Category II - VMSKEY : V0030822 |
2011-12-15 | IAVM : 2011-A-0171 - Microsoft Windows Media Memory Corruption Vulnerability Severity : Category II - VMSKEY : V0030826 |
2011-12-15 | IAVM : 2011-A-0167 - Microsoft Cumulative Security Update of ActiveX Kill Bits Severity : Category II - VMSKEY : V0030830 |
2011-12-15 | IAVM : 2011-A-0166 - Multiple Remote Code Execution Vulnerabilities in Microsoft Office PowerPoint Severity : Category II - VMSKEY : V0030831 |
2011-12-15 | IAVM : 2011-A-0163 - Microsoft Office Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0030834 |
2011-12-15 | IAVM : 2011-A-0162 - Microsoft Windows Client/Server Run-time Subsystem Elevation of Privilege Vul... Severity : Category II - VMSKEY : V0030835 |
Snort® IPS/IDS
Date | Description |
---|---|
2019-08-31 | Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap obfuscated ... RuleID : 50849 - Revision : 1 - Type : FILE-OTHER |
2019-08-31 | Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap obfuscated ... RuleID : 50848 - Revision : 1 - Type : FILE-OTHER |
2019-04-13 | Microsoft Office Publisher 2003 EscherStm memory corruption attempt RuleID : 49432 - Revision : 1 - Type : FILE-OFFICE |
2019-04-13 | Microsoft Office Publisher 2003 EscherStm memory corruption attempt RuleID : 49431 - Revision : 2 - Type : FILE-OFFICE |
2019-04-13 | Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap elevation o... RuleID : 49423 - Revision : 2 - Type : FILE-OTHER |
2019-04-13 | Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap elevation o... RuleID : 49422 - Revision : 2 - Type : FILE-OTHER |
2019-04-13 | Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap elevation o... RuleID : 49421 - Revision : 2 - Type : FILE-OTHER |
2019-04-02 | Microsoft Office Excel Lel record memory corruption attempt RuleID : 49324 - Revision : 1 - Type : FILE-OFFICE |
2019-04-02 | Microsoft Office Excel Lel record memory corruption attempt RuleID : 49323 - Revision : 1 - Type : FILE-OFFICE |
2019-03-14 | Microsoft Office Publisher Opltc memory corruption attempt RuleID : 49183 - Revision : 2 - Type : FILE-OFFICE |
2019-03-14 | Microsoft Office Publisher Opltc memory corruption attempt RuleID : 49182 - Revision : 2 - Type : FILE-OFFICE |
2017-08-23 | HP Photo Creative ActiveX clsid access attempt RuleID : 43607 - Revision : 2 - Type : BROWSER-PLUGINS |
2015-09-03 | Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confu... RuleID : 35443 - Revision : 3 - Type : FILE-OFFICE |
2015-09-03 | Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confu... RuleID : 35442 - Revision : 3 - Type : FILE-OFFICE |
2015-09-03 | Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confu... RuleID : 35441 - Revision : 3 - Type : FILE-OFFICE |
2015-09-03 | Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confu... RuleID : 35440 - Revision : 3 - Type : FILE-OFFICE |
2015-03-27 | Microsoft Office Word border use-after-free attempt RuleID : 33568 - Revision : 2 - Type : FILE-OFFICE |
2015-03-27 | Microsoft Office Word border use-after-free attempt RuleID : 33567 - Revision : 2 - Type : FILE-OFFICE |
2015-03-17 | Microsoft Office OLESS stream object name corruption attempt RuleID : 33442 - Revision : 4 - Type : FILE-OFFICE |
2015-03-17 | Microsoft Office OLESS stream object name corruption attempt RuleID : 33441 - Revision : 4 - Type : FILE-OFFICE |
2015-02-05 | Microsoft Office Publisher 2003 EscherStm memory corruption attempt RuleID : 32961 - Revision : 4 - Type : FILE-OFFICE |
2015-02-05 | Microsoft Office Publisher 2003 EscherStm memory corruption attempt RuleID : 32960 - Revision : 3 - Type : FILE-OFFICE |
2014-01-18 | multi-hop iframe campaign client-side exploit attempt RuleID : 29025 - Revision : 2 - Type : MALWARE-OTHER |
2014-01-18 | multi-hop iframe campaign client-side exploit attempt RuleID : 29024 - Revision : 2 - Type : MALWARE-OTHER |
2014-01-18 | multi-hop iframe campaign client-side exploit attempt RuleID : 29023 - Revision : 2 - Type : MALWARE-OTHER |
2014-01-18 | DNS request for known malware domain kjyg.com RuleID : 29022 - Revision : 2 - Type : BLACKLIST |
2014-01-18 | DNS request for known malware domain apfi.biz RuleID : 29021 - Revision : 2 - Type : BLACKLIST |
2014-01-18 | DNS request for known malware domain 4pu.com RuleID : 29020 - Revision : 2 - Type : BLACKLIST |
2014-01-10 | Blackholev2 exploit kit JNLP request RuleID : 27070 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit landing page - specific structure RuleID : 27067 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | iFramer injection - specific structure RuleID : 26617 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Multiple exploit kit successful redirection - jnlp bypass RuleID : 26541 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | iFramer injection - specific structure RuleID : 26540 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit java payload detection RuleID : 26512 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Sakura exploit kit redirection structure RuleID : 26511 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit pdf payload detection RuleID : 26510 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Multiple exploit kit java payload detection RuleID : 26509 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit landing page - specific structure RuleID : 26507 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit jar file redirection RuleID : 26506 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious jar download RuleID : 26256 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit redirection page RuleID : 26254 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit MyApplet class retrieval RuleID : 26229 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit redirection page RuleID : 26228 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit landing page RuleID : 26091 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit Portable Executable download RuleID : 26056 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 26055 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 26054 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 26053 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 26052 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious jar file download RuleID : 26051 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit SWF file download RuleID : 26050 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit EOT file download RuleID : 26049 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit PDF exploit RuleID : 26048 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit redirection structure RuleID : 26047 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit landing page RuleID : 26046 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit Portable Executable download RuleID : 25968 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 25967 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 25966 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 25965 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 25964 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit SWF file download RuleID : 25963 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit EOT file download RuleID : 25962 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit former location - has been removed RuleID : 25960 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 25959 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 25958 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 25957 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 25956 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious jar file download RuleID : 25955 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit SWF file download RuleID : 25954 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit landing page RuleID : 25953 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit landing page RuleID : 25952 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit EOT file download RuleID : 25951 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit PDF exploit RuleID : 25950 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit java exploit retrieval RuleID : 25862 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit java exploit retrieval RuleID : 25861 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit landing page RuleID : 25860 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious jar file download RuleID : 25859 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit Java exploit download RuleID : 25858 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit PDF exploit RuleID : 25857 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit EOT file download RuleID : 25598 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit EOT file download RuleID : 25597 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit EOT file download RuleID : 25596 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit java exploit retrieval RuleID : 25595 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit java exploit retrieval RuleID : 25594 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit java exploit retrieval RuleID : 25593 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool Exploit Kit SWF file download RuleID : 25576 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Cool Exploit Kit SWF file download RuleID : 25575 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Cool Exploit Kit SWF file download RuleID : 25574 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Cool Exploit Kit SWF file download RuleID : 25573 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit java exploit retrieval RuleID : 25510 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit pdf exploit retrieval RuleID : 25509 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit java exploit retrieval RuleID : 25508 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit pdf exploit retrieval RuleID : 25507 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit EOT file download RuleID : 25506 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit EOT file download RuleID : 25505 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confu... RuleID : 25355 - Revision : 11 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confu... RuleID : 25354 - Revision : 11 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confu... RuleID : 25353 - Revision : 11 - Type : FILE-OFFICE |
2014-01-10 | Cool exploit kit java exploit retrieval RuleID : 25328 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit pdf exploit retrieval RuleID : 25327 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit java exploit retrieval RuleID : 25326 - Revision : 10 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit pdf exploit retrieval RuleID : 25325 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit landing page detected RuleID : 25324 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit EOT file download RuleID : 25323 - Revision : 10 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit EOT file download RuleID : 25322 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Microsoft Windows IIS .NET null character username truncation attempt RuleID : 25251 - Revision : 5 - Type : SERVER-IIS |
2014-01-10 | Microsoft Windows IIS .NET null character username truncation attempt RuleID : 25250 - Revision : 6 - Type : SERVER-IIS |
2014-01-10 | Cool exploit kit 32-bit font file download RuleID : 25056 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit 64-bit font file download RuleID : 25055 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit requesting payload RuleID : 25045 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit 64-bit font file download RuleID : 24784 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit 32-bit font file download RuleID : 24783 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit outbound request RuleID : 24782 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit outbound request RuleID : 24781 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit - PDF Exploit RuleID : 24780 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit - PDF Exploit RuleID : 24779 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit landing page - Title RuleID : 24778 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Microsoft Office Publisher Opltc memory corruption attempt RuleID : 21423 - Revision : 13 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel Lel record memory corruption attempt RuleID : 21422 - Revision : 11 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Publisher 2003 EscherStm memory corruption attempt RuleID : 21243 - Revision : 12 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office OLESS stream object name corruption attempt RuleID : 21170 - Revision : 13 - Type : FILE-OFFICE |
2014-01-10 | Bennet-Tec TList saveData arbitrary file creation ActiveX function call access RuleID : 21034 - Revision : 7 - Type : BROWSER-PLUGINS |
2014-01-10 | Bennet-Tec TList saveData arbitrary file creation ActiveX clsid access RuleID : 21033 - Revision : 7 - Type : BROWSER-PLUGINS |
2014-01-10 | Bennet-Tec TList saveData arbitrary file creation ActiveX function call access RuleID : 21032 - Revision : 7 - Type : BROWSER-PLUGINS |
2014-01-10 | Bennet-Tec TList saveData arbitrary file creation ActiveX clsid access RuleID : 21031 - Revision : 7 - Type : BROWSER-PLUGINS |
2014-01-10 | Bennet-Tec TList saveData arbitrary file creation ActiveX function call access RuleID : 21030 - Revision : 7 - Type : BROWSER-PLUGINS |
2014-01-10 | Bennet-Tec TList saveData arbitrary file creation ActiveX clsid access RuleID : 21029 - Revision : 7 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Office Word border use-after-free attempt RuleID : 21002 - Revision : 12 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Windows IIS .NET null character username truncation attempt RuleID : 20829 - Revision : 9 - Type : SERVER-IIS |
2014-01-10 | generic web server hashing collision attack RuleID : 20825 - Revision : 11 - Type : SERVER-WEBAPP |
2014-01-10 | generic web server hashing collision attack RuleID : 20824 - Revision : 13 - Type : OS-WINDOWS |
2014-01-10 | generic web server hashing collision attack RuleID : 20823 - Revision : 4 - Type : DOS |
2014-01-10 | Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap elevation o... RuleID : 20735 - Revision : 12 - Type : FILE-OTHER |
2014-01-10 | Microsoft Windows Media Player digital video recording buffer overflow attempt RuleID : 20734 - Revision : 16 - Type : FILE-MULTIMEDIA |
2014-01-10 | Microsoft Office Word border use-after-free attempt RuleID : 20724 - Revision : 14 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confu... RuleID : 20722 - Revision : 21 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Publisher PLC object memory corruption attempt RuleID : 20721 - Revision : 14 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Publisher 2003 EscherStm memory corruption attempt RuleID : 20720 - Revision : 16 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Publisher Opltc memory corruption attempt RuleID : 20719 - Revision : 12 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel Lel record memory corruption attempt RuleID : 20718 - Revision : 12 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Windows OLE versioned stream missing data stream RuleID : 20717 - Revision : 11 - Type : FILE-OFFICE |
2014-01-10 | Yahoo! CD Player ActiveX clsid access RuleID : 20716 - Revision : 9 - Type : BROWSER-PLUGINS |
2014-01-10 | HP Photo Creative ActiveX clsid access RuleID : 20715 - Revision : 9 - Type : BROWSER-PLUGINS |
2014-01-10 | HP Photo Creative ActiveX clsid access RuleID : 20714 - Revision : 9 - Type : BROWSER-PLUGINS |
2014-01-10 | HP Photo Creative ActiveX clsid access RuleID : 20713 - Revision : 9 - Type : BROWSER-PLUGINS |
2014-01-10 | HP Photo Creative ActiveX clsid access RuleID : 20712 - Revision : 9 - Type : BROWSER-PLUGINS |
2014-01-10 | HP Photo Creative ActiveX clsid access RuleID : 20711 - Revision : 9 - Type : BROWSER-PLUGINS |
2014-01-10 | HP Photo Creative ActiveX clsid access RuleID : 20710 - Revision : 9 - Type : BROWSER-PLUGINS |
2014-01-10 | HP Photo Creative ActiveX clsid access RuleID : 20709 - Revision : 12 - Type : BROWSER-PLUGINS |
2014-01-10 | HP Easy Printer Care Software ActiveX clsid access RuleID : 20708 - Revision : 12 - Type : BROWSER-PLUGINS |
2014-01-10 | Dell IT Assistant ActiveX clsid access RuleID : 20707 - Revision : 9 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer Time DATIME.DLL ActiveX clsid access RuleID : 20706 - Revision : 10 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer Time DATIME.DLL ActiveX clsid access RuleID : 20705 - Revision : 10 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer defaulttime behavior attack attempt RuleID : 20704 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Office PowerPoint pp4x322.dll dll-load exploit attempt RuleID : 20703 - Revision : 13 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office PowerPoint pp7x32.dll dll-load exploit attempt RuleID : 20702 - Revision : 13 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office PowerPoint pp4x322.dll dll-load exploit attempt RuleID : 20701 - Revision : 13 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office PowerPoint pp7x32.dll dll-load exploit attempt RuleID : 20700 - Revision : 13 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Internet Explorer XSRF timing attack against XSS filter RuleID : 20699 - Revision : 8 - Type : BROWSER-IE |
2014-01-10 | Microsoft Windows wininet peerdist.dll dll-load exploit attempt RuleID : 18209 - Revision : 13 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows wininet peerdist.dll dll-load exploit attempt RuleID : 18208 - Revision : 14 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2012-07-17 | Name : The remote device has a denial of service vulnerability. File : juniper_psn-2012-07-650.nasl - Type : ACT_GATHER_INFO |
2012-06-13 | Name : Arbitrary code can be executed on the remote host through Microsoft Lync. File : smb_nt_ms12-039.nasl - Type : ACT_GATHER_INFO |
2012-05-09 | Name : A multimedia application framework installed on the remote Mac OS X host is a... File : macosx_ms12-034.nasl - Type : ACT_GATHER_INFO |
2012-05-09 | Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms12-034.nasl - Type : ACT_GATHER_INFO |
2011-12-29 | Name : The version of ASP.NET Framework installed on the remote host is affected by ... File : smb_nt_ms11-100.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The version of Microsoft Office installed on the remote Windows host has a pr... File : smb_nt_ms11-088.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : Arbitrary code can be executed on the remote host through Microsoft Office. File : smb_nt_ms11-089.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote Windows host is missing an update that disables selected ActiveX c... File : smb_nt_ms11-090.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The version of Microsoft Office installed on the remote host has multiple vul... File : smb_nt_ms11-091.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The version of Windows Media installed on the remote host has a memory corrup... File : smb_nt_ms11-092.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote Windows host contains a component that is susceptible to a remote ... File : smb_nt_ms11-093.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : Arbitrary code can be executed on the remote host through Microsoft PowerPoint. File : smb_nt_ms11-094.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The installed version of Active Directory is affected by a vulnerability that... File : smb_nt_ms11-095.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : Arbitrary code can be executed on the remote host through Microsoft Office. File : smb_nt_ms11-096.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote Windows host has a privilege escalation vulnerability. File : smb_nt_ms11-097.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The Windows kernel is affected by a vulnerability that could result in privil... File : smb_nt_ms11-098.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : Arbitrary code can be executed on the remote host through a web browser. File : smb_nt_ms11-099.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote Windows kernel is affected by a remote code execution vulnerability. File : smb_nt_ms11-087.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : An application installed on the remote Mac OS X host is affected by multiple ... File : macosx_ms_office_dec2011.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2013-01-30 13:27:25 |
|