Executive Summary
Summary | |
---|---|
Title | Microsoft Updates for Multiple Vulnerabilities |
Informations | |||
---|---|---|---|
Name | TA12-101A | First vendor Publication | 2012-04-10 |
Vendor | US-CERT | Last vendor Modification | 2012-04-10 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
There are multiple vulnerabilities in Microsoft Windows, Internet Explorer, Microsoft .NET Framework, Microsoft Office, Microsoft Server Software, Microsoft SQL Server, Microsoft Developer Tools, and Microsoft Forefront United Access Gateway. Microsoft has released updates to address these vulnerabilities. Description The Microsoft Security Bulletin Summary for April 2012 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address the vulnerabilities. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution Apply updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for April 2012, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates. |
Original Source
Url : http://www.us-cert.gov/cas/techalerts/TA12-101A.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
56 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
22 % | CWE-20 | Improper Input Validation |
11 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
11 % | CWE-16 | Configuration |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:15313 | |||
Oval ID: | oval:org.mitre.oval:def:15313 | ||
Title: | SelectAll Remote Code Execution Vulnerability | ||
Description: | Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "SelectAll Remote Code Execution Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0171 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15462 | |||
Oval ID: | oval:org.mitre.oval:def:15462 | ||
Title: | MSCOMCTL.OCX RCE Vulnerability | ||
Description: | The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1; Commerce Server 2002 SP4, 2007 SP2, and 2009 Gold and R2; Visual FoxPro 8.0 SP1 and 9.0 SP2; and Visual Basic 6.0 Runtime allow remote attackers to execute arbitrary code via a crafted (a) web site, (b) Office document, or (c) .rtf file that triggers "system state" corruption, as exploited in the wild in April 2012, aka "MSCOMCTL.OCX RCE Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0158 | Version: | 10 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Office 2003 Microsoft Office 2003 Web Components Microsoft Office 2007 Microsoft Office 2010 Microsoft SQL Server 2000 Analysis Services Microsoft SQL Server 2000 Microsoft SQL Server 2005 Express Edition Microsoft SQL Server 2005 Microsoft SQL Server 2008 Microsoft SQL Server 2008 R2 Microsoft BizTalk Server 2002 Microsoft Commerce Server 2002 Microsoft Commerce Server 2007 Microsoft Commerce Server 2009 Microsoft Commerce Server 2009 R2 Microsoft Visual FoxPro 8.0 Microsoft Visual FoxPro 9.0 Visual Basic 6.0 Runtime |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15495 | |||
Oval ID: | oval:org.mitre.oval:def:15495 | ||
Title: | .NET Framework Parameter Validation Vulnerability | ||
Description: | Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate function parameters, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka ".NET Framework Parameter Validation Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0163 | Version: | 8 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft .NET Framework 1.0 Microsoft .NET Framework 1.1 Microsoft .NET Framework 2.0 Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15550 | |||
Oval ID: | oval:org.mitre.oval:def:15550 | ||
Title: | VML Style Remote Code Execution Vulnerability | ||
Description: | Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Style Remote Code Execution Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0172 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15557 | |||
Oval ID: | oval:org.mitre.oval:def:15557 | ||
Title: | Unfiltered Access to UAG Default Website Vulnerability | ||
Description: | Microsoft Forefront Unified Access Gateway (UAG) 2010 SP1 and SP1 Update 1 does not properly configure the default web site, which allows remote attackers to obtain sensitive information via a crafted HTTPS request, aka "Unfiltered Access to UAG Default Website Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0147 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | Forefront Unified Access Gateway 2010 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15573 | |||
Oval ID: | oval:org.mitre.oval:def:15573 | ||
Title: | OnReadyStateChange Remote Code Execution Vulnerability | ||
Description: | Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnReadyStateChange Remote Code Execution Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0170 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15594 | |||
Oval ID: | oval:org.mitre.oval:def:15594 | ||
Title: | WinVerifyTrust Signature Validation Vulnerability | ||
Description: | The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute arbitrary code via a modified file with additional content, aka "WinVerifyTrust Signature Validation Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0151 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15598 | |||
Oval ID: | oval:org.mitre.oval:def:15598 | ||
Title: | Office WPS Converter Heap Overflow Vulnerability | ||
Description: | Heap-based buffer overflow in the Office Works File Converter in Microsoft Office 2007 SP2, Works 9, and Works 6-9 File Converter allows remote attackers to execute arbitrary code via a crafted Works (aka .wps) file, aka "Office WPS Converter Heap Overflow Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0177 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | Microsoft Office 2007 Microsoft Works 9 Microsoft Works 6-9 Converter |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15611 | |||
Oval ID: | oval:org.mitre.oval:def:15611 | ||
Title: | JScript9 Remote Code Execution Vulnerability | ||
Description: | Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "JScript9 Remote Code Execution Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0169 | Version: | 5 |
Platform(s): | Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 9 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Microsoft Windows Common Controls MSCOMCTL.OCX Vulnerability | More info here |
OpenVAS Exploits
Date | Description |
---|---|
2012-04-12 | Name : MS Forefront Unified Access Gateway Information Disclosure Vulnerability (266... File : nvt/secpod_ms12-026.nasl |
2012-04-11 | Name : Microsoft Internet Explorer Multiple Vulnerabilities (2675157) File : nvt/secpod_ms12-023.nasl |
2012-04-11 | Name : Windows Authenticode Signature Remote Code Execution Vulnerability (2653956) File : nvt/secpod_ms12-024.nasl |
2012-04-11 | Name : Microsoft .NET Framework Remote Code Execution Vulnerability (2671605) File : nvt/secpod_ms12-025.nasl |
2012-04-11 | Name : Microsoft Windows Common Controls Remote Code Execution Vulnerability (2664258) File : nvt/secpod_ms12-027.nasl |
2012-04-11 | Name : Microsoft Office Remote Code Execution Vulnerability (2639185) File : nvt/secpod_ms12-028.nasl |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2012-04-12 | IAVM : 2012-A-0059 - Microsoft Windows Common Controls Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0031982 |
2012-04-12 | IAVM : 2012-A-0060 - Microsoft Windows Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0031983 |
2012-04-12 | IAVM : 2012-B-0041 - Microsoft Office Works File Convertor Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0031984 |
2012-04-12 | IAVM : 2012-B-0042 - Multiple Vulnerabilities in Microsoft Forefront Unified Access Gateway (UAG) Severity : Category II - VMSKEY : V0031985 |
Snort® IPS/IDS
Date | Description |
---|---|
2017-09-19 | RTF obfuscation string RuleID : 43990 - Revision : 3 - Type : INDICATOR-OBFUSCATION |
2017-09-19 | newlines embedded in rtf header RuleID : 43989 - Revision : 3 - Type : INDICATOR-OBFUSCATION |
2016-03-25 | Microsoft Internet Explorer vector graphics reference counting use-after-free... RuleID : 37848 - Revision : 1 - Type : BROWSER-IE |
2016-03-25 | Microsoft Internet Explorer vector graphics reference counting use-after-free... RuleID : 37847 - Revision : 1 - Type : BROWSER-IE |
2015-09-29 | Microsoft Internet Explorer iframe onreadystatechange handler use after free ... RuleID : 35772 - Revision : 4 - Type : BROWSER-IE |
2015-09-29 | Microsoft Internet Explorer iframe onreadystatechange handler use after free ... RuleID : 35771 - Revision : 4 - Type : BROWSER-IE |
2015-09-24 | Microsoft Internet Explorer iframe onreadystatechange handler use after free ... RuleID : 35748 - Revision : 5 - Type : BROWSER-IE |
2015-09-24 | Microsoft Internet Explorer iframe onreadystatechange handler use after free ... RuleID : 35747 - Revision : 5 - Type : BROWSER-IE |
2015-01-20 | Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt RuleID : 32863 - Revision : 4 - Type : FILE-OFFICE |
2015-01-20 | Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt RuleID : 32862 - Revision : 3 - Type : FILE-OFFICE |
2015-01-20 | Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt RuleID : 32861 - Revision : 2 - Type : FILE-OFFICE |
2015-01-20 | Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt RuleID : 32860 - Revision : 2 - Type : FILE-OFFICE |
2015-01-20 | Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt RuleID : 32859 - Revision : 2 - Type : FILE-OFFICE |
2015-01-20 | Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt RuleID : 32858 - Revision : 2 - Type : FILE-OFFICE |
2015-01-20 | Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt RuleID : 32857 - Revision : 2 - Type : FILE-OFFICE |
2015-01-06 | Microsoft Works 9 and Word 12 converter heap overflow attempt RuleID : 32644 - Revision : 2 - Type : FILE-OFFICE |
2015-01-06 | Microsoft Works 9 and Word 12 converter heap overflow attempt RuleID : 32643 - Revision : 2 - Type : FILE-OFFICE |
2014-11-16 | Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt RuleID : 31927 - Revision : 2 - Type : FILE-OFFICE |
2014-11-16 | Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt RuleID : 31926 - Revision : 2 - Type : FILE-OFFICE |
2014-11-16 | Win.Trojan.Otupsys variant outbound connection RuleID : 31716 - Revision : 2 - Type : MALWARE-CNC |
2014-06-14 | Shiqiang Gang malicious XLS targeted attack detection RuleID : 30991 - Revision : 6 - Type : MALWARE-CNC |
2014-06-14 | Shiqiang Gang malicious XLS targeted attack detection RuleID : 30990 - Revision : 5 - Type : MALWARE-CNC |
2014-06-14 | DNS request for known malware domain help.2012hi.hk RuleID : 30989 - Revision : 3 - Type : BLACKLIST |
2014-05-01 | multiple binary tags in close proximity - potentially malicious RuleID : 30328 - Revision : 3 - Type : INDICATOR-OBFUSCATION |
2014-05-01 | multiple binary tags in close proximity - potentially malicious RuleID : 30327 - Revision : 3 - Type : INDICATOR-OBFUSCATION |
2014-04-12 | Microsoft Windows common controls stack buffer overflow via malicious toolbar... RuleID : 30166 - Revision : 2 - Type : FILE-OFFICE |
2014-04-12 | Microsoft Windows common controls stack buffer overflow via malicious toolbar... RuleID : 30165 - Revision : 2 - Type : FILE-OFFICE |
2014-04-12 | Microsoft Windows common controls stack buffer overflow via malicious MSComct... RuleID : 30164 - Revision : 2 - Type : FILE-OFFICE |
2014-04-12 | Microsoft Windows common controls stack buffer overflow via malicious MSComct... RuleID : 30163 - Revision : 2 - Type : FILE-OFFICE |
2014-04-12 | Microsoft Windows common controls stack buffer overflow via malicious MSComct... RuleID : 30162 - Revision : 2 - Type : FILE-OFFICE |
2014-04-12 | Microsoft Windows common controls stack buffer overflow via malicious MSComct... RuleID : 30161 - Revision : 2 - Type : FILE-OFFICE |
2014-04-12 | Microsoft Windows common controls stack buffer overflow via MIME HTML documen... RuleID : 30160 - Revision : 2 - Type : FILE-OFFICE |
2014-04-12 | Microsoft Windows common controls stack buffer overflow via MIME HTML documen... RuleID : 30159 - Revision : 2 - Type : FILE-OFFICE |
2014-04-12 | Microsoft Windows common controls stack buffer overflow via MIME HTML documen... RuleID : 30158 - Revision : 2 - Type : FILE-OFFICE |
2014-04-12 | Microsoft Windows common controls stack buffer overflow via MIME HTML documen... RuleID : 30157 - Revision : 2 - Type : FILE-OFFICE |
2014-04-12 | Microsoft Windows common controls stack buffer overflow via MIME HTML documen... RuleID : 30156 - Revision : 2 - Type : FILE-OFFICE |
2014-04-12 | Microsoft Windows common controls stack buffer overflow via MIME HTML documen... RuleID : 30155 - Revision : 2 - Type : FILE-OFFICE |
2014-04-12 | Microsoft Windows common controls stack buffer overflow via MIME HTML documen... RuleID : 30154 - Revision : 2 - Type : FILE-OFFICE |
2014-04-12 | Microsoft Windows common controls stack buffer overflow via MIME HTML documen... RuleID : 30153 - Revision : 2 - Type : FILE-OFFICE |
2014-04-05 | Win.Trojan.Zaleelq variant outbound connection RuleID : 30037 - Revision : 3 - Type : MALWARE-CNC |
2014-03-15 | Microsoft Internet Explorer SelectAll dangling pointer use after free attempt RuleID : 29797 - Revision : 3 - Type : BROWSER-IE |
2014-03-15 | Microsoft Internet Explorer SelectAll dangling pointer use after free attempt RuleID : 29796 - Revision : 3 - Type : BROWSER-IE |
2014-01-10 | Win.Trojan.Terminator RAT variant outbound connection RuleID : 28482 - Revision : 4 - Type : MALWARE-CNC |
2014-01-10 | DNS request for known malware domain catlovers.25u.com RuleID : 28481 - Revision : 3 - Type : BLACKLIST |
2014-01-10 | DNS request for known malware domain liumingzhen.myftp.org RuleID : 28480 - Revision : 3 - Type : BLACKLIST |
2014-01-10 | DNS request for known malware domain liumingzhen.zapto.org RuleID : 28479 - Revision : 3 - Type : BLACKLIST |
2014-01-10 | Microsoft Internet Explorer iframe onreadystatechange handler use after free ... RuleID : 28364 - Revision : 8 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer iframe onreadystatechange handler use after free ... RuleID : 28363 - Revision : 8 - Type : BROWSER-IE |
2014-01-10 | Osx.Trojan.Janicab file download attempt RuleID : 27549 - Revision : 3 - Type : MALWARE-OTHER |
2014-01-10 | Osx.Trojan.Janicab file download attempt RuleID : 27548 - Revision : 3 - Type : MALWARE-OTHER |
2014-01-10 | Osx.Trojan.Janicab outbound connection RuleID : 27547 - Revision : 4 - Type : MALWARE-CNC |
2014-01-10 | Osx.Trojan.Janicab outbound connection RuleID : 27546 - Revision : 4 - Type : MALWARE-CNC |
2014-01-10 | Osx.Trojan.Janicab outbound connection RuleID : 27545 - Revision : 4 - Type : MALWARE-CNC |
2014-01-10 | Osx.Trojan.Janicab runtime traffic detected RuleID : 27544 - Revision : 3 - Type : MALWARE-CNC |
2014-01-10 | Microsoft Internet Explorer vector graphics reference counting use-after-free... RuleID : 26584 - Revision : 7 - Type : BROWSER-IE |
2014-01-10 | Microsoft Windows Authenticode signature verification bypass attempt RuleID : 25779 - Revision : 3 - Type : FILE-EXECUTABLE |
2014-01-10 | Microsoft Windows Authenticode signature verification bypass attempt RuleID : 25357 - Revision : 8 - Type : FILE-EXECUTABLE |
2014-01-10 | Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt RuleID : 23305 - Revision : 10 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Internet Explorer iframe onreadystatechange handler use after free ... RuleID : 23285 - Revision : 12 - Type : BROWSER-IE |
2014-01-10 | Microsoft Windows Authenticode signature verification bypass attempt RuleID : 22942 - Revision : 9 - Type : FILE-EXECUTABLE |
2014-01-10 | Microsoft Windows .NET invalid parsing of graphics data attempt RuleID : 22042 - Revision : 10 - Type : FILE-EXECUTABLE |
2014-01-10 | Microsoft Internet Explorer SelectAll dangling pointer use after free attempt RuleID : 22038 - Revision : 8 - Type : BROWSER-IE |
2014-01-10 | Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt RuleID : 21937 - Revision : 11 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Works 9 and Word 12 converter heap overflow attempt RuleID : 21935 - Revision : 9 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt RuleID : 21906 - Revision : 12 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt RuleID : 21905 - Revision : 12 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt RuleID : 21904 - Revision : 12 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt RuleID : 21903 - Revision : 12 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt RuleID : 21902 - Revision : 13 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt RuleID : 21901 - Revision : 7 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt RuleID : 21900 - Revision : 7 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt RuleID : 21899 - Revision : 7 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt RuleID : 21898 - Revision : 7 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt RuleID : 21897 - Revision : 7 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt RuleID : 21896 - Revision : 7 - Type : FILE-OFFICE |
2014-01-10 | MSCOMCTL ActiveX control deserialization arbitrary code execution attempt RuleID : 21801 - Revision : 9 - Type : FILE-OFFICE |
2014-01-10 | MSCOMCTL ActiveX control deserialization arbitrary code execution attempt RuleID : 21800 - Revision : 9 - Type : FILE-OFFICE |
2014-01-10 | MSCOMCTL ActiveX control deserialization arbitrary code execution attempt RuleID : 21799 - Revision : 9 - Type : FILE-OFFICE |
2014-01-10 | MSCOMCTL ActiveX control deserialization arbitrary code execution attempt RuleID : 21798 - Revision : 9 - Type : FILE-OFFICE |
2014-01-10 | MSCOMCTL ActiveX control deserialization arbitrary code execution attempt RuleID : 21797 - Revision : 9 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Internet Explorer iframe onreadystatechange handler use after free ... RuleID : 21796 - Revision : 14 - Type : BROWSER-IE |
2014-01-10 | Microsoft Windows Authenticode signature verification bypass attempt RuleID : 21795 - Revision : 10 - Type : FILE-EXECUTABLE |
2014-01-10 | Microsoft Works 9 and Word 12 converter heap overflow attempt RuleID : 21794 - Revision : 8 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Internet Explorer vector graphics reference counting use-after-free... RuleID : 21793 - Revision : 13 - Type : BROWSER-IE |
2014-01-10 | Microsoft Windows .NET invalid parsing of graphics data attempt RuleID : 21792 - Revision : 11 - Type : FILE-EXECUTABLE |
2014-01-10 | Microsoft Internet Explorer SelectAll dangling pointer use after free attempt RuleID : 21791 - Revision : 7 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer SelectAll dangling pointer use after free attempt RuleID : 21790 - Revision : 7 - Type : BROWSER-IE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2012-04-11 | Name : The remote host is affected by code execution vulnerabilities. File : smb_nt_ms12-023.nasl - Type : ACT_GATHER_INFO |
2012-04-11 | Name : The remote Windows host has a code execution vulnerability. File : smb_nt_ms12-024.nasl - Type : ACT_GATHER_INFO |
2012-04-11 | Name : The .NET Framework install on the remote Windows host could allow arbitrary c... File : smb_nt_ms12-025.nasl - Type : ACT_GATHER_INFO |
2012-04-11 | Name : A web application on the remote Windows host has multiple vulnerabilities. File : smb_nt_ms12-026.nasl - Type : ACT_GATHER_INFO |
2012-04-11 | Name : The remote Windows host is affected by a remote code execution vulnerability. File : smb_nt_ms12-027.nasl - Type : ACT_GATHER_INFO |
2012-04-11 | Name : The remote Windows host could allow arbitrary code execution. File : smb_nt_ms12-028.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2013-03-07 13:21:06 |
|