9.3 - TA12-283A

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Informations
Name	TA12-283A	First vendor Publication	2012-10-09
Vendor	US-CERT	Last vendor Modification	2012-10-09
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score	9.3	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.

Description

The Microsoft Security Bulletin Summary for October 2012 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address the vulnerabilities.

Impact

A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system.

Solution

Apply Updates

Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for October 2012, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates.

Original Source

Url : http://www.us-cert.gov/cas/techalerts/TA12-283A.html

CWE : Common Weakness Enumeration

%	Id	Name
33 %	CWE-79	Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)
17 %	CWE-399	Resource Management Errors
17 %	CWE-189	Numeric Errors (CWE/SANS Top 25)
17 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
17 %	CWE-94	Failure to Control Generation of Code ('Code Injection')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:14976

Oval ID:	oval:org.mitre.oval:def:14976
Title:	Vulnerability in HTML Sanitization Component Could Allow Elevation of Privilege - MS12-066
Description:	Cross-site scripting (XSS) vulnerability in Microsoft InfoPath 2007 SP2 and SP3 and 2010 SP1, Communicator 2007 R2, Lync 2010 and 2010 Attendee, SharePoint Server 2007 SP2 and SP3 and 2010 SP1, Groove Server 2010 SP1, Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010 SP1, and Office Web Apps 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted string, aka "HTML Sanitization Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-2520	Version:	13
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP	Product(s):	Microsoft Communicator 2007 R2 Microsoft Groove Server 2010 Microsoft InfoPath 2007 Microsoft InfoPath 2010 Microsoft Lync 2010 Microsoft Lync 2010 Attendee Microsoft Office Web Apps 2010 Microsoft SharePoint Foundation 2010 Microsoft SharePoint Server 2007 Microsoft SharePoint Server 2010 Microsoft SharePoint Services 3.0
Definition Synopsis:
infopath 2007/version Check if the version of ipeditor.dll is less than 12.0.6662.5004 AND Microsoft InfoPath 2007 Service Pack 2 is installed OR infopath 2010/version Microsoft InfoPath 2010 is installed AND Check if the version of ipeditor.dll is less than 14.0.6126.5000 OR sharepoint foundation 2010/version Check if the version of onfda.dll is less than 14.0.6123.5000 AND Microsoft SharePoint Foundation 2010 Service Pack 1 is installed OR sharepoint server 2007/version Check if the version of Microsoft.office.server.dll is less than 12.0.6650.5000 AND sharepoint server 2007 sp2/sp3 Microsoft Office SharePoint Server 2007 SP2 is installed AND Microsoft Office SharePoint Server 2007 SP3 is installed OR sharepoint server 2010/version Check if the version of Microsoft.office.server.dll is less than 14.0.6114.5000 AND Microsoft SharePoint Server 2010 Service Pack 1 is installed OR sharepoint services 3.0/version Check if the version of onetutil.dll is less than 12.0.6665.5000 AND sharepoint services 3.0 sp2/sp3 Microsoft SharePoint Services 3.0 SP3 is installed AND Microsoft Windows SharePoint Services 3.0 SP2 is installed OR groove server 2010/version Check if the version of groovers.dll is less than 14.0.6123.5005 AND Microsoft Groove Server 2010 Service Pack 1 is installed OR microsoft lync 2010/version Check if the version of communicator.exe is less than 4.0.7577.4109 (for Lync 2010) AND Microsoft Lync 2010 is installed OR lync 2010 attendee (user) Check if the version of uc.dll is less than 4.0.7577.4103 (user install) AND Microsoft Lync 2010 Attendee (user level install) is installed OR lync 2010 attendee (admin) CHeck if the version of uc.dll is less than 4.0.7577.4103 (admin install) AND Microsoft Lync 2010 Attendee (admin level install) is installed OR communicator 2007 R2/version Check if the version of communicator.exe is less than 3.5.6907.261 AND Microsoft Communicator 2007 R2 is installed OR infopath 2007 sp3/version Check if the version of infopath.exe is less than 12.0.6662.5004 AND Microsoft InfoPath 2007 Service Pack 3 is installed OR office web apps 2010/version Check if the version of Msoserver.dll is less than 14.0.6123.5001 AND Microsoft Office Web Apps 2010 Service Pack 1 is installed OR infopath 2010 sp1/version Microsoft InfoPath 2010 SP1 is installed AND Check if the version of infopath.exe is less than 14.0.6123.5006

Definition Id: oval:org.mitre.oval:def:15395

Oval ID:	oval:org.mitre.oval:def:15395
Title:	Reflected XSS Vulnerability - MS12-070
Description:	Cross-site scripting (XSS) vulnerability in the SQL Server Report Manager in Microsoft SQL Server 2000 Reporting Services SP2 and SQL Server 2005 SP4, 2008 SP2 and SP3, 2008 R2 SP1, and 2012 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "Reflected XSS Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-2552	Version:	10
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP	Product(s):	Microsoft SQL Server 2000 Reporting Services Microsoft SQL Server 2005 Microsoft SQL Server 2008 Microsoft SQL Server 2008 R2 Microsoft SQL Server 2012
Definition Synopsis:
SQL Reporting Services exist Check for vulnerable SQL Check for vulnerable SQL 2000 Reporting Services Microsoft SQL Server 2000 Reporting Services SP2 is installed AND Check if version of Reportingservicesservice.exe is less than 8.0.1077.0 AND Check if version of Reportingservicesservice.exe is greater than or equal to 8.0.1038.0 OR Check for vulnerable SQL Server 2005 SP4 and file version Check for vulnerable SQL Server 2005 SP4 Check for vulnerable SQL Server 2005 SP4 GDR Check if version of microsoft.reportingservices.diagnostics.dll is greater than or equal to 9.0.5000.0 AND Check if version of microsoft.reportingservices.diagnostics.dll is less than 9.0.5069.0 OR Check for vulnerable SQL Server 2005 SP4 QFE Check if version of microsoft.reportingservices.diagnostics.dll is greater than or equal to 9.0.5200.0 AND Check if version of microsoft.reportingservices.diagnostics.dll is less than 9.0.5324.0 AND Microsoft SQL Server 2005 SP4 is installed OR Check for vulnerable SQL Server 2008 SP2 and file version Check for vulnerable SQL Server 2008 SP2 Check for vulnerable SQL Server 2008 SP2 GDR Check if version of microsoft.reportingservices.diagnostics.dll is greater than or equal to 10.0.4000.0 AND Check if version of microsoft.reportingservices.diagnostics.dll is less than 10.0.4067.0 OR Check for vulnerable SQL Server 2008 SP2 QFE Check if version of microsoft.reportingservices.diagnostics.dll is greater than or equal to 10.0.4260.0 AND Check if version of microsoft.reportingservices.diagnostics.dll is less than 10.0.4371.0 AND Microsoft SQL Server 2008 SP2 is installed OR Check for vulnerable SQL Server 2008 SP3 and file version Check for vulnerable SQL Server 2008 SP3 Check for vulnerable SQL Server 2008 SP3 GDR Check if version of microsoft.reportingservices.diagnostics.dll is greater than or equal to 10.0.5500.0 AND Check if version of microsoft.reportingservices.diagnostics.dll is less than 10.0.5512.0 OR Check for vulnerable SQL Server 2008 SP3 QFE Check if version of microsoft.reportingservices.diagnostics.dll is greater than or equal to 10.0.5750.0 AND Check if version of microsoft.reportingservices.diagnostics.dll is less than 10.0.5826.0 AND Microsoft SQL Server 2008 SP3 is installed OR Check for vulnerable SQL Server 2008 R2 SP1 and file version Check for vulnerable SQL Server 2008 R2 SP1 Check for vulnerable SQL Server 2008 R2 SP1 GDR Check if version of microsoft.reportingservices.diagnostics.dll is greater than or equal to 10.50.2500.0 AND Check if version of microsoft.reportingservices.diagnostics.dll is less than 10.50.2550.0 OR Check for vulnerable SQL Server 2008 R2 SP1 QFE Check if version of microsoft.reportingservices.diagnostics.dll is greater than or equal to 10.50.2750.0 AND Check if version of microsoft.reportingservices.diagnostics.dll is less than 10.50.2861.0 AND Microsoft SQL Server 2008 R2 SP1 is installed OR Check for vulnerable SQL Server 2012 and file version Check for vulnerable SQL Server 2012 Check for vulnerable SQL Server 2012 GDR Check if version of microsoft.reportingservices.diagnostics.dll is greater than or equal to 11.0.2100.0 AND Check if version of microsoft.reportingservices.diagnostics.dll is less than 11.0.2218.0 OR Check for vulnerable SQL Server 2012 QFE Check if version of microsoft.reportingservices.diagnostics.dll is greater than or equal to 11.0.2300.0 AND Check if version of microsoft.reportingservices.diagnostics.dll is less than 11.0.2376.0 AND Microsoft SQL Server 2012 is installed

Definition Id: oval:org.mitre.oval:def:15426

Oval ID:	oval:org.mitre.oval:def:15426
Title:	Word PAPX Section Corruption Vulnerability - MS12-064
Description:	Microsoft Word 2007 SP2 and SP3 does not properly handle memory during the parsing of Word documents, which allows remote attackers to execute arbitrary code via a crafted document, aka "Word PAPX Section Corruption Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-0182	Version:	7
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP	Product(s):	Microsoft Word 2007
Definition Synopsis:
Word 2k7 sp2 / sp3 Microsoft Word 2007 SP2 is installed AND Microsoft Word 2007 SP3 is installed AND Check if the version of Winword.exe is less than 12.0.6662.5003

Definition Id: oval:org.mitre.oval:def:15674

Oval ID:	oval:org.mitre.oval:def:15674
Title:	Kerberos NULL dereference vulnerability - MS12-069
Description:	The server in Kerberos in Microsoft Windows Server 2008 R2 and R2 SP1, and Windows 7 Gold and SP1, allows remote attackers to cause a denial of service (NULL pointer dereference and reboot) via a crafted session request, aka "Kerberos NULL Dereference Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-2551	Version:	3
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 R2	Product(s):
Definition Synopsis:
Check for vulnerable Win 7/server 2008 r2 and file version Check for Win 7/server 2008 r2 Microsoft Windows 7 is installed AND Microsoft Windows Server 2008 R2 x64 Edition is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND Check for LDR/GDR Check if Kerberos.dll file version is less than 6.1.7600.17095 OR Check for LDR the version of kerberos.dll is greater than 6.1.7600.20000 AND Check if Kerberos.dll file version is less than 6.1.7600.21298 OR Check for vulnerable Win 7 SP1/server 2008 r2 SP1 and file version Check for Win 7 SP1/server 2008 r2 SP1 Microsoft Windows 7 (32-bit) Service Pack 1 is installed AND Microsoft Windows 7 x64 Service Pack 1 is installed AND Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition Service Pack 1 is installed AND Check for LDR/GDR Check if Kerberos.dll file version is less than 6.1.7601.17926 OR Check for LDR the version of kerberos.dll is greater than 6.1.7601.20000 AND Check if Kerberos.dll file version is less than 6.1.7601.22084

Definition Id: oval:org.mitre.oval:def:15680

Oval ID:	oval:org.mitre.oval:def:15680
Title:	RTF File listid Use-After-Free Vulnerability - MS12-064
Description:	Use-after-free vulnerability in Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; Word Automation Services on Microsoft SharePoint Server 2010; and Office Web Apps 2010 SP1 allows remote attackers to execute arbitrary code via a crafted RTF document, aka "RTF File listid Use-After-Free Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-2528	Version:	15
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP	Product(s):	Microsoft Word 2003 Microsoft Word 2007 Microsoft Word 2010 Microsoft SharePoint Server 2010 Microsoft Office Compatibility Pack Microsoft Office Web Apps 2010
Definition Synopsis:
Word viewer or Word 2k3 and vulnerable file Microsoft Word 2003 is installed AND Check if the version of wordview.exe is less than 11.0.8348 AND Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\wordview.exe!Path exists OR Word 2007 and vulnerable file Word 2k7 SP2 / SP3 Microsoft Word 2007 SP2 is installed AND Microsoft Word 2007 SP3 is installed AND Check if the version of Winword.exe is less than 12.0.6662.5003 OR Compatibility pack and vulnerable file Office Compatibility pack SP2 / SP3 Microsoft Office Compatibility Pack SP2 is installed AND Microsoft Office Compatibility Pack SP3 is installed AND Check if the version of Wordcnv.dll is less than 12.0.6662.5003 OR Sharepoint server 2010 and vulnerable file Check if the version of Msoserver.Dll is less than 14.0.6123.5001 AND Microsoft SharePoint Server 2010 Service Pack 1 is installed OR Office Web Apps 2010 and vulnerable file Check if the version of Msoserver.Dll is less than 14.0.6123.5001 AND Microsoft Office Web Apps 2010 Service Pack 1 is installed OR Word 2010 and vulnerable file Check if the version of winword.exe is less than 14.0.6123.5005 AND Microsoft Word 2010 SP1 is installed OR Word 2003 SP3 and vulnerable file Microsoft Word 2003 SP3 is installed AND Check if the version of winword.exe is less than 11.0.8348

Definition Id: oval:org.mitre.oval:def:15867

Oval ID:	oval:org.mitre.oval:def:15867
Title:	Windows Kernel Integer Overflow Vulnerability - MS12-068
Description:	Integer overflow in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Windows Kernel Integer Overflow Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-2529	Version:	3
Platform(s):	Microsoft Windows XP Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista	Product(s):
Definition Synopsis:
windows xp 32 bit/version Check if the version of Ntoskrnl.exe is less than 5.1.2600.6284 AND Microsoft Windows XP (x86) SP3 is installed OR windows xp 64 bit/server 2003/version windows xp 64 bit/server 2003 sp2 Microsoft Windows XP x64 Edition SP2 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Check if the version of Ntoskrnl.exe is less than 5.2.3790.5059 OR vista/server 2008/version vista/server 2008 Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND GDR/LDR Check if the version of Ntoskrnl.exe is less than 6.0.6002.18686 OR LDR range Check if the version of Ntoskrnl.exe is less than 6.0.6002.22920 AND the version of Ntoskrnl.exe is greater than or equal 6.0.6002.22000 OR server 2008 R2/windows 7/version server 2008 R2/windows 7 Microsoft Windows 7 is installed AND Microsoft Windows Server 2008 R2 x64 Edition is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND GDR/LDR Check if the version of Ntoskrnl.exe is less than 6.1.7600.17118 OR LDR range Check if the version of Ntoskrnl.exe is less than 6.1.7600.21315 AND the version of Ntoskrnl.exe is greater than or equal 6.1.7600.20000 OR server 2008 R2 sp1/windows 7 sp1/version server 2008 R2 sp1/windows 7 sp1 Microsoft Windows 7 (32-bit) Service Pack 1 is installed AND Microsoft Windows 7 x64 Service Pack 1 is installed AND Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition Service Pack 1 is installed AND GDR/LDR Check if the version of Ntoskrnl.exe is less than 6.1.7601.17944 OR LDR range Check if the version of Ntoskrnl.exe is less than 6.1.7601.22103 AND the version of Ntoskrnl.exe is greater than or equal 6.1.7601.21000 OR Check for vulnerable Windows 2003 and file version Microsoft Windows Server 2003 (ia64) SP2 is installed AND Check if the version of Ntkrnlmp.exe is less than 5.2.3790.5059

CPE : Common Platform Enumeration

Type	Description	Count
Application	Microsoft Groove Server cpe:2.3:a:microsoft:groove_server:2010:sp1::::::	1
Application	Microsoft Infopath cpe:2.3:a:microsoft:infopath:2010:sp1:::::: cpe:2.3:a:microsoft:infopath:2007:sp2::::::	2
Application	Microsoft Lync cpe:2.3:a:microsoft:lync:2010:::::::* cpe:2.3:a:microsoft:lync:2010::attendee:::::	2
Application	Microsoft Office Communicator cpe:2.3:a:microsoft:office_communicator:2007:r2::::::	1
Application	Microsoft Office Web Apps cpe:2.3:a:microsoft:office_web_apps:2010:sp1::::::	1
Application	Microsoft Sharepoint Foundation cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp1::::::	1
Application	Microsoft Sharepoint Server cpe:2.3:a:microsoft:sharepoint_server:2010:sp1:::::: cpe:2.3:a:microsoft:sharepoint_server:2007:sp3:::::: cpe:2.3:a:microsoft:sharepoint_server:2007:sp2::::::	3
Application	Microsoft Sharepoint Services cpe:2.3:a:microsoft:sharepoint_services:3.0:sp2::::::	1
Application	Microsoft Sql Server cpe:2.3:a:microsoft:sql_server:2012:-:x64:::::* cpe:2.3:a:microsoft:sql_server:2012:-:x86:::::* cpe:2.3:a:microsoft:sql_server:2008:sp3:itanium:::::* cpe:2.3:a:microsoft:sql_server:2008:r2_sp1:x64:::::* cpe:2.3:a:microsoft:sql_server:2008:r2_sp1:itanium:::::* cpe:2.3:a:microsoft:sql_server:2008:sp3:x86:::::* cpe:2.3:a:microsoft:sql_server:2008:r2_sp1:x86:::::* cpe:2.3:a:microsoft:sql_server:2008:sp2:x86:::::* cpe:2.3:a:microsoft:sql_server:2008:sp3:x64:::::* cpe:2.3:a:microsoft:sql_server:2008:sp2:itanium:::::* cpe:2.3:a:microsoft:sql_server:2008:sp2:x64:::::* cpe:2.3:a:microsoft:sql_server:2005:sp4:x86:::::* cpe:2.3:a:microsoft:sql_server:2005:sp4:express_advanced_services:::::* cpe:2.3:a:microsoft:sql_server:2005:sp4:itanium:::::* cpe:2.3:a:microsoft:sql_server:2005:sp4:x64:::::*	15
Application	Microsoft Sql Server Reporting Services cpe:2.3:a:microsoft:sql_server_reporting_services:2000:sp2::::::	1
Application	Microsoft Word cpe:2.3:a:microsoft:word:2007:sp2:::::: cpe:2.3:a:microsoft:word:2007:sp3::::::	2
Application	Microsoft Word Automation Services cpe:2.3:a:microsoft:word_automation_services:-:::::::*	1
Application	Microsoft Works cpe:2.3:a:microsoft:works:9.0:::::::*	1
Os	Microsoft Windows 7 cpe:2.3:o:microsoft:windows_7::sp1:x86::::: cpe:2.3:o:microsoft:windows_7::sp1:x64::::: cpe:2.3:o:microsoft:windows_7:::x86:::::* cpe:2.3:o:microsoft:windows_7:::x64:::::*	4
Os	Microsoft Windows Server 2003 cpe:2.3:o:microsoft:windows_server_2003::sp2::::::*	1
Os	Microsoft Windows Server 2008 cpe:2.3:o:microsoft:windows_server_2008::r2:x64::::: cpe:2.3:o:microsoft:windows_server_2008::r2:itanium::::: cpe:2.3:o:microsoft:windows_server_2008::sp2:x86::::: cpe:2.3:o:microsoft:windows_server_2008::sp2:x64::::: cpe:2.3:o:microsoft:windows_server_2008::sp2:itanium:::::	5
Os	Microsoft Windows Vista cpe:2.3:o:microsoft:windows_vista::sp2::::::*	1
Os	Microsoft Windows Xp cpe:2.3:o:microsoft:windows_xp::sp3::::::* cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:::::*	2

OpenVAS Exploits

Date	Description
2012-10-10	Name : Microsoft Office Word Remote Code Execution Vulnerabilities (2742319) File : nvt/secpod_ms12-064.nasl
2012-10-10	Name : Microsoft Products HTML Sanitisation Component XSS Vulnerability (2741517) File : nvt/secpod_ms12-066.nasl
2012-10-10	Name : Microsoft Windows Kernel Privilege Elevation Vulnerability (2724197) File : nvt/secpod_ms12-068.nasl
2012-10-10	Name : Microsoft Windows Kerberos Denial of Service Vulnerability (2743555) File : nvt/secpod_ms12-069.nasl
2012-10-10	Name : Microsoft SQL Server Report Manager Cross Site Scripting Vulnerability (2754849) File : nvt/secpod_ms12-070.nasl

Information Assurance Vulnerability Management (IAVM)

Date	Description
2012-10-11	IAVM : 2012-A-0160 - Microsoft SQL Server Cross-Site Scripting Vulnerability Severity : Category II - VMSKEY : V0034177
2012-10-11	IAVM : 2012-B-0103 - Microsoft Kerberos Denial Of Service Vulnerability Severity : Category I - VMSKEY : V0034180
2012-10-11	IAVM : 2012-B-0102 - Microsoft Works 9 Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0034182

Snort® IPS/IDS

Date	Description
2014-01-10	Microsoft Works Word document use after free attempt RuleID : 24588 - Revision : 8 - Type : FILE-OFFICE
2014-01-10	Microsoft Works Word document use after free attempt RuleID : 24587 - Revision : 8 - Type : FILE-OFFICE
2014-01-10	Microsoft Windows SMB Kerberos NULL session denial of service attempt RuleID : 24360 - Revision : 5 - Type : OS-WINDOWS
2014-01-10	Microsoft Office Word rgfc value overflow attempt RuleID : 24358 - Revision : 7 - Type : FILE-OFFICE
2014-01-10	Microsoft Office Word rgfc value overflow attempt RuleID : 24357 - Revision : 7 - Type : FILE-OFFICE
2014-01-10	Microsoft SQL Server Reporting Services cross site scripting attempt RuleID : 24356 - Revision : 5 - Type : SERVER-MSSQL
2014-01-10	Microsoft SQL Server Reporting Services cross site scripting attempt RuleID : 24355 - Revision : 5 - Type : SERVER-MSSQL
2014-01-10	Microsoft Office Word RTF malformed listid attempt RuleID : 24354 - Revision : 9 - Type : FILE-OFFICE
2014-01-10	Microsoft Office Word RTF malformed listid attempt RuleID : 24353 - Revision : 9 - Type : FILE-OFFICE
2014-01-10	Microsoft Works 9 use-after-free attempt RuleID : 24352 - Revision : 7 - Type : FILE-OFFICE
2014-01-10	Microsoft Works 9 use-after-free attempt RuleID : 24351 - Revision : 7 - Type : FILE-OFFICE
2014-01-10	Microsoft multiple product toStaticHTML XSS attempt RuleID : 23137 - Revision : 11 - Type : BROWSER-IE
2014-01-10	Microsoft multiple product toStaticHTML XSS attempt RuleID : 23136 - Revision : 11 - Type : BROWSER-IE

Nessus® Vulnerability Scanner

Date	Description
2012-10-10	Name : A cross-site scripting vulnerability in SQL Server could allow elevation of p... File : smb_kb2754849.nasl - Type : ACT_GATHER_INFO
2012-10-10	Name : A Microsoft Office component installed on the remote host is affected by mult... File : smb_nt_ms12-064.nasl - Type : ACT_GATHER_INFO
2012-10-10	Name : The remote Windows host could allow arbitrary code execution. File : smb_nt_ms12-065.nasl - Type : ACT_GATHER_INFO
2012-10-10	Name : The remote host is affected by a privilege escalation vulnerability. File : smb_nt_ms12-066.nasl - Type : ACT_GATHER_INFO
2012-10-10	Name : The Windows kernel is affected by a vulnerability that could result in privil... File : smb_nt_ms12-068.nasl - Type : ACT_GATHER_INFO
2012-10-10	Name : The remote implementation of Kerberos is affected by a denial of service vuln... File : smb_nt_ms12-069.nasl - Type : ACT_GATHER_INFO
2012-10-10	Name : A cross-site scripting vulnerability in SQL Server could allow elevation of p... File : smb_nt_ms12-070.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2013-01-30 13:27:35	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	6
Oval ID(s)	6
CPE ID(s)	45
Openvas Exploit(s)	5
IAVM(s)	3
Snort® Rule(s)	13
Nessus® Exploit(s)	7

	Related
9.3	CVE-2012-2550
9.3	CVE-2012-2528
9.3	CVE-2012-0182
7.2	CVE-2012-2529
5	CVE-2012-2551
4.3	CVE-2012-2552
4.3	CVE-2012-2520
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 7 more Alert(s)