Executive Summary
Informations | |||
---|---|---|---|
Name | TA13-071A | First vendor Publication | 2013-03-12 |
Vendor | US-CERT | Last vendor Modification | 2013-03-12 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Select Microsoft software products contain multiple vulnerabilities. Description The Microsoft Security Bulletin Summary for March 2013 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address these vulnerabilities. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution Apply Updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for March 2013, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates. |
Original Source
Url : http://www.us-cert.gov/cas/techalerts/TA13-071A.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-399 | Resource Management Errors |
22 % | CWE-264 | Permissions, Privileges, and Access Controls |
11 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
6 % | CWE-200 | Information Exposure |
6 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
6 % | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:16049 | |||
Oval ID: | oval:org.mitre.oval:def:16049 | ||
Title: | Internet Explorer CCaret Use After Free Vulnerability - MS13-021 | ||
Description: | Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CCaret Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0090 | Version: | 5 |
Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16082 | |||
Oval ID: | oval:org.mitre.oval:def:16082 | ||
Title: | Unintended content loading vulnerability - MS13-026 | ||
Description: | Outlook in Microsoft Office for Mac 2008 before 12.3.6 and Office for Mac 2011 before 14.3.2 allows remote attackers to trigger access to a remote URL and consequently confirm the rendering of an HTML e-mail message by including unspecified HTML5 elements and leveraging the installation of a WebKit browser on the victim's machine, aka "Unintended Content Loading Vulnerability." | ||
Family: | macos | Class: | vulnerability |
Reference(s): | CVE-2013-0095 | Version: | 3 |
Platform(s): | Apple Mac OS X Apple Mac OS X Server | Product(s): | Microsoft Office 2008 for Mac Microsoft Office 2011 for Mac |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16095 | |||
Oval ID: | oval:org.mitre.oval:def:16095 | ||
Title: | Internet Explorer CTreeNode Use After Free Vulnerability - MS13-021 | ||
Description: | Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CTreeNode Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1288 | Version: | 5 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Internet Explorer 8 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16239 | |||
Oval ID: | oval:org.mitre.oval:def:16239 | ||
Title: | Internet Explorer onBeforeCopy Use After Free Vulnerability - MS13-021 | ||
Description: | Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer onBeforeCopy Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0093 | Version: | 5 |
Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16300 | |||
Oval ID: | oval:org.mitre.oval:def:16300 | ||
Title: | Visio Viewer Tree Object Type Confusion Vulnerability - MS13-023 | ||
Description: | Microsoft Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file that triggers incorrect memory allocation, aka "Visio Viewer Tree Object Type Confusion Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0079 | Version: | 6 |
Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Office 2010 Filter Pack Microsoft Visio 2010 Microsoft Visio Viewer 2010 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16324 | |||
Oval ID: | oval:org.mitre.oval:def:16324 | ||
Title: | Internet Explorer GetMarkupPtr Use After Free Vulnerability - MS13-021 | ||
Description: | Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer GetMarkupPtr Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0092 | Version: | 5 |
Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16386 | |||
Oval ID: | oval:org.mitre.oval:def:16386 | ||
Title: | Internet Explorer saveHistory Use After Free Vulnerability - MS13-021 | ||
Description: | Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer saveHistory Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0088 | Version: | 5 |
Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16414 | |||
Oval ID: | oval:org.mitre.oval:def:16414 | ||
Title: | Buffer Overflow Vulnerability - MS13-024 | ||
Description: | Buffer overflow in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to cause a denial of service (W3WP process crash and site outage) via a crafted URL, aka "Buffer Overflow Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0085 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft SharePoint Foundation 2010 Microsoft SharePoint Server 2010 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16441 | |||
Oval ID: | oval:org.mitre.oval:def:16441 | ||
Title: | Microsoft kernel-mode drivers privilege elevation vulnerability (CVE-2013-1285) - MS13-027 | ||
Description: | The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability," a different vulnerability than CVE-2013-1286 and CVE-2013-1287. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1285 | Version: | 6 |
Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16445 | |||
Oval ID: | oval:org.mitre.oval:def:16445 | ||
Title: | SharePoint Directory Traversal Vulnerability - MS13-024 | ||
Description: | Directory traversal vulnerability in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "SharePoint Directory Traversal Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0084 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft SharePoint Foundation 2010 Microsoft SharePoint Server 2010 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16498 | |||
Oval ID: | oval:org.mitre.oval:def:16498 | ||
Title: | Microsoft kernel-mode drivers privilege elevation vulnerability (CVE-2013-1287) - MS13-027 | ||
Description: | The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability," a different vulnerability than CVE-2013-1285 and CVE-2013-1286. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1287 | Version: | 6 |
Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16516 | |||
Oval ID: | oval:org.mitre.oval:def:16516 | ||
Title: | Double dereference vulnerability in Microsoft Silverlight - MS13-022 | ||
Description: | Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML object rendering, which allows remote attackers to execute arbitrary code via a crafted Silverlight application, aka "Silverlight Double Dereference Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0074 | Version: | 6 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Microsoft Silverlight 5 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16526 | |||
Oval ID: | oval:org.mitre.oval:def:16526 | ||
Title: | Internet Explorer CElement Use After Free Vulnerability - MS13-021 | ||
Description: | Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CElement Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0091 | Version: | 5 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Internet Explorer 8 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16539 | |||
Oval ID: | oval:org.mitre.oval:def:16539 | ||
Title: | Vulnerability in Microsoft OneNote could allow information disclosure - MS13-025 | ||
Description: | Microsoft OneNote 2010 SP1 does not properly determine buffer sizes during memory allocation, which allows remote attackers to obtain sensitive information via a crafted OneNote file, aka "Buffer Size Validation Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0086 | Version: | 5 |
Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows Server 2008 Microsoft Windows Server 2012 | Product(s): | Microsoft OneNote 2010 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16565 | |||
Oval ID: | oval:org.mitre.oval:def:16565 | ||
Title: | Double dereference vulnerability in Microsoft Silverlight - MS13-022 (Mac OS X) | ||
Description: | Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML object rendering, which allows remote attackers to execute arbitrary code via a crafted Silverlight application, aka "Silverlight Double Dereference Vulnerability." | ||
Family: | macos | Class: | vulnerability |
Reference(s): | CVE-2013-0074 | Version: | 3 |
Platform(s): | Apple Mac OS X Apple Mac OS X Server | Product(s): | Microsoft Silverlight 5 for Mac |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16583 | |||
Oval ID: | oval:org.mitre.oval:def:16583 | ||
Title: | Internet Explorer OnResize Use After Free Vulnerability - MS13-021 | ||
Description: | Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer OnResize Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0087 | Version: | 5 |
Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16587 | |||
Oval ID: | oval:org.mitre.oval:def:16587 | ||
Title: | Internet Explorer CMarkupBehaviorContext Use After Free Vulnerability - MS13-021 | ||
Description: | Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CMarkupBehaviorContext Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0089 | Version: | 5 |
Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16591 | |||
Oval ID: | oval:org.mitre.oval:def:16591 | ||
Title: | Microsoft kernel-mode drivers privilege elevation vulnerability (CVE-2013-1286) - MS13-027 | ||
Description: | The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability," a different vulnerability than CVE-2013-1285 and CVE-2013-1287. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1286 | Version: | 6 |
Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16596 | |||
Oval ID: | oval:org.mitre.oval:def:16596 | ||
Title: | Callback Function Vulnerability - MS13-024 | ||
Description: | Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allow remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "Callback Function Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0080 | Version: | 5 |
Platform(s): | Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft SharePoint Foundation 2010 Microsoft SharePoint Server 2010 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16634 | |||
Oval ID: | oval:org.mitre.oval:def:16634 | ||
Title: | Internet Explorer removeChild Use After Free Vulnerability - MS13-021 | ||
Description: | Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer removeChild Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0094 | Version: | 5 |
Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2013-11-27 | MS12-022 Microsoft Internet Explorer COALineDashStyleArray Unsafe Memory Access |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2013-03-14 | IAVM : 2013-A-0063 - Microsoft Windows Kernel-Mode Drivers Privilege Escalation Vulnerability Severity : Category II - VMSKEY : V0037404 |
2013-03-14 | IAVM : 2013-A-0064 - Microsoft Silverlight Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0037405 |
2013-03-14 | IAVM : 2013-B-0027 - Microsoft OneNote Information Disclosure Vulnerability Severity : Category II - VMSKEY : V0037411 |
2013-03-14 | IAVM : 2013-B-0028 - Microsoft Visio Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0037412 |
Snort® IPS/IDS
Date | Description |
---|---|
2018-09-11 | Microsoft Internet Explorer pre-line use after free attempt RuleID : 47463 - Revision : 2 - Type : BROWSER-IE |
2017-12-07 | Microsoft Internet Explorer saveHistory use after free attempt RuleID : 44737 - Revision : 1 - Type : BROWSER-IE |
2017-12-07 | Microsoft Internet Explorer saveHistory use after free attempt RuleID : 44736 - Revision : 1 - Type : BROWSER-IE |
2017-10-03 | Internet Explorer CCaret memory corruption attempt RuleID : 44198 - Revision : 2 - Type : BROWSER-IE |
2017-10-03 | Internet Explorer CCaret memory corruption attempt RuleID : 44197 - Revision : 2 - Type : BROWSER-IE |
2017-10-03 | Internet Explorer CCaret memory corruption attempt RuleID : 44196 - Revision : 2 - Type : BROWSER-IE |
2017-10-03 | Internet Explorer CCaret memory corruption attempt RuleID : 44195 - Revision : 2 - Type : BROWSER-IE |
2016-04-21 | Microsoft Internet Explorer text transform use after free attempt RuleID : 38278 - Revision : 2 - Type : BROWSER-IE |
2016-04-21 | Microsoft Internet Explorer text transform use after free attempt RuleID : 38277 - Revision : 2 - Type : BROWSER-IE |
2016-04-21 | Microsoft Internet Explorer text transform use after free attempt RuleID : 38276 - Revision : 2 - Type : BROWSER-IE |
2016-03-22 | Microsoft Silverlight ScriptObject untrusted pointer dereference attempt RuleID : 37801 - Revision : 3 - Type : BROWSER-PLUGINS |
2016-03-14 | Microsoft Internet Explorer pre-line use after free attempt RuleID : 36436 - Revision : 2 - Type : BROWSER-IE |
2015-04-30 | Nuclear exploit kit obfuscated file download RuleID : 33983 - Revision : 5 - Type : EXPLOIT-KIT |
2015-04-30 | Nuclear exploit kit landing page detected RuleID : 33982 - Revision : 3 - Type : EXPLOIT-KIT |
2014-11-16 | Microsoft Sharepoint server callback function cross-site scripting attempt RuleID : 31429 - Revision : 3 - Type : SERVER-WEBAPP |
2014-01-30 | Angler exploit kit XORed payload download attempt RuleID : 29066 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-16 | Microsoft Sharepoint server callback function cross-site scripting attempt RuleID : 28946 - Revision : 3 - Type : SERVER-WEBAPP |
2014-01-10 | Angler exploit kit payload download attempt RuleID : 28616 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Angler exploit kit exploit download attempt RuleID : 28615 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Angler exploit kit landing page RuleID : 28614 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Angler exploit kit landing page - specific-structure RuleID : 28613 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Multiple exploit kit Silverlight exploit download RuleID : 28612 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Microsoft Silverlight ScriptObject untrusted pointer dereference attempt RuleID : 28584 - Revision : 6 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Silverlight ScriptObject untrusted pointer dereference attempt RuleID : 28583 - Revision : 6 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Silverlight ScriptObject untrusted pointer dereference attempt RuleID : 28582 - Revision : 6 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Silverlight ScriptObject untrusted pointer dereference attempt RuleID : 28581 - Revision : 7 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Silverlight ScriptObject untrusted pointer dereference attempt RuleID : 28580 - Revision : 7 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Silverlight ScriptObject untrusted pointer dereference attempt RuleID : 28579 - Revision : 7 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer 9 onbeforeprint use after free attempt RuleID : 26420 - Revision : 3 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer 9 onbeforeprint use after free attempt RuleID : 26419 - Revision : 4 - Type : BROWSER-IE |
2014-01-10 | Microsoft Office OneNote 2010 buffer overread info disclosure attempt RuleID : 26171 - Revision : 3 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office OneNote 2010 buffer overread info disclosure attempt RuleID : 26170 - Revision : 4 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Internet Explorer CCaret use after free attempt RuleID : 26169 - Revision : 5 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer CCaret use after free attempt RuleID : 26168 - Revision : 5 - Type : BROWSER-IE |
2014-01-10 | Microsoft SharePoint Server directory traversal attempt RuleID : 26167 - Revision : 3 - Type : SERVER-WEBAPP |
2014-01-10 | Microsoft SharePoint Server directory traversal attempt RuleID : 26166 - Revision : 3 - Type : SERVER-WEBAPP |
2014-01-10 | Microsoft SharePoint Server directory traversal attempt RuleID : 26165 - Revision : 3 - Type : SERVER-WEBAPP |
2014-01-10 | Microsoft Office Visio TAG_xxxSheet code execution attempt RuleID : 26164 - Revision : 6 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Visio TAG_xxxSheet code execution attempt RuleID : 26163 - Revision : 6 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Internet Explorer 9 onbeforeprint use after free attempt RuleID : 26162 - Revision : 3 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer 9 onbeforeprint use after free attempt RuleID : 26161 - Revision : 4 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer 9 onbeforeprint use after free attempt RuleID : 26160 - Revision : 4 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer 9 onbeforeprint use after free attempt RuleID : 26159 - Revision : 4 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer 9 onbeforeprint use after free attempt RuleID : 26158 - Revision : 5 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer 9 onbeforeprint use after free attempt RuleID : 26157 - Revision : 5 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer 9 onBeforeCopy use after free attempt RuleID : 26138 - Revision : 3 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer 9 onBeforeCopy use after free attempt RuleID : 26137 - Revision : 3 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer saveHistory use after free attempt RuleID : 26136 - Revision : 2 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer saveHistory use after free attempt RuleID : 26135 - Revision : 3 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer 8 deleted object access memory corruption attempt RuleID : 26134 - Revision : 3 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer saveHistory use after free attempt RuleID : 26133 - Revision : 5 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer saveHistory use after free attempt RuleID : 26132 - Revision : 5 - Type : BROWSER-IE |
2014-01-10 | Microsoft Office SharePoint cross site scripting attempt RuleID : 26131 - Revision : 5 - Type : SERVER-WEBAPP |
2014-01-10 | Microsoft Internet Explorer htc file use after free attempt RuleID : 26130 - Revision : 4 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer htc file use after free attempt RuleID : 26129 - Revision : 5 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer text transform use after free attempt RuleID : 26125 - Revision : 4 - Type : BROWSER-IE |
2014-01-10 | Microsoft Office SharePoint cross site scripting attempt RuleID : 26124 - Revision : 7 - Type : SERVER-WEBAPP |
2014-01-10 | Microsoft Internet Explorer pre-line use after free attempt RuleID : 25775 - Revision : 6 - Type : BROWSER-IE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-03-12 | Name : A multimedia application framework installed on the remote Mac OS X host is a... File : macosx_ms13-022.nasl - Type : ACT_GATHER_INFO |
2013-03-12 | Name : An application installed on the remote Mac OS X host is affected by an inform... File : macosx_ms13-026.nasl - Type : ACT_GATHER_INFO |
2013-03-12 | Name : The remote host is affected by multiple code execution vulnerabilities. File : smb_nt_ms13-021.nasl - Type : ACT_GATHER_INFO |
2013-03-12 | Name : A browser enhancement on the remote Windows host could allow arbitrary code e... File : smb_nt_ms13-022.nasl - Type : ACT_GATHER_INFO |
2013-03-12 | Name : Arbitrary code can be executed on the remote Windows host through Visio or Vi... File : smb_nt_ms13-023.nasl - Type : ACT_GATHER_INFO |
2013-03-12 | Name : The version of SharePoint running on the remote host has multiple vulnerabili... File : smb_nt_ms13-024.nasl - Type : ACT_GATHER_INFO |
2013-03-12 | Name : Information disclosure can occur if an attacker convinces a user to open a sp... File : smb_nt_ms13-025.nasl - Type : ACT_GATHER_INFO |
2013-03-12 | Name : The Windows kernel on the remote host is affected by a privilege escalation v... File : smb_nt_ms13-027.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2013-05-04 17:21:18 |
|
2013-03-13 09:18:06 |
|