Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2010-02-10 |
| Product | Windows Server 2008 | Last view | 2019-04-08 |
| Version | r2 | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | itanium | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:microsoft:windows_server_2008 | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5.5 | 2019-04-08 | CVE-2019-0754 | A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. |
| 7.8 | 2018-12-11 | CVE-2018-8639 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8641. |
| 7.8 | 2018-12-11 | CVE-2018-8611 | An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. |
| 7.8 | 2013-02-13 | CVE-2013-0075 | The TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service (reboot) via a crafted packet that terminates a TCP connection, aka "TCP FIN WAIT Vulnerability." |
| 7.2 | 2013-01-09 | CVE-2013-0008 | win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle window broadcast messages, which allows local users to gain privileges via a crafted application, aka "Win32k Improper Message Handling Vulnerability." |
| 9.3 | 2012-12-11 | CVE-2012-2556 | The OpenType Font (OTF) driver in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows remote attackers to execute arbitrary code via a crafted OpenType font file, aka "OpenType Font Parsing Vulnerability." |
| 7.2 | 2012-07-10 | CVE-2012-1893 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate callback parameters during creation of a hook procedure, which allows local users to gain privileges via a crafted application, aka "Win32k Incorrect Type Handling Vulnerability." |
| 7.2 | 2012-07-10 | CVE-2012-1890 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle keyboard-layout files, which allows local users to gain privileges via a crafted application, aka "Keyboard Layout Vulnerability." |
| 4.3 | 2012-07-10 | CVE-2012-1870 | The CBC mode in the TLS protocol, as used in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and other products, allows remote web servers to obtain plaintext data by triggering multiple requests to a third-party HTTPS server and sniffing the network during the resulting HTTPS session, aka "TLS Protocol Vulnerability." |
| 9.3 | 2012-06-12 | CVE-2012-0173 | The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process packets in memory, which allows remote attackers to execute arbitrary code by sending crafted RDP packets triggering access to an object that (1) was not properly initialized or (2) is deleted, aka "Remote Desktop Protocol Vulnerability," a different vulnerability than CVE-2012-0002. |
| 7.2 | 2012-05-08 | CVE-2012-1848 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "Scrollbar Calculation Vulnerability." |
| 7.2 | 2012-05-08 | CVE-2012-0180 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode input passed to kernel mode for (1) windows and (2) messages, which allows local users to gain privileges via a crafted application, aka "Windows and Messages Vulnerability." |
| 9.3 | 2012-04-10 | CVE-2012-0151 | The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute arbitrary code via a modified file with additional content, aka "WinVerifyTrust Signature Validation Vulnerability." |
| 7.2 | 2012-03-13 | CVE-2012-0157 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle window messaging, which allows local users to gain privileges via a crafted application that calls the PostMessage function, aka "PostMessage Function Vulnerability." |
| 4.3 | 2012-03-13 | CVE-2012-0156 | DirectWrite in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly render Unicode characters, which allows remote attackers to cause a denial of service (application hang) via a (1) instant message or (2) web site, aka "DirectWrite Application Denial of Service Vulnerability." |
| 4.3 | 2012-03-13 | CVE-2012-0152 | The Remote Desktop Protocol (RDP) service in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (application hang) via a series of crafted packets, aka "Terminal Server Denial of Service Vulnerability." |
| 9.3 | 2012-03-13 | CVE-2012-0002 | The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process packets in memory, which allows remote attackers to execute arbitrary code by sending crafted RDP packets triggering access to an object that (1) was not properly initialized or (2) is deleted, aka "Remote Desktop Protocol Vulnerability." |
| 6.4 | 2012-02-17 | CVE-2012-1194 | The resolver in the DNS Server service in Microsoft Windows Server 2008 before R2 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack. |
| 7.2 | 2012-02-14 | CVE-2012-0154 | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers keyboard layout errors, aka "Keyboard Layout Use After Free Vulnerability." |
| 9.3 | 2012-02-14 | CVE-2012-0150 | Buffer overflow in msvcrt.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted media file, aka "Msvcrt.dll Buffer Overflow Vulnerability." |
| 7.2 | 2012-02-14 | CVE-2012-0148 | afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 on 64-bit platforms does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "AfdPoll Elevation of Privilege Vulnerability." |
| 9.3 | 2012-01-10 | CVE-2012-0013 | Incomplete blacklist vulnerability in the Windows Packager configuration in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted ClickOnce application in a Microsoft Office document, related to .application files, aka "Assembly Execution Vulnerability." |
| 9.3 | 2012-01-10 | CVE-2012-0004 | Unspecified vulnerability in DirectShow in DirectX in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted media file, related to Quartz.dll, Qdvd.dll, closed captioning, and the Line21 DirectShow filter, aka "DirectShow Remote Code Execution Vulnerability." |
| 9.3 | 2012-01-10 | CVE-2012-0003 | Unspecified vulnerability in winmm.dll in Windows Multimedia Library in Windows Media Player (WMP) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via a crafted MIDI file, aka "MIDI Remote Code Execution Vulnerability." |
| 9.3 | 2012-01-10 | CVE-2012-0001 | The kernel in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly load structured exception handling tables, which allows context-dependent attackers to bypass the SafeSEH security feature by leveraging a Visual C++ .NET 2003 application, aka "Windows Kernel SafeSEH Bypass Vulnerability." |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 37% (35) | CWE-399 | Resource Management Errors |
| 24% (23) | CWE-20 | Improper Input Validation |
| 9% (9) | CWE-264 | Permissions, Privileges, and Access Controls |
| 9% (9) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 6% (6) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 4% (4) | CWE-189 | Numeric Errors |
| 2% (2) | CWE-404 | Improper Resource Shutdown or Release |
| 2% (2) | CWE-200 | Information Exposure |
| 2% (2) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 1% (1) | CWE-476 | NULL Pointer Dereference |
| 1% (1) | CWE-287 | Improper Authentication |
SAINT Exploits
| Description | Link |
|---|---|
| Windows Media MIDI Invalid Channel | More info here |
| Microsoft Office ClickOnce Unsafe Execution | More info here |
| Windows Shell LNK file CONTROL item command execution | More info here |
| Microsoft Remote Desktop Connection Insecure Library Injection | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 78211 | Microsoft Windows Line21 DirectShow Filter Media File Handling Remote Code Ex... |
| 78210 | Microsoft Windows Multimedia Library (winmm.dll) MIDI File Handling Remote Co... |
| 78209 | Microsoft Windows Ntdll.dll Structured Exception Handling Tables Loading Safe... |
| 78207 | Microsoft Windows Embedded ClickOnce Application Office File Handling Remote ... |
| 78057 | Microsoft .NET Framework ASP.NET Hash Collision Web Form Post Parsing Remote DoS |
| 78056 | Microsoft .NET Framework Forms Authentication Sliding Expiry Cached Content P... |
| 78055 | Microsoft .NET Framework ASP.NET Username Parsing Authentication Bypass |
| 78054 | Microsoft .NET Framework Forms Authentication Return URL Handling Arbitrary S... |
| 77662 | Microsoft Windows CSRSS Device Event Message Parsing Local Privilege Escalation |
| 76901 | Microsoft Windows Mail / Windows Meeting Space Path Subversion Arbitrary DLL ... |
| 76900 | Microsoft Windows Malformed TrueType Font Parsing DoS |
| 76899 | Microsoft Windows TCP/IP Reference Counter Crafted UDP Packet Stream Remote O... |
| 76231 | Microsoft Windows Active Accessibility Path Subversion Arbitrary DLL Injectio... |
| 76221 | Microsoft Windows win32k.sys Driver Use-after-free Driver Object Handling Arb... |
| 76220 | Microsoft Windows win32k.sys Driver .fon Font File Handling Overflow |
| 76219 | Microsoft Windows win32k.sys Driver Type Translation TrueType Font File Handl... |
| 76218 | Microsoft Windows win32k.sys Driver NULL Dereference Unspecified Arbitrary Co... |
| 75382 | Microsoft Windows Shell Extensions Path Subversion Arbitrary DLL Injection Co... |
| 74483 | Microsoft Windows TCP/IP Stack (Tcpip.sys) QoS URL Request Parsing Remote DoS |
| 74482 | Microsoft Windows TCP/IP Stack (Tcpip.sys) ICMP Message Parsing Remote DoS |
| 74408 | Microsoft Windows Data Access Tracing Component Path Subversion Arbitrary DLL... |
| 74407 | Microsoft Windows Kernel File Metadata Handling Remote DoS |
| 74401 | Microsoft Windows Client/Server Run-time Subsystem (CSRSS) Inter-Process Devi... |
| 73796 | Microsoft Windows CSRSS SrvSetConsoleLocalEUDC() Function NULL Page Data Writ... |
| 73794 | Microsoft Windows CSRSS SrvWriteConsoleOutput() Function Local Overflow |
ExploitDB Exploits
| id | Description |
|---|---|
| 24485 | MS13-005 HWND_BROADCAST PoC |
| 19037 | MS12-005 Microsoft Office ClickOnce Unsafe Object Package Handling Vulnerability |
| 18426 | MS12-004 midiOutPlayNextPolyEvent Heap Overflow |
| 18372 | Microsoft Windows Assembly Execution Vulnerability MS12-005 |
| 18024 | MS11-077 Win32k Null Pointer De-reference Vulnerability POC |
| 17981 | MS11-064 TCP/IP Stack Denial of Service |
| 17978 | MS11-077 .fon Kernel-Mode Buffer Overrun PoC |
| 15758 | Windows Win32k Pointer Dereferencement PoC (MS10-098) |
| 14608 | Microsoft Windows CreateWindow Function Callback Vulnerability (MS10-048) |
OpenVAS Exploits
| id | Description |
|---|---|
| 2013-07-09 | Name : Microsoft Remote Desktop Protocol Remote Code Execution Vulnerabilities (2671... File : nvt/secpod_ms12-020_remote.nasl |
| 2012-12-12 | Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (... File : nvt/secpod_ms12-078.nasl |
| 2012-07-11 | Name : Microsoft Windows TLS Protocol Information Disclosure Vulnerability (2655992) File : nvt/secpod_ms12-049.nasl |
| 2012-07-11 | Name : Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (27... File : nvt/secpod_ms12-047.nasl |
| 2012-06-13 | Name : Microsoft Remote Desktop Protocol Remote Code Execution Vulnerability (2685939) File : nvt/secpod_ms12-036.nasl |
| 2012-05-09 | Name : MS Security Update For Microsoft Office, .NET Framework, and Silverlight (268... File : nvt/secpod_ms12-034.nasl |
| 2012-04-11 | Name : Windows Authenticode Signature Remote Code Execution Vulnerability (2653956) File : nvt/secpod_ms12-024.nasl |
| 2012-03-14 | Name : Microsoft Remote Desktop Protocol Remote Code Execution Vulnerabilities (2671... File : nvt/secpod_ms12-020.nasl |
| 2012-03-14 | Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerability (2641653) File : nvt/secpod_ms12-018.nasl |
| 2012-03-14 | Name : Microsoft Windows DirectWrite Denial of Service Vulnerability (2665364) File : nvt/secpod_ms12-019.nasl |
| 2012-03-06 | Name : Microsoft SMB Transaction Parsing Remote Code Execution Vulnerability File : nvt/secpod_ms11-020_remote.nasl |
| 2012-02-15 | Name : MS Windows C Run-Time Library Remote Code Execution Vulnerability (2654428) File : nvt/secpod_ms12-013.nasl |
| 2012-02-15 | Name : MS Windows Ancillary Function Driver Privilege Elevation Vulnerabilities (264... File : nvt/secpod_ms12-009.nasl |
| 2012-02-15 | Name : Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (2660465) File : nvt/secpod_ms12-008.nasl |
| 2012-01-11 | Name : Windows ClickOnce Application Installer Remote Code Execution Vulnerability (... File : nvt/secpod_ms12-005.nasl |
| 2012-01-11 | Name : Microsoft Windows Media Could Allow Remote Code Execution Vulnerabilities (26... File : nvt/secpod_ms12-004.nasl |
| 2012-01-11 | Name : Microsoft Windows Kernel Security Feature Bypass Vulnerability (2644615) File : nvt/secpod_ms12-001.nasl |
| 2011-12-30 | Name : Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2638420) File : nvt/secpod_ms11-100.nasl |
| 2011-12-14 | Name : Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability (2... File : nvt/secpod_ms11-097.nasl |
| 2011-11-09 | Name : Windows Mail and Windows Meeting Space Remote Code Execution Vulnerability (2... File : nvt/secpod_ms11-085.nasl |
| 2011-11-09 | Name : Windows Kernel-Mode Drivers Remote Code Execution Vulnerability (2617657) File : nvt/secpod_ms11-084.nasl |
| 2011-11-09 | Name : Microsoft Windows TCP/IP Remote Code Execution Vulnerability (2588516) File : nvt/secpod_ms11-083.nasl |
| 2011-10-12 | Name : Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (2567053) File : nvt/secpod_ms11-077.nasl |
| 2011-10-12 | Name : Microsoft Active Accessibility Remote Code Execution Vulnerability (2623699) File : nvt/secpod_ms11-075.nasl |
| 2011-09-14 | Name : Microsoft Windows Components Remote Code Execution Vulnerabilities (2570947) File : nvt/secpod_ms11-071.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2012-A-0108 | Microsoft TLS Protocol Information Disclosure Vulnerability Severity: Category II - VMSKEY: V0033310 |
| 2012-A-0092 | Microsoft Remote Desktop Remote Code Execution Vulnerability Severity: Category I - VMSKEY: V0032826 |
| 2012-A-0060 | Microsoft Windows Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0031983 |
| 2012-A-0039 | Multiple Vulnerabilities in Microsoft Remote Desktop Protocol Severity: Category I - VMSKEY: V0031885 |
| 2012-B-0021 | Microsoft Windows Ancillary Function Driver Privilege Escalation Vulnerabilities Severity: Category II - VMSKEY: V0031355 |
| 2012-A-0026 | Microsoft Windows C Run-Time Library Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0031348 |
| 2012-A-0003 | Microsoft Windows Kernel Security Bypass Vulnerability Severity: Category I - VMSKEY: V0030998 |
| 2012-A-0005 | Multiple Remote Code Execution Vulnerabilities in Microsoft Windows Media Severity: Category II - VMSKEY: V0031000 |
| 2012-A-0007 | Microsoft Windows Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0031010 |
| 2012-A-0002 | Microsoft Windows Components Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0030932 |
| 2012-A-0001 | Multiple Vulnerabilities in Microsoft .NET Framework Severity: Category I - VMSKEY: V0030927 |
| 2011-A-0162 | Microsoft Windows Client/Server Run-time Subsystem Elevation of Privilege Vul... Severity: Category II - VMSKEY: V0030835 |
| 2011-B-0135 | Microsoft Windows Mail and Windows Meeting Space Remote Code Execution Vulner... Severity: Category II - VMSKEY: V0030608 |
| 2011-A-0138 | Microsoft Active Accessibility Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0030402 |
| 2011-B-0101 | Microsoft Windows Data Access Components Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0029783 |
| 2011-A-0115 | Microsoft Windows Client/Server Run-time Subsystem Elevation of Privilege Vul... Severity: Category I - VMSKEY: V0029760 |
| 2011-B-0104 | Microsoft Windows Kernel Remote Denial of Service Vulnerability Severity: Category II - VMSKEY: V0029745 |
| 2011-B-0067 | Microsoft Windows Ancillary Function Driver Privilege Escalation Vulnerability Severity: Category II - VMSKEY: V0028611 |
| 2011-B-0065 | Microsoft MHTML Information Disclosure Vulnerability Severity: Category II - VMSKEY: V0028617 |
| 2011-A-0078 | Microsoft Server Message Block (SMB) Denial of Service Vulnerability Severity: Category I - VMSKEY: V0028598 |
| 2011-A-0081 | Microsoft Windows OLE Automation Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0028597 |
| 2011-A-0087 | Microsoft Distributed File System Remote Code Execution Vulnerabilities Severity: Category I - VMSKEY: V0028593 |
| 2011-A-0079 | Microsoft SMB Client Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0028592 |
| 2011-A-0050 | Microsoft SMB Server Remote Code Execution Vulnerability Severity: Category I - VMSKEY: V0026521 |
| 2011-A-0039 | Microsoft DNS Resolution Remote Code Execution Vulnerability Severity: Category I - VMSKEY: V0026514 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2020-03-19 | Microsoft Windows Data Analyzer 3.5 ActiveX clsid access RuleID : 53118 - Type : BROWSER-PLUGINS - Revision : 1 |
| 2020-03-19 | Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt RuleID : 53117 - Type : BROWSER-PLUGINS - Revision : 1 |
| 2020-03-19 | Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt RuleID : 53116 - Type : BROWSER-PLUGINS - Revision : 1 |
| 2020-01-03 | Microsoft Windows MHTML XSS attempt RuleID : 52335 - Type : OS-WINDOWS - Revision : 1 |
| 2019-09-17 | Microsoft Windows Object Packager ClickOnce object remote code execution attempt RuleID : 51029 - Type : OS-WINDOWS - Revision : 1 |
| 2019-09-17 | Microsoft Windows Object Packager ClickOnce object remote code execution attempt RuleID : 51028 - Type : OS-WINDOWS - Revision : 1 |
| 2019-09-05 | Microsoft Fax Cover Page Editor heap corruption attempt RuleID : 50873 - Type : OS-WINDOWS - Revision : 1 |
| 2019-09-05 | Microsoft Fax Cover Page Editor heap corruption attempt RuleID : 50872 - Type : OS-WINDOWS - Revision : 1 |
| 2019-01-15 | Microsoft Windows kernel use-after-free attempt RuleID : 48613 - Type : FILE-EXECUTABLE - Revision : 1 |
| 2019-01-15 | Microsoft Windows kernel use-after-free attempt RuleID : 48612 - Type : FILE-EXECUTABLE - Revision : 1 |
| 2019-01-15 | Microsoft Windows win32k NtGdiCreateDIBitmapInternal memory corruption attempt RuleID : 48607 - Type : OS-WINDOWS - Revision : 1 |
| 2019-01-15 | Microsoft Windows win32k NtGdiCreateDIBitmapInternal memory corruption attempt RuleID : 48606 - Type : OS-WINDOWS - Revision : 1 |
| 2017-10-10 | Microsoft DirectShow memory corruption attempt RuleID : 44306 - Type : OS-WINDOWS - Revision : 2 |
| 2017-10-10 | Microsoft DirectShow memory corruption attempt RuleID : 44305 - Type : OS-WINDOWS - Revision : 2 |
| 2017-02-21 | Microsoft Windows RtlQueryRegistryValues buffer overflow attempt RuleID : 41365 - Type : OS-WINDOWS - Revision : 3 |
| 2016-09-13 | Microsoft Windows win32k.sys escalation of privilege attempt RuleID : 39863 - Type : OS-WINDOWS - Revision : 2 |
| 2016-03-14 | Microsoft Windows wininet request for peerdistsvc.dll over SMB attempt RuleID : 36805 - Type : OS-WINDOWS - Revision : 3 |
| 2016-03-14 | Microsoft Windows wininet peerdistsvc.dll dll-load exploit attempt RuleID : 36804 - Type : OS-WINDOWS - Revision : 3 |
| 2015-07-13 | Win.Trojan.Fanny outbound connection RuleID : 34857 - Type : MALWARE-CNC - Revision : 2 |
| 2015-06-23 | Microsoft Windows Font Library file buffer overflow attempt RuleID : 34566 - Type : FILE-OTHER - Revision : 3 |
| 2015-04-07 | Microsoft Windows Media MIDI file memory corruption attempt RuleID : 33684 - Type : FILE-OTHER - Revision : 3 |
| 2015-03-17 | Microsoft Windows Comctl32.dll third-party SVG viewer heap overflow attempt RuleID : 33479 - Type : OS-WINDOWS - Revision : 2 |
| 2015-01-20 | Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access RuleID : 32843 - Type : BROWSER-PLUGINS - Revision : 3 |
| 2015-01-20 | Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access RuleID : 32842 - Type : BROWSER-PLUGINS - Revision : 4 |
| 2015-01-20 | Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access RuleID : 32840 - Type : BROWSER-PLUGINS - Revision : 4 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2013-02-12 | Name: The remote Windows host is affected by a denial of service vulnerability. File: smb_nt_ms13-018.nasl - Type: ACT_GATHER_INFO |
| 2013-01-09 | Name: The Windows kernel on the remote host is affected by a privilege escalation v... File: smb_nt_ms13-005.nasl - Type: ACT_GATHER_INFO |
| 2012-12-11 | Name: The remote Windows host is affected by remote code execution vulnerabilities. File: smb_nt_ms12-078.nasl - Type: ACT_GATHER_INFO |
| 2012-07-17 | Name: The remote device has a denial of service vulnerability. File: juniper_psn-2012-07-650.nasl - Type: ACT_GATHER_INFO |
| 2012-07-11 | Name: The remote Windows host has an information disclosure vulnerability. File: smb_nt_ms12-049.nasl - Type: ACT_GATHER_INFO |
| 2012-07-11 | Name: The remote Windows host is affected by multiple privilege escalation vulnerab... File: smb_nt_ms12-047.nasl - Type: ACT_GATHER_INFO |
| 2012-06-13 | Name: The remote Windows host could allow arbitrary code execution. File: smb_nt_ms12-036.nasl - Type: ACT_GATHER_INFO |
| 2012-05-09 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms12-034.nasl - Type: ACT_GATHER_INFO |
| 2012-04-11 | Name: The remote Windows host has a code execution vulnerability. File: smb_nt_ms12-024.nasl - Type: ACT_GATHER_INFO |
| 2012-03-13 | Name: The remote Windows host could allow arbitrary code execution. File: smb_nt_ms12-020.nasl - Type: ACT_GATHER_INFO |
| 2012-03-13 | Name: The remote Windows host is affected by a denial of service vulnerability. File: smb_nt_ms12-019.nasl - Type: ACT_GATHER_INFO |
| 2012-03-13 | Name: The remote Windows kernel is affected by a privilege escalation vulnerability. File: smb_nt_ms12-018.nasl - Type: ACT_GATHER_INFO |
| 2012-02-14 | Name: Arbitrary code can be executed on the remote host through Microsoft's C run-t... File: smb_nt_ms12-013.nasl - Type: ACT_GATHER_INFO |
| 2012-02-14 | Name: The remote Windows host contains a driver that allows privilege escalation. File: smb_nt_ms12-009.nasl - Type: ACT_GATHER_INFO |
| 2012-02-14 | Name: The remote Windows kernel is affected by multiple remote code execution vulne... File: smb_nt_ms12-008.nasl - Type: ACT_GATHER_INFO |
| 2012-01-10 | Name: The remote Windows host has a flaw in a security feature that is utilized by ... File: smb_nt_ms12-001.nasl - Type: ACT_GATHER_INFO |
| 2012-01-10 | Name: Opening a specially crafted Microsoft Office file could result in arbitrary c... File: smb_nt_ms12-005.nasl - Type: ACT_GATHER_INFO |
| 2012-01-10 | Name: Opening a specially crafted media file could result in arbitrary code execution. File: smb_nt_ms12-004.nasl - Type: ACT_GATHER_INFO |
| 2011-12-29 | Name: The version of ASP.NET Framework installed on the remote host is affected by ... File: smb_nt_ms11-100.nasl - Type: ACT_GATHER_INFO |
| 2011-12-13 | Name: The remote Windows host has a privilege escalation vulnerability. File: smb_nt_ms11-097.nasl - Type: ACT_GATHER_INFO |
| 2011-11-08 | Name: The remote Windows host is affected by a remote code execution vulnerability. File: smb_nt_ms11-085.nasl - Type: ACT_GATHER_INFO |
| 2011-11-08 | Name: The remote Windows host contains a component that is susceptible to a denial ... File: smb_nt_ms11-084.nasl - Type: ACT_GATHER_INFO |
| 2011-11-08 | Name: The remote Windows host has a code execution vulnerability. File: smb_nt_ms11-083.nasl - Type: ACT_GATHER_INFO |
| 2011-10-11 | Name: The remote Windows kernel is affected by multiple vulnerabilities. File: smb_nt_ms11-077.nasl - Type: ACT_GATHER_INFO |
| 2011-10-11 | Name: The remote Windows host contains a component that could allow remote code exe... File: smb_nt_ms11-075.nasl - Type: ACT_GATHER_INFO |
