This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 1997-03-01
Product Ie Last view 2015-05-20
Version Type
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:microsoft:ie:6.0:*:*:*:*:*:*:* 211
cpe:2.3:a:microsoft:ie:5.5:*:*:*:*:*:*:* 175
cpe:2.3:a:microsoft:ie:6:*:*:*:*:*:*:* 148
cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:* 134
cpe:2.3:a:microsoft:ie:7:*:*:*:*:*:*:* 125
cpe:2.3:a:microsoft:ie:5.5:sp2:*:*:*:*:*:* 124
cpe:2.3:a:microsoft:ie:5.5:sp1:*:*:*:*:*:* 118
cpe:2.3:a:microsoft:ie:8:*:*:*:*:*:*:* 105
cpe:2.3:a:microsoft:ie:5.01:*:*:*:*:*:*:* 104
cpe:2.3:a:microsoft:ie:5.0:*:*:*:*:*:*:* 98
cpe:2.3:a:microsoft:ie:5.0.1:sp1:*:*:*:*:*:* 95
cpe:2.3:a:microsoft:ie:5.0.1:sp2:*:*:*:*:*:* 94
cpe:2.3:a:microsoft:ie:5.0.1:*:*:*:*:*:*:* 92
cpe:2.3:a:microsoft:ie:6:sp1:*:*:*:*:*:* 82
cpe:2.3:a:microsoft:ie:4.0:*:*:*:*:*:*:* 78
cpe:2.3:a:microsoft:ie:5.01:sp4:*:*:*:*:*:* 76
cpe:2.3:a:microsoft:ie:5.0.1:sp3:*:*:*:*:*:* 76
cpe:2.3:a:microsoft:ie:6.0:sp2:*:*:*:*:*:* 65
cpe:2.3:a:microsoft:ie:5.0.1:sp4:*:*:*:*:*:* 64
cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1:*:*:*:*:*:* 64
cpe:2.3:a:microsoft:ie:*:*:*:*:*:*:*:* 61
cpe:2.3:a:microsoft:ie:4.0.1:*:*:*:*:*:*:* 58
cpe:2.3:a:microsoft:ie:7.0:*:*:*:*:*:*:* 53
cpe:2.3:a:microsoft:ie:5.5:preview:*:*:*:*:*:* 51
cpe:2.3:a:microsoft:ie:5.01:sp2:*:*:*:*:*:* 50
cpe:2.3:a:microsoft:ie:5.1:*:*:*:*:*:*:* 50
cpe:2.3:a:microsoft:ie:5.01:sp1:*:*:*:*:*:* 50
cpe:2.3:a:microsoft:ie:5:*:*:*:*:*:*:* 47
cpe:2.3:a:microsoft:ie:3.0:*:*:*:*:*:*:* 46
cpe:2.3:a:microsoft:ie:5.01:sp3:*:*:*:*:*:* 45
cpe:2.3:a:microsoft:ie:3.0.2:*:*:*:*:*:*:* 44
cpe:2.3:a:microsoft:ie:4.0.1:sp2:*:*:*:*:*:* 44
cpe:2.3:a:microsoft:ie:3.2:*:*:*:*:*:*:* 43
cpe:2.3:a:microsoft:ie:4.1:*:*:*:*:*:*:* 43
cpe:2.3:a:microsoft:ie:4.0:*:windows_nt:*:*:*:*:* 43
cpe:2.3:a:microsoft:ie:5.0:*:windows_98:*:*:*:*:* 43
cpe:2.3:a:microsoft:ie:5.0:*:windows_95:*:*:*:*:* 43
cpe:2.3:a:microsoft:ie:4.0.1:sp1:*:*:*:*:*:* 42
cpe:2.3:a:microsoft:ie:3.0.1:*:*:*:*:*:*:* 42
cpe:2.3:a:microsoft:ie:4.0:*:windows_98:*:*:*:*:* 42
cpe:2.3:a:microsoft:ie:5.01:windows_2000_sp4:*:*:*:*:*:* 42
cpe:2.3:a:microsoft:ie:3.1:*:*:*:*:*:*:* 41
cpe:2.3:a:microsoft:ie:5.0.1:*:windows_nt_4.0:*:*:*:*:* 41
cpe:2.3:a:microsoft:ie:5:*:windows_nt_4.0:*:*:*:*:* 41
cpe:2.3:a:microsoft:ie:5.0.1:*:windows_98:*:*:*:*:* 41
cpe:2.3:a:microsoft:ie:5.0.1:*:windows_95:*:*:*:*:* 41
cpe:2.3:a:microsoft:ie:4.0.1:*:windows_98:*:*:*:*:* 41
cpe:2.3:a:microsoft:ie:4.0.1:*:windows_nt:*:*:*:*:* 41
cpe:2.3:a:microsoft:ie:5.0.1:*:windows_2000:*:*:*:*:* 41
cpe:2.3:a:microsoft:ie:6:windows_xp_sp2:*:*:*:*:*:* 41

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
3.7 2015-05-20 CVE-2015-4000

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.

4.3 2015-03-31 CVE-2015-2808

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.

5.9 2013-03-15 CVE-2013-2566

The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.

4.3 2012-06-12 CVE-2012-1882

Microsoft Internet Explorer 6 through 9 does not block cross-domain scrolling events, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Scrolling Events Information Disclosure Vulnerability."

9.3 2012-06-12 CVE-2012-1881

Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnRowsInserted Event Remote Code Execution Vulnerability."

9.3 2012-06-12 CVE-2012-1880

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "insertRow Remote Code Execution Vulnerability."

9.3 2012-06-12 CVE-2012-1879

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access an undefined memory location, aka "insertAdjacentText Remote Code Execution Vulnerability."

9.3 2012-06-12 CVE-2012-1878

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnBeforeDeactivate Event Remote Code Execution Vulnerability."

9.3 2012-06-12 CVE-2012-1877

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Title Element Change Remote Code Execution Vulnerability."

9.3 2012-06-12 CVE-2012-1876

Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access a nonexistent object, leading to a heap-based buffer overflow, aka "Col Element Remote Code Execution Vulnerability," as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012.

9.3 2012-06-12 CVE-2012-1875

Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Same ID Property Remote Code Execution Vulnerability."

9.3 2012-06-12 CVE-2012-1874

Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows user-assisted remote attackers to execute arbitrary code by accessing a deleted object, aka "Developer Toolbar Remote Code Execution Vulnerability."

4.3 2012-06-12 CVE-2012-1873

Microsoft Internet Explorer 7 through 9 does not properly create and initialize string data, which allows remote attackers to obtain sensitive information from process memory via a crafted HTML document, aka "Null Byte Information Disclosure Vulnerability."

4.3 2012-06-12 CVE-2012-1872

Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to inject arbitrary web script or HTML via crafted character sequences with EUC-JP encoding, aka "EUC-JP Character Encoding Vulnerability."

9.3 2012-06-12 CVE-2012-1523

Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Center Element Remote Code Execution Vulnerability."

9.3 2012-04-10 CVE-2012-0172

Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Style Remote Code Execution Vulnerability."

9.3 2012-04-10 CVE-2012-0171

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "SelectAll Remote Code Execution Vulnerability."

9.3 2012-04-10 CVE-2012-0170

Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnReadyStateChange Remote Code Execution Vulnerability."

9.3 2012-04-10 CVE-2012-0169

Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "JScript9 Remote Code Execution Vulnerability."

7.6 2012-04-10 CVE-2012-0168

Microsoft Internet Explorer 6 through 9 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document that is not properly handled during a "Print table of links" print operation, aka "Print Feature Remote Code Execution Vulnerability."

5.8 2012-03-09 CVE-2012-1545

Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, allows remote attackers to bypass Protected Mode or cause a denial of service (memory corruption) by leveraging access to a Low integrity process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012.

9.3 2012-02-14 CVE-2012-0155

Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Remote Code Execution Vulnerability."

4.3 2012-02-14 CVE-2012-0012

Microsoft Internet Explorer 9 does not properly handle the creation and initialization of string objects, which allows remote attackers to read data from arbitrary process-memory locations via a crafted web site, aka "Null Byte Information Disclosure Vulnerability."

9.3 2012-02-14 CVE-2012-0011

Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "HTML Layout Remote Code Execution Vulnerability."

4.3 2012-02-14 CVE-2012-0010

Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which allows user-assisted remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Copy and Paste Information Disclosure Vulnerability."

CWE : Common Weakness Enumeration

%idName
28% (67) CWE-94 Failure to Control Generation of Code ('Code Injection')
15% (37) CWE-399 Resource Management Errors
13% (32) CWE-200 Information Exposure
12% (30) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
11% (26) CWE-20 Improper Input Validation
6% (16) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
5% (12) CWE-264 Permissions, Privileges, and Access Controls
2% (6) CWE-362 Race Condition
1% (3) CWE-310 Cryptographic Issues
0% (2) CWE-287 Improper Authentication
0% (2) CWE-16 Configuration
0% (1) CWE-189 Numeric Errors
0% (1) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...
0% (1) CWE-59 Improper Link Resolution Before File Access ('Link Following')

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-17 Accessing, Modifying or Executing Executable Files
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-30 Hijacking a Privileged Thread of Execution
CAPEC-35 Leverage Executable Code in Nonexecutable Files
CAPEC-41 Using Meta-characters in E-mail Headers to Inject Malicious Payloads
CAPEC-42 MIME Conversion
CAPEC-44 Overflow Binary Resource File
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-58 Restful Privilege Elevation
CAPEC-88 OS Command Injection
CAPEC-100 Overflow Buffers
CAPEC-133 Try All Common Application Switches and Options

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:920 IE Cached Content Command Execution Vulnerability
oval:org.mitre.oval:def:141 Microsoft Internet Explorer MIME Hack
oval:org.mitre.oval:def:1096 IE Web Page Spoofing Vulnerability
oval:org.mitre.oval:def:921 IE File Execution User-prompt Bypass Vulnerability
oval:org.mitre.oval:def:1014 IE File Download Dialog Deception Vulnerability
oval:org.mitre.oval:def:925 MS IE HTML Directive Buffer Overflow
oval:org.mitre.oval:def:77 IE v5.5 GetObject File Retrieval
oval:org.mitre.oval:def:50 IE v5.01 GetObject File Retrieval
oval:org.mitre.oval:def:40 IE v5.5,SP2 GetObject File Retrieval
oval:org.mitre.oval:def:17 IE GetObject Security Bypass
oval:org.mitre.oval:def:32 IE v6.0 Forced Script Execution
oval:org.mitre.oval:def:23 IE v5.5 Forced Script Execution
oval:org.mitre.oval:def:12 IE v5.5,SP2 Forced Script Execution
oval:org.mitre.oval:def:974 IE Frame Domain Verification Vulnerability
oval:org.mitre.oval:def:96 IE Cookie-based Script Execution
oval:org.mitre.oval:def:19 IE Cross-Site Scripting
oval:org.mitre.oval:def:923 Zone Spoofing through Malformed Web Page Vulnerability
oval:org.mitre.oval:def:99 IE v6.0 Content Disposition/Type Arbitrary Code Execution
oval:org.mitre.oval:def:27 IE v5.01 Content Disposition/Type Arbitrary Code Execution
oval:org.mitre.oval:def:98 Gopher Client Buffer Overflow
oval:org.mitre.oval:def:776 IE5.01,SP4 File Disclosure via Redirects Vulnerability
oval:org.mitre.oval:def:608 IE6 for Server 2003 File Disclosure via Redirects Vulnerability
oval:org.mitre.oval:def:1207 IE6,SP1 File Disclosure via Redirects Vulnerability
oval:org.mitre.oval:def:1148 IE6 Installed XP,SP2 File Disclosure via Redirects Vulnerability
oval:org.mitre.oval:def:1026 IE5.01,SP3 File Disclosure via Redirects Vulnerability

SAINT Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Description Link
Internet Explorer iepeers.dll use-after-free vulnerability More info here
Internet Explorer COL SPAN Heap Overflow More info here
Internet Explorer Same ID Property vulnerability More info here
Microsoft Internet Explorer Time Element Memory Corruption More info here
Internet Explorer inline content filename extension vulnerability More info here
Internet Explorer VML integer overflow More info here
Microsoft Speech API memory corruption More info here
Internet Explorer CSS clip attribute memory corruption More info here
Internet Explorer DOM modification memory corruption More info here
Internet Explorer onload window vulnerability More info here
Windows Task Scheduler buffer overflow More info here
Internet Explorer Content Advisor memory corruption More info here
Microsoft Internet Explorer layout-grid-char Style Property Use-After-Free Memory Corruption More info here
Internet Explorer Javaprxy.dll heap overflow More info here
Internet Explorer HTML+TIME element OuterText memory corruption More info here
Internet Explorer Tabular Data Control DataURL memory corruption More info here
Internet Explorer createTextRange memory corruption More info here
Internet Explorer IFRAME buffer overflow More info here
Internet Explorer WebViewFolderIcon setSlice integer overflow More info here
Internet Explorer COM object instantiation vulnerability More info here
Internet Explorer VML rect fill buffer overflow More info here
Internet Explorer isComponentInstalled buffer overflow More info here
Internet Explorer print preview argument validation vulnerability More info here
Windows IE7 URI Handler command execution through Firefox More info here
Internet Explorer tblinf32.dll ActiveX IObjectsafety vulnerability More info here

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
77675 Microsoft IE Content-Disposition Header Parsing Cross-Domain Remote Informati...
77674 Microsoft IE Path Subversion Arbitrary DLL Injection Code Execution
77673 Microsoft IE XSS Filter Event Parsing Cross-Domain Remote Information Disclosure
77606 Microsoft IE JavaScript Implementation getComputedStyle Method Page Handling ...
77537 Microsoft IE Cache Objects IFRAME Handling Browsing History Disclosure
76213 Microsoft IE Virtual Function Table Corruption mshtml.dll Extra Size Index Ha...
76212 Microsoft IE Use-after-free swapNode() Method Body Element Handling Remote Co...
76211 Microsoft IE Select Element Handling Uninitialised Object Access Remote Memor...
76210 Microsoft IE Jscript9.dll Uninitialised Object Access Remote Memory Corruption
76209 Microsoft IE Use-after-free OnLoad Event Handling Remote Code Execution
76208 Microsoft IE Use-after-free Type-Safety Weakness Option Element Handling Remo...
76207 Microsoft IE OLEAuto32.dll Uninitialised Object Access Remote Memory Corruption
76206 Microsoft IE Use-after-free Scroll Event Handling Remote Code Execution
75250 Microsoft IE Unspecified Remote Code Execution
75030 Microsoft msxml.dll xsltGenerateIdFunction Heap Memory Address Information Di...
74829 SSL Chained Initialization Vector CBC Mode MiTM Weakness
74619 MediaWiki URI Query String %2E Sequence XSS
74500 Microsoft IE STYLE Object Parsing Memory Corruption
74499 Microsoft IE SetViewSlave() Function XSLT Object Markup Reloading Memory Corr...
74498 Microsoft IE Shift JIS Character Sequence Parsing Cross-domain Remote Informa...
74497 Microsoft IE Event Handler Cross-domain Remote Information Disclosure
74496 Microsoft IE Protected Mode Bypass Arbitrary File Creation
74495 Microsoft IE window.open() Function Race Condition Memory Corruption
74494 Microsoft IE Crafted Link Telnet URI Handler Remote Program Execution
74450 Microsoft IE HTTPS Session HTTP Set-Cookie Header HSTS includeSubDomains Weak...

ExploitDB Exploits

id Description
35273 Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 5.1 Bypass ...
34815 Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 5.0 Bypass ...
33944 Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 4.1.X Bypass
24017 Internet Explorer 8 - Fixed Col Span ID Full ASLR & DEP Bypass
20174 Microsoft Internet Explorer Fixed Table Col Span Heap Overflow
19141 MS12-037 Internet Explorer Same ID Property Deleted Object Handling Memory Co...
18365 Microsoft Internet Explorer JavaScript OnLoad Handler Remote Code Execution V...
16590 Internet Explorer DHTML Behaviors Use After Free
15421 Internet Explorer 6, 7, 8 Memory Corruption 0day Exploit
15262 Microsoft Office HtmlDlgHelper Class Memory Corruption
12032 Microsoft Internet Explorer Tabular Data Control ActiveX Remote Code Execution
11683 Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta)
3652 MS Windows Animated Cursor (.ANI) Overflow Exploit (Hardware DEP)
3617 MS Windows Animated Cursor (.ANI) Stack Overflow Exploit

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-10-19 Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-16351
File : nvt/gb_fedora_2012_16351_java-1.6.0-openjdk_fc16.nasl
2012-10-19 Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-16351
File : nvt/gb_fedora_2012_16351_java-1.7.0-openjdk_fc16.nasl
2012-09-25 Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004)
File : nvt/gb_macosx_su12-004.nasl
2012-09-22 Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-13127
File : nvt/gb_fedora_2012_13127_java-1.6.0-openjdk_fc16.nasl
2012-09-04 Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-13138
File : nvt/gb_fedora_2012_13138_java-1.7.0-openjdk_fc16.nasl
2012-09-04 Name : Mandriva Update for fetchmail MDVSA-2012:149 (fetchmail)
File : nvt/gb_mandriva_MDVSA_2012_149.nasl
2012-08-30 Name : FreeBSD Ports: fetchmail
File : nvt/freebsd_fetchmail16.nasl
2012-08-30 Name : Fedora Update for python3 FEDORA-2012-5785
File : nvt/gb_fedora_2012_5785_python3_fc17.nasl
2012-08-30 Name : Fedora Update for python-docs FEDORA-2012-5892
File : nvt/gb_fedora_2012_5892_python-docs_fc17.nasl
2012-08-30 Name : Fedora Update for python FEDORA-2012-5892
File : nvt/gb_fedora_2012_5892_python_fc17.nasl
2012-08-03 Name : Mandriva Update for curl MDVSA-2012:058 (curl)
File : nvt/gb_mandriva_MDVSA_2012_058.nasl
2012-07-30 Name : CentOS Update for java CESA-2011:1380 centos5 x86_64
File : nvt/gb_CESA-2011_1380_java_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for firefox CESA-2012:1088 centos5
File : nvt/gb_CESA-2012_1088_firefox_centos5.nasl
2012-07-30 Name : CentOS Update for firefox CESA-2012:1088 centos6
File : nvt/gb_CESA-2012_1088_firefox_centos6.nasl
2012-07-30 Name : CentOS Update for thunderbird CESA-2012:1089 centos5
File : nvt/gb_CESA-2012_1089_thunderbird_centos5.nasl
2012-07-30 Name : CentOS Update for thunderbird CESA-2012:1089 centos6
File : nvt/gb_CESA-2012_1089_thunderbird_centos6.nasl
2012-07-19 Name : RedHat Update for firefox RHSA-2012:1088-01
File : nvt/gb_RHSA-2012_1088-01_firefox.nasl
2012-07-19 Name : RedHat Update for thunderbird RHSA-2012:1089-01
File : nvt/gb_RHSA-2012_1089-01_thunderbird.nasl
2012-06-22 Name : Fedora Update for python3 FEDORA-2012-9135
File : nvt/gb_fedora_2012_9135_python3_fc16.nasl
2012-06-22 Name : Mandriva Update for python MDVSA-2012:096 (python)
File : nvt/gb_mandriva_MDVSA_2012_096.nasl
2012-06-22 Name : Mandriva Update for python MDVSA-2012:097 (python)
File : nvt/gb_mandriva_MDVSA_2012_097.nasl
2012-06-19 Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-9541
File : nvt/gb_fedora_2012_9541_java-1.6.0-openjdk_fc15.nasl
2012-06-19 Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-9545
File : nvt/gb_fedora_2012_9545_java-1.6.0-openjdk_fc16.nasl
2012-06-19 Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-9593
File : nvt/gb_fedora_2012_9593_java-1.7.0-openjdk_fc16.nasl
2012-06-13 Name : Microsoft Internet Explorer Multiple Vulnerabilities (2699988)
File : nvt/secpod_ms12-037.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0158 Multiple Vulnerabilities in Oracle Java SE
Severity: Category I - VMSKEY: V0061089
2014-A-0030 Apple Mac OS X Security Update 2014-001
Severity: Category I - VMSKEY: V0044547
2013-A-0220 Multiple Vulnerabilities in Mozilla Products
Severity: Category I - VMSKEY: V0042380
2013-A-0199 Multiple Vulnerabilities in Oracle Fusion Middleware
Severity: Category I - VMSKEY: V0040786
2012-A-0048 Multiple Vulnerabilities in VMware vCenter Update Manager 5.0
Severity: Category I - VMSKEY: V0031901
2012-B-0006 Microsoft SSL/TLS Information Disclosure Vulnerability
Severity: Category I - VMSKEY: V0031054
2011-B-0115 Multiple Vulnerabilities in Microsoft Office SharePoint
Severity: Category II - VMSKEY: V0030239
2010-A-0029 Microsoft Windows Shell Handler Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0022683
2008-T-0053 WinZip gdiplus.dll Microsoft Module Unspecified Security Vulnerability
Severity: Category II - VMSKEY: V0017532
2007-A-0053 Windows URI Handling Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0015397
2007-A-0045 Microsoft Internet Explorer Vector Markup Language Remote Code Execution Vuln...
Severity: Category II - VMSKEY: V0014825
2006-A-0042 Vulnerability in Windows Explorer
Severity: Category I - VMSKEY: V0012782

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 Microsoft Windows Vector Markup Language recolorinfo tag numcolors parameter ...
RuleID : 9849 - Type : OS-WINDOWS - Revision : 18
2014-01-10 Microsoft Windows Vector Markup Language recolorinfo tag numfills parameter b...
RuleID : 9848 - Type : OS-WINDOWS - Revision : 14
2014-01-10 TriEditDocument.TriEditDocument ActiveX clsid unicode access
RuleID : 9822 - Type : WEB-ACTIVEX - Revision : 5
2014-01-10 TriEditDocument.TriEditDocument ActiveX clsid access
RuleID : 9821 - Type : BROWSER-PLUGINS - Revision : 11
2014-01-10 OWC11.DataSourceControl.11 ActiveX function call access
RuleID : 9820 - Type : BROWSER-PLUGINS - Revision : 12
2014-01-10 Outlook Recipient Control ActiveX function call access
RuleID : 9670 - Type : BROWSER-PLUGINS - Revision : 9
2014-01-10 Outlook Recipient Control ActiveX clsid unicode access
RuleID : 9669 - Type : WEB-ACTIVEX - Revision : 6
2014-01-10 Outlook Recipient Control ActiveX clsid access
RuleID : 9668 - Type : BROWSER-PLUGINS - Revision : 11
2014-01-10 javaprxy.dll ActiveX clsid unicode access
RuleID : 9628 - Type : WEB-ACTIVEX - Revision : 7
2014-01-10 Microsoft Internet Explorer DirectAnimation.DAArray.1 ActiveX function call a...
RuleID : 8845 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 DirectAnimation.DAArray.1 ActiveX CLSID unicode access
RuleID : 8844 - Type : WEB-ACTIVEX - Revision : 6
2014-01-10 Microsoft Internet Explorer DirectAnimation.DAArray.1 ActiveX clsid access
RuleID : 8843 - Type : BROWSER-PLUGINS - Revision : 16
2014-01-10 Microsoft Internet Explorer DirectAnimation.DABbox2.1 ActiveX function call a...
RuleID : 8842 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 DirectAnimation.DABbox2.1 ActiveX CLSID unicode access
RuleID : 8841 - Type : WEB-ACTIVEX - Revision : 6
2014-01-10 Microsoft Internet Explorer DirectAnimation.DABbox2.1 ActiveX clsid access
RuleID : 8840 - Type : BROWSER-PLUGINS - Revision : 16
2014-01-10 Microsoft Internet Explorer DirectAnimation.DABbox3.1 ActiveX function call a...
RuleID : 8839 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 DirectAnimation.DABbox3.1 ActiveX CLSID unicode access
RuleID : 8838 - Type : WEB-ACTIVEX - Revision : 6
2014-01-10 Microsoft Internet Explorer DirectAnimation.DABbox3.1 ActiveX clsid access
RuleID : 8837 - Type : BROWSER-PLUGINS - Revision : 16
2014-01-10 Microsoft Internet Explorer DirectAnimation.DABoolean.1 ActiveX function call...
RuleID : 8836 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 DirectAnimation.DABoolean.1 ActiveX CLSID unicode access
RuleID : 8835 - Type : WEB-ACTIVEX - Revision : 6
2014-01-10 Microsoft Internet Explorer DirectAnimation.DABoolean.1 ActiveX clsid access
RuleID : 8834 - Type : BROWSER-PLUGINS - Revision : 16
2014-01-10 Microsoft Internet Explorer DirectAnimation.DACamera.1 ActiveX function call ...
RuleID : 8833 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 DirectAnimation.DACamera.1 ActiveX CLSID unicode access
RuleID : 8832 - Type : WEB-ACTIVEX - Revision : 6
2014-01-10 Microsoft Internet Explorer DirectAnimation.DACamera.1 ActiveX clsid access
RuleID : 8831 - Type : BROWSER-PLUGINS - Revision : 16
2014-01-10 Microsoft Internet Explorer DirectAnimation.DAColor.1 ActiveX function call a...
RuleID : 8830 - Type : BROWSER-PLUGINS - Revision : 15

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2017-12-04 Name: The remote host is missing a vendor-supplied security patch.
File: check_point_gaia_sk106499.nasl - Type: ACT_GATHER_INFO
2017-05-08 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: itunes_12_6.nasl - Type: ACT_GATHER_INFO
2017-05-08 Name: An application running on the remote host is affected by multiple vulnerabili...
File: itunes_12_6_banner.nasl - Type: ACT_GATHER_INFO
2017-05-08 Name: The remote host contains an application that is affected by multiple vulnerab...
File: macos_itunes_12_6.nasl - Type: ACT_GATHER_INFO
2017-01-20 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201701-46.nasl - Type: ACT_GATHER_INFO
2016-10-06 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-3688.nasl - Type: ACT_GATHER_INFO
2016-09-27 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2016-2385-1.nasl - Type: ACT_GATHER_INFO
2016-09-09 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2016-1064.nasl - Type: ACT_GATHER_INFO
2016-09-02 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2016-2209-1.nasl - Type: ACT_GATHER_INFO
2016-08-29 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2016-1618-1.nasl - Type: ACT_GATHER_INFO
2016-07-25 Name: The remote web server is affected by multiple vulnerabilities.
File: oracle_http_server_cpu_jul_2016.nasl - Type: ACT_GATHER_INFO
2016-07-14 Name: A video conferencing application running on the remote host is affected by mu...
File: cisco_telepresence_vcs_multiple_880.nasl - Type: ACT_GATHER_INFO
2016-06-23 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa10727.nasl - Type: ACT_GATHER_INFO
2016-06-16 Name: The remote host is affected by a security feature bypass vulnerability.
File: ibm_storwize_cve_2015_2808.nasl - Type: ACT_GATHER_INFO
2016-06-08 Name: The remote Debian host is missing a security update.
File: debian_DLA-507.nasl - Type: ACT_GATHER_INFO
2016-06-01 Name: The remote device is affected by multiple vulnerabilities.
File: cisco_ace_A5_3_3.nasl - Type: ACT_GATHER_INFO
2016-05-31 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201605-06.nasl - Type: ACT_GATHER_INFO
2016-05-13 Name: A web application running on the remote host is affected by multiple vulnerab...
File: solarwinds_srm_profiler_6_2_3.nasl - Type: ACT_GATHER_INFO
2016-04-29 Name: The remote host is affected by multiple vulnerabilities.
File: hp_data_protector_hpsbgn03580.nasl - Type: ACT_GATHER_INFO
2016-03-24 Name: The remote web server is affected by multiple vulnerabilities.
File: hpsmh_7_5_4.nasl - Type: ACT_GATHER_INFO
2016-03-14 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201603-11.nasl - Type: ACT_GATHER_INFO
2016-03-10 Name: The remote AIX host has a version of OpenSSL installed that is affected by mu...
File: aix_openssl_advisory17.nasl - Type: ACT_GATHER_INFO
2016-03-03 Name: The remote VMware ESXi / ESX host is missing a security-related patch.
File: vmware_VMSA-2012-0005_remote.nasl - Type: ACT_GATHER_INFO
2016-02-29 Name: The remote AIX host is missing a vendor-supplied security patch.
File: aix_U867669.nasl - Type: ACT_GATHER_INFO
2016-02-18 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2016-218.nasl - Type: ACT_GATHER_INFO