This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2001-05-11
Product Ie Last view 2012-03-09
Version 6.0 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:microsoft:ie

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
5.8 2012-03-09 CVE-2012-1545

Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, allows remote attackers to bypass Protected Mode or cause a denial of service (memory corruption) by leveraging access to a Low integrity process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012.

5 2011-12-07 CVE-2010-5071

The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method.

4.3 2011-12-07 CVE-2002-2435

The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264.

4.3 2011-08-09 CVE-2011-2379

Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3, when Internet Explorer before 9 or Safari before 5.0.6 is used for Raw Unified mode, allows remote attackers to inject arbitrary web script or HTML via a crafted patch, related to content sniffing.

4.3 2011-06-03 CVE-2011-2383

Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: URL that redirects to a file: URL, as demonstrated by a Facebook game, related to a "cookiejacking" issue, aka "Drag and Drop Information Disclosure Vulnerability." NOTE: this vulnerability exists because of an incomplete fix in the Internet Explorer 9 release.

4.3 2011-06-03 CVE-2011-2382

Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file: URL, as demonstrated by a Facebook game, related to a "cookiejacking" issue.

4.3 2011-04-26 CVE-2011-1587

Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.4, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .html located before a ? (question mark) in a query string, in conjunction with a modified URI path that has a %2E sequence in place of the . (dot) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1578.

5 2010-03-26 CVE-2010-1127

Microsoft Internet Explorer 6 and 7 does not initialize certain data structures during execution of the createElement method, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code, as demonstrated by setting the (1) outerHTML or (2) value property of an object returned by createElement.

9.3 2010-01-22 CVE-2010-0248

Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability."

9.3 2010-01-22 CVE-2010-0247

Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."

9.3 2010-01-22 CVE-2010-0244

Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-2530 and CVE-2009-2531.

5 2009-11-16 CVE-2009-3943

Microsoft Internet Explorer 6 through 6.0.2900.2180 and 7 through 7.0.6000.16711 allows remote attackers to cause a denial of service (application hang) via a JavaScript loop that configures the home page by using the setHomePage method and a DHTML behavior property.

5 2009-09-18 CVE-2009-3267

Microsoft Internet Explorer 6 through 6.0.2900.2180, and 7.0.6000.16711, allows remote attackers to cause a denial of service (CPU consumption) via an automatically submitted form containing a KEYGEN element, a related issue to CVE-2009-1828.

5 2009-08-24 CVE-2009-2954

Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote attackers to cause a denial of service (CPU consumption and application hang) via JavaScript code with a long string value for the hash property (aka location.hash), a related issue to CVE-2008-5715.

5 2009-07-22 CVE-2009-2576

Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a long Unicode string argument to the write method, a related issue to CVE-2009-2479. NOTE: it was later reported that 7.0.6000.16473 and earlier are also affected.

5.8 2009-06-15 CVE-2009-2069

Microsoft Internet Explorer before 8 displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, and then sending the browser a crafted 502 response page upon a subsequent request.

5.8 2009-06-15 CVE-2009-2057

Microsoft Internet Explorer before 8 uses the HTTP Host header to determine the context of a document provided in a (1) 4xx or (2) 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampering" attack.

9.3 2008-05-18 CVE-2008-2281

Cross-zone scripting vulnerability in the Print Table of Links feature in Internet Explorer 6.0, 7.0, and 8.0b allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via an HTML document with a link containing JavaScript sequences, which are evaluated by a resource script when a user prints this document.

6.8 2007-12-11 CVE-2007-5347

Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via "unexpected method calls to HTML objects," aka "DHTML Object Memory Corruption Vulnerability."

6.8 2007-12-11 CVE-2007-5344

Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via a crafted website using Javascript that creates, modifies, deletes, and accesses document objects using the tags property, which triggers heap corruption, related to uninitialized or deleted objects, a different issue than CVE-2007-3902 and CVE-2007-3903, and a variant of "Uninitialized Memory Corruption Vulnerability."

6.8 2007-12-11 CVE-2007-3903

Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via uninitialized or deleted objects used in repeated calls to the (1) cloneNode or (2) nodeValue JavaScript function, a different issue than CVE-2007-3902 and CVE-2007-5344, a variant of "Uninitialized Memory Corruption Vulnerability."

9.3 2007-12-11 CVE-2007-3902

Use-after-free vulnerability in the CRecalcProperty function in mshtml.dll in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code by calling the setExpression method and then modifying the outerHTML property of an HTML element, one variant of "Uninitialized Memory Corruption Vulnerability."

7.5 2007-10-14 CVE-2007-5456

Microsoft Internet Explorer 7 and earlier allows remote attackers to bypass the "File Download - Security Warning" dialog box and download arbitrary .exe files by placing a '?' (question mark) followed by a non-.exe filename after the .exe filename, as demonstrated by (1) .txt, (2) .cda, (3) .log, (4) .dif, (5) .sol, (6) .htt, (7) .itpc, (8) .itms, (9) .dvr-ms, (10) .dib, (11) .asf, (12) .tif, and unspecified other extensions, a different issue than CVE-2004-1331. NOTE: this issue might not cross privilege boundaries, although it does bypass an intended protection mechanism.

4.3 2007-10-08 CVE-2007-5277

Microsoft Internet Explorer 6 drops DNS pins based on failed connections to irrelevant TCP ports, which makes it easier for remote attackers to conduct DNS rebinding attacks, as demonstrated by a port 81 URL in an IMG SRC, when the DNS pin had been established for a session on port 80, a different issue than CVE-2006-4560.

4.3 2007-10-01 CVE-2007-5158

The focus handling for the onkeydown event in Microsoft Internet Explorer 6.0 allows remote attackers to change field focus and copy keystrokes via a certain use of a JavaScript htmlFor attribute, as demonstrated by changing focus from a textarea to a file upload field, a related issue to CVE-2007-3511.

CWE : Common Weakness Enumeration

%idName
23% (10) CWE-94 Failure to Control Generation of Code ('Code Injection')
16% (7) CWE-20 Improper Input Validation
14% (6) CWE-399 Resource Management Errors
11% (5) CWE-264 Permissions, Privileges, and Access Controls
11% (5) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
4% (2) CWE-362 Race Condition
4% (2) CWE-287 Improper Authentication
4% (2) CWE-200 Information Exposure
4% (2) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
2% (1) CWE-189 Numeric Errors

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-17 Accessing, Modifying or Executing Executable Files
CAPEC-30 Hijacking a Privileged Thread of Execution
CAPEC-35 Leverage Executable Code in Nonexecutable Files
CAPEC-58 Restful Privilege Elevation

SAINT Exploits

Description Link
Internet Explorer inline content filename extension vulnerability More info here
Internet Explorer Content Advisor memory corruption More info here
Internet Explorer Javaprxy.dll heap overflow More info here
Internet Explorer createTextRange memory corruption More info here
Internet Explorer IFRAME buffer overflow More info here
Internet Explorer WebViewFolderIcon setSlice integer overflow More info here
Internet Explorer VML rect fill buffer overflow More info here
Internet Explorer isComponentInstalled buffer overflow More info here
Internet Explorer DHTML object vulnerability More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
77606 Microsoft IE JavaScript Implementation getComputedStyle Method Page Handling ...
74619 MediaWiki URI Query String %2E Sequence XSS
74297 Bugzilla Patch Attachment Raw Unified Viewing Mode XSS
72724 Microsoft IE Cookie Jacking Account Authentication Bypass
63324 Microsoft IE createElement Method Crafted JavaScript NULL Dereference DoS
61914 Microsoft IE Javascript Cloned DOM Object Handling Memory Corruption
61913 Microsoft IE HTML Object Handling Unspecified Memory Corruption
61910 Microsoft IE Table Layout Col Tag Cache Update Handling Memory Corruption
60295 Microsoft IE Image ICC Profile Tag Count Handling DoS
60294 Microsoft MSN Messenger Image ICC Profile Tag Count Handling DoS
60198 Microsoft IE DHTML Property setHomePage Method JavaScript Loop Remote DoS
58788 Microsoft IE Crafted File Extension Download Security Warning Bypass
58397 Microsoft IE Auto Form Submission KEYGEN Element Remote DoS
57506 Microsoft IE location.hash Javascript Handling Remote DoS
57113 Microsoft IE Extended HTML Form Non-HTTP Protocol XSS
56489 Microsoft IE Proxy Server CONNECT Response Cached Certificate Use MiTM HTTPS ...
56323 Microsoft IE Write Method Unicode String Argument Handling Remote DoS
55129 Microsoft IE HTTP Host Header Proxy Server CONNECT Response Document Context ...
46990 Microsoft Windows Explorer (explorer.exe) Unspecified WMF Handling DoS
45826 Microsoft IE Local Zone Saved File URI XSS
45814 Microsoft IE Arbitrary Website Zone Addition Domain Supression DoS
45525 Microsoft IE Failed Connection DNS Pin Dropping Rebinding Weakness
45441 Microsoft IE IObjectSafety CLSID_ApprenticeICW ActiveX Control COM Object Cre...
45437 Microsoft IE Location DOM Object Page Load Interruption Site/Certificate Spoo...
45260 Microsoft IE Malformed Table Element CSS Attribute Handling DoS

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-04-02 Name : Fedora Update for bugzilla FEDORA-2011-10399
File : nvt/gb_fedora_2011_10399_bugzilla_fc16.nasl
2012-03-15 Name : Microsoft Internet Explorer Code Execution and DoS Vulnerabilities
File : nvt/gb_ms_ie_code_exec_n_dos_vuln.nasl
2012-02-12 Name : Gentoo Security Advisory GLSA 201110-03 (bugzilla)
File : nvt/glsa_201110_03.nasl
2012-02-11 Name : Debian Security Advisory DSA 2366-1 (mediawiki)
File : nvt/deb_2366_1.nasl
2011-12-09 Name : Microsoft Internet Explorer Multiple Information Disclosure Vulnerabilities
File : nvt/gb_ms_ie_mult_info_disc_vuln.nasl
2011-10-16 Name : Debian Security Advisory DSA 2322-1 (bugzilla)
File : nvt/deb_2322_1.nasl
2011-09-21 Name : FreeBSD Ports: bugzilla
File : nvt/freebsd_bugzilla13.nasl
2011-08-24 Name : Fedora Update for bugzilla FEDORA-2011-10413
File : nvt/gb_fedora_2011_10413_bugzilla_fc14.nasl
2011-08-24 Name : Fedora Update for bugzilla FEDORA-2011-10426
File : nvt/gb_fedora_2011_10426_bugzilla_fc15.nasl
2011-08-22 Name : Bugzilla Multiple Security Vulnerabilities
File : nvt/gb_bugzilla_49042.nasl
2011-08-11 Name : Microsoft Internet Explorer Multiple Vulnerabilities (2559049)
File : nvt/secpod_ms11-057.nasl
2011-06-13 Name : Microsoft Internet Explorer Cookie Hijacking Vulnerability
File : nvt/gb_ms_ie9_cookie_hijacking_vuln.nasl
2011-06-13 Name : Microsoft Internet Explorer Cookie Hijacking Vulnerability
File : nvt/gb_ms_ie_cookie_hijacking_vuln.nasl
2011-01-14 Name : Microsoft Internet Explorer mshtml.dll Remote Memory Corruption Vulnerability...
File : nvt/gb_ms07-069.nasl
2010-07-08 Name : Cumulative Security Update for Internet Explorer (928090)
File : nvt/ms07-016.nasl
2010-07-08 Name : Cumulative Security Update for Internet Explorer (931768)
File : nvt/ms07-027.nasl
2010-03-30 Name : Microsoft Internet Explorer Denial of Service Vulnerability - Mar10
File : nvt/secpod_ms_ie_dos_vuln_mar10.nasl
2010-01-22 Name : Microsoft Internet Explorer Multiple Vulnerabilities (978207)
File : nvt/secpod_ms10-002.nasl
2009-11-20 Name : Microsoft Internet Denial Of Service Vulnerability - Nov09
File : nvt/secpod_ms_ie_dos_vuln_nov09.nasl
2009-09-22 Name : Internet Explorer 'KEYGEN' Element Denial Of Service Vulnerability
File : nvt/secpod_ms_ie_keygen_dos_vuln.nasl
2009-08-26 Name : Microsoft Internet Explorer 'location.hash' DOS Vulnerability
File : nvt/secpod_ms_ie_location_hash_dos_vuln.nasl
2009-07-23 Name : Microsoft Internet Explorer Unicode String DoS Vulnerability
File : nvt/secpod_ms_ie_unicode_str_dos_vuln.nasl
2009-06-17 Name : Microsoft Internet Explorer Web Script Execution Vulnerabilites
File : nvt/secpod_ms_ie_web_script_exec_vuln_jun09.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200507-14 (mozilla)
File : nvt/glsa_200507_14.nasl
2008-01-17 Name : Debian Security Advisory DSA 686-1 (gftp)
File : nvt/deb_686_1.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2006-A-0042 Vulnerability in Windows Explorer
Severity: Category I - VMSKEY: V0012782

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 TriEditDocument.TriEditDocument ActiveX clsid unicode access
RuleID : 9822 - Type : WEB-ACTIVEX - Revision : 5
2014-01-10 TriEditDocument.TriEditDocument ActiveX clsid access
RuleID : 9821 - Type : BROWSER-PLUGINS - Revision : 11
2014-01-10 OWC11.DataSourceControl.11 ActiveX function call access
RuleID : 9820 - Type : BROWSER-PLUGINS - Revision : 12
2014-01-10 javaprxy.dll ActiveX clsid unicode access
RuleID : 9628 - Type : WEB-ACTIVEX - Revision : 7
2014-01-10 Microsoft Office Data Source Control 11.0 ActiveX clsid unicode access
RuleID : 8724 - Type : WEB-ACTIVEX - Revision : 7
2014-01-10 Microsoft Office Data Source Control 11.0 ActiveX clsid access
RuleID : 8723 - Type : BROWSER-PLUGINS - Revision : 17
2014-01-10 DXImageTransform.Microsoft.NDFXArtEffects ActiveX function call access
RuleID : 8425 - Type : BROWSER-PLUGINS - Revision : 13
2014-01-10 Microsoft Windows Explorer WebViewFolderIcon.WebViewFolderIcon.1 ActiveX func...
RuleID : 8419 - Type : BROWSER-PLUGINS - Revision : 19
2014-01-10 TriEditDocument.TriEditDocument ActiveX function call access
RuleID : 8417 - Type : BROWSER-PLUGINS - Revision : 12
2014-01-10 Microsoft Windows Vector Markup Language fill method overflow attempt
RuleID : 8416 - Type : OS-WINDOWS - Revision : 20
2014-01-10 Windows Scripting Host Shell ActiveX CLSID unicode access
RuleID : 8067 - Type : WEB-ACTIVEX - Revision : 8
2014-01-10 Microsoft Windows Scripting Host Shell ActiveX clsid access
RuleID : 8066 - Type : BROWSER-PLUGINS - Revision : 16
2014-01-10 Microsoft Internet Explorer ADODB.Stream ActiveX function call access
RuleID : 8063 - Type : BROWSER-PLUGINS - Revision : 19
2014-01-10 ADODB.Stream ActiveX CLSID unicode access
RuleID : 8062 - Type : WEB-ACTIVEX - Revision : 7
2014-01-10 WebViewFolderIcon.WebViewFolderIcon.1 ActiveX CLSID unicode access
RuleID : 7986 - Type : WEB-ACTIVEX - Revision : 9
2014-01-10 Microsoft Windows Explorer WebViewFolderIcon.WebViewFolderIcon.1 ActiveX clsi...
RuleID : 7985 - Type : BROWSER-PLUGINS - Revision : 18
2014-01-10 DXImageTransform.Microsoft.NDFXArtEffects ActiveX CLSID unicode access
RuleID : 7915 - Type : WEB-ACTIVEX - Revision : 7
2014-01-10 DXImageTransform.Microsoft.NDFXArtEffects ActiveX clsid access
RuleID : 7914 - Type : BROWSER-PLUGINS - Revision : 13
2014-01-10 WM VIH2 Fix ActiveX CLSID unicode access
RuleID : 7501 - Type : WEB-ACTIVEX - Revision : 6
2014-01-10 Microsoft Internet Explorer WM VIH2 Fix ActiveX clsid access
RuleID : 7500 - Type : BROWSER-PLUGINS - Revision : 14
2014-01-10 WM TV Out Smooth Picture Filter ActiveX CLSID unicode access
RuleID : 7499 - Type : WEB-ACTIVEX - Revision : 6
2014-01-10 Microsoft Internet Explorer WM TV Out Smooth Picture Filter ActiveX clsid access
RuleID : 7498 - Type : BROWSER-PLUGINS - Revision : 14
2014-01-10 WMT Volume ActiveX CLSID unicode access
RuleID : 7497 - Type : WEB-ACTIVEX - Revision : 6
2014-01-10 Microsoft Internet Explorer WMT Volume ActiveX clsid access
RuleID : 7496 - Type : BROWSER-PLUGINS - Revision : 14
2014-01-10 WMT Virtual Source ActiveX CLSID unicode access
RuleID : 7495 - Type : WEB-ACTIVEX - Revision : 6

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-01-12 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-2366.nasl - Type: ACT_GATHER_INFO
2011-10-11 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-2322.nasl - Type: ACT_GATHER_INFO
2011-10-11 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201110-03.nasl - Type: ACT_GATHER_INFO
2011-08-23 Name: The remote Fedora host is missing a security update.
File: fedora_2011-10399.nasl - Type: ACT_GATHER_INFO
2011-08-20 Name: The remote Fedora host is missing a security update.
File: fedora_2011-10426.nasl - Type: ACT_GATHER_INFO
2011-08-20 Name: The remote Fedora host is missing a security update.
File: fedora_2011-10413.nasl - Type: ACT_GATHER_INFO
2011-08-15 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_dc8741b9c5d511e08a8e00151735203a.nasl - Type: ACT_GATHER_INFO
2011-08-09 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms11-057.nasl - Type: ACT_GATHER_INFO
2011-04-15 Name: The remote web server hosts a version of MediaWiki that is affected by a cros...
File: mediawiki_1_16_4.nasl - Type: ACT_ATTACK
2009-01-21 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms10-002.nasl - Type: ACT_GATHER_INFO
2007-12-11 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms07-069.nasl - Type: ACT_GATHER_INFO
2007-10-09 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms07-057.nasl - Type: ACT_GATHER_INFO
2007-05-08 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms07-027.nasl - Type: ACT_GATHER_INFO
2007-02-13 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms07-016.nasl - Type: ACT_GATHER_INFO
2006-10-10 Name: Arbitrary code can be executed on the remote host through the web or email cl...
File: smb_nt_ms06-057.nasl - Type: ACT_GATHER_INFO
2006-09-26 Name: Arbitrary code can be executed on the remote host through the email client or...
File: smb_nt_ms06-055.nasl - Type: ACT_GATHER_INFO
2006-08-08 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms06-042.nasl - Type: ACT_GATHER_INFO
2006-08-08 Name: Arbitrary code can be executed on the remote host through the email client.
File: smb_nt_ms06-043.nasl - Type: ACT_GATHER_INFO
2006-08-08 Name: Arbitrary code can be executed on the remote host through the web or email cl...
File: smb_nt_ms06-045.nasl - Type: ACT_GATHER_INFO
2006-08-08 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms06-046.nasl - Type: ACT_GATHER_INFO
2006-06-13 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms06-022.nasl - Type: ACT_GATHER_INFO
2006-06-13 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms06-021.nasl - Type: ACT_GATHER_INFO
2006-04-11 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms06-013.nasl - Type: ACT_GATHER_INFO
2005-12-13 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms05-054.nasl - Type: ACT_GATHER_INFO
2005-10-05 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-128.nasl - Type: ACT_GATHER_INFO