This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2005-12-31
Product Ie Last view 2012-06-12
Version 7 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:microsoft:ie

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
4.3 2012-06-12 CVE-2012-1882

Microsoft Internet Explorer 6 through 9 does not block cross-domain scrolling events, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Scrolling Events Information Disclosure Vulnerability."

9.3 2012-06-12 CVE-2012-1880

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "insertRow Remote Code Execution Vulnerability."

9.3 2012-06-12 CVE-2012-1879

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access an undefined memory location, aka "insertAdjacentText Remote Code Execution Vulnerability."

9.3 2012-06-12 CVE-2012-1878

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnBeforeDeactivate Event Remote Code Execution Vulnerability."

9.3 2012-06-12 CVE-2012-1877

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Title Element Change Remote Code Execution Vulnerability."

9.3 2012-06-12 CVE-2012-1876

Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access a nonexistent object, leading to a heap-based buffer overflow, aka "Col Element Remote Code Execution Vulnerability," as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012.

4.3 2012-06-12 CVE-2012-1873

Microsoft Internet Explorer 7 through 9 does not properly create and initialize string data, which allows remote attackers to obtain sensitive information from process memory via a crafted HTML document, aka "Null Byte Information Disclosure Vulnerability."

4.3 2012-06-12 CVE-2012-1872

Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to inject arbitrary web script or HTML via crafted character sequences with EUC-JP encoding, aka "EUC-JP Character Encoding Vulnerability."

9.3 2012-06-12 CVE-2012-1523

Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Center Element Remote Code Execution Vulnerability."

9.3 2012-04-10 CVE-2012-0172

Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Style Remote Code Execution Vulnerability."

9.3 2012-04-10 CVE-2012-0171

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "SelectAll Remote Code Execution Vulnerability."

9.3 2012-04-10 CVE-2012-0170

Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnReadyStateChange Remote Code Execution Vulnerability."

7.6 2012-04-10 CVE-2012-0168

Microsoft Internet Explorer 6 through 9 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document that is not properly handled during a "Print table of links" print operation, aka "Print Feature Remote Code Execution Vulnerability."

9.3 2012-02-14 CVE-2012-0011

Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "HTML Layout Remote Code Execution Vulnerability."

4.3 2012-02-14 CVE-2012-0010

Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which allows user-assisted remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Copy and Paste Information Disclosure Vulnerability."

4.3 2011-12-13 CVE-2011-3404

Microsoft Internet Explorer 6 through 9 does not properly use the Content-Disposition HTTP header to control rendering of the HTTP response body, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Content-Disposition Information Disclosure Vulnerability."

5 2011-12-07 CVE-2011-4689

Microsoft Internet Explorer 6 through 9 does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code.

5 2011-12-07 CVE-2010-5071

The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method.

4.3 2011-12-07 CVE-2002-2435

The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264.

9.3 2011-10-11 CVE-2011-2001

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an attempted access to a virtual function table after corruption of this table has occurred, aka "Virtual Function Table Corruption Remote Code Execution Vulnerability."

9.3 2011-10-11 CVE-2011-2000

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Body Element Remote Code Execution Vulnerability."

9.3 2011-10-11 CVE-2011-1996

Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Option Element Remote Code Execution Vulnerability."

9.3 2011-10-11 CVE-2011-1995

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "OLEAuto32.dll Remote Code Execution Vulnerability."

9.3 2011-10-11 CVE-2011-1993

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Scroll Event Remote Code Execution Vulnerability."

9.3 2011-08-10 CVE-2011-1964

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Style Object Memory Corruption Vulnerability."

CWE : Common Weakness Enumeration

%idName
28% (32) CWE-94 Failure to Control Generation of Code ('Code Injection')
18% (21) CWE-399 Resource Management Errors
18% (21) CWE-200 Information Exposure
11% (13) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
8% (10) CWE-20 Improper Input Validation
3% (4) CWE-264 Permissions, Privileges, and Access Controls
2% (3) CWE-362 Race Condition
2% (3) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
1% (2) CWE-287 Improper Authentication
0% (1) CWE-189 Numeric Errors
0% (1) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...
0% (1) CWE-16 Configuration

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-42 MIME Conversion
CAPEC-44 Overflow Binary Resource File
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-100 Overflow Buffers

SAINT Exploits

Description Link
Internet Explorer iepeers.dll use-after-free vulnerability More info here
Internet Explorer COL SPAN Heap Overflow More info here
Microsoft Internet Explorer Time Element Memory Corruption More info here
Internet Explorer CSS clip attribute memory corruption More info here
Internet Explorer DOM modification memory corruption More info here
Internet Explorer HTML+TIME element OuterText memory corruption More info here
Internet Explorer print preview argument validation vulnerability More info here
Internet Explorer tblinf32.dll ActiveX IObjectsafety vulnerability More info here
Internet Explorer Telnet URI Insecure Loading More info here
Microsoft Internet Explorer CSS Import Use-After-Free Code Execution More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
77675 Microsoft IE Content-Disposition Header Parsing Cross-Domain Remote Informati...
77606 Microsoft IE JavaScript Implementation getComputedStyle Method Page Handling ...
77537 Microsoft IE Cache Objects IFRAME Handling Browsing History Disclosure
76213 Microsoft IE Virtual Function Table Corruption mshtml.dll Extra Size Index Ha...
76212 Microsoft IE Use-after-free swapNode() Method Body Element Handling Remote Co...
76208 Microsoft IE Use-after-free Type-Safety Weakness Option Element Handling Remo...
76207 Microsoft IE OLEAuto32.dll Uninitialised Object Access Remote Memory Corruption
76206 Microsoft IE Use-after-free Scroll Event Handling Remote Code Execution
74500 Microsoft IE STYLE Object Parsing Memory Corruption
74499 Microsoft IE SetViewSlave() Function XSLT Object Markup Reloading Memory Corr...
74498 Microsoft IE Shift JIS Character Sequence Parsing Cross-domain Remote Informa...
74497 Microsoft IE Event Handler Cross-domain Remote Information Disclosure
74495 Microsoft IE window.open() Function Race Condition Memory Corruption
74494 Microsoft IE Crafted Link Telnet URI Handler Remote Program Execution
74297 Bugzilla Patch Attachment Raw Unified Viewing Mode XSS
72954 Microsoft IE Vector Markup Language (VML) Object Handling Memory Corruption
72952 Microsoft IE CDL Protocol 302 HTTP Redirect Memory Corruption
72951 Microsoft IE selection.empty JavaScript Statement onclick Event Memory Corrup...
72949 Microsoft IE Drag and Drop Information Disclosure
72948 Microsoft IE Multiple JavaScript Modifications DOM Manipulation Memory Corrup...
72947 Microsoft IE Time Element Memory Corruption
72946 Microsoft IE Drag and Drop Memory Corruption
72944 Microsoft IE SafeHTML Function XSS
72942 Microsoft IE Link Properties Handling Memory Corruption
72724 Microsoft IE Cookie Jacking Account Authentication Bypass

ExploitDB Exploits

id Description
35273 Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 5.1 Bypass ...
34815 Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 5.0 Bypass ...
33944 Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 4.1.X Bypass
24017 Internet Explorer 8 - Fixed Col Span ID Full ASLR & DEP Bypass
20174 Microsoft Internet Explorer Fixed Table Col Span Heap Overflow
16590 Internet Explorer DHTML Behaviors Use After Free
15421 Internet Explorer 6, 7, 8 Memory Corruption 0day Exploit
15262 Microsoft Office HtmlDlgHelper Class Memory Corruption
11683 Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta)

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-06-13 Name : Microsoft Internet Explorer Multiple Vulnerabilities (2699988)
File : nvt/secpod_ms12-037.nasl
2012-04-11 Name : Microsoft Internet Explorer Multiple Vulnerabilities (2675157)
File : nvt/secpod_ms12-023.nasl
2012-04-02 Name : Fedora Update for bugzilla FEDORA-2011-10399
File : nvt/gb_fedora_2011_10399_bugzilla_fc16.nasl
2012-02-15 Name : Microsoft Internet Explorer Multiple Vulnerabilities (2647516)
File : nvt/secpod_ms12-010.nasl
2012-02-12 Name : Gentoo Security Advisory GLSA 201110-03 (bugzilla)
File : nvt/glsa_201110_03.nasl
2011-12-14 Name : Microsoft Internet Explorer Multiple Vulnerabilities (2618444)
File : nvt/secpod_ms11-099.nasl
2011-12-09 Name : Microsoft Internet Explorer Cache Objects History Information Disclosure Vuln...
File : nvt/gb_ms_ie_history_info_disc_vuln.nasl
2011-12-09 Name : Microsoft Internet Explorer Multiple Information Disclosure Vulnerabilities
File : nvt/gb_ms_ie_mult_info_disc_vuln.nasl
2011-10-16 Name : Debian Security Advisory DSA 2322-1 (bugzilla)
File : nvt/deb_2322_1.nasl
2011-10-12 Name : Microsoft Internet Explorer Multiple Vulnerabilities (2586448)
File : nvt/secpod_ms11-081.nasl
2011-09-21 Name : FreeBSD Ports: bugzilla
File : nvt/freebsd_bugzilla13.nasl
2011-09-14 Name : Microsoft SharePoint Multiple Privilege Escalation Vulnerabilities (2451858)
File : nvt/secpod_ms11-074.nasl
2011-08-24 Name : Fedora Update for bugzilla FEDORA-2011-10413
File : nvt/gb_fedora_2011_10413_bugzilla_fc14.nasl
2011-08-24 Name : Fedora Update for bugzilla FEDORA-2011-10426
File : nvt/gb_fedora_2011_10426_bugzilla_fc15.nasl
2011-08-22 Name : Bugzilla Multiple Security Vulnerabilities
File : nvt/gb_bugzilla_49042.nasl
2011-08-11 Name : Microsoft Internet Explorer Multiple Vulnerabilities (2559049)
File : nvt/secpod_ms11-057.nasl
2011-06-15 Name : Internet Explorer Vector Markup Language Remote Code Execution Vulnerability ...
File : nvt/secpod_ms11-052.nasl
2011-06-15 Name : Microsoft Internet Explorer Multiple Vulnerabilities (2530548)
File : nvt/secpod_ms11-050.nasl
2011-06-13 Name : Microsoft Internet Explorer Cookie Hijacking Vulnerability
File : nvt/gb_ms_ie_cookie_hijacking_vuln.nasl
2011-06-13 Name : Microsoft Internet Explorer Cookie Hijacking Vulnerability
File : nvt/gb_ms_ie9_cookie_hijacking_vuln.nasl
2011-04-13 Name : Microsoft Internet Explorer Multiple Vulnerabilities (2497640)
File : nvt/secpod_ms11-018.nasl
2011-02-09 Name : Microsoft Internet Explorer Multiple Vulnerabilities (2482017)
File : nvt/secpod_ms11-003.nasl
2011-02-01 Name : Microsoft Internet Explorer 'ReleaseInterface()' Remote Code Execution Vulner...
File : nvt/gb_ms_ie_releaseinterface_code_execution_vuln.nasl
2011-01-14 Name : Microsoft Internet Explorer mshtml.dll Remote Memory Corruption Vulnerability...
File : nvt/gb_ms07-069.nasl
2010-12-31 Name : Microsoft Internet Explorer 'CSS Import Rule' Use-after-free Vulnerability
File : nvt/secpod_ms_ie_use_after_free_dos_vuln.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2011-B-0115 Multiple Vulnerabilities in Microsoft Office SharePoint
Severity: Category II - VMSKEY: V0030239
2010-A-0029 Microsoft Windows Shell Handler Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0022683
2007-A-0045 Microsoft Internet Explorer Vector Markup Language Remote Code Execution Vuln...
Severity: Category II - VMSKEY: V0014825

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2020-04-16 Microsoft Internet Explorer center element dynamic manipulation attempt
RuleID : 53463 - Type : BROWSER-IE - Revision : 1
2020-04-16 Microsoft Internet Explorer center element dynamic manipulation attempt
RuleID : 53462 - Type : BROWSER-IE - Revision : 1
2020-04-16 Microsoft Internet Explorer center element dynamic manipulation attempt
RuleID : 53461 - Type : BROWSER-IE - Revision : 1
2020-04-16 Microsoft Internet Explorer center element dynamic manipulation attempt
RuleID : 53460 - Type : BROWSER-IE - Revision : 1
2020-04-16 Microsoft Internet Explorer center element dynamic manipulation attempt
RuleID : 53459 - Type : BROWSER-IE - Revision : 1
2019-06-22 Microsoft Internet Explorer redirect to cdl protocol attempt
RuleID : 50181 - Type : BROWSER-IE - Revision : 2
2017-10-03 Microsoft Windows Shell Handler remote code execution attempt
RuleID : 44218 - Type : OS-WINDOWS - Revision : 1
2017-10-03 Microsoft Windows Shell Handler remote code execution attempt
RuleID : 44217 - Type : OS-WINDOWS - Revision : 1
2017-10-03 Microsoft Windows Shell Handler remote code execution attempt
RuleID : 44216 - Type : OS-WINDOWS - Revision : 1
2017-09-28 Microsoft Internet Explorer span frontier parsing memory corruption attempt
RuleID : 44188 - Type : BROWSER-IE - Revision : 2
2017-09-26 Microsoft Internet Explorer onBeforeUnload address bar spoofing attempt
RuleID : 44081 - Type : BROWSER-IE - Revision : 1
2017-09-06 Microsoft Internet Explorer CTableLayout memory corruption attempt
RuleID : 43831 - Type : BROWSER-IE - Revision : 3
2017-09-06 Microsoft Internet Explorer CTableLayout memory corruption attempt
RuleID : 43830 - Type : BROWSER-IE - Revision : 3
2017-08-01 Microsoft Internet Explorer clone object memory corruption attempt
RuleID : 43398 - Type : BROWSER-IE - Revision : 1
2017-07-11 Microsoft Internet Explorer CStyleSheetRule array memory corruption attempt
RuleID : 43134 - Type : BROWSER-IE - Revision : 1
2014-01-10 Microsoft Internet Explorer htmlfile ActiveX object access attempt
RuleID : 4155 - Type : BROWSER-PLUGINS - Revision : 20
2016-08-31 Microsoft Internet Explorer 9 CTreeNode use after free attempt
RuleID : 39751 - Type : BROWSER-IE - Revision : 1
2016-08-31 Microsoft Internet Explorer 9 CTreeNode use after free attempt
RuleID : 39750 - Type : BROWSER-IE - Revision : 1
2016-08-31 Microsoft Internet Explorer 9 CTreeNode use after free attempt
RuleID : 39749 - Type : BROWSER-IE - Revision : 1
2016-08-31 Microsoft Internet Explorer 9 CTreeNode use after free attempt
RuleID : 39748 - Type : BROWSER-IE - Revision : 1
2016-07-13 Microsoft Internet Explorer use-after-free memory corruption attempt
RuleID : 39175 - Type : BROWSER-IE - Revision : 2
2016-07-13 Microsoft Internet Explorer iframe uninitialized memory corruption attempt
RuleID : 39174 - Type : BROWSER-IE - Revision : 1
2016-07-08 Microsoft Internet Explorer DOM object cache management memory corruption att...
RuleID : 39156 - Type : BROWSER-IE - Revision : 1
2016-07-08 Microsoft Internet Explorer DOM object cache management memory corruption att...
RuleID : 39155 - Type : BROWSER-IE - Revision : 1
2016-04-05 Microsoft Internet Explorer getBoundingClientRect incorrect rebalancing attempt
RuleID : 38014 - Type : BROWSER-IE - Revision : 1

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-06-13 Name: The remote host is affected by code execution vulnerabilities.
File: smb_nt_ms12-037.nasl - Type: ACT_GATHER_INFO
2012-04-11 Name: The remote host is affected by code execution vulnerabilities.
File: smb_nt_ms12-023.nasl - Type: ACT_GATHER_INFO
2012-02-14 Name: The remote host is affected by code execution and information disclosure vuln...
File: smb_nt_ms12-010.nasl - Type: ACT_GATHER_INFO
2011-12-13 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms11-099.nasl - Type: ACT_GATHER_INFO
2011-10-11 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-2322.nasl - Type: ACT_GATHER_INFO
2011-10-11 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201110-03.nasl - Type: ACT_GATHER_INFO
2011-10-11 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms11-081.nasl - Type: ACT_GATHER_INFO
2011-09-14 Name: The remote host is affected by multiple privilege escalation and information ...
File: smb_nt_ms11-074.nasl - Type: ACT_GATHER_INFO
2011-08-23 Name: The remote Fedora host is missing a security update.
File: fedora_2011-10399.nasl - Type: ACT_GATHER_INFO
2011-08-20 Name: The remote Fedora host is missing a security update.
File: fedora_2011-10413.nasl - Type: ACT_GATHER_INFO
2011-08-20 Name: The remote Fedora host is missing a security update.
File: fedora_2011-10426.nasl - Type: ACT_GATHER_INFO
2011-08-15 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_dc8741b9c5d511e08a8e00151735203a.nasl - Type: ACT_GATHER_INFO
2011-08-09 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms11-057.nasl - Type: ACT_GATHER_INFO
2011-06-15 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms11-052.nasl - Type: ACT_GATHER_INFO
2011-06-15 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms11-050.nasl - Type: ACT_GATHER_INFO
2011-04-13 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms11-018.nasl - Type: ACT_GATHER_INFO
2011-02-08 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms11-003.nasl - Type: ACT_GATHER_INFO
2011-01-20 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_kb2488013.nasl - Type: ACT_GATHER_INFO
2010-12-15 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms10-090.nasl - Type: ACT_GATHER_INFO
2010-10-13 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms10-071.nasl - Type: ACT_GATHER_INFO
2010-08-11 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms10-053.nasl - Type: ACT_GATHER_INFO
2010-06-09 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms10-035.nasl - Type: ACT_GATHER_INFO
2010-03-30 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms10-018.nasl - Type: ACT_GATHER_INFO
2010-02-09 Name: An API function on the remote host has a code execution vulnerability.
File: smb_nt_ms10-007.nasl - Type: ACT_GATHER_INFO
2009-12-08 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms09-072.nasl - Type: ACT_GATHER_INFO