This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 1999-12-08
Product Internet Explorer Last view 2013-06-28
Version 5.01 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:microsoft:internet_explorer

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
4.3 2013-06-28 CVE-2013-3649

Cross-site scripting (XSS) vulnerability in KENT-WEB CLIP-MAIL before 3.4, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an unspecified form field.

4.3 2013-06-28 CVE-2013-3648

Cross-site scripting (XSS) vulnerability in KENT-WEB POST-MAIL before 6.7, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an unspecified form field.

5 2011-12-07 CVE-2010-5071

The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method.

4.3 2011-12-07 CVE-2002-2435

The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264.

4.3 2011-08-09 CVE-2011-2379

Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3, when Internet Explorer before 9 or Safari before 5.0.6 is used for Raw Unified mode, allows remote attackers to inject arbitrary web script or HTML via a crafted patch, related to content sniffing.

4.3 2011-06-03 CVE-2011-2383

Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: URL that redirects to a file: URL, as demonstrated by a Facebook game, related to a "cookiejacking" issue, aka "Drag and Drop Information Disclosure Vulnerability." NOTE: this vulnerability exists because of an incomplete fix in the Internet Explorer 9 release.

4.3 2011-06-03 CVE-2011-2382

Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file: URL, as demonstrated by a Facebook game, related to a "cookiejacking" issue.

4.3 2011-05-23 CVE-2011-1765

Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.5, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .shtml at the end of the query string, in conjunction with a modified URI path that has a %2E sequence in place of the . (dot) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1578 and CVE-2011-1587.

4.3 2011-04-26 CVE-2011-1587

Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.4, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .html located before a ? (question mark) in a query string, in conjunction with a modified URI path that has a %2E sequence in place of the . (dot) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1578.

4.3 2011-04-26 CVE-2011-1578

Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.3, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .html at the end of the query string, in conjunction with a modified URI path that has a %2E sequence in place of the . (dot) character.

5 2009-08-24 CVE-2009-2954

Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote attackers to cause a denial of service (CPU consumption and application hang) via JavaScript code with a long string value for the hash property (aka location.hash), a related issue to CVE-2008-5715.

5 2009-07-22 CVE-2009-2576

Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a long Unicode string argument to the write method, a related issue to CVE-2009-2479. NOTE: it was later reported that 7.0.6000.16473 and earlier are also affected.

4.3 2009-07-20 CVE-2009-2536

Microsoft Internet Explorer 5 through 8 allows remote attackers to cause a denial of service (memory consumption and application crash) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.

5.8 2009-06-15 CVE-2009-2069

Microsoft Internet Explorer before 8 displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, and then sending the browser a crafted 502 response page upon a subsequent request.

6.8 2009-06-15 CVE-2009-2064

Microsoft Internet Explorer 8, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related to "HTTP-Intended-but-HTTPS-Loadable (HPIHSL) pages."

5.8 2009-06-15 CVE-2009-2057

Microsoft Internet Explorer before 8 uses the HTTP Host header to determine the context of a document provided in a (1) 4xx or (2) 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampering" attack.

9.3 2009-06-10 CVE-2009-1530

Use-after-free vulnerability in Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code by repeatedly adding HTML document nodes and calling event handlers, which triggers an access of an object that (1) was not properly initialized or (2) is deleted, aka "HTML Objects Memory Corruption Vulnerability."

9.3 2009-06-10 CVE-2009-1529

Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by calling the setCapture method on a collection of crafted objects, aka "Uninitialized Memory Corruption Vulnerability."

9.3 2008-12-11 CVE-2008-4844

Use-after-free vulnerability in the CRecordInstance::TransferToDestination function in mshtml.dll in Microsoft Internet Explorer 5.01, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via DSO bindings involving (1) an XML Island, (2) XML DSOs, or (3) Tabular Data Control (TDC) in a crafted HTML or XML document, as demonstrated by nested SPAN or MARQUEE elements, and exploited in the wild in December 2008.

9.3 2008-08-13 CVE-2008-2258

Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to a document object "appended in a specific order" with "particular functions ... performed on" document objects, aka "HTML Objects Memory Corruption Vulnerability" or "Table Layout Memory Corruption Vulnerability," a different vulnerability than CVE-2008-2257.

9.3 2008-08-13 CVE-2008-2257

Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to a document object "appended in a specific order," aka "HTML Objects Memory Corruption Vulnerability" or "XHTML Rendering Memory Corruption Vulnerability," a different vulnerability than CVE-2008-2258.

9.3 2008-08-13 CVE-2008-2256

Microsoft Internet Explorer 5.01, 6, and 7 does not properly handle objects that have been incorrectly initialized or deleted, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, aka "Uninitialized Memory Corruption Vulnerability."

9.3 2008-08-13 CVE-2008-2255

Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, a different vulnerability than CVE-2008-2254, aka "HTML Object Memory Corruption Vulnerability."

6.8 2007-12-11 CVE-2007-5347

Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via "unexpected method calls to HTML objects," aka "DHTML Object Memory Corruption Vulnerability."

6.8 2007-12-11 CVE-2007-5344

Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via a crafted website using Javascript that creates, modifies, deletes, and accesses document objects using the tags property, which triggers heap corruption, related to uninitialized or deleted objects, a different issue than CVE-2007-3902 and CVE-2007-3903, and a variant of "Uninitialized Memory Corruption Vulnerability."

CWE : Common Weakness Enumeration

%idName
28% (10) CWE-399 Resource Management Errors
20% (7) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
11% (4) CWE-20 Improper Input Validation
8% (3) CWE-287 Improper Authentication
5% (2) CWE-200 Information Exposure
5% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
5% (2) CWE-94 Failure to Control Generation of Code ('Code Injection')
2% (1) CWE-362 Race Condition
2% (1) CWE-264 Permissions, Privileges, and Access Controls
2% (1) CWE-189 Numeric Errors
2% (1) CWE-59 Improper Link Resolution Before File Access ('Link Following')
2% (1) CWE-16 Configuration

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-41 Using Meta-characters in E-mail Headers to Inject Malicious Payloads
CAPEC-58 Restful Privilege Elevation
CAPEC-88 OS Command Injection
CAPEC-133 Try All Common Application Switches and Options

SAINT Exploits

Description Link
Internet Explorer Content Advisor memory corruption More info here
Internet Explorer COM object instantiation vulnerability More info here
Internet Explorer tblinf32.dll ActiveX IObjectsafety vulnerability More info here
Internet Explorer XML data binding memory corruption More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
77606 Microsoft IE JavaScript Implementation getComputedStyle Method Page Handling ...
74619 MediaWiki URI Query String %2E Sequence XSS
74297 Bugzilla Patch Attachment Raw Unified Viewing Mode XSS
72724 Microsoft IE Cookie Jacking Account Authentication Bypass
59501 Microsoft IE MSScriptControl.ScriptControl / GetObject Frame Domain Validatio...
58788 Microsoft IE Crafted File Extension Download Security Warning Bypass
57506 Microsoft IE location.hash Javascript Handling Remote DoS
57113 Microsoft IE Extended HTML Form Non-HTTP Protocol XSS
56489 Microsoft IE Proxy Server CONNECT Response Cached Certificate Use MiTM HTTPS ...
56485 Microsoft IE iFrame HTTP / HTTPS Content Detection Weakness
56323 Microsoft IE Write Method Unicode String Argument Handling Remote DoS
56254 Microsoft IE Select Object Length Property Handling Memory Consumption DoS
55129 Microsoft IE HTTP Host Header Proxy Server CONNECT Response Document Context ...
54949 Microsoft IE Crafted HTML Document Node Addition Event Handler Memory Corruption
54948 Microsoft IE setCapture Function Object Handling Uninitialized Memory Corruption
50622 Microsoft IE mshtml.dll XSML Nested SPAN Element Handling Unspecified Arbitra...
47418 Microsoft IE HTML Object Unspecified Memory Corruption
47417 Microsoft IE Object Handling Uninitialized Memory Corruption
47416 Microsoft IE HTML Document Objects Handling Memory Corruption
47415 Microsoft IE HTML Document Object Handling Memory Corruption
45441 Microsoft IE IObjectSafety CLSID_ApprenticeICW ActiveX Control COM Object Cre...
45260 Microsoft IE Malformed Table Element CSS Attribute Handling DoS
43521 Microsoft IE CSS :visited Attribute Browser History Disclosure
41468 Microsoft FoxPro ActiveX Web Page Parsing Unspecified Memory Corruption
41041 Microsoft IE Mouse Click self.resizeTo DoS

ExploitDB Exploits

id Description
3652 MS Windows Animated Cursor (.ANI) Overflow Exploit (Hardware DEP)
3617 MS Windows Animated Cursor (.ANI) Stack Overflow Exploit

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-04-02 Name : Fedora Update for bugzilla FEDORA-2011-10399
File : nvt/gb_fedora_2011_10399_bugzilla_fc16.nasl
2012-02-12 Name : Gentoo Security Advisory GLSA 201110-03 (bugzilla)
File : nvt/glsa_201110_03.nasl
2012-02-11 Name : Debian Security Advisory DSA 2366-1 (mediawiki)
File : nvt/deb_2366_1.nasl
2011-12-09 Name : Microsoft Internet Explorer Multiple Information Disclosure Vulnerabilities
File : nvt/gb_ms_ie_mult_info_disc_vuln.nasl
2011-10-16 Name : Debian Security Advisory DSA 2322-1 (bugzilla)
File : nvt/deb_2322_1.nasl
2011-09-21 Name : FreeBSD Ports: bugzilla
File : nvt/freebsd_bugzilla13.nasl
2011-08-24 Name : Fedora Update for bugzilla FEDORA-2011-10413
File : nvt/gb_fedora_2011_10413_bugzilla_fc14.nasl
2011-08-24 Name : Fedora Update for bugzilla FEDORA-2011-10426
File : nvt/gb_fedora_2011_10426_bugzilla_fc15.nasl
2011-08-22 Name : Bugzilla Multiple Security Vulnerabilities
File : nvt/gb_bugzilla_49042.nasl
2011-08-11 Name : Microsoft Internet Explorer Multiple Vulnerabilities (2559049)
File : nvt/secpod_ms11-057.nasl
2011-06-13 Name : Microsoft Internet Explorer Cookie Hijacking Vulnerability
File : nvt/gb_ms_ie9_cookie_hijacking_vuln.nasl
2011-06-13 Name : Microsoft Internet Explorer Cookie Hijacking Vulnerability
File : nvt/gb_ms_ie_cookie_hijacking_vuln.nasl
2011-06-02 Name : MediaWiki Cross-Site Scripting Vulnerability
File : nvt/secpod_mediawiki_xss_vuln.nasl
2011-05-23 Name : Fedora Update for mediawiki FEDORA-2011-6774
File : nvt/gb_fedora_2011_6774_mediawiki_fc14.nasl
2011-05-23 Name : Fedora Update for mediawiki FEDORA-2011-6775
File : nvt/gb_fedora_2011_6775_mediawiki_fc13.nasl
2011-05-05 Name : Fedora Update for mediawiki FEDORA-2011-5807
File : nvt/gb_fedora_2011_5807_mediawiki_fc13.nasl
2011-05-05 Name : Fedora Update for mediawiki FEDORA-2011-5812
File : nvt/gb_fedora_2011_5812_mediawiki_fc14.nasl
2011-01-14 Name : Microsoft Internet Explorer mshtml.dll Remote Memory Corruption Vulnerability...
File : nvt/gb_ms07-069.nasl
2010-07-08 Name : Microsoft Windows Vector Markup Language Buffer Overflow (938127)
File : nvt/ms07-050.nasl
2010-07-08 Name : Cumulative Security Update for Internet Explorer (937143)
File : nvt/ms07-045.nasl
2009-08-26 Name : Microsoft Internet Explorer 'location.hash' DOS Vulnerability
File : nvt/secpod_ms_ie_location_hash_dos_vuln.nasl
2009-07-23 Name : Microsoft Internet Explorer Unicode String DoS Vulnerability
File : nvt/secpod_ms_ie_unicode_str_dos_vuln.nasl
2009-07-22 Name : Microsoft Internet Explorer Denial Of Service Vulnerability - July09
File : nvt/gb_ms_ie_dos_vuln_jul09.nasl
2009-06-17 Name : Microsoft Internet Explorer Web Script Execution Vulnerabilites
File : nvt/secpod_ms_ie_web_script_exec_vuln_jun09.nasl
2009-06-10 Name : Cumulative Security Update for Internet Explorer (969897)
File : nvt/secpod_ms09-019.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2008-A-0090 Microsoft Internet Explorer Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0017935
2007-A-0045 Microsoft Internet Explorer Vector Markup Language Remote Code Execution Vuln...
Severity: Category II - VMSKEY: V0014825

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 Microsoft Internet Explorer Swedish_Default Stemmer ActiveX clsid access
RuleID : 9478 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 Microsoft Internet Explorer VFW Capture Class Manager ActiveX clsid access
RuleID : 860 - Type : BROWSER-PLUGINS - Revision : 13
2014-02-08 Microsoft Internet Explorer syncui.dll ActiveX clsid access
RuleID : 85 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 Microsoft Internet Explorer ADODB.Stream ActiveX function call access
RuleID : 8063 - Type : BROWSER-PLUGINS - Revision : 19
2014-01-10 ADODB.Stream ActiveX CLSID unicode access
RuleID : 8062 - Type : WEB-ACTIVEX - Revision : 7
2014-01-10 WDM Instance Provider ActiveX CLSID unicode access
RuleID : 8052 - Type : WEB-ACTIVEX - Revision : 6
2014-01-10 Microsoft Internet Explorer WDM Instance Provider ActiveX clsid access
RuleID : 8051 - Type : BROWSER-PLUGINS - Revision : 13
2014-01-10 WaveOut and DSound Class Manager ActiveX CLSID unicode access
RuleID : 8050 - Type : WEB-ACTIVEX - Revision : 6
2014-01-10 Microsoft Internet Explorer WaveOut and DSound Class Manager ActiveX clsid ac...
RuleID : 8049 - Type : BROWSER-PLUGINS - Revision : 13
2014-01-10 WaveIn Class Manager ActiveX CLSID unicode access
RuleID : 8048 - Type : WEB-ACTIVEX - Revision : 6
2014-01-10 Video Effect Class Manager 2 Input ActiveX CLSID unicode access
RuleID : 8046 - Type : WEB-ACTIVEX - Revision : 6
2014-01-10 Microsoft Internet Explorer Video Effect Class Manager 2 Input ActiveX clsid ...
RuleID : 8045 - Type : BROWSER-PLUGINS - Revision : 13
2014-01-10 Video Effect Class Manager 1 Input ActiveX CLSID unicode access
RuleID : 8044 - Type : WEB-ACTIVEX - Revision : 6
2014-01-10 Microsoft Internet Explorer Video Effect Class Manager 1 Input ActiveX clsid ...
RuleID : 8043 - Type : BROWSER-PLUGINS - Revision : 13
2014-01-10 VFW Capture Class Manager ActiveX CLSID unicode access
RuleID : 8042 - Type : WEB-ACTIVEX - Revision : 6
2014-01-10 syncui.dll ActiveX CLSID unicode access
RuleID : 8040 - Type : WEB-ACTIVEX - Revision : 6
2014-01-10 Swedish_Default Stemmer ActiveX CLSID unicode access
RuleID : 8038 - Type : WEB-ACTIVEX - Revision : 8
2014-01-10 Spanish_Modern Stemmer ActiveX CLSID unicode access
RuleID : 8036 - Type : WEB-ACTIVEX - Revision : 8
2014-01-10 Microsoft Internet Explorer Spanish_Modern Stemmer ActiveX clsid access
RuleID : 8035 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 QC.MessageMover.1 ActiveX CLSID unicode access
RuleID : 8034 - Type : WEB-ACTIVEX - Revision : 8
2014-01-10 Microsoft Internet Explorer QC.MessageMover.1 ActiveX clsid access
RuleID : 8033 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 Mslablti.MarshalableTI.1 ActiveX CLSID unicode access
RuleID : 8032 - Type : WEB-ACTIVEX - Revision : 8
2014-01-10 MidiOut Class Manager ActiveX CLSID unicode access
RuleID : 8030 - Type : WEB-ACTIVEX - Revision : 8
2014-01-10 Microsoft WBEM Event Subsystem ActiveX CLSID unicode access
RuleID : 8028 - Type : WEB-ACTIVEX - Revision : 6
2014-01-10 Microsoft HTML Window Security Proxy ActiveX CLSID unicode access
RuleID : 8026 - Type : WEB-ACTIVEX - Revision : 6

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-01-12 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-2366.nasl - Type: ACT_GATHER_INFO
2011-10-11 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-2322.nasl - Type: ACT_GATHER_INFO
2011-10-11 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201110-03.nasl - Type: ACT_GATHER_INFO
2011-08-23 Name: The remote Fedora host is missing a security update.
File: fedora_2011-10399.nasl - Type: ACT_GATHER_INFO
2011-08-20 Name: The remote Fedora host is missing a security update.
File: fedora_2011-10413.nasl - Type: ACT_GATHER_INFO
2011-08-20 Name: The remote Fedora host is missing a security update.
File: fedora_2011-10426.nasl - Type: ACT_GATHER_INFO
2011-08-15 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_dc8741b9c5d511e08a8e00151735203a.nasl - Type: ACT_GATHER_INFO
2011-08-09 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms11-057.nasl - Type: ACT_GATHER_INFO
2011-05-23 Name: The remote Fedora host is missing a security update.
File: fedora_2011-6774.nasl - Type: ACT_GATHER_INFO
2011-05-23 Name: The remote Fedora host is missing a security update.
File: fedora_2011-6775.nasl - Type: ACT_GATHER_INFO
2011-05-19 Name: The remote Fedora host is missing a security update.
File: fedora_2011-6781.nasl - Type: ACT_GATHER_INFO
2011-05-02 Name: The remote Fedora host is missing a security update.
File: fedora_2011-5812.nasl - Type: ACT_GATHER_INFO
2011-05-02 Name: The remote Fedora host is missing a security update.
File: fedora_2011-5807.nasl - Type: ACT_GATHER_INFO
2011-04-27 Name: The remote Fedora host is missing a security update.
File: fedora_2011-5848.nasl - Type: ACT_GATHER_INFO
2011-04-22 Name: The remote Fedora host is missing a security update.
File: fedora_2011-5495.nasl - Type: ACT_GATHER_INFO
2011-04-15 Name: The remote web server hosts a version of MediaWiki that is affected by a cros...
File: mediawiki_1_16_4.nasl - Type: ACT_ATTACK
2009-06-10 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms09-019.nasl - Type: ACT_GATHER_INFO
2008-12-17 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms08-078.nasl - Type: ACT_GATHER_INFO
2008-08-13 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms08-045.nasl - Type: ACT_GATHER_INFO
2008-02-12 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms08-010.nasl - Type: ACT_GATHER_INFO
2007-12-11 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms07-069.nasl - Type: ACT_GATHER_INFO
2007-08-14 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms07-045.nasl - Type: ACT_GATHER_INFO
2007-08-14 Name: Arbitrary code can be executed on the remote host through the email client or...
File: smb_nt_ms07-050.nasl - Type: ACT_GATHER_INFO
2007-04-03 Name: Arbitrary code can be executed on the remote host through the email client or...
File: smb_nt_ms07-017.nasl - Type: ACT_GATHER_INFO
2006-12-12 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms06-072.nasl - Type: ACT_GATHER_INFO