This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2006-06-13
Product Windows 2000 Last view 2010-05-07
Version - Type Os
Update sp4  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:microsoft:windows_2000

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
6.4 2010-05-07 CVE-2010-1690

The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier, Windows XP SP3 and earlier, Windows Server 2003 SP2 and earlier, Windows Server 2008 SP2 and earlier, Windows Server 2008 R2, Exchange Server 2003 SP3 and earlier, Exchange Server 2007 SP2 and earlier, and Exchange Server 2010 does not verify that transaction IDs of responses match transaction IDs of queries, which makes it easier for man-in-the-middle attackers to spoof DNS responses, a different vulnerability than CVE-2010-0024 and CVE-2010-0025.

6.4 2010-05-07 CVE-2010-1689

The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier, Windows XP SP3 and earlier, Windows Server 2003 SP2 and earlier, Windows Server 2008 SP2 and earlier, Windows Server 2008 R2, Exchange Server 2003 SP3 and earlier, Exchange Server 2007 SP2 and earlier, and Exchange Server 2010 uses predictable transaction IDs that are formed by incrementing a previous ID by 1, which makes it easier for man-in-the-middle attackers to spoof DNS responses, a different vulnerability than CVE-2010-0024 and CVE-2010-0025.

5 2010-04-14 CVE-2010-0025

The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server 2000 SP3, does not properly allocate memory for SMTP command replies, which allows remote attackers to read fragments of e-mail messages by sending a series of invalid commands and then sending a STARTTLS command, aka "SMTP Memory Allocation Vulnerability."

5 2010-04-14 CVE-2010-0024

The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server 2003 SP2, does not properly parse MX records, which allows remote DNS servers to cause a denial of service (service outage) via a crafted response to a DNS MX record query, aka "SMTP Server MX Record Vulnerability."

9.3 2010-02-10 CVE-2010-0016

The SMB client implementation in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly validate response fields, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted response, aka "SMB Client Pool Corruption Vulnerability."

9.3 2009-09-08 CVE-2009-2519

The DHTML Editing Component ActiveX control in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly format HTML markup, which allows remote attackers to execute arbitrary code via a crafted web site that triggers "system state" corruption, aka "DHTML Editing Component ActiveX Control Vulnerability."

8.5 2009-09-08 CVE-2009-2499

Microsoft Windows Media Format Runtime 9.0, 9.5, and 11; and Microsoft Media Foundation on Windows Vista Gold, SP1, and SP2 and Server 2008; allows remote attackers to execute arbitrary code via an MP3 file with crafted metadata that triggers memory corruption, aka "Windows Media Playback Memory Corruption Vulnerability."

9.3 2009-09-08 CVE-2009-2498

Microsoft Windows Media Format Runtime 9.0, 9.5, and 11 and Windows Media Services 9.1 and 2008 do not properly parse malformed headers in Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted (1) .asf, (2) .wmv, or (3) .wma file, aka "Windows Media Header Parsing Invalid Free Vulnerability."

7.8 2009-09-08 CVE-2009-1926

Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to cause a denial of service (TCP outage) via a series of TCP sessions that have pending data and a (1) small or (2) zero receive window size, and remain in the FIN-WAIT-1 or FIN-WAIT-2 state indefinitely, aka "TCP/IP Orphaned Connections Vulnerability."

10 2009-09-08 CVE-2009-1925

The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 does not properly manage state information, which allows remote attackers to execute arbitrary code by sending packets to a listening service, and thereby triggering misinterpretation of an unspecified field as a function pointer, aka "TCP/IP Timestamps Code Execution Vulnerability."

9.3 2009-09-08 CVE-2009-1920

The JScript scripting engine 5.1, 5.6, 5.7, and 5.8 in JScript.dll in Microsoft Windows, as used in Internet Explorer, does not properly load decoded scripts into memory before execution, which allows remote attackers to execute arbitrary code via a crafted web site that triggers memory corruption, aka "JScript Remote Code Execution Vulnerability."

10 2009-08-12 CVE-2009-2494

The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via vectors related to erroneous free operations after reading a variant from a stream and deleting this variant, aka "ATL Object Type Mismatch Vulnerability."

10 2009-08-12 CVE-2009-1930

The Telnet service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote Telnet servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, aka "Telnet Credential Reflection Vulnerability," a related issue to CVE-2000-0834.

6.9 2009-08-12 CVE-2009-1922

The Message Queuing (aka MSMQ) service for Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP2, and Vista Gold does not properly validate unspecified IOCTL request data from user mode before passing this data to kernel mode, which allows local users to gain privileges via a crafted request, aka "MSMQ Null Pointer Vulnerability."

9.3 2009-08-12 CVE-2009-1133

Heap-based buffer overflow in Microsoft Remote Desktop Connection (formerly Terminal Services Client) running RDP 5.0 through 6.1 on Windows, and Remote Desktop Connection Client for Mac 2.0, allows remote attackers to execute arbitrary code via unspecified parameters, aka "Remote Desktop Connection Heap Overflow Vulnerability."

9.3 2009-07-15 CVE-2009-1539

The QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 does not properly validate unspecified size fields in QuickTime media files, which allows remote attackers to execute arbitrary code via a crafted file, aka "DirectX Size Validation Vulnerability."

9.3 2009-07-15 CVE-2009-1538

The QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 performs updates to pointers without properly validating unspecified data values, which allows remote attackers to execute arbitrary code via a crafted QuickTime media file, aka "DirectX Pointer Validation Vulnerability."

9.3 2009-04-15 CVE-2009-0087

Unspecified vulnerability in the Word 6 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and the Word 6 text converter in Microsoft Office Word 2000 SP3 and 2002 SP3; allows remote attackers to execute arbitrary code via a crafted Word 6 file that contains malformed data, aka "WordPad and Office Text Converter Memory Corruption Vulnerability."

5 2008-11-17 CVE-2008-5112

The LDAP server in Active Directory in Microsoft Windows 2000 SP4 and Server 2003 SP1 and SP2 responds differently to a failed bind attempt depending on whether the user account exists and is permitted to login, which allows remote attackers to enumerate valid usernames via a series of LDAP bind requests, as demonstrated by ldapuserenum.

9.3 2008-11-12 CVE-2008-4037

Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as demonstrated by backrush, aka "SMB Credential Reflection Vulnerability." NOTE: some reliable sources report that this vulnerability exists because of an insufficient fix for CVE-2000-0834.

7.2 2008-10-14 CVE-2008-2252

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate parameters sent from user mode to the kernel, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Corruption Vulnerability."

9.3 2008-09-10 CVE-2008-3008

Stack-based buffer overflow in the WMEncProfileManager ActiveX control in wmex.dll in Microsoft Windows Media Encoder 9 Series allows remote attackers to execute arbitrary code via a long first argument to the GetDetailsString method, aka "Windows Media Encoder Buffer Overrun Vulnerability."

7.2 2008-06-11 CVE-2008-1451

The WINS service on Microsoft Windows 2000 SP4, and Server 2003 SP1 and SP2, does not properly validate data structures in WINS network packets, which allows local users to gain privileges via a crafted packet, aka "Memory Overwrite Vulnerability."

9.3 2008-04-23 CVE-2007-6255

Buffer overflow in the Microsoft HeartbeatCtl ActiveX control in HRTBEAT.OCX allows remote attackers to execute arbitrary code via the Host argument to an unspecified method.

2.1 2006-06-13 CVE-2006-2374

The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to cause a denial of service (hang) by calling the MrxSmbCscIoctlCloseForCopyChunk with the file handle of the shadow device, which results in a deadlock, aka the "SMB Invalid Handle Vulnerability."

CWE : Common Weakness Enumeration

%idName
29% (7) CWE-94 Failure to Control Generation of Code ('Code Injection')
20% (5) CWE-20 Improper Input Validation
12% (3) CWE-264 Permissions, Privileges, and Access Controls
12% (3) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
8% (2) CWE-200 Information Exposure
4% (1) CWE-399 Resource Management Errors
4% (1) CWE-310 Cryptographic Issues
4% (1) CWE-287 Improper Authentication
4% (1) CWE-255 Credentials Management

CAPEC : Common Attack Pattern Enumeration & Classification

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Name
CAPEC-3 Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-7 Blind SQL Injection
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-13 Subverting Environment Variable Values
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-18 Embedding Scripts in Nonscript Elements
CAPEC-22 Exploiting Trust in Client (aka Make the Client Invisible)
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-28 Fuzzing
CAPEC-31 Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-32 Embedding Scripts in HTTP Query Strings
CAPEC-42 MIME Conversion
CAPEC-43 Exploiting Multiple Input Interpretation Layers
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-52 Embedding NULL Bytes
CAPEC-53 Postfix, Null Terminate, and Backslash
CAPEC-63 Simple Script Injection
CAPEC-64 Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-66 SQL Injection
CAPEC-67 String Format Overflow in syslog()
CAPEC-71 Using Unicode Encoding to Bypass Validation Logic

SAINT Exploits

Description Link
Visual Studio Active Template Library object type mismatch vulnerability More info here
Windows SMB credential reflection vulnerability More info here
Windows Telnet credential reflection More info here
Windows Media Encoder 9 wmex.dll ActiveX buffer overflow More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
64794 Microsoft Multiple Products smtpsvc.dll DNS Implementation Predictable Transa...
64793 Microsoft Multiple Products smtpsvc.dll DNS Implementation ID Transaction Ver...
63739 Microsoft Windows SMTP / Exchange Server Malformed Command Sequence Remote In...
63738 Microsoft Windows SMTP / Exchange Server DNS Mail Exchanger (MX) Resource Rec...
62244 Microsoft Windows SMB Client Negotiate Protocol Response Handling Remote Code...
57804 Microsoft JScript Scripting Engine Memory Corruption Arbitrary Code Execution
57803 Microsoft Windows Media MP3 File Handling Memory Corruption
57802 Microsoft Windows Media ASF Header Parsing Invalid Free Arbitrary Code Execution
57798 Microsoft Windows DHTML Editing Component ActiveX Arbitrary Code Execution
57797 Microsoft Windows TCP/IP Orphaned Connection Handling Remote DoS
57796 Microsoft Windows TCP/IP Packet State Information Handling Remote Code Execution
56911 Microsoft Remote Desktop Server (RDS) mstscax.dll Packet Parsing Remote Overflow
56910 Microsoft Visual Studio Active Template Library (ATL) Header Mismatch Remote ...
56904 Microsoft Windows Telnet NTLM Credential Reflection Remote Access
56901 Microsoft Windows Message Queuing Service (MSMQ) mqac.sys IOCTL Request Parsi...
55845 Microsoft DirectX DirectShow quartz.dll QuickTime NumberOfEntries Field Memor...
55844 Microsoft DirectX DirectShow QuickTime File Pointer Validation Arbitrary Code...
53662 Microsoft WordPad / Office Text Converter Malformed Data Handling Memory Corr...
50000 Microsoft Windows Active Directory LDAP Server Bind Request User Account Enum...
49736 Microsoft Windows SMB NTLM Authentication Credential Replay Remote Code Execu...
49056 Microsoft Windows Kernel Memory Corruption Local Privilege Escalation
47962 Microsoft Windows Media Encoder wmex.dll ActiveX Overflow
46063 Microsoft Windows Internet Name Service (WINS) Packet Handling Local Privileg...
44652 Microsoft HeartbeatCtl HRTBEAT.OCX ActiveX Unspecified Method Host Argument O...
26440 Microsoft Windows SMB MrxSmbCscIoctlOpenForCopyChunk Function Overflow

OpenVAS Exploits

id Description
2010-05-05 Name : Microsoft Windows SMTP Server DNS spoofing vulnerability
File : nvt/gb_ms_smtp_dns_spoofing_vulnerability.nasl
2010-04-23 Name : Microsoft Exchange and Windows SMTP Service Denial of Service Vulnerability (...
File : nvt/secpod_ms10-024.nasl
2010-04-22 Name : Microsoft Windows SMTP Server MX Record Denial of Service Vulnerability
File : nvt/gb_ms10_024.nasl
2010-02-10 Name : Microsoft SMB Client Remote Code Execution Vulnerabilities (978251)
File : nvt/secpod_ms10-006.nasl
2009-09-10 Name : Microsoft Windows TCP/IP Remote Code Execution Vulnerability (967723)
File : nvt/secpod_ms09-048.nasl
2009-09-10 Name : Microsoft Windows Media Format Remote Code Execution Vulnerability (973812)
File : nvt/secpod_ms09-047.nasl
2009-09-10 Name : Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability...
File : nvt/secpod_ms09-046.nasl
2009-09-10 Name : Microsoft JScript Scripting Engine Remote Code Execution Vulnerability (971961)
File : nvt/secpod_ms09-045.nasl
2009-08-14 Name : Vulnerabilities in Microsoft ATL Could Allow Remote Code Execution (973908)
File : nvt/secpod_ms09-037.nasl
2009-08-13 Name : Microsoft Windows Message Queuing Privilege Escalation Vulnerability (971032)
File : nvt/secpod_ms09-040.nasl
2009-08-12 Name : Telnet NTLM Credential Reflection Authentication Bypass Vulnerability (960859)
File : nvt/secpod_ms09-042.nasl
2009-08-12 Name : Microsoft Remote Desktop Connection Remote Code Execution Vulnerability (969706)
File : nvt/secpod_ms09-044.nasl
2009-07-15 Name : Microsoft DirectShow Remote Code Execution Vulnerability (961373)
File : nvt/secpod_ms09-028.nasl
2008-12-12 Name : WordPad and Office Text Converter Memory Corruption Vulnerability (960477)
File : nvt/secpod_ms_wordpad_mult_vuln.nasl
2008-11-12 Name : SMB Could Allow Remote Code Execution Vulnerability (957097)
File : nvt/secpod_ms08-068_900057.nasl
2008-10-15 Name : Windows Kernel Elevation of Privilege Vulnerability (954211)
File : nvt/secpod_ms08-061_900051.nasl
2008-09-10 Name : Windows Media Encoder 9 Remote Code Execution Vulnerability (954156)
File : nvt/secpod_ms08-053_900044.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2010-B-0029 Multiple Vulnerabilities in Microsoft Exchange and Windows SMTP Service
Severity: Category II - VMSKEY: V0023955
2009-A-0074 Microsoft JScript Scripting Engine Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0019914
2009-A-0075 Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0019915
2009-A-0076 Multiple Vulnerabilities in Microsoft Windows Media Format
Severity: Category II - VMSKEY: V0019916
2009-A-0077 Multiple Microsoft TCP/IP Remote Code Execution Vulnerabilities
Severity: Category I - VMSKEY: V0019917
2009-B-0037 Microsoft Telnet Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0019879
2009-A-0067 Multiple Vulnerabilities in Microsoft Active Template Library
Severity: Category II - VMSKEY: V0019882
2009-A-0071 Multiple Vulnerabilities in Microsoft Remote Desktop Connection
Severity: Category II - VMSKEY: V0019884
2009-A-0032 Multiple Vulnerabilities in WordPad and Office Text Converters
Severity: Category I - VMSKEY: V0018752
2008-B-0057 Microsoft Windows Media Encoder Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0017344

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2019-10-17 Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt
RuleID : 51557 - Type : OS-WINDOWS - Revision : 1
2019-10-17 Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt
RuleID : 51556 - Type : OS-WINDOWS - Revision : 1
2019-10-17 Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt
RuleID : 51555 - Type : OS-WINDOWS - Revision : 1
2019-09-05 Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt
RuleID : 50893 - Type : FILE-MULTIMEDIA - Revision : 1
2019-09-05 Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt
RuleID : 50892 - Type : FILE-MULTIMEDIA - Revision : 1
2014-01-10 Microsoft Internet Explorer DHTML Editing ActiveX clsid access
RuleID : 4148 - Type : BROWSER-PLUGINS - Revision : 23
2016-03-14 Microsoft Internet Explorer DHTML Editing ActiveX clsid access
RuleID : 36783 - Type : BROWSER-PLUGINS - Revision : 3
2016-03-14 Microsoft Internet Explorer DHTML Editing ActiveX clsid access
RuleID : 36782 - Type : BROWSER-PLUGINS - Revision : 3
2014-01-10 Microsoft Windows Media Encoder 9 ActiveX function call access
RuleID : 27800 - Type : BROWSER-PLUGINS - Revision : 2
2014-01-10 Microsoft Windows Media encryption sample ID header RCE attempt
RuleID : 23576 - Type : FILE-MULTIMEDIA - Revision : 5
2014-01-10 Microsoft Windows Media encryption sample ID header RCE attempt
RuleID : 23575 - Type : FILE-MULTIMEDIA - Revision : 5
2014-01-10 Microsoft Windows Media pixel aspect ratio header RCE attempt
RuleID : 23574 - Type : FILE-MULTIMEDIA - Revision : 5
2014-01-10 Microsoft Windows Media content type header RCE attempt
RuleID : 23573 - Type : FILE-MULTIMEDIA - Revision : 5
2014-01-10 Microsoft Windows Media file name header RCE attempt
RuleID : 23572 - Type : FILE-MULTIMEDIA - Revision : 5
2014-01-10 Microsoft Windows Media Timecode header RCE attempt
RuleID : 23571 - Type : FILE-MULTIMEDIA - Revision : 5
2014-01-10 Microsoft Windows Media sample duration header RCE attempt
RuleID : 23570 - Type : FILE-MULTIMEDIA - Revision : 5
2014-01-10 Microsoft Office WordPad and Office text converters integer underflow attempt
RuleID : 23557 - Type : FILE-OFFICE - Revision : 5
2014-01-10 Microsoft Office WordPad and Office text converters integer underflow attempt
RuleID : 23556 - Type : FILE-OFFICE - Revision : 5
2014-01-10 Microsoft Office WordPad and Office text converters integer underflow attempt
RuleID : 23356 - Type : FILE-OFFICE - Revision : 5
2014-01-10 potential dns cache poisoning attempt - mismatched txid
RuleID : 21355 - Type : PROTOCOL-DNS - Revision : 5
2014-01-10 dns query - storing query and txid
RuleID : 21354 - Type : PROTOCOL-DNS - Revision : 5
2014-01-10 Microsoft Windows Media encryption sample ID header RCE attempt
RuleID : 19450 - Type : FILE-MULTIMEDIA - Revision : 13
2014-01-10 Microsoft Windows Media encryption sample ID header RCE attempt
RuleID : 19449 - Type : FILE-MULTIMEDIA - Revision : 13
2014-01-10 Microsoft Windows Media pixel aspect ratio header RCE attempt
RuleID : 19448 - Type : FILE-MULTIMEDIA - Revision : 13
2014-01-10 Microsoft Windows Media content type header RCE attempt
RuleID : 19447 - Type : FILE-MULTIMEDIA - Revision : 13

Nessus® Vulnerability Scanner

id Description
2018-04-03 Name: The remote mail server may be affected by multiple vulnerabilities.
File: exchange_ms10-024.nasl - Type: ACT_GATHER_INFO
2010-04-13 Name: The remote mail server may be affected by multiple vulnerabilities.
File: smtp_kb981832.nasl - Type: ACT_GATHER_INFO
2010-04-13 Name: The remote mail server may be affected by multiple vulnerabilities.
File: smb_nt_ms10-024.nasl - Type: ACT_GATHER_INFO
2010-02-09 Name: Arbitrary code can be executed on the remote host through its SMB client.
File: smb_nt_ms10-006.nasl - Type: ACT_GATHER_INFO
2009-09-08 Name: Multiple vulnerabilities in the Windows TCP/IP implementation could lead to d...
File: smb_nt_ms09-048.nasl - Type: ACT_GATHER_INFO
2009-09-08 Name: Arbitrary code can be executed on the remote host through opening a Windows M...
File: smb_nt_ms09-047.nasl - Type: ACT_GATHER_INFO
2009-09-08 Name: Arbitrary code can be executed on the remote host through an ActiveX control.
File: smb_nt_ms09-046.nasl - Type: ACT_GATHER_INFO
2009-09-08 Name: Arbitrary code can be executed on the remote host through the web or email cl...
File: smb_nt_ms09-045.nasl - Type: ACT_GATHER_INFO
2009-08-11 Name: Arbitrary code can be executed on the remote host through the remote Telnet c...
File: smb_nt_ms09-042.nasl - Type: ACT_GATHER_INFO
2009-08-11 Name: It is possible to execute arbitrary code on the remote host.
File: smb_nt_ms09-044.nasl - Type: ACT_GATHER_INFO
2009-08-11 Name: Arbitrary code can be executed on the remote host through Microsoft Remote De...
File: macosx_rdesktop.nasl - Type: ACT_GATHER_INFO
2009-08-11 Name: Users can elevate their privileges on the remote host.
File: smb_nt_ms09-040.nasl - Type: ACT_GATHER_INFO
2009-08-11 Name: Arbitrary code can be executed on the remote host through Microsoft Active Te...
File: smb_nt_ms09-037.nasl - Type: ACT_GATHER_INFO
2009-07-14 Name: It is possible to execute arbitrary code on the remote Windows host using Dir...
File: smb_nt_ms09-028.nasl - Type: ACT_GATHER_INFO
2009-04-15 Name: It is possible to execute arbitrary code on the remote Windows host using a t...
File: smb_nt_ms09-010.nasl - Type: ACT_GATHER_INFO
2008-11-12 Name: It is possible to execute code on the remote host.
File: smb_nt_ms08-068.nasl - Type: ACT_GATHER_INFO
2008-10-15 Name: A local user can elevate his privileges on the remote host.
File: smb_nt_ms08-061.nasl - Type: ACT_GATHER_INFO
2008-09-10 Name: Arbitrary code can be executed on the remote host through Media Player.
File: smb_nt_ms08-053.nasl - Type: ACT_GATHER_INFO
2008-06-10 Name: The remote WINS service can be abused to escalate privileges.
File: smb_nt_ms08-034.nasl - Type: ACT_GATHER_INFO
2006-06-13 Name: It is possible to execute code on the remote host.
File: smb_nt_ms06-030.nasl - Type: ACT_GATHER_INFO