Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2007-07-10 |
| Product | Windows 2003 Server | Last view | 2015-07-14 |
| Version | * | Type | Os |
| Update | sp2 | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:microsoft:windows_2003_server | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5 | 2015-07-14 | CVE-2015-2417 | OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via crafted input, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "OLE Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-2416. |
| 5 | 2015-07-14 | CVE-2015-2416 | OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via crafted input, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "OLE Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-2417. |
| 7.2 | 2015-07-14 | CVE-2015-2387 | ATMFD.DLL in the Adobe Type Manager Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "ATMFD.DLL Memory Corruption Vulnerability." |
| 3.3 | 2015-07-14 | CVE-2015-2374 | The Netlogon service in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2 does not properly implement domain-controller communication, which allows remote attackers to discover credentials by leveraging certain PDC access and spoofing the BDC role in a PDC communication channel, aka "Elevation of Privilege Vulnerability in Netlogon." |
| 6.9 | 2015-07-14 | CVE-2015-2371 | The Windows Installer service in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a custom action script associated with a .msi package, aka "Windows Installer EoP Vulnerability." |
| 7.2 | 2015-07-14 | CVE-2015-2370 | The authentication implementation in the RPC subsystem in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not prevent DCE/RPC connection reflection, which allows local users to gain privileges via a crafted application, aka "Windows RPC Elevation of Privilege Vulnerability." |
| 6.9 | 2015-07-14 | CVE-2015-2369 | Untrusted search path vulnerability in Windows Media Device Manager in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rtf file, aka "DLL Planting Remote Code Execution Vulnerability." |
| 2.1 | 2015-07-14 | CVE-2015-2367 | win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from uninitialized kernel memory via a crafted application, aka "Win32k Information Disclosure Vulnerability." |
| 7.2 | 2015-07-14 | CVE-2015-2365 | win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." |
| 7.2 | 2015-07-14 | CVE-2015-2364 | The graphics component in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application that leverages an incorrect bitmap conversion, aka "Graphics Component EOP Vulnerability." |
| 7.2 | 2015-07-14 | CVE-2015-2363 | win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." |
| 7.2 | 2015-04-21 | CVE-2015-1701 | Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in April 2015, aka "Win32k Elevation of Privilege Vulnerability." |
| 7.2 | 2015-03-11 | CVE-2015-0075 | The kernel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "Impersonation Level Check Elevation of Privilege Vulnerability." |
| 4.3 | 2015-03-11 | CVE-2015-0005 | The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, aka "NETLOGON Spoofing Vulnerability." |
| 7.2 | 2013-11-27 | CVE-2013-5065 | NDProxy.sys in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in November 2013. |
| 7.2 | 2013-09-11 | CVE-2013-3866 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." |
| 7.2 | 2013-09-11 | CVE-2013-3865 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-1344, and CVE-2013-3864. |
| 7.2 | 2013-09-11 | CVE-2013-3864 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-1344, and CVE-2013-3865. |
| 7.2 | 2013-09-11 | CVE-2013-1344 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-3864, and CVE-2013-3865. |
| 7.2 | 2013-09-11 | CVE-2013-1343 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865. |
| 7.2 | 2013-09-11 | CVE-2013-1342 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1343, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865. |
| 7.2 | 2013-09-11 | CVE-2013-1341 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability." |
| 9.3 | 2012-12-11 | CVE-2012-2556 | The OpenType Font (OTF) driver in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows remote attackers to execute arbitrary code via a crafted OpenType font file, aka "OpenType Font Parsing Vulnerability." |
| 9.3 | 2012-07-10 | CVE-2012-0175 | The Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted name for a (1) file or (2) directory, aka "Command Injection Vulnerability." |
| 7.2 | 2012-06-12 | CVE-2012-1867 | Integer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted TrueType font file that triggers incorrect memory allocation, aka "Font Resource Refcount Integer Overflow Vulnerability." |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 20% (40) | CWE-399 | Resource Management Errors |
| 20% (40) | CWE-20 | Improper Input Validation |
| 16% (32) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 14% (28) | CWE-264 | Permissions, Privileges, and Access Controls |
| 10% (20) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 6% (13) | CWE-189 | Numeric Errors |
| 2% (4) | CWE-200 | Information Exposure |
| 2% (4) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 1% (3) | CWE-310 | Cryptographic Issues |
| 1% (2) | CWE-362 | Race Condition |
| 1% (2) | CWE-16 | Configuration |
| 0% (1) | CWE-287 | Improper Authentication |
| 0% (1) | CWE-254 | Security Features |
| 0% (1) | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('O... |
CAPEC : Common Attack Pattern Enumeration & Classification
| id | Name |
|---|---|
| CAPEC-2 | Inducing Account Lockout |
| CAPEC-3 | Using Leading 'Ghost' Character Sequences to Bypass Input Filters |
| CAPEC-7 | Blind SQL Injection |
| CAPEC-8 | Buffer Overflow in an API Call |
| CAPEC-9 | Buffer Overflow in Local Command-Line Utilities |
| CAPEC-10 | Buffer Overflow via Environment Variables |
| CAPEC-13 | Subverting Environment Variable Values |
| CAPEC-14 | Client-side Injection-induced Buffer Overflow |
| CAPEC-18 | Embedding Scripts in Nonscript Elements |
| CAPEC-22 | Exploiting Trust in Client (aka Make the Client Invisible) |
| CAPEC-24 | Filter Failure through Buffer Overflow |
| CAPEC-28 | Fuzzing |
| CAPEC-31 | Accessing/Intercepting/Modifying HTTP Cookies |
| CAPEC-32 | Embedding Scripts in HTTP Query Strings |
| CAPEC-42 | MIME Conversion |
| CAPEC-43 | Exploiting Multiple Input Interpretation Layers |
| CAPEC-45 | Buffer Overflow via Symbolic Links |
| CAPEC-46 | Overflow Variables and Tags |
| CAPEC-47 | Buffer Overflow via Parameter Expansion |
| CAPEC-52 | Embedding NULL Bytes |
| CAPEC-53 | Postfix, Null Terminate, and Backslash |
| CAPEC-63 | Simple Script Injection |
| CAPEC-64 | Using Slashes and URL Encoding Combined to Bypass Validation Logic |
| CAPEC-66 | SQL Injection |
| CAPEC-67 | String Format Overflow in syslog() |
SAINT Exploits
| Description | Link |
|---|---|
| Internet Explorer iepeers.dll use-after-free vulnerability | More info here |
| Microsoft WordPad Word97 text converter buffer overflow | More info here |
| Windows GDI EMF filename buffer overflow | More info here |
| Microsoft DirectX DirectShow QuickTime movie parsing vulnerability | More info here |
| Windows Help and Support Center -FromHCP URL whitelist bypass | More info here |
| Windows Shell LNK file CONTROL item command execution | More info here |
| Microsoft Remote Desktop Connection Insecure Library Injection | More info here |
| Microsoft Office Art Property Table Memory Corruption | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 76232 | Microsoft Windows Ancillary Function Driver afd.sys Local Privilege Escalation |
| 76231 | Microsoft Windows Active Accessibility Path Subversion Arbitrary DLL Injectio... |
| 76221 | Microsoft Windows win32k.sys Driver Use-after-free Driver Object Handling Arb... |
| 76220 | Microsoft Windows win32k.sys Driver .fon Font File Handling Overflow |
| 76218 | Microsoft Windows win32k.sys Driver NULL Dereference Unspecified Arbitrary Co... |
| 75444 | Microsoft Windows WINS Loopback Interface Crafted Packet Local Privilege Esca... |
| 75382 | Microsoft Windows Shell Extensions Path Subversion Arbitrary DLL Injection Co... |
| 74405 | Microsoft Windows Remote Desktop Protocol RDP Packet Parsing Remote DoS |
| 74402 | Microsoft Windows Remote Access Service NDISTAPI Driver User Input Validation... |
| 74401 | Microsoft Windows Client/Server Run-time Subsystem (CSRSS) Inter-Process Devi... |
| 74400 | Microsoft Windows DNS Service Non-Existent Domain Query Parsing Remote DoS |
| 73796 | Microsoft Windows CSRSS SrvSetConsoleLocalEUDC() Function NULL Page Data Writ... |
| 73795 | Microsoft Windows CSRSS SrvWriteConsoleOutputString() Function Local Overflow |
| 73794 | Microsoft Windows CSRSS SrvWriteConsoleOutput() Function Local Overflow |
| 73793 | Microsoft Windows CSRSS SrvSetConsoleNumberOfCommand() Function Kernel Memory... |
| 73792 | Microsoft Windows CSRSS AllocConsole() Function Multiple Console Object Orpha... |
| 73788 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... |
| 73787 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... |
| 73786 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... |
| 73785 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... |
| 73784 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... |
| 73783 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... |
| 73782 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... |
| 73781 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... |
| 73780 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... |
ExploitDB Exploits
| id | Description |
|---|---|
| 30392 | Microsoft Windows ndproxy.sys - Local Privilege Escalation |
| 30014 | Windows NDPROXY Local SYSTEM Privilege Escalation |
| 18176 | MS11-080 Afd.sys Privilege Escalation Exploit |
| 18024 | MS11-077 Win32k Null Pointer De-reference Vulnerability POC |
| 17978 | MS11-077 .fon Kernel-Mode Buffer Overrun PoC |
| 17831 | MS WINS ECommEndDlg Input Validation Error |
| 17659 | MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow |
| 17544 | GDI+ CreateDashedPath Integer overflow in gdiplus.dll |
| 16590 | Internet Explorer DHTML Behaviors Use After Free |
| 15985 | MS10-073: Win32k Keyboard Layout Vulnerability |
| 15266 | Windows NTLM Weak Nonce Vulnerability |
| 14895 | MOAUB #5 - Microsoft MPEG Layer-3 Remote Command Execution Exploit |
| 14608 | Microsoft Windows CreateWindow Function Callback Vulnerability (MS10-048) |
| 12273 | Windows 7/2008R2 SMB Client Trans2 Stack Overflow 10-020 PoC |
| 11683 | Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta) |
OpenVAS Exploits
| id | Description |
|---|---|
| 2012-12-12 | Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (... File : nvt/secpod_ms12-078.nasl |
| 2012-07-11 | Name : Microsoft Windows Shell Remote Code Execution Vulnerability (2691442) File : nvt/secpod_ms12-048.nasl |
| 2012-06-13 | Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2709162) File : nvt/secpod_ms12-041.nasl |
| 2012-03-06 | Name : Microsoft SMB Transaction Parsing Remote Code Execution Vulnerability File : nvt/secpod_ms11-020_remote.nasl |
| 2012-02-29 | Name : MicroSoft SMB Server Trans2 Request Remote Code Execution Vulnerability File : nvt/secpod_ms10-054_remote.nasl |
| 2011-10-12 | Name : Microsoft Active Accessibility Remote Code Execution Vulnerability (2623699) File : nvt/secpod_ms11-075.nasl |
| 2011-10-12 | Name : Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (2567053) File : nvt/secpod_ms11-077.nasl |
| 2011-10-12 | Name : MS Windows Ancillary Function Driver Privilege Elevation Vulnerability (2592799) File : nvt/secpod_ms11-080.nasl |
| 2011-09-14 | Name : Microsoft Windows WINS Local Privilege Escalation Vulnerability (2571621) File : nvt/secpod_ms11-070.nasl |
| 2011-09-14 | Name : Microsoft Windows Components Remote Code Execution Vulnerabilities (2570947) File : nvt/secpod_ms11-071.nasl |
| 2011-08-11 | Name : Microsoft Windows DNS Server Remote Code Execution Vulnerability (2562485) File : nvt/secpod_ms11-058.nasl |
| 2011-08-11 | Name : MS Windows Remote Access Service NDISTAPI Driver Privilege Elevation Vulnerab... File : nvt/secpod_ms11-062.nasl |
| 2011-08-11 | Name : Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulne... File : nvt/secpod_ms11-063.nasl |
| 2011-08-11 | Name : Microsoft Remote Desktop Protocol Denial of Service Vulnerability (2570222) File : nvt/secpod_ms11-065.nasl |
| 2011-07-13 | Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2555917) File : nvt/secpod_ms11-054.nasl |
| 2011-07-13 | Name : Microsoft Windows CSRSS Privilege Escalation Vulnerabilities (2507938) File : nvt/secpod_ms11-056.nasl |
| 2011-06-15 | Name : Windows MHTML Information Disclosure Vulnerability (2544893) File : nvt/secpod_ms11-037.nasl |
| 2011-06-15 | Name : Microsoft Windows OLE Automation Remote Code Execution Vulnerability (2476490) File : nvt/secpod_ms11-038.nasl |
| 2011-06-15 | Name : Microsoft Distributed File System Remote Code Execution Vulnerabilities (2535... File : nvt/secpod_ms11-042.nasl |
| 2011-06-15 | Name : Microsoft SMB Client Remote Code Execution Vulnerabilities (2536276) File : nvt/secpod_ms11-043.nasl |
| 2011-06-15 | Name : MS Windows Ancillary Function Driver Privilege Elevation Vulnerability File : nvt/secpod_ms11-046.nasl |
| 2011-06-15 | Name : Active Directory Certificate Services Web Enrollment Elevation of Privilege V... File : nvt/secpod_ms11-051.nasl |
| 2011-04-13 | Name : Microsoft SMB Client Remote Code Execution Vulnerabilities (2511455) File : nvt/secpod_ms11-019.nasl |
| 2011-04-13 | Name : Microsoft Windows SMB Server Remote Code Execution Vulnerability (2508429) File : nvt/secpod_ms11-020.nasl |
| 2011-04-13 | Name : Windows Fax Cover Page Editor Remote Code Execution Vulnerability (2527308) File : nvt/secpod_ms11-024.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-A-0167 | Multiple Vulnerabilities in Microsoft Windows (MS15-069) Severity: Category II - VMSKEY: V0061129 |
| 2015-A-0173 | Microsoft Windows Netlogon Privilege Escalation Vulnerability (MS15-071) Severity: Category II - VMSKEY: V0061111 |
| 2015-A-0168 | Microsoft Graphics Component Privilege Escalation Vulnerability (MS15-072) Severity: Category II - VMSKEY: V0061105 |
| 2015-A-0169 | Multiple Vulnerabilities in Microsoft OLE (MS15-075) Severity: Category II - VMSKEY: V0061103 |
| 2015-A-0162 | Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Driver (MS15-073) Severity: Category II - VMSKEY: V0061097 |
| 2015-A-0164 | Microsoft Windows Installer Privilege Escalation Vulnerability (MS15-074) Severity: Category II - VMSKEY: V0061095 |
| 2015-A-0165 | Microsoft Remote Procedure Call (RPC) Privilege Escalation Vulnerability (MS1... Severity: Category II - VMSKEY: V0061093 |
| 2015-A-0108 | Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Driver (MS15-051) Severity: Category II - VMSKEY: V0060653 |
| 2015-A-0048 | Multiple Vulnerabilities in Windows Kernel (MS15-025) Severity: Category II - VMSKEY: V0058995 |
| 2014-A-0004 | Microsoft Windows Kernel Privilege Escalation Vulnerability Severity: Category II - VMSKEY: V0043405 |
| 2012-A-0110 | Microsoft Windows Shell Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0033309 |
| 2012-A-0002 | Microsoft Windows Components Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0030932 |
| 2011-A-0138 | Microsoft Active Accessibility Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0030402 |
| 2011-A-0126 | Microsoft Windows WINS Server Privilege Escalation Vulnerability Severity: Category I - VMSKEY: V0030247 |
| 2011-A-0117 | Microsoft Windows Remote Access Service Elevation of Privilege Vulnerability Severity: Category I - VMSKEY: V0029767 |
| 2011-A-0115 | Microsoft Windows Client/Server Run-time Subsystem Elevation of Privilege Vul... Severity: Category I - VMSKEY: V0029760 |
| 2011-B-0065 | Microsoft MHTML Information Disclosure Vulnerability Severity: Category II - VMSKEY: V0028617 |
| 2011-B-0068 | Microsoft Active Directory Certificate Services Web Enrollment Privilege Esca... Severity: Category II - VMSKEY: V0028615 |
| 2011-B-0067 | Microsoft Windows Ancillary Function Driver Privilege Escalation Vulnerability Severity: Category II - VMSKEY: V0028611 |
| 2011-A-0081 | Microsoft Windows OLE Automation Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0028597 |
| 2011-A-0087 | Microsoft Distributed File System Remote Code Execution Vulnerabilities Severity: Category I - VMSKEY: V0028593 |
| 2011-A-0079 | Microsoft SMB Client Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0028592 |
| 2011-A-0050 | Microsoft SMB Server Remote Code Execution Vulnerability Severity: Category I - VMSKEY: V0026521 |
| 2011-A-0039 | Microsoft DNS Resolution Remote Code Execution Vulnerability Severity: Category I - VMSKEY: V0026514 |
| 2011-B-0045 | Microsoft Windows Fax Cover Page Editor Vulnerability Severity: Category II - VMSKEY: V0026509 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Microsoft Multiple Products malformed PNG detected tEXt overflow attempt RuleID : 6700 - Type : FILE-IMAGE - Revision : 20 |
| 2014-01-10 | Microsoft Windows wmf file arbitrary code execution attempt RuleID : 5318 - Type : FILE-MULTIMEDIA - Revision : 20 |
| 2020-03-19 | Microsoft Windows Data Analyzer 3.5 ActiveX clsid access RuleID : 53118 - Type : BROWSER-PLUGINS - Revision : 1 |
| 2020-03-19 | Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt RuleID : 53117 - Type : BROWSER-PLUGINS - Revision : 1 |
| 2020-03-19 | Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt RuleID : 53116 - Type : BROWSER-PLUGINS - Revision : 1 |
| 2020-01-03 | Microsoft Windows MHTML XSS attempt RuleID : 52335 - Type : OS-WINDOWS - Revision : 1 |
| 2019-12-03 | Microsoft Windows GDI+ EMF buffer overwrite attempt RuleID : 52035 - Type : OS-WINDOWS - Revision : 1 |
| 2019-12-03 | Microsoft Windows GDI+ EMF buffer overwrite attempt RuleID : 52034 - Type : OS-WINDOWS - Revision : 1 |
| 2019-12-03 | Microsoft Windows GDI+ EMF buffer overwrite attempt RuleID : 52033 - Type : OS-WINDOWS - Revision : 1 |
| 2019-12-03 | Microsoft Windows GDI+ EMF buffer overwrite attempt RuleID : 52032 - Type : OS-WINDOWS - Revision : 1 |
| 2019-12-03 | Microsoft Windows GDI+ EMF buffer overwrite attempt RuleID : 52031 - Type : OS-WINDOWS - Revision : 1 |
| 2019-12-03 | Microsoft Windows GDI+ EMF buffer overwrite attempt RuleID : 52030 - Type : OS-WINDOWS - Revision : 1 |
| 2019-09-05 | Microsoft OpenType font index remote code execution attempt RuleID : 50889 - Type : FILE-OTHER - Revision : 1 |
| 2019-09-05 | Microsoft OpenType font index remote code execution attempt RuleID : 50888 - Type : FILE-OTHER - Revision : 1 |
| 2019-09-05 | Microsoft Fax Cover Page Editor heap corruption attempt RuleID : 50873 - Type : OS-WINDOWS - Revision : 1 |
| 2019-09-05 | Microsoft Fax Cover Page Editor heap corruption attempt RuleID : 50872 - Type : OS-WINDOWS - Revision : 1 |
| 2019-08-27 | Microsoft Windows GDI+ interlaced PNG file parsing heap overflow attempt RuleID : 50798 - Type : FILE-IMAGE - Revision : 1 |
| 2018-06-12 | SMB client NULL deref race condition attempt RuleID : 46637 - Type : NETBIOS - Revision : 1 |
| 2018-02-03 | Microsoft Windows MPEG Layer-3 audio heap corruption attempt RuleID : 45316 - Type : FILE-OTHER - Revision : 1 |
| 2018-02-03 | Microsoft Windows MPEG Layer-3 audio heap corruption attempt RuleID : 45315 - Type : FILE-OTHER - Revision : 1 |
| 2014-01-10 | DECODE_IPV6_ISATAP_SPOOF RuleID : 453 - Type : DECODE_IPV6_ISATAP_SPOOF - Revision : 1 |
| 2017-08-01 | Microsoft GDI WMF file parsing integer overflow attempt RuleID : 43362 - Type : FILE-IMAGE - Revision : 2 |
| 2017-08-01 | Microsoft GDI WMF file parsing integer overflow attempt RuleID : 43361 - Type : FILE-IMAGE - Revision : 2 |
| 2017-08-01 | Microsoft GDI WMF file parsing integer overflow attempt RuleID : 43360 - Type : FILE-IMAGE - Revision : 2 |
| 2017-08-01 | Microsoft GDI WMF file parsing integer overflow attempt RuleID : 43359 - Type : FILE-IMAGE - Revision : 2 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2018-04-03 | Name: The remote web server may allow remote code execution. File: iis_7_pci.nasl - Type: ACT_GATHER_INFO |
| 2016-04-14 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-3548.nasl - Type: ACT_GATHER_INFO |
| 2015-07-14 | Name: The remote Windows host is affected by multiple remote code execution vulnera... File: smb_nt_ms15-069.nasl - Type: ACT_GATHER_INFO |
| 2015-07-14 | Name: The remote Windows host is affected by a privilege escalation vulnerability. File: smb_nt_ms15-071.nasl - Type: ACT_GATHER_INFO |
| 2015-07-14 | Name: The remote Windows host is affected by a privilege escalation vulnerability. File: smb_nt_ms15-072.nasl - Type: ACT_GATHER_INFO |
| 2015-07-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms15-073.nasl - Type: ACT_GATHER_INFO |
| 2015-07-14 | Name: The remote Windows host is affected by a privilege escalation vulnerability. File: smb_nt_ms15-074.nasl - Type: ACT_GATHER_INFO |
| 2015-07-14 | Name: The remote Windows host is affected by multiple elevation of privilege vulner... File: smb_nt_ms15-075.nasl - Type: ACT_GATHER_INFO |
| 2015-07-14 | Name: The remote Windows host is affected by a privilege escalation vulnerability. File: smb_nt_ms15-076.nasl - Type: ACT_GATHER_INFO |
| 2015-07-14 | Name: The Adobe Font driver on the remote host is affected by a privilege escalatio... File: smb_nt_ms15-077.nasl - Type: ACT_GATHER_INFO |
| 2015-05-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms15-051.nasl - Type: ACT_GATHER_INFO |
| 2015-03-10 | Name: The remote Windows host is affected by multiple privilege escalation vulnerab... File: smb_nt_ms15-025.nasl - Type: ACT_GATHER_INFO |
| 2015-03-10 | Name: The remote Windows host is affected by a spoofing vulnerability. File: smb_nt_ms15-027.nasl - Type: ACT_GATHER_INFO |
| 2014-10-10 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL10509.nasl - Type: ACT_GATHER_INFO |
| 2014-03-10 | Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r... File: smb_kb957488.nasl - Type: ACT_GATHER_INFO |
| 2014-03-05 | Name: The DNS server running on the remote host has multiple vulnerabilities. File: ms_dns_kb2562485.nasl - Type: ACT_GATHER_INFO |
| 2014-03-05 | Name: The DNS server running on the remote host is vulnerable to DNS spoofing attacks. File: ms_dns_kb941672.nasl - Type: ACT_GATHER_INFO |
| 2014-01-14 | Name: The Windows kernel on the remote host is affected by a privilege escalation v... File: smb_nt_ms14-002.nasl - Type: ACT_GATHER_INFO |
| 2013-09-11 | Name: The Windows kernel on the remote host is affected by multiple vulnerabilities. File: smb_nt_ms13-076.nasl - Type: ACT_GATHER_INFO |
| 2012-12-11 | Name: The remote Windows host is affected by remote code execution vulnerabilities. File: smb_nt_ms12-078.nasl - Type: ACT_GATHER_INFO |
| 2012-07-11 | Name: The remote Windows host is affected by a remote code execution vulnerability. File: smb_nt_ms12-048.nasl - Type: ACT_GATHER_INFO |
| 2012-06-13 | Name: The remote Windows host is affected by multiple privilege escalation vulnerab... File: smb_nt_ms12-041.nasl - Type: ACT_GATHER_INFO |
| 2011-10-11 | Name: The remote Windows host contains a component that could allow remote code exe... File: smb_nt_ms11-075.nasl - Type: ACT_GATHER_INFO |
| 2011-10-11 | Name: The remote Windows kernel is affected by multiple vulnerabilities. File: smb_nt_ms11-077.nasl - Type: ACT_GATHER_INFO |
| 2011-10-11 | Name: The remote Windows host contains a driver that allows privilege escalation. File: smb_nt_ms11-080.nasl - Type: ACT_GATHER_INFO |
