This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2007-09-27
Product Windows 2003 Server Last view 2013-09-11
Version * Type Os
Update sp2  
Edition itanium  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:microsoft:windows_2003_server

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.2 2013-09-11 CVE-2013-3866

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."

7.2 2013-09-11 CVE-2013-3865

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-1344, and CVE-2013-3864.

7.2 2013-09-11 CVE-2013-3864

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-1344, and CVE-2013-3865.

7.2 2013-09-11 CVE-2013-1344

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-3864, and CVE-2013-3865.

7.2 2013-09-11 CVE-2013-1343

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865.

7.2 2013-09-11 CVE-2013-1342

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1343, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865.

7.2 2013-09-11 CVE-2013-1341

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability."

9.3 2012-07-10 CVE-2012-0175

The Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted name for a (1) file or (2) directory, aka "Command Injection Vulnerability."

7.2 2012-06-12 CVE-2012-1867

Integer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted TrueType font file that triggers incorrect memory allocation, aka "Font Resource Refcount Integer Overflow Vulnerability."

7.2 2012-06-12 CVE-2012-1866

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle user-mode input passed to kernel mode for driver objects, which allows local users to gain privileges via a crafted application, aka "Clipboard Format Atom Name Handling Vulnerability."

7.2 2012-06-12 CVE-2012-1865

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle user-mode input passed to kernel mode for driver objects, which allows local users to gain privileges via a crafted application, aka "String Atom Class Name Handling Vulnerability," a different vulnerability than CVE-2012-1864.

7.2 2012-06-12 CVE-2012-1864

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle user-mode input passed to kernel mode for driver objects, which allows local users to gain privileges via a crafted application, aka "String Atom Class Name Handling Vulnerability," a different vulnerability than CVE-2012-1865.

4.3 2011-06-16 CVE-2011-1894

The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for embedded content in an HTML document, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted EMBED element in a web page that is visited in Internet Explorer, aka "MHTML Mime-Formatted Request Vulnerability."

9.3 2011-04-13 CVE-2011-0660

The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote SMB servers to execute arbitrary code via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Client Response Parsing Vulnerability."

10 2011-02-15 CVE-2011-0654

Integer underflow in the BowserWriteErrorLogEntry function in the Common Internet File System (CIFS) browser service in Mrxsmb.sys or bowser.sys in Active Directory in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via a malformed BROWSER ELECTION message, leading to a heap-based buffer overflow, aka "Browser Pool Corruption Vulnerability." NOTE: some of these details are obtained from third party information.

7.2 2011-02-10 CVE-2011-0043

Kerberos in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 supports weak hashing algorithms, which allows local users to gain privileges by operating a service that sends crafted service tickets, as demonstrated by the CRC32 algorithm, aka "Kerberos Unkeyed Checksum Vulnerability."

9.3 2011-02-10 CVE-2011-0033

The OpenType Compact Font Format (CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate parameter values in OpenType fonts, which allows remote attackers to execute arbitrary code via a crafted font, aka "OpenType Font Encoded Character Vulnerability."

7.2 2011-02-08 CVE-2011-0090

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption Vulnerability."

7.2 2011-02-08 CVE-2011-0089

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Window Class Improper Pointer Validation Vulnerability."

7.2 2011-02-08 CVE-2011-0088

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Window Class Pointer Confusion Vulnerability."

7.2 2011-02-08 CVE-2011-0087

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Insufficient User Input Validation Vulnerability."

7.2 2011-02-08 CVE-2011-0086

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Improper User Input Validation Vulnerability."

5 2011-02-08 CVE-2011-0040

The server in Microsoft Active Directory on Windows Server 2003 SP2 does not properly handle an update request for a service principal name (SPN), which allows remote attackers to cause a denial of service (authentication downgrade or outage) via a crafted request that triggers name collisions, aka "Active Directory SPN Validation Vulnerability."

7.2 2011-02-08 CVE-2011-0039

The Local Security Authority Subsystem Service (LSASS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly process authentication requests, which allows local users to gain privileges via a request with a crafted length, aka "LSASS Length Validation Vulnerability."

4.7 2011-02-08 CVE-2011-0030

The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly kill processes after a logout, which allows local users to obtain sensitive information or gain privileges via a crafted application that continues to execute throughout the logout of one user and the login session of the next user, aka "CSRSS Elevation of Privilege Vulnerability," a different vulnerability than CVE-2010-0023.

CWE : Common Weakness Enumeration

%idName
28% (32) CWE-20 Improper Input Validation
17% (19) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
17% (19) CWE-94 Failure to Control Generation of Code ('Code Injection')
9% (11) CWE-399 Resource Management Errors
9% (10) CWE-264 Permissions, Privileges, and Access Controls
5% (6) CWE-189 Numeric Errors
2% (3) CWE-310 Cryptographic Issues
2% (3) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
1% (2) CWE-362 Race Condition
1% (2) CWE-200 Information Exposure
1% (2) CWE-16 Configuration
0% (1) CWE-287 Improper Authentication
0% (1) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...

CAPEC : Common Attack Pattern Enumeration & Classification

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Name
CAPEC-2 Inducing Account Lockout
CAPEC-3 Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-7 Blind SQL Injection
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-13 Subverting Environment Variable Values
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-18 Embedding Scripts in Nonscript Elements
CAPEC-22 Exploiting Trust in Client (aka Make the Client Invisible)
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-28 Fuzzing
CAPEC-31 Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-32 Embedding Scripts in HTTP Query Strings
CAPEC-42 MIME Conversion
CAPEC-43 Exploiting Multiple Input Interpretation Layers
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-52 Embedding NULL Bytes
CAPEC-53 Postfix, Null Terminate, and Backslash
CAPEC-63 Simple Script Injection
CAPEC-64 Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-66 SQL Injection
CAPEC-67 String Format Overflow in syslog()

SAINT Exploits

Description Link
Internet Explorer iepeers.dll use-after-free vulnerability More info here
Windows GDI EMF filename buffer overflow More info here
Microsoft DirectX DirectShow QuickTime movie parsing vulnerability More info here
Windows Help and Support Center -FromHCP URL whitelist bypass More info here
Windows Shell LNK file CONTROL item command execution More info here
Microsoft Office Art Property Table Memory Corruption More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
72935 Microsoft Windows MHTML Mime-Formatted Request Unspecified XSS
71773 Microsoft Windows Common Internet File System (CIFS) Malformed Browser Messag...
71772 Microsoft Windows SMB Client Response Parsing Unspecified Remote Code Execution
70885 Microsoft Windows LSASS Authentication Request Privilege Escalation
70834 Microsoft Windows Kerberos Unkeyed Checksum Hashing Mechanism Service Ticket ...
70826 Microsoft Windows CSRSS Logoff Process Termination Local Information Disclosure
70825 Microsoft Windows Server Active Directory Server Principal Name (SPN) Handlin...
70821 Microsoft OpenType Compact Font Format (CFF) Parsing Remote Code Execution
70819 Microsoft Windows Kernel Unspecified User Input Validation Weakness Local Pri...
70818 Microsoft Windows Kernel Unspecified User Input Validation Weakness Local Pri...
70817 Microsoft Windows Kernel Class Improper Pointer Validation Unspecified Local ...
70816 Microsoft Windows Kernel Window Class Pointer Confusion Unspecified Local Pri...
70814 Microsoft Windows Kernel Unspecified Memory Corruption Local Privilege Escala...
70693 Microsoft Windows MHTML Protocol Handler MIME Formatted Request XSS
69822 Microsoft Windows OpenType Font Driver CMAP Table Parsing Arbitrary Code Exec...
69821 Microsoft Windows OpenType Font Driver Pointer Handling Double-free Arbitrary...
69820 Microsoft Windows OpenType Font Driver Index Array Unspecified Code Execution
69802 Microsoft Windows win32k.sys Cursor Linking Unspecified Local Privilege Escal...
69801 Microsoft Windows win32k.sys WriteAV Unspecified Local Privilege Escalation
69800 Microsoft Windows win32k.sys Unspecified Double-free Local Privilege Escalation
69799 Microsoft Windows win32k.sys PFE Pointer Double-free Local Privilege Escalation
69797 Microsoft Windows win32k.sys Unspecified Local Overflow
68552 Microsoft Windows win32k.sys Driver Keyboard Layout Loading Local Privilege E...
68551 Microsoft Windows win32k.sys Driver Window Class Data Validation Local Privil...
67553 Microsoft Windows Contacts Path Subversion Arbitrary DLL Injection Code Execu...

ExploitDB Exploits

id Description
17659 MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow
16590 Internet Explorer DHTML Behaviors Use After Free
15985 MS10-073: Win32k Keyboard Layout Vulnerability
15266 Windows NTLM Weak Nonce Vulnerability
14895 MOAUB #5 - Microsoft MPEG Layer-3 Remote Command Execution Exploit
14608 Microsoft Windows CreateWindow Function Callback Vulnerability (MS10-048)
12273 Windows 7/2008R2 SMB Client Trans2 Stack Overflow 10-020 PoC
11683 Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta)

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-07-11 Name : Microsoft Windows Shell Remote Code Execution Vulnerability (2691442)
File : nvt/secpod_ms12-048.nasl
2012-06-13 Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2709162)
File : nvt/secpod_ms12-041.nasl
2012-02-29 Name : MicroSoft SMB Server Trans2 Request Remote Code Execution Vulnerability
File : nvt/secpod_ms10-054_remote.nasl
2011-06-15 Name : Windows MHTML Information Disclosure Vulnerability (2544893)
File : nvt/secpod_ms11-037.nasl
2011-04-13 Name : Windows MHTML Information Disclosure Vulnerability (2503658)
File : nvt/secpod_ms11-026.nasl
2011-04-13 Name : Microsoft SMB Client Remote Code Execution Vulnerabilities (2511455)
File : nvt/secpod_ms11-019.nasl
2011-02-18 Name : Microsoft Windows2k3 Active Directory 'BROWSER ELECTION' Buffer Overflow Vuln...
File : nvt/gb_ms_windows2k3_active_directory_bof_vuln.nasl
2011-02-09 Name : Microsoft Windows LSASS Privilege Escalation Vulnerability (2478960)
File : nvt/secpod_ms11-014.nasl
2011-02-09 Name : Microsoft Kerberos Privilege Escalation Vulnerabilities (2496930)
File : nvt/secpod_ms11-013.nasl
2011-02-09 Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2479628)
File : nvt/secpod_ms11-012.nasl
2011-02-09 Name : Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability (2...
File : nvt/secpod_ms11-010.nasl
2011-02-09 Name : Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Re...
File : nvt/secpod_ms11-007.nasl
2011-02-09 Name : Microsoft Windows Active Directory SPN Denial of Service (2478953)
File : nvt/secpod_ms11-005.nasl
2011-02-05 Name : Microsoft Internet Explorer Information Disclosure Vulnerability (2501696)
File : nvt/secpod_ms_ie_mhtml_info_disc_vuln.nasl
2011-01-18 Name : Microsoft Active Directory Denial of Service Vulnerability (953235)
File : nvt/gb_ms08-035.nasl
2011-01-10 Name : Microsoft Windows Kernel Usermode Callback Local Privilege Elevation Vulnerab...
File : nvt/gb_ms08-025.nasl
2010-12-15 Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2436673)
File : nvt/secpod_ms10-098.nasl
2010-12-15 Name : Microsoft Windows Address Book Remote Code Execution Vulnerability (2423089)
File : nvt/secpod_ms10-096.nasl
2010-12-15 Name : Microsoft Windows OpenType Compact Font Format Driver Privilege Escalation Vu...
File : nvt/secpod_ms10-091.nasl
2010-10-22 Name : Microsoft Windows SMB Server NTLM Multiple Vulnerabilities (971468)
File : nvt/secpod_ms10-012-remote.nasl
2010-10-13 Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (981957)
File : nvt/secpod_ms10-073.nasl
2010-08-11 Name : Microsoft Windows Kernel Mode Drivers Privilege Elevation Vulnerabilities (21...
File : nvt/secpod_ms10-048.nasl
2010-08-11 Name : Microsoft Windows SMB Code Execution and DoS Vulnerabilities (982214)
File : nvt/secpod_ms10-054.nasl
2010-08-04 Name : Microsoft Windows Shell Remote Code Execution Vulnerability (2286198)
File : nvt/secpod_ms10-046.nasl
2010-07-14 Name : Microsoft Help and Support Center Remote Code Execution Vulnerability (2229593)
File : nvt/secpod_ms10-042.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2012-A-0110 Microsoft Windows Shell Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0033309
2011-B-0065 Microsoft MHTML Information Disclosure Vulnerability
Severity: Category II - VMSKEY: V0028617
2011-A-0021 Multiple Vulnerabilities in Microsoft Windows Kerberos
Severity: Category II - VMSKEY: V0026067
2011-A-0024 Microsoft Windows Local Security Authority Subsystem Service (LSASS) Privileg...
Severity: Category I - VMSKEY: V0026063
2011-B-0015 Microsoft Windows Active Directory Denial of Service Vulnerability
Severity: Category II - VMSKEY: V0026057
2010-A-0173 Microsoft Windows Address Book Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0025845
2010-A-0095 Microsoft Help and Support Center Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0024848
2010-B-0030 Microsoft Windows ISATAP Spoofing Vulnerability
Severity: Category I - VMSKEY: V0023956
2010-A-0053 Microsoft MPEG Layer-3 Codecs Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0023999
2009-B-0069 Multiple Vulnerabilities in Indeo Codec affecting Microsoft Windows
Severity: Category II - VMSKEY: V0022163
2009-A-0095 Multiple Vulnerabilities in Microsoft Windows CryptoAPI
Severity: Category I - VMSKEY: V0021760
2009-A-0099 Multiple Vulnerabilities in Microsoft GDI+
Severity: Category I - VMSKEY: V0021759
2009-B-0053 Microsoft Indexing Services Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0021750
2009-B-0054 Microsoft Windows Local Security Authority Subsystem Service (LSASS) Denial o...
Severity: Category I - VMSKEY: V0021747
2009-A-0049 Microsoft Windows AFD Driver Local Privilege Escalation Vulnerability
Severity: Category I - VMSKEY: V0019589
2008-A-0041 Microsoft Active Directory Denial of Service Vulnerability
Severity: Category I - VMSKEY: V0016040
2008-B-0034 Microsoft VBScript and JScript Scripting Engines Remote Code Execution
Severity: Category II - VMSKEY: V0015940

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 Microsoft Multiple Products malformed PNG detected tEXt overflow attempt
RuleID : 6700 - Type : FILE-IMAGE - Revision : 20
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX clsid access
RuleID : 53118 - Type : BROWSER-PLUGINS - Revision : 1
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt
RuleID : 53117 - Type : BROWSER-PLUGINS - Revision : 1
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt
RuleID : 53116 - Type : BROWSER-PLUGINS - Revision : 1
2020-01-03 Microsoft Windows MHTML XSS attempt
RuleID : 52335 - Type : OS-WINDOWS - Revision : 1
2019-09-05 Microsoft OpenType font index remote code execution attempt
RuleID : 50889 - Type : FILE-OTHER - Revision : 1
2019-09-05 Microsoft OpenType font index remote code execution attempt
RuleID : 50888 - Type : FILE-OTHER - Revision : 1
2019-08-27 Microsoft Windows GDI+ interlaced PNG file parsing heap overflow attempt
RuleID : 50798 - Type : FILE-IMAGE - Revision : 1
2018-06-12 SMB client NULL deref race condition attempt
RuleID : 46637 - Type : NETBIOS - Revision : 1
2014-01-10 DECODE_IPV6_ISATAP_SPOOF
RuleID : 453 - Type : DECODE_IPV6_ISATAP_SPOOF - Revision : 1
2016-09-13 Microsoft Windows GDI emf filename buffer overflow attempt
RuleID : 40130 - Type : OS-WINDOWS - Revision : 2
2016-03-14 Microsoft Windows malformed WMF meta escape record memory corruption attempt
RuleID : 36856 - Type : FILE-IMAGE - Revision : 2
2015-09-24 Microsoft Windows WebDAV invalid character argument injection attempt
RuleID : 35731 - Type : OS-WINDOWS - Revision : 3
2015-07-13 Win.Trojan.Fanny outbound connection
RuleID : 34857 - Type : MALWARE-CNC - Revision : 2
2015-03-19 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 33518 - Type : FILE-IMAGE - Revision : 3
2015-03-19 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 33517 - Type : FILE-IMAGE - Revision : 3
2015-03-19 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 33516 - Type : FILE-IMAGE - Revision : 3
2015-03-19 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 33515 - Type : FILE-IMAGE - Revision : 3
2015-01-15 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 32833 - Type : FILE-IMAGE - Revision : 2
2015-01-15 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 32832 - Type : FILE-IMAGE - Revision : 2
2015-01-15 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 32831 - Type : FILE-IMAGE - Revision : 2
2015-01-15 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 32830 - Type : FILE-IMAGE - Revision : 2
2015-01-15 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 32829 - Type : FILE-IMAGE - Revision : 2
2015-01-15 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 32828 - Type : FILE-IMAGE - Revision : 2
2014-11-16 Microsoft Internet Explorer outerHTML against incomplete element heap corrupt...
RuleID : 31504 - Type : BROWSER-IE - Revision : 3

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2018-04-03 Name: The remote web server may allow remote code execution.
File: iis_7_pci.nasl - Type: ACT_GATHER_INFO
2014-10-10 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL10509.nasl - Type: ACT_GATHER_INFO
2014-03-10 Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r...
File: smb_kb957488.nasl - Type: ACT_GATHER_INFO
2014-03-05 Name: The DNS server running on the remote host is vulnerable to DNS spoofing attacks.
File: ms_dns_kb941672.nasl - Type: ACT_GATHER_INFO
2013-09-11 Name: The Windows kernel on the remote host is affected by multiple vulnerabilities.
File: smb_nt_ms13-076.nasl - Type: ACT_GATHER_INFO
2012-07-11 Name: The remote Windows host is affected by a remote code execution vulnerability.
File: smb_nt_ms12-048.nasl - Type: ACT_GATHER_INFO
2012-06-13 Name: The remote Windows host is affected by multiple privilege escalation vulnerab...
File: smb_nt_ms12-041.nasl - Type: ACT_GATHER_INFO
2011-06-15 Name: The remote Windows host is affected by an information disclosure vulnerability.
File: smb_nt_ms11-037.nasl - Type: ACT_GATHER_INFO
2011-04-13 Name: Arbitrary code can be executed on the remote host through the installed SMB c...
File: smb_nt_ms11-019.nasl - Type: ACT_GATHER_INFO
2011-04-13 Name: The remote Windows host is affected by an information disclosure vulnerability.
File: smb_nt_ms11-026.nasl - Type: ACT_GATHER_INFO
2011-02-08 Name: Local users can elevate their privileges on the remote host.
File: smb_nt_ms11-014.nasl - Type: ACT_GATHER_INFO
2011-02-08 Name: The remote implementation of Kerberos is affected by one or more vulnerabilit...
File: smb_nt_ms11-013.nasl - Type: ACT_GATHER_INFO
2011-02-08 Name: The remote Windows kernel is affected by multiple vulnerabilities.
File: smb_nt_ms11-012.nasl - Type: ACT_GATHER_INFO
2011-02-08 Name: Users can elevate their privileges on the remote host.
File: smb_nt_ms11-010.nasl - Type: ACT_GATHER_INFO
2011-02-08 Name: The remote Windows host contains a font driver that is affected by a privileg...
File: smb_nt_ms11-007.nasl - Type: ACT_GATHER_INFO
2011-02-08 Name: The directory service on the remote host is affected by denial of service vul...
File: smb_nt_ms11-005.nasl - Type: ACT_GATHER_INFO
2010-12-15 Name: A privilege escalation vulnerability exists in the Windows kernel.
File: smb_nt_ms10-098.nasl - Type: ACT_GATHER_INFO
2010-12-15 Name: Arbitrary code can be executed on the remote host through Windows Address Book.
File: smb_nt_ms10-096.nasl - Type: ACT_GATHER_INFO
2010-12-15 Name: The remote Windows host contains a font driver that allows arbitrary code exe...
File: smb_nt_ms10-091.nasl - Type: ACT_GATHER_INFO
2010-10-13 Name: The Windows kernel is affected by multiple vulnerabilities that could allow e...
File: smb_nt_ms10-073.nasl - Type: ACT_GATHER_INFO
2010-09-13 Name: It is possible to execute arbitrary code on the remote Windows host due to fl...
File: smb_kb971468.nasl - Type: ACT_GATHER_INFO
2010-09-01 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20090908-tcp24http.nasl - Type: ACT_GATHER_INFO
2010-08-26 Name: The remote Windows host has a privilege escalation vulnerability.
File: smb_kb982316.nasl - Type: ACT_GATHER_INFO
2010-08-23 Name: It is possible to execute arbitrary code on the remote Windows host due to fl...
File: smb_pool_overflow.nasl - Type: ACT_GATHER_INFO
2010-08-11 Name: It is possible to execute arbitrary code on the remote Windows host due to fl...
File: smb_nt_ms10-054.nasl - Type: ACT_GATHER_INFO