Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2009-05-29 |
| Product | Windows 2003 Server | Last view | 2010-08-27 |
| Version | * | Type | Os |
| Update | sp2 | ||
| Edition | itanium | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:microsoft:windows_2003_server | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 9.3 | 2010-08-27 | CVE-2010-3147 | Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windows Address Book in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a Trojan horse wab32res.dll file in the current working directory, as demonstrated by a directory that contains a Windows Address Book (WAB), VCF (aka vCard), or P7C file, aka "Insecure Library Loading Vulnerability." NOTE: the codebase for this product may overlap the codebase for the product referenced in CVE-2010-3143. |
| 9.3 | 2010-03-31 | CVE-2010-0807 | Microsoft Internet Explorer 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, leading to memory corruption, aka "HTML Rendering Memory Corruption Vulnerability." |
| 4.3 | 2010-03-31 | CVE-2010-0494 | Cross-domain vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 allows user-assisted remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted HTML document in a situation where the client user drags one browser window across another browser window, aka "HTML Element Cross-Domain Vulnerability." |
| 9.3 | 2010-03-31 | CVE-2010-0492 | Use-after-free vulnerability in mstime.dll in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via vectors related to the TIME2 behavior, the CTimeAction object, and destruction of markup, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability." |
| 9.3 | 2010-03-31 | CVE-2010-0491 | Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 allows remote attackers to execute arbitrary code by changing unspecified properties of an HTML object that has an onreadystatechange event handler, aka "HTML Object Memory Corruption Vulnerability." |
| 9.3 | 2010-03-31 | CVE-2010-0490 | Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability." |
| 9.3 | 2010-03-31 | CVE-2010-0489 | Race condition in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Race Condition Memory Corruption Vulnerability." |
| 4.3 | 2010-03-31 | CVE-2010-0488 | Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 does not properly handle unspecified "encoding strings," which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site, aka "Post Encoding Information Disclosure Vulnerability." |
| 9.3 | 2010-03-31 | CVE-2010-0267 | Microsoft Internet Explorer 6, 6 SP1, and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability." |
| 9.3 | 2010-03-10 | CVE-2010-0806 | Use-after-free vulnerability in the Peer Objects component (aka iepeers.dll) in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010, aka "Uninitialized Memory Corruption Vulnerability." |
| 7.6 | 2010-03-03 | CVE-2010-0917 | Stack-based buffer overflow in VBScript in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, might allow user-assisted remote attackers to execute arbitrary code via a long string in the fourth argument (aka helpfile argument) to the MsgBox function, leading to code execution when the F1 key is pressed, a different vulnerability than CVE-2010-0483. |
| 7.6 | 2010-03-03 | CVE-2010-0483 | vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, allows user-assisted remote attackers to execute arbitrary code by referencing a (1) local pathname, (2) UNC share pathname, or (3) WebDAV server with a crafted .hlp file in the fourth argument (aka helpfile argument) to the MsgBox function, leading to code execution involving winhlp32.exe when the F1 key is pressed, aka "VBScript Help Keypress Vulnerability." |
| 9.3 | 2009-12-12 | CVE-2009-4310 | Stack-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted compressed video data in an IV41 stream in a media file, leading to many loop iterations, as demonstrated by data in an AVI file. |
| 9.3 | 2009-12-12 | CVE-2009-4309 | Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 stream in a media file, as demonstrated by an AVI file. |
| 9.3 | 2009-05-29 | CVE-2009-1537 | Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as exploited in the wild in May 2009, aka "DirectX NULL Byte Overwrite Vulnerability." |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 38% (5) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 23% (3) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 15% (2) | CWE-399 | Resource Management Errors |
| 15% (2) | CWE-200 | Information Exposure |
| 7% (1) | CWE-362 | Race Condition |
SAINT Exploits
| Description | Link |
|---|---|
| Internet Explorer iepeers.dll use-after-free vulnerability | More info here |
| Microsoft DirectX DirectShow QuickTime movie parsing vulnerability | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 67553 | Microsoft Windows Contacts Path Subversion Arbitrary DLL Injection Code Execu... |
| 63335 | Microsoft IE Unspecified Uninitialized Memory Corruption |
| 63334 | Microsoft IE Post Encoding Information Disclosure |
| 63333 | Microsoft IE Unspecified Race Condition Memory Corruption |
| 63332 | Microsoft IE Object Handling Unspecified Memory Corruption (2010-0490) |
| 63331 | Microsoft IE HTML Object onreadystatechange Event Handler Memory Corruption |
| 63330 | Microsoft IE HTML Rendering Unspecified Memory Corruption |
| 63328 | Microsoft IE HTML Element Handling Cross-Domain Information Disclosure |
| 63327 | Microsoft IE CTimeAction Object TIME2 Handling Memory Corruption |
| 62810 | Microsoft IE iepeers.dll Use-After-Free Arbitrary Code Execution |
| 62756 | Microsoft Windows VBScript MsgBox() Function helpfile Argument Arbitrary Comm... |
| 62632 | Microsoft Windows VBScript MsgBox() Function HLP File Arbitrary Command Execu... |
| 60856 | Microsoft Windows Intel Indeo41 Codec IV41 Stream Video Decompression Overflow |
| 60855 | Microsoft Windows Intel Indeo41 Codec IV41 movi Record Handling Overflow |
| 54797 | Microsoft DirectX DirectShow quartz.dll QuickTime NULL Byte Overwrite Arbitra... |
ExploitDB Exploits
| id | Description |
|---|---|
| 16590 | Internet Explorer DHTML Behaviors Use After Free |
| 11683 | Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta) |
OpenVAS Exploits
| id | Description |
|---|---|
| 2010-12-15 | Name : Microsoft Windows Address Book Remote Code Execution Vulnerability (2423089) File : nvt/secpod_ms10-096.nasl |
| 2010-04-14 | Name : Microsoft VBScript Scripting Engine Remote Code Execution Vulnerability (980232) File : nvt/secpod_ms10-022.nasl |
| 2010-04-01 | Name : Microsoft Internet Explorer Multiple Vulnerabilities (980182) File : nvt/secpod_ms10-018.nasl |
| 2010-03-10 | Name : MS Internet Explorer Remote Code Execution Vulnerability (981374) File : nvt/gb_ms_ie_remote_code_exe_vuln_981374.nasl |
| 2010-03-10 | Name : MS Internet Explorer 'VBScript' Remote Code Execution Vulnerability File : nvt/gb_ms_ie_vbscript_remote_code_exec_vuln.nasl |
| 2009-12-17 | Name : Microsoft Windows Indeo Codec Multiple Vulnerabilities File : nvt/gb_ms_indeo_codec_mult_vuln.nasl |
| 2009-07-15 | Name : Microsoft DirectShow Remote Code Execution Vulnerability (961373) File : nvt/secpod_ms09-028.nasl |
| 2009-06-01 | Name : Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution File : nvt/secpod_ms_directx_code_exec_vuln.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2010-A-0173 | Microsoft Windows Address Book Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0025845 |
| 2009-B-0069 | Multiple Vulnerabilities in Indeo Codec affecting Microsoft Windows Severity: Category II - VMSKEY: V0022163 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-11-16 | Microsoft Internet Explorer outerHTML against incomplete element heap corrupt... RuleID : 31504 - Type : BROWSER-IE - Revision : 3 |
| 2014-01-10 | Microsoft Internet Explorer innerHTML against incomplete element heap corrupt... RuleID : 27222 - Type : BROWSER-IE - Revision : 4 |
| 2014-01-10 | Microsoft Internet Explorer userdata behavior memory corruption attempt RuleID : 25986 - Type : BROWSER-IE - Revision : 7 |
| 2014-01-10 | Microsoft Internet Explorer userdata behavior memory corruption attempt RuleID : 25985 - Type : BROWSER-IE - Revision : 9 |
| 2014-01-10 | Microsoft Internet Explorer userdata behavior memory corruption attempt RuleID : 25984 - Type : BROWSER-IE - Revision : 9 |
| 2014-01-10 | Microsoft Windows AVI DirectShow QuickTime parsing overflow attempt RuleID : 23565 - Type : FILE-MULTIMEDIA - Revision : 4 |
| 2014-01-10 | Crimepack exploit kit malicious pdf request RuleID : 21099 - Type : EXPLOIT-KIT - Revision : 5 |
| 2014-01-10 | Crimepack exploit kit landing page RuleID : 21098 - Type : EXPLOIT-KIT - Revision : 5 |
| 2014-01-10 | Crimepack exploit kit post-exploit download request RuleID : 21097 - Type : EXPLOIT-KIT - Revision : 4 |
| 2014-01-10 | Crimepack exploit kit control panel access RuleID : 21096 - Type : EXPLOIT-KIT - Revision : 6 |
| 2014-01-10 | Eleanore exploit kit post-exploit page request RuleID : 21071 - Type : EXPLOIT-KIT - Revision : 5 |
| 2014-01-10 | Eleanore exploit kit pdf exploit page request RuleID : 21070 - Type : EXPLOIT-KIT - Revision : 4 |
| 2014-01-10 | Eleanore exploit kit exploit fetch request RuleID : 21069 - Type : EXPLOIT-KIT - Revision : 4 |
| 2014-01-10 | Eleanore exploit kit landing page RuleID : 21068 - Type : EXPLOIT-KIT - Revision : 4 |
| 2014-01-10 | Yang Pack yg.htm landing page RuleID : 21006 - Type : MALWARE-CNC - Revision : 5 |
| 2014-01-10 | Cute Pack cute-ie.html landing page RuleID : 21004 - Type : MALWARE-CNC - Revision : 5 |
| 2014-01-10 | Cute Pack cute-ie.html request RuleID : 21003 - Type : MALWARE-CNC - Revision : 5 |
| 2014-01-10 | Microsoft Internet Explorer MsgBox arbitrary code execution attempt RuleID : 19204 - Type : BROWSER-IE - Revision : 11 |
| 2014-01-10 | Microsoft Internet Explorer MsgBox arbitrary code execution attempt RuleID : 19203 - Type : BROWSER-IE - Revision : 11 |
| 2014-01-10 | Microsoft Internet Explorer outerHTML against incomplete element heap corrupt... RuleID : 19147 - Type : BROWSER-IE - Revision : 12 |
| 2014-01-10 | Microsoft Internet Explorer invalid pointer memory corruption attempt RuleID : 18540 - Type : SPECIFIC-THREATS - Revision : 6 |
| 2014-01-10 | Microsoft Internet Explorer event handling remote code execution attempt RuleID : 18539 - Type : BROWSER-IE - Revision : 12 |
| 2014-01-10 | Microsoft Windows Address Book request for msoeres32.dll over SMB attempt RuleID : 18207 - Type : OS-WINDOWS - Revision : 16 |
| 2014-01-10 | Microsoft Windows Address Book request for wab32res.dll over SMB attempt RuleID : 18206 - Type : OS-WINDOWS - Revision : 17 |
| 2014-01-10 | Microsoft Windows Address Book msoeres32.dll dll-load exploit attempt RuleID : 18205 - Type : OS-WINDOWS - Revision : 16 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2010-12-15 | Name: Arbitrary code can be executed on the remote host through Windows Address Book. File: smb_nt_ms10-096.nasl - Type: ACT_GATHER_INFO |
| 2010-04-13 | Name: Arbitrary code can be executed on the remote host through the installed VBScr... File: smb_nt_ms10-022.nasl - Type: ACT_GATHER_INFO |
| 2010-03-30 | Name: Arbitrary code can be executed on the remote host through a web browser. File: smb_nt_ms10-018.nasl - Type: ACT_GATHER_INFO |
| 2009-12-09 | Name: The remote host is missing a security update that mitigates multiple vulnerab... File: smb_kb_955759.nasl - Type: ACT_GATHER_INFO |
| 2009-07-14 | Name: It is possible to execute arbitrary code on the remote Windows host using Dir... File: smb_nt_ms09-028.nasl - Type: ACT_GATHER_INFO |
