This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2007-06-12
Product Windows 2003 Server Last view 2013-09-11
Version * Type Os
Update sp2  
Edition x64  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:microsoft:windows_2003_server

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.2 2013-09-11 CVE-2013-3866

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."

7.2 2013-09-11 CVE-2013-3865

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-1344, and CVE-2013-3864.

7.2 2013-09-11 CVE-2013-3864

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-1344, and CVE-2013-3865.

7.2 2013-09-11 CVE-2013-1344

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-3864, and CVE-2013-3865.

7.2 2013-09-11 CVE-2013-1343

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865.

7.2 2013-09-11 CVE-2013-1342

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1343, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865.

7.2 2013-09-11 CVE-2013-1341

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability."

5 2011-02-08 CVE-2011-0040

The server in Microsoft Active Directory on Windows Server 2003 SP2 does not properly handle an update request for a service principal name (SPN), which allows remote attackers to cause a denial of service (authentication downgrade or outage) via a crafted request that triggers name collisions, aka "Active Directory SPN Validation Vulnerability."

7.2 2011-02-08 CVE-2011-0039

The Local Security Authority Subsystem Service (LSASS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly process authentication requests, which allows local users to gain privileges via a request with a crafted length, aka "LSASS Length Validation Vulnerability."

4.7 2011-02-08 CVE-2011-0030

The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly kill processes after a logout, which allows local users to obtain sensitive information or gain privileges via a crafted application that continues to execute throughout the logout of one user and the login session of the next user, aka "CSRSS Elevation of Privilege Vulnerability," a different vulnerability than CVE-2010-0023.

6.8 2010-06-08 CVE-2010-1255

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 allows local users to execute arbitrary code via vectors related to "glyph outline information" and TrueType fonts, aka "Win32k TrueType Font Parsing Vulnerability."

7.2 2010-06-08 CVE-2010-0819

Unspecified vulnerability in the Windows OpenType Compact Font Format (CFF) driver in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users to execute arbitrary code via unknown vectors related to improper validation when copying data from user mode to kernel mode, aka "OpenType CFF Font Driver Memory Corruption Vulnerability."

9.3 2010-06-08 CVE-2010-0811

Multiple unspecified vulnerabilities in the Microsoft Internet Explorer 8 Developer Tools ActiveX control in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow remote attackers to execute arbitrary code via unknown vectors that "corrupt the system state," aka "Microsoft Internet Explorer 8 Developer Tools Vulnerability."

6.8 2010-06-08 CVE-2010-0485

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 "do not properly validate all callback parameters when creating a new window," which allows local users to execute arbitrary code, aka "Win32k Window Creation Vulnerability."

6.8 2010-06-08 CVE-2010-0484

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 "do not properly validate changes in certain kernel objects," which allows local users to execute arbitrary code via vectors related to Device Contexts (DC) and the GetDCEx function, aka "Win32k Improper Data Validation Vulnerability."

9.3 2010-02-10 CVE-2010-0252

The Microsoft Data Analyzer ActiveX control (aka the Office Excel ActiveX control for Data Analysis) in max3activex.dll in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to execute arbitrary code via a crafted web page that corrupts the "system state," aka "Microsoft Data Analyzer ActiveX Control Vulnerability."

6.9 2010-02-10 CVE-2010-0023

The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly kill processes after a logout, which allows local users to obtain sensitive information or gain privileges via a crafted application that continues to execute throughout the logout of one user and the login session of the next user, aka "CSRSS Local Privilege Elevation Vulnerability."

9.3 2010-01-13 CVE-2010-0018

Integer overflow in the Embedded OpenType (EOT) Font Engine (t2embed.dll) in Microsoft Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code via compressed data that represents a crafted EOT font, aka "Microtype Express Compressed Fonts Integer Flaw in the LZCOMP Decompressor Vulnerability."

9.3 2009-12-12 CVE-2009-4313

ir32_32.dll 3.24.15.3 in the Indeo32 codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service (heap corruption) or execute arbitrary code via malformed data in a stream in a media file, as demonstrated by an AVI file.

9.3 2009-12-12 CVE-2009-4312

Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Dave Lenoe of Adobe.

9.3 2009-12-12 CVE-2009-4311

Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Paul Byrne of NGS Software. NOTE: this might overlap CVE-2008-3615.

9.3 2009-12-12 CVE-2009-4310

Stack-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted compressed video data in an IV41 stream in a media file, leading to many loop iterations, as demonstrated by data in an AVI file.

9.3 2009-12-12 CVE-2009-4309

Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 stream in a media file, as demonstrated by an AVI file.

9.3 2009-12-12 CVE-2009-4210

The Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted media content.

9.3 2009-11-11 CVE-2009-2514

win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not correctly parse font code during construction of a directory-entry table, which allows remote attackers to execute arbitrary code via a crafted Embedded OpenType (EOT) font, aka "Win32k EOT Parsing Vulnerability."

CWE : Common Weakness Enumeration

%idName
30% (15) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
22% (11) CWE-94 Failure to Control Generation of Code ('Code Injection')
14% (7) CWE-189 Numeric Errors
14% (7) CWE-20 Improper Input Validation
6% (3) CWE-264 Permissions, Privileges, and Access Controls
4% (2) CWE-399 Resource Management Errors
4% (2) CWE-16 Configuration
2% (1) CWE-310 Cryptographic Issues
2% (1) CWE-287 Improper Authentication

CAPEC : Common Attack Pattern Enumeration & Classification

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Name
CAPEC-2 Inducing Account Lockout
CAPEC-3 Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-7 Blind SQL Injection
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-13 Subverting Environment Variable Values
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-18 Embedding Scripts in Nonscript Elements
CAPEC-22 Exploiting Trust in Client (aka Make the Client Invisible)
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-28 Fuzzing
CAPEC-31 Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-32 Embedding Scripts in HTTP Query Strings
CAPEC-42 MIME Conversion
CAPEC-43 Exploiting Multiple Input Interpretation Layers
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-52 Embedding NULL Bytes
CAPEC-53 Postfix, Null Terminate, and Backslash
CAPEC-63 Simple Script Injection
CAPEC-64 Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-66 SQL Injection
CAPEC-67 String Format Overflow in syslog()

SAINT Exploits

Description Link
Windows GDI EMF filename buffer overflow More info here
Microsoft DirectX DirectShow QuickTime movie parsing vulnerability More info here
Microsoft Office Art Property Table Memory Corruption More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
70885 Microsoft Windows LSASS Authentication Request Privilege Escalation
70826 Microsoft Windows CSRSS Logoff Process Termination Local Information Disclosure
70825 Microsoft Windows Server Active Directory Server Principal Name (SPN) Handlin...
65225 Microsoft Windows Kernel-Mode Driver Window Creation Local Privilege Escalation
65224 Microsoft Windows Kernel-Mode Driver Win32k.sys GetDCEx() Function Device Con...
65223 Microsoft Windows Kernel-Mode Driver TrueType Font Parsing Local Privilege Es...
65218 Microsoft IE 8 Developer Tools ActiveX Remote Code Execution
65217 Microsoft Windows OpenType Compact Font Format (CFF) Driver Privilege Escalation
62252 Microsoft Windows Client/Server Run-time Subsystem (CSRSS) Session Terminatio...
62246 Microsoft Data Analyzer ActiveX Web Page Handling Unspecified Arbitrary Code ...
62144 F5 Multiple Products TCP/IP Implementation Queue Connection Saturation TCP St...
61651 Microsoft Windows Embedded OpenType Font Engine LZCOMP Decompressor Font Hand...
61133 Citrix Multiple Products TCP/IP Implementation Queue Connection Saturation TC...
61037 Microsoft Windows Indeo Codec Crafted Media Content Arbitrary Code Execution ...
61036 Microsoft Windows Indeo Codec Crafted Media Content Arbitrary Code Execution ...
60858 Microsoft Windows Intel Indeo32 Codec (ir32_32.dll) IV32 FourCC Code Handling...
60857 Microsoft Windows Indeo Codec Unspecified Memory Corruption
60856 Microsoft Windows Intel Indeo41 Codec IV41 Stream Video Decompression Overflow
60855 Microsoft Windows Intel Indeo41 Codec IV41 movi Record Handling Overflow
59869 Microsoft Windows Win32k Table of Directory Entry Building Font Code Parsing ...
59868 Microsoft Windows Win32k GDI Kernel Component Unspecified Local Privilege Esc...
59867 Microsoft Windows Win32k Unspecified Kernel System Call Local Privilege Escal...
59856 Microsoft Windows Active Directory Malformed LDAP Request Stack Exhaustion Re...
59482 Blue Coat Multiple Products TCP/IP Implementation Queue Connection Saturation...
58869 Microsoft Office Malformed Object Handling Memory Corruption Arbitrary Code E...

ExploitDB Exploits

id Description
14608 Microsoft Windows CreateWindow Function Callback Vulnerability (MS10-048)

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2011-04-13 Name : Microsoft IE Developer Tools WMITools and Windows Messenger ActiveX Control V...
File : nvt/secpod_ms11-027.nasl
2011-02-09 Name : Microsoft Windows LSASS Privilege Escalation Vulnerability (2478960)
File : nvt/secpod_ms11-014.nasl
2011-02-09 Name : Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability (2...
File : nvt/secpod_ms11-010.nasl
2011-02-09 Name : Microsoft Windows Active Directory SPN Denial of Service (2478953)
File : nvt/secpod_ms11-005.nasl
2011-01-18 Name : Microsoft Active Directory Denial of Service Vulnerability (953235)
File : nvt/gb_ms08-035.nasl
2011-01-14 Name : Vulnerability in RPC Could Allow Denial of Service (933729)
File : nvt/gb_ms07-058.nasl
2011-01-10 Name : Microsoft Windows Kernel Usermode Callback Local Privilege Elevation Vulnerab...
File : nvt/gb_ms08-025.nasl
2010-06-09 Name : Microsoft Windows OpenType Compact Font Format Driver Privilege Escalation Vu...
File : nvt/secpod_ms10-037.nasl
2010-06-09 Name : Microsoft Data Analyzer and IE Developer Tools ActiveX Control Vulnerability ...
File : nvt/secpod_ms10-034.nasl
2010-06-09 Name : Microsoft Windows Kernel Mode Drivers Privilege Escalation Vulnerabilities (9...
File : nvt/secpod_ms10-032.nasl
2010-02-10 Name : Microsoft Client/Server Run-time Subsystem Privilege Elevation Vulnerability...
File : nvt/secpod_ms10-011.nasl
2010-02-10 Name : Microsoft Data Analyzer ActiveX Control Vulnerability (978262)
File : nvt/secpod_ms10-008.nasl
2010-01-13 Name : Microsoft Embedded OpenType Font Engine Remote Code Execution Vulnerabilities...
File : nvt/secpod_ms10-001.nasl
2009-12-17 Name : Microsoft Windows Indeo Codec Multiple Vulnerabilities
File : nvt/gb_ms_indeo_codec_mult_vuln.nasl
2009-11-12 Name : Microsoft Windows Active Directory Denial of Service Vulnerability (973309)
File : nvt/secpod_ms09-066.nasl
2009-11-11 Name : Microsoft Windows Kernel-Mode Drivers Multiple Vulnerabilities (969947)
File : nvt/secpod_ms09-065.nasl
2009-10-21 Name : Microsoft Products GDI Plus Code Execution Vulnerabilities (957488)
File : nvt/secpod_ms09-062.nasl
2009-10-15 Name : Microsoft Windows Indexing Service ActiveX Vulnerability (969059)
File : nvt/secpod_ms09-057.nasl
2009-10-14 Name : Microsoft Windows LSASS Denial of Service Vulnerability (975467)
File : nvt/secpod_ms09-059.nasl
2009-10-14 Name : Microsoft Windows CryptoAPI X.509 Spoofing Vulnerabilities (974571)
File : nvt/secpod_ms09-056.nasl
2009-10-06 Name : Microsoft IE CA SSL Certificate Security Bypass Vulnerability - Oct09
File : nvt/gb_ms_ie_ssl_certi_sec_bypass_vuln_oct09.nasl
2009-09-10 Name : Microsoft Windows TCP/IP Remote Code Execution Vulnerability (967723)
File : nvt/secpod_ms09-048.nasl
2009-07-15 Name : Microsoft DirectShow Remote Code Execution Vulnerability (961373)
File : nvt/secpod_ms09-028.nasl
2009-06-01 Name : Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution
File : nvt/secpod_ms_directx_code_exec_vuln.nasl
2008-12-10 Name : Vulnerabilities in GDI Could Allow Remote Code Execution (956802)
File : nvt/secpod_ms08-071.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2011-B-0015 Microsoft Windows Active Directory Denial of Service Vulnerability
Severity: Category II - VMSKEY: V0026057
2011-A-0024 Microsoft Windows Local Security Authority Subsystem Service (LSASS) Privileg...
Severity: Category I - VMSKEY: V0026063
2009-B-0069 Multiple Vulnerabilities in Indeo Codec affecting Microsoft Windows
Severity: Category II - VMSKEY: V0022163
2009-B-0054 Microsoft Windows Local Security Authority Subsystem Service (LSASS) Denial o...
Severity: Category I - VMSKEY: V0021747
2009-B-0053 Microsoft Indexing Services Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0021750
2009-A-0099 Multiple Vulnerabilities in Microsoft GDI+
Severity: Category I - VMSKEY: V0021759
2009-A-0095 Multiple Vulnerabilities in Microsoft Windows CryptoAPI
Severity: Category I - VMSKEY: V0021760
2009-A-0049 Microsoft Windows AFD Driver Local Privilege Escalation Vulnerability
Severity: Category I - VMSKEY: V0019589
2008-A-0086 Microsoft GDI Remote Code Execution Vulnerabilities
Severity: Category II - VMSKEY: V0017910
2008-A-0041 Microsoft Active Directory Denial of Service Vulnerability
Severity: Category I - VMSKEY: V0016040
2008-B-0034 Microsoft VBScript and JScript Scripting Engines Remote Code Execution
Severity: Category II - VMSKEY: V0015940
2007-T-0040 Microsoft Windows RPC NTLMSSP Remote Denial Of Service Vulnerability
Severity: Category I - VMSKEY: V0015305

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 Microsoft Multiple Products malformed PNG detected tEXt overflow attempt
RuleID : 6700 - Type : FILE-IMAGE - Revision : 20
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX clsid access
RuleID : 53118 - Type : BROWSER-PLUGINS - Revision : 1
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt
RuleID : 53117 - Type : BROWSER-PLUGINS - Revision : 1
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt
RuleID : 53116 - Type : BROWSER-PLUGINS - Revision : 1
2019-08-27 Microsoft Windows GDI+ interlaced PNG file parsing heap overflow attempt
RuleID : 50798 - Type : FILE-IMAGE - Revision : 1
2017-08-01 Microsoft GDI WMF file parsing integer overflow attempt
RuleID : 43362 - Type : FILE-IMAGE - Revision : 2
2017-08-01 Microsoft GDI WMF file parsing integer overflow attempt
RuleID : 43361 - Type : FILE-IMAGE - Revision : 2
2017-08-01 Microsoft GDI WMF file parsing integer overflow attempt
RuleID : 43360 - Type : FILE-IMAGE - Revision : 2
2017-08-01 Microsoft GDI WMF file parsing integer overflow attempt
RuleID : 43359 - Type : FILE-IMAGE - Revision : 2
2016-09-13 Microsoft Windows GDI emf filename buffer overflow attempt
RuleID : 40130 - Type : OS-WINDOWS - Revision : 2
2016-03-14 Microsoft Windows malformed WMF meta escape record memory corruption attempt
RuleID : 36856 - Type : FILE-IMAGE - Revision : 2
2015-03-19 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 33518 - Type : FILE-IMAGE - Revision : 3
2015-03-19 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 33517 - Type : FILE-IMAGE - Revision : 3
2015-03-19 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 33516 - Type : FILE-IMAGE - Revision : 3
2015-03-19 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 33515 - Type : FILE-IMAGE - Revision : 3
2015-01-20 Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access
RuleID : 32843 - Type : BROWSER-PLUGINS - Revision : 3
2015-01-20 Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access
RuleID : 32842 - Type : BROWSER-PLUGINS - Revision : 4
2015-01-20 Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access
RuleID : 32840 - Type : BROWSER-PLUGINS - Revision : 4
2015-01-15 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 32833 - Type : FILE-IMAGE - Revision : 2
2015-01-15 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 32832 - Type : FILE-IMAGE - Revision : 2
2015-01-15 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 32831 - Type : FILE-IMAGE - Revision : 2
2015-01-15 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 32830 - Type : FILE-IMAGE - Revision : 2
2015-01-15 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 32829 - Type : FILE-IMAGE - Revision : 2
2015-01-15 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 32828 - Type : FILE-IMAGE - Revision : 2
2014-03-27 Microsoft Multiple Products potentially malicious PNG detected - large or inv...
RuleID : 29945 - Type : FILE-IMAGE - Revision : 4

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2014-10-10 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL10509.nasl - Type: ACT_GATHER_INFO
2014-03-10 Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r...
File: smb_kb957488.nasl - Type: ACT_GATHER_INFO
2014-03-05 Name: The DNS server running on the remote host is vulnerable to DNS spoofing attacks.
File: ms_dns_kb941672.nasl - Type: ACT_GATHER_INFO
2013-09-11 Name: The Windows kernel on the remote host is affected by multiple vulnerabilities.
File: smb_nt_ms13-076.nasl - Type: ACT_GATHER_INFO
2011-04-13 Name: The remote Windows host is missing an update that disables selected ActiveX c...
File: smb_nt_ms11-027.nasl - Type: ACT_GATHER_INFO
2011-02-08 Name: Local users can elevate their privileges on the remote host.
File: smb_nt_ms11-014.nasl - Type: ACT_GATHER_INFO
2011-02-08 Name: Users can elevate their privileges on the remote host.
File: smb_nt_ms11-010.nasl - Type: ACT_GATHER_INFO
2011-02-08 Name: The directory service on the remote host is affected by denial of service vul...
File: smb_nt_ms11-005.nasl - Type: ACT_GATHER_INFO
2010-09-01 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20090908-tcp24http.nasl - Type: ACT_GATHER_INFO
2010-06-09 Name: The remote Windows host contains a font driver that is affected by a privileg...
File: smb_nt_ms10-037.nasl - Type: ACT_GATHER_INFO
2010-06-09 Name: The Windows kernel is affected by several vulnerabilities that could allow es...
File: smb_nt_ms10-032.nasl - Type: ACT_GATHER_INFO
2010-06-09 Name: The remote Windows host is missing an update that disables selected ActiveX c...
File: smb_nt_ms10-034.nasl - Type: ACT_GATHER_INFO
2010-02-09 Name: Users can elevate their privileges on the remote host.
File: smb_nt_ms10-011.nasl - Type: ACT_GATHER_INFO
2010-02-09 Name: The remote Windows host is missing an update that disables selected ActiveX c...
File: smb_nt_ms10-008.nasl - Type: ACT_GATHER_INFO
2010-01-12 Name: It is possible to execute arbitrary code on the remote Windows host using the...
File: smb_nt_ms10-001.nasl - Type: ACT_GATHER_INFO
2009-12-09 Name: The remote host is missing a security update that mitigates multiple vulnerab...
File: smb_kb_955759.nasl - Type: ACT_GATHER_INFO
2009-11-10 Name: The installed version of Active Directory is affected by a denial of service ...
File: smb_nt_ms09-066.nasl - Type: ACT_GATHER_INFO
2009-11-10 Name: The remote Windows kernel is affected by remote privilege escalation vulnerab...
File: smb_nt_ms09-065.nasl - Type: ACT_GATHER_INFO
2009-10-15 Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r...
File: smb_nt_ms09-062.nasl - Type: ACT_GATHER_INFO
2009-10-13 Name: The remote Windows host is prone to a denial of service attack.
File: smb_nt_ms09-059.nasl - Type: ACT_GATHER_INFO
2009-10-13 Name: The remote Windows host has an ActiveX control that is affected by a code exe...
File: smb_nt_ms09-057.nasl - Type: ACT_GATHER_INFO
2009-10-13 Name: Certain identity validation methods may be bypassed allowing impersonation.
File: smb_nt_ms09-056.nasl - Type: ACT_GATHER_INFO
2009-09-08 Name: Multiple vulnerabilities in the Windows TCP/IP implementation could lead to d...
File: smb_nt_ms09-048.nasl - Type: ACT_GATHER_INFO
2009-07-14 Name: It is possible to execute arbitrary code on the remote Windows host using Dir...
File: smb_nt_ms09-028.nasl - Type: ACT_GATHER_INFO
2008-12-10 Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r...
File: smb_nt_ms08-071.nasl - Type: ACT_GATHER_INFO