Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2009-08-14 |
| Product | Windows 7 | Last view | 2020-11-11 |
| Version | - | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:microsoft:windows_7 | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.8 | 2020-11-11 | CVE-2020-17087 | Windows Kernel Local Elevation of Privilege Vulnerability |
| 7.5 | 2020-02-20 | CVE-2012-5364 | The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries. |
| 7.5 | 2020-02-20 | CVE-2012-5362 | The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2010-4669. |
| 5.5 | 2019-12-10 | CVE-2019-1474 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1472. |
| 6.5 | 2019-12-10 | CVE-2019-1467 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1465, CVE-2019-1466. |
| 6.5 | 2019-12-10 | CVE-2019-1466 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1465, CVE-2019-1467. |
| 6.5 | 2019-12-10 | CVE-2019-1465 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1466, CVE-2019-1467. |
| 7.8 | 2019-03-12 | CVE-2019-5921 | Untrusted search path vulnerability in Windows 7 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. |
| 5.5 | 2018-11-13 | CVE-2018-8563 | An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2008 R2. |
| 5.5 | 2018-04-11 | CVE-2018-0975 | An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974. |
| 5.5 | 2018-04-11 | CVE-2018-0974 | An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0975. |
| 5.5 | 2018-04-11 | CVE-2018-0973 | An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0974, CVE-2018-0975. |
| 5.5 | 2018-04-11 | CVE-2018-0972 | An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975. |
| 5.5 | 2018-04-11 | CVE-2018-0971 | An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975. |
| 5.5 | 2018-04-11 | CVE-2018-0970 | An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0968, CVE-2018-0969, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975. |
| 5.5 | 2018-04-11 | CVE-2018-0969 | An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0968, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975. |
| 5.5 | 2018-04-11 | CVE-2018-0968 | An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975. |
| 5.5 | 2018-04-11 | CVE-2018-0960 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975. |
| 5.5 | 2018-04-11 | CVE-2018-0887 | An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0960, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975. |
| 5.5 | 2017-05-12 | CVE-2017-0242 | An information disclosure vulnerability exists in the way some ActiveX objects are instantiated, aka "Microsoft ActiveX Information Disclosure Vulnerability." |
| 7.2 | 2015-04-21 | CVE-2015-1701 | Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in April 2015, aka "Win32k Elevation of Privilege Vulnerability." |
| 6.9 | 2013-07-09 | CVE-2013-3154 | The signature-update functionality in Windows Defender on Microsoft Windows 7 and Windows Server 2008 R2 relies on an incorrect pathname, which allows local users to gain privileges via a Trojan horse application in the %SYSTEMDRIVE% top-level directory, aka "Microsoft Windows 7 Defender Improper Pathname Vulnerability." |
| 7.2 | 2013-03-12 | CVE-2013-1287 | The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability," a different vulnerability than CVE-2013-1285 and CVE-2013-1286. |
| 7.2 | 2013-03-12 | CVE-2013-1286 | The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability," a different vulnerability than CVE-2013-1285 and CVE-2013-1287. |
| 7.2 | 2013-03-12 | CVE-2013-1285 | The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability," a different vulnerability than CVE-2013-1286 and CVE-2013-1287. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 27% (47) | CWE-399 | Resource Management Errors |
| 20% (35) | CWE-20 | Improper Input Validation |
| 12% (21) | CWE-264 | Permissions, Privileges, and Access Controls |
| 12% (21) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 7% (13) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 5% (9) | CWE-189 | Numeric Errors |
| 3% (6) | CWE-200 | Information Exposure |
| 1% (2) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 1% (2) | CWE-362 | Race Condition |
| 1% (2) | CWE-310 | Cryptographic Issues |
| 1% (2) | CWE-287 | Improper Authentication |
| 1% (2) | CWE-125 | Out-of-bounds Read |
| 1% (2) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 0% (1) | CWE-665 | Improper Initialization |
| 0% (1) | CWE-476 | NULL Pointer Dereference |
| 0% (1) | CWE-426 | Untrusted Search Path |
| 0% (1) | CWE-269 | Improper Privilege Management |
SAINT Exploits
| Description | Link |
|---|---|
| Microsoft Windows Media Player DVR-MS File Code Execution | More info here |
| Windows Media MIDI Invalid Channel | More info here |
| Microsoft Office ClickOnce Unsafe Execution | More info here |
| Windows Shell LNK file CONTROL item command execution | More info here |
| Microsoft Remote Desktop Connection Insecure Library Injection | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 78211 | Microsoft Windows Line21 DirectShow Filter Media File Handling Remote Code Ex... |
| 78210 | Microsoft Windows Multimedia Library (winmm.dll) MIDI File Handling Remote Co... |
| 78209 | Microsoft Windows Ntdll.dll Structured Exception Handling Tables Loading Safe... |
| 78207 | Microsoft Windows Embedded ClickOnce Application Office File Handling Remote ... |
| 78057 | Microsoft .NET Framework ASP.NET Hash Collision Web Form Post Parsing Remote DoS |
| 78056 | Microsoft .NET Framework Forms Authentication Sliding Expiry Cached Content P... |
| 78055 | Microsoft .NET Framework ASP.NET Username Parsing Authentication Bypass |
| 78054 | Microsoft .NET Framework Forms Authentication Return URL Handling Arbitrary S... |
| 77667 | Microsoft Windows Active Directory Query Parsing Remote Overflow |
| 77666 | Microsoft Windows Kernel Exception Handler Local Privilege Escalation |
| 77662 | Microsoft Windows CSRSS Device Event Message Parsing Local Privilege Escalation |
| 77660 | Microsoft Windows Media Player / Center DVR-MS File Handling Remote Memory Co... |
| 77213 | Microsoft Windows AppLocker Rule Weakness Local Access Restriction Bypass |
| 76902 | Microsoft Windows Active Directory LDAPS CRL Handling Weakness Authentication... |
| 76901 | Microsoft Windows Mail / Windows Meeting Space Path Subversion Arbitrary DLL ... |
| 76900 | Microsoft Windows Malformed TrueType Font Parsing DoS |
| 76899 | Microsoft Windows TCP/IP Reference Counter Crafted UDP Packet Stream Remote O... |
| 76231 | Microsoft Windows Active Accessibility Path Subversion Arbitrary DLL Injectio... |
| 76221 | Microsoft Windows win32k.sys Driver Use-after-free Driver Object Handling Arb... |
| 76220 | Microsoft Windows win32k.sys Driver .fon Font File Handling Overflow |
| 76219 | Microsoft Windows win32k.sys Driver Type Translation TrueType Font File Handl... |
| 76218 | Microsoft Windows win32k.sys Driver NULL Dereference Unspecified Arbitrary Co... |
| 76205 | Microsoft Windows Media Center Path Subversion Arbitrary DLL Injection Code E... |
| 75382 | Microsoft Windows Shell Extensions Path Subversion Arbitrary DLL Injection Co... |
| 74483 | Microsoft Windows TCP/IP Stack (Tcpip.sys) QoS URL Request Parsing Remote DoS |
ExploitDB Exploits
| id | Description |
|---|---|
| 19037 | MS12-005 Microsoft Office ClickOnce Unsafe Object Package Handling Vulnerability |
| 18426 | MS12-004 midiOutPlayNextPolyEvent Heap Overflow |
| 18372 | Microsoft Windows Assembly Execution Vulnerability MS12-005 |
| 18024 | MS11-077 Win32k Null Pointer De-reference Vulnerability POC |
| 17981 | MS11-064 TCP/IP Stack Denial of Service |
| 17978 | MS11-077 .fon Kernel-Mode Buffer Overrun PoC |
| 15985 | MS10-073: Win32k Keyboard Layout Vulnerability |
| 15758 | Windows Win32k Pointer Dereferencement PoC (MS10-098) |
| 15266 | Windows NTLM Weak Nonce Vulnerability |
| 15112 | MOAUB #26 - Microsoft Cinepak Codec CVDecompress Heap Overflow |
| 14670 | Microsoft Windows nt!SeObjectCreateSaclAccessBits() Missed ACE Bounds Checks ... |
| 14610 | Microsoft Windows Tracing Registry Key ACL Privilege Escalation Vulnerability |
| 14608 | Microsoft Windows CreateWindow Function Callback Vulnerability (MS10-048) |
| 12273 | Windows 7/2008R2 SMB Client Trans2 Stack Overflow 10-020 PoC |
| 11199 | Windows NT - User Mode to Ring 0 Escalation Vulnerability |
| 9893 | Microsoft Internet Explorer 5,6,7 memory corruption PoC |
OpenVAS Exploits
| id | Description |
|---|---|
| 2012-12-12 | Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (... File : nvt/secpod_ms12-078.nasl |
| 2012-11-14 | Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (... File : nvt/secpod_ms12-075.nasl |
| 2012-09-28 | Name : Google Chrome Windows Kernel Memory Corruption Vulnerability File : nvt/gb_google_chrome_mem_crptn_vuln_win.nasl |
| 2012-07-11 | Name : Microsoft Windows TLS Protocol Information Disclosure Vulnerability (2655992) File : nvt/secpod_ms12-049.nasl |
| 2012-07-11 | Name : Microsoft Windows Shell Remote Code Execution Vulnerability (2691442) File : nvt/secpod_ms12-048.nasl |
| 2012-06-13 | Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2709162) File : nvt/secpod_ms12-041.nasl |
| 2012-05-09 | Name : Microsoft Windows Prtition Manager Privilege Elevation Vulnerability (2690533) File : nvt/secpod_ms12-033.nasl |
| 2012-03-06 | Name : Microsoft SMB Transaction Parsing Remote Code Execution Vulnerability File : nvt/secpod_ms11-020_remote.nasl |
| 2012-02-29 | Name : MicroSoft SMB Server Trans2 Request Remote Code Execution Vulnerability File : nvt/secpod_ms10-054_remote.nasl |
| 2012-01-11 | Name : Windows ClickOnce Application Installer Remote Code Execution Vulnerability (... File : nvt/secpod_ms12-005.nasl |
| 2012-01-11 | Name : Microsoft Windows Media Could Allow Remote Code Execution Vulnerabilities (26... File : nvt/secpod_ms12-004.nasl |
| 2012-01-11 | Name : Microsoft Windows Kernel Security Feature Bypass Vulnerability (2644615) File : nvt/secpod_ms12-001.nasl |
| 2011-12-30 | Name : Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2638420) File : nvt/secpod_ms11-100.nasl |
| 2011-12-14 | Name : Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability (2... File : nvt/secpod_ms11-097.nasl |
| 2011-12-14 | Name : Microsoft Windows Media Remote Code Execution Vulnerability (2648048) File : nvt/secpod_ms11-092.nasl |
| 2011-12-13 | Name : Microsoft Windows Kernel Privilege Elevation Vulnerability (2633171) File : nvt/secpod_ms11-098.nasl |
| 2011-12-13 | Name : MS Windows Active Directory Remote Code Execution Vulnerability (2640045) File : nvt/secpod_ms11-095.nasl |
| 2011-11-09 | Name : Microsoft Windows Active Directory LDAPS Authentication Bypass Vulnerability ... File : nvt/secpod_ms11-086.nasl |
| 2011-11-09 | Name : Windows Mail and Windows Meeting Space Remote Code Execution Vulnerability (2... File : nvt/secpod_ms11-085.nasl |
| 2011-11-09 | Name : Windows Kernel-Mode Drivers Remote Code Execution Vulnerability (2617657) File : nvt/secpod_ms11-084.nasl |
| 2011-11-09 | Name : Microsoft Windows TCP/IP Remote Code Execution Vulnerability (2588516) File : nvt/secpod_ms11-083.nasl |
| 2011-10-12 | Name : Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (2567053) File : nvt/secpod_ms11-077.nasl |
| 2011-10-12 | Name : Microsoft Windows Media Center Remote Code Execution Vulnerabilities (2604926) File : nvt/secpod_ms11-076.nasl |
| 2011-10-12 | Name : Microsoft Active Accessibility Remote Code Execution Vulnerability (2623699) File : nvt/secpod_ms11-075.nasl |
| 2011-09-14 | Name : Microsoft Windows Components Remote Code Execution Vulnerabilities (2570947) File : nvt/secpod_ms11-071.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-A-0108 | Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Driver (MS15-051) Severity: Category II - VMSKEY: V0060653 |
| 2013-A-0137 | Microsoft Windows Defender Privilege Escalation Vulnerability Severity: Category II - VMSKEY: V0039210 |
| 2013-A-0063 | Microsoft Windows Kernel-Mode Drivers Privilege Escalation Vulnerability Severity: Category II - VMSKEY: V0037404 |
| 2013-A-0004 | Multiple Vulnerabilities in Microsoft XML Core Services Severity: Category I - VMSKEY: V0036444 |
| 2012-A-0108 | Microsoft TLS Protocol Information Disclosure Vulnerability Severity: Category II - VMSKEY: V0033310 |
| 2012-A-0110 | Microsoft Windows Shell Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0033309 |
| 2012-B-0052 | Microsoft Windows Partition Manager Privilege Escalation Vulnerability Severity: Category II - VMSKEY: V0032311 |
| 2012-A-0007 | Microsoft Windows Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0031010 |
| 2012-A-0005 | Multiple Remote Code Execution Vulnerabilities in Microsoft Windows Media Severity: Category II - VMSKEY: V0031000 |
| 2012-A-0003 | Microsoft Windows Kernel Security Bypass Vulnerability Severity: Category I - VMSKEY: V0030998 |
| 2012-A-0002 | Microsoft Windows Components Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0030932 |
| 2012-A-0001 | Multiple Vulnerabilities in Microsoft .NET Framework Severity: Category I - VMSKEY: V0030927 |
| 2011-A-0162 | Microsoft Windows Client/Server Run-time Subsystem Elevation of Privilege Vul... Severity: Category II - VMSKEY: V0030835 |
| 2011-A-0171 | Microsoft Windows Media Memory Corruption Vulnerability Severity: Category II - VMSKEY: V0030826 |
| 2011-B-0135 | Microsoft Windows Mail and Windows Meeting Space Remote Code Execution Vulner... Severity: Category II - VMSKEY: V0030608 |
| 2011-B-0124 | Microsoft Windows Media Center Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0030403 |
| 2011-A-0138 | Microsoft Active Accessibility Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0030402 |
| 2011-B-0101 | Microsoft Windows Data Access Components Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0029783 |
| 2011-A-0115 | Microsoft Windows Client/Server Run-time Subsystem Elevation of Privilege Vul... Severity: Category I - VMSKEY: V0029760 |
| 2011-B-0104 | Microsoft Windows Kernel Remote Denial of Service Vulnerability Severity: Category II - VMSKEY: V0029745 |
| 2011-A-0087 | Microsoft Distributed File System Remote Code Execution Vulnerabilities Severity: Category I - VMSKEY: V0028593 |
| 2011-B-0065 | Microsoft MHTML Information Disclosure Vulnerability Severity: Category II - VMSKEY: V0028617 |
| 2011-A-0078 | Microsoft Server Message Block (SMB) Denial of Service Vulnerability Severity: Category I - VMSKEY: V0028598 |
| 2011-A-0079 | Microsoft SMB Client Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0028592 |
| 2011-A-0050 | Microsoft SMB Server Remote Code Execution Vulnerability Severity: Category I - VMSKEY: V0026521 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2020-12-08 | Microsoft Windows Kernel Cryptography Driver privilege escalation attempt RuleID : 56231 - Type : OS-WINDOWS - Revision : 1 |
| 2020-12-08 | Microsoft Windows Kernel Cryptography Driver privilege escalation attempt RuleID : 56230 - Type : OS-WINDOWS - Revision : 1 |
| 2020-03-19 | Microsoft Windows Data Analyzer 3.5 ActiveX clsid access RuleID : 53118 - Type : BROWSER-PLUGINS - Revision : 1 |
| 2020-03-19 | Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt RuleID : 53117 - Type : BROWSER-PLUGINS - Revision : 1 |
| 2020-03-19 | Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt RuleID : 53116 - Type : BROWSER-PLUGINS - Revision : 1 |
| 2020-01-03 | Microsoft Windows MHTML XSS attempt RuleID : 52335 - Type : OS-WINDOWS - Revision : 1 |
| 2019-09-17 | Microsoft Windows Object Packager ClickOnce object remote code execution attempt RuleID : 51029 - Type : OS-WINDOWS - Revision : 1 |
| 2019-09-17 | Microsoft Windows Object Packager ClickOnce object remote code execution attempt RuleID : 51028 - Type : OS-WINDOWS - Revision : 1 |
| 2019-09-05 | Microsoft OpenType font index remote code execution attempt RuleID : 50889 - Type : FILE-OTHER - Revision : 1 |
| 2019-09-05 | Microsoft OpenType font index remote code execution attempt RuleID : 50888 - Type : FILE-OTHER - Revision : 1 |
| 2019-09-05 | Microsoft Fax Cover Page Editor heap corruption attempt RuleID : 50873 - Type : OS-WINDOWS - Revision : 1 |
| 2019-09-05 | Microsoft Fax Cover Page Editor heap corruption attempt RuleID : 50872 - Type : OS-WINDOWS - Revision : 1 |
| 2019-04-18 | Microsoft Windows TTF parsing counter overflow attempt RuleID : 49483 - Type : FILE-OTHER - Revision : 1 |
| 2019-04-18 | Microsoft Windows TTF parsing counter overflow attempt RuleID : 49482 - Type : FILE-OTHER - Revision : 1 |
| 2018-12-14 | Microsoft Internet Explorer DirectX information disclosure attempt RuleID : 48371 - Type : BROWSER-IE - Revision : 1 |
| 2018-12-14 | Microsoft Internet Explorer DirectX information disclosure attempt RuleID : 48370 - Type : BROWSER-IE - Revision : 1 |
| 2018-06-12 | SMB client NULL deref race condition attempt RuleID : 46637 - Type : NETBIOS - Revision : 1 |
| 2017-10-10 | Microsoft DirectShow memory corruption attempt RuleID : 44306 - Type : OS-WINDOWS - Revision : 2 |
| 2017-10-10 | Microsoft DirectShow memory corruption attempt RuleID : 44305 - Type : OS-WINDOWS - Revision : 2 |
| 2017-10-03 | Microsoft Windows Shell Handler remote code execution attempt RuleID : 44218 - Type : OS-WINDOWS - Revision : 1 |
| 2017-10-03 | Microsoft Windows Shell Handler remote code execution attempt RuleID : 44217 - Type : OS-WINDOWS - Revision : 1 |
| 2017-10-03 | Microsoft Windows Shell Handler remote code execution attempt RuleID : 44216 - Type : OS-WINDOWS - Revision : 1 |
| 2017-05-31 | Microsoft Internet Explorer uninitialized or deleted object access attempt RuleID : 42389 - Type : BROWSER-IE - Revision : 2 |
| 2016-09-13 | Microsoft Windows win32k.sys escalation of privilege attempt RuleID : 39863 - Type : OS-WINDOWS - Revision : 2 |
| 2016-03-14 | Microsoft Windows wininet request for peerdistsvc.dll over SMB attempt RuleID : 36805 - Type : OS-WINDOWS - Revision : 3 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2015-05-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms15-051.nasl - Type: ACT_GATHER_INFO |
| 2013-10-11 | Name: The remote host is missing an update that prevents a rules bypass vulnerability. File: smb_kb2532445.nasl - Type: ACT_GATHER_INFO |
| 2013-07-10 | Name: The remote host is affected by a privilege escalation vulnerability. File: smb_nt_ms13-058.nasl - Type: ACT_GATHER_INFO |
| 2013-03-12 | Name: The Windows kernel on the remote host is affected by a privilege escalation v... File: smb_nt_ms13-027.nasl - Type: ACT_GATHER_INFO |
| 2013-01-09 | Name: Arbitrary code can be executed on the remote host through Microsoft XML Core ... File: smb_nt_ms13-002.nasl - Type: ACT_GATHER_INFO |
| 2012-12-11 | Name: The remote Windows host is affected by remote code execution vulnerabilities. File: smb_nt_ms12-078.nasl - Type: ACT_GATHER_INFO |
| 2012-11-14 | Name: The remote Windows host is affected by remote code execution vulnerabilities. File: smb_nt_ms12-075.nasl - Type: ACT_GATHER_INFO |
| 2012-09-26 | Name: The remote host contains a web browser that is affected by multiple vulnerabi... File: google_chrome_22_0_1229_79.nasl - Type: ACT_GATHER_INFO |
| 2012-07-17 | Name: The remote device has a denial of service vulnerability. File: juniper_psn-2012-07-650.nasl - Type: ACT_GATHER_INFO |
| 2012-07-11 | Name: The remote Windows host is affected by a remote code execution vulnerability. File: smb_nt_ms12-048.nasl - Type: ACT_GATHER_INFO |
| 2012-07-11 | Name: The remote Windows host has an information disclosure vulnerability. File: smb_nt_ms12-049.nasl - Type: ACT_GATHER_INFO |
| 2012-06-13 | Name: The remote Windows host is affected by multiple privilege escalation vulnerab... File: smb_nt_ms12-041.nasl - Type: ACT_GATHER_INFO |
| 2012-05-09 | Name: The remote Windows host has an elevation of privilege vulnerability. File: smb_nt_ms12-033.nasl - Type: ACT_GATHER_INFO |
| 2012-01-10 | Name: The remote Windows host has a flaw in a security feature that is utilized by ... File: smb_nt_ms12-001.nasl - Type: ACT_GATHER_INFO |
| 2012-01-10 | Name: Opening a specially crafted media file could result in arbitrary code execution. File: smb_nt_ms12-004.nasl - Type: ACT_GATHER_INFO |
| 2012-01-10 | Name: Opening a specially crafted Microsoft Office file could result in arbitrary c... File: smb_nt_ms12-005.nasl - Type: ACT_GATHER_INFO |
| 2011-12-29 | Name: The version of ASP.NET Framework installed on the remote host is affected by ... File: smb_nt_ms11-100.nasl - Type: ACT_GATHER_INFO |
| 2011-12-13 | Name: The version of Windows Media installed on the remote host has a memory corrup... File: smb_nt_ms11-092.nasl - Type: ACT_GATHER_INFO |
| 2011-12-13 | Name: The installed version of Active Directory is affected by a vulnerability that... File: smb_nt_ms11-095.nasl - Type: ACT_GATHER_INFO |
| 2011-12-13 | Name: The remote Windows host has a privilege escalation vulnerability. File: smb_nt_ms11-097.nasl - Type: ACT_GATHER_INFO |
| 2011-12-13 | Name: The Windows kernel is affected by a vulnerability that could result in privil... File: smb_nt_ms11-098.nasl - Type: ACT_GATHER_INFO |
| 2011-11-08 | Name: The remote Windows host has a code execution vulnerability. File: smb_nt_ms11-083.nasl - Type: ACT_GATHER_INFO |
| 2011-11-08 | Name: The remote Windows host contains a component that is susceptible to a denial ... File: smb_nt_ms11-084.nasl - Type: ACT_GATHER_INFO |
| 2011-11-08 | Name: The remote Windows host is affected by a remote code execution vulnerability. File: smb_nt_ms11-085.nasl - Type: ACT_GATHER_INFO |
| 2011-11-08 | Name: The installed version of Active Directory is affected by a vulnerability that... File: smb_nt_ms11-086.nasl - Type: ACT_GATHER_INFO |
