This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2008-01-08
Product Windows Server 2003 Last view 2017-06-22
Version * Type Os
Update sp2  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:microsoft:windows_server_2003

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
8.1 2017-06-22 CVE-2017-0176

A buffer overflow in Smart Card authentication code in gpkcsp.dll in Microsoft Windows XP through SP3 and Server 2003 through SP2 allows a remote attacker to execute arbitrary code on the target computer, provided that the computer is joined in a Windows domain and has Remote Desktop Protocol connectivity (or Terminal Services) enabled.

7.2 2015-06-09 CVE-2015-1768

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Win32k Memory Corruption Elevation of Privilege Vulnerability."

9.3 2015-04-14 CVE-2015-1645

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to execute arbitrary code via a crafted Enhanced Metafile (EMF) image, aka "EMF Processing Remote Code Execution Vulnerability."

7.8 2015-01-13 CVE-2015-0015

Microsoft Windows Server 2003 SP2, Server 2008 SP2 and R2 SP1, and Server 2012 Gold and R2 allow remote attackers to cause a denial of service (system hang and RADIUS outage) via crafted username strings to (1) Internet Authentication Service (IAS) or (2) Network Policy Server (NPS), aka "Network Policy Server RADIUS Implementation Denial of Service Vulnerability."

10 2015-01-13 CVE-2015-0014

Buffer overflow in the Telnet service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows Telnet Service Buffer Overflow Vulnerability."

4.7 2015-01-13 CVE-2015-0011

mrxdav.sys (aka the WebDAV driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to bypass an impersonation protection mechanism, and obtain privileges for redirection of WebDAV requests, via a crafted application, aka "WebDAV Elevation of Privilege Vulnerability."

6.1 2015-01-13 CVE-2015-0006

The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows remote attackers to trigger an unintended permissive configuration by spoofing DNS and LDAP responses on a local network, aka "NLA Security Feature Bypass Vulnerability."

7.2 2015-01-13 CVE-2015-0004

The User Profile Service (aka ProfSvc) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges by conducting a junction attack to load another user's UsrClass.dat registry hive, aka MSRC ID 20674 or "Microsoft User Profile Service Elevation of Privilege Vulnerability."

5 2014-12-10 CVE-2014-6355

The Graphics Component in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly process JPEG images, which makes it easier for remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Graphics Component Information Disclosure Vulnerability."

9 2014-11-18 CVE-2014-6324

The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote authenticated domain users to obtain domain administrator privileges via a forged signature in a ticket, as exploited in the wild in November 2014, aka "Kerberos Checksum Vulnerability."

9.3 2014-10-15 CVE-2014-4148

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted TrueType font, as exploited in the wild in October 2014, aka "TrueType Font Parsing Remote Code Execution Vulnerability."

7.2 2014-10-15 CVE-2014-4115

fastfat.sys (aka the FASTFAT driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 does not properly allocate memory, which allows physically proximate attackers to execute arbitrary code or cause a denial of service (reserved-memory write) by connecting a crafted USB device, aka "Microsoft Windows Disk Partition Driver Elevation of Privilege Vulnerability."

7.2 2014-10-15 CVE-2014-4113

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, as exploited in the wild in October 2014, aka "Win32k.sys Elevation of Privilege Vulnerability."

7.2 2014-07-08 CVE-2014-1767

Double free vulnerability in the Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability."

5.4 2014-03-12 CVE-2014-0317

The Security Account Manager Remote (SAMR) protocol implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2 does not properly determine the user-lockout state, which makes it easier for remote attackers to bypass the account lockout policy and obtain access via a brute-force attack, aka "SAMR Security Feature Bypass Vulnerability."

7.2 2013-12-10 CVE-2013-3899

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate addresses, which allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption Vulnerability."

6.9 2013-12-10 CVE-2013-3878

Stack-based buffer overflow in the LRPC client in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges by operating an LRPC server that sends a crafted LPC port message, aka "LRPC Client Buffer Overrun Vulnerability."

4.9 2013-11-12 CVE-2013-3887

The Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows local users to obtain sensitive information from kernel memory by leveraging improper copy operations, aka "Ancillary Function Driver Information Disclosure Vulnerability."

9.3 2013-10-09 CVE-2013-3894

The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted CMAP table in a TrueType font (TTF) file, aka "TrueType Font CMAP Table Vulnerability."

7.2 2013-10-09 CVE-2013-3879

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Use After Free Vulnerability."

7.2 2013-10-09 CVE-2013-3200

The USB drivers in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability."

10 2013-10-09 CVE-2013-3195

The DSA_InsertItem function in Comctl32.dll in the Windows common control library in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted value in an argument to an ASP.NET web application, aka "Comctl32 Integer Overflow Vulnerability."

9.3 2013-10-09 CVE-2013-3128

The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5, allow remote attackers to execute arbitrary code via a crafted OpenType font (OTF) file, aka "OpenType Font Parsing Vulnerability."

9.3 2013-09-11 CVE-2013-3863

Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via a crafted OLE object in a file, aka "OLE Property Vulnerability."

9.3 2013-09-11 CVE-2013-0810

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, and Windows Server 2008 SP2 allow remote attackers to execute arbitrary code via a crafted screensaver in a theme file, aka "Windows Theme File Remote Code Execution Vulnerability."

CWE : Common Weakness Enumeration

%idName
18% (59) CWE-20 Improper Input Validation
17% (55) CWE-399 Resource Management Errors
15% (49) CWE-94 Failure to Control Generation of Code ('Code Injection')
12% (41) CWE-264 Permissions, Privileges, and Access Controls
12% (40) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
11% (35) CWE-362 Race Condition
5% (18) CWE-189 Numeric Errors
1% (5) CWE-200 Information Exposure
1% (4) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
0% (2) CWE-287 Improper Authentication
0% (2) CWE-255 Credentials Management
0% (1) CWE-415 Double Free
0% (1) CWE-310 Cryptographic Issues
0% (1) CWE-134 Uncontrolled Format String
0% (1) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
0% (1) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...
0% (1) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
0% (1) CWE-16 Configuration

CAPEC : Common Attack Pattern Enumeration & Classification

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Name
CAPEC-3 Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-7 Blind SQL Injection
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-13 Subverting Environment Variable Values
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-18 Embedding Scripts in Nonscript Elements
CAPEC-22 Exploiting Trust in Client (aka Make the Client Invisible)
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-28 Fuzzing
CAPEC-31 Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-32 Embedding Scripts in HTTP Query Strings
CAPEC-42 MIME Conversion
CAPEC-43 Exploiting Multiple Input Interpretation Layers
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-52 Embedding NULL Bytes
CAPEC-53 Postfix, Null Terminate, and Backslash
CAPEC-63 Simple Script Injection
CAPEC-64 Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-66 SQL Injection
CAPEC-67 String Format Overflow in syslog()
CAPEC-71 Using Unicode Encoding to Bypass Validation Logic

SAINT Exploits

Description Link
Internet Explorer iepeers.dll use-after-free vulnerability More info here
Visual Studio Active Template Library object type mismatch vulnerability More info here
Windows Server Service buffer overflow MS08-067 More info here
Microsoft OLE Object File Handling vulnerability More info here
Internet Explorer WinINet credential reflection vulnerability More info here
Windows Thumbnail View CreateSizedDIBSECTION buffer overflow More info here
Windows Media MIDI Invalid Channel More info here
Microsoft DirectX DirectShow QuickTime movie parsing vulnerability More info here
Windows Help and Support Center -FromHCP URL whitelist bypass More info here
Microsoft Office ClickOnce Unsafe Execution More info here
Windows Object Packager Insecure Execution More info here
Windows Shell LNK file CONTROL item command execution More info here
Microsoft Remote Desktop Connection Insecure Library Injection More info here
Windows Crafted Theme File Handling Vulnerability More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
78212 Microsoft Windows Object Packager Path Subversion packager.exe Loading Remote...
78211 Microsoft Windows Line21 DirectShow Filter Media File Handling Remote Code Ex...
78210 Microsoft Windows Multimedia Library (winmm.dll) MIDI File Handling Remote Co...
78209 Microsoft Windows Ntdll.dll Structured Exception Handling Tables Loading Safe...
78207 Microsoft Windows Embedded ClickOnce Application Office File Handling Remote ...
78206 Microsoft Windows Client/Server Run-time Subsystem (CSRSS) Unicode Character ...
78057 Microsoft .NET Framework ASP.NET Hash Collision Web Form Post Parsing Remote DoS
78056 Microsoft .NET Framework Forms Authentication Sliding Expiry Cached Content P...
78055 Microsoft .NET Framework ASP.NET Username Parsing Authentication Bypass
78054 Microsoft .NET Framework Forms Authentication Return URL Handling Arbitrary S...
77908 Microsoft Windows win32k.sys Safari IFRAME Height Attribute Handling Remote M...
77667 Microsoft Windows Active Directory Query Parsing Remote Overflow
77666 Microsoft Windows Kernel Exception Handler Local Privilege Escalation
77665 Microsoft Time ActiveX (DATIME.DLL) Unspecified IE Web Page Handling Remote C...
77663 Microsoft Windows Object Linking and Embedding (OLE) Object File Handling Rem...
77662 Microsoft Windows CSRSS Device Event Message Parsing Local Privilege Escalation
76902 Microsoft Windows Active Directory LDAPS CRL Handling Weakness Authentication...
76843 Microsoft Windows Win32k TrueType Font Handling Privilege Escalation
76232 Microsoft Windows Ancillary Function Driver afd.sys Local Privilege Escalation
76231 Microsoft Windows Active Accessibility Path Subversion Arbitrary DLL Injectio...
76221 Microsoft Windows win32k.sys Driver Use-after-free Driver Object Handling Arb...
76220 Microsoft Windows win32k.sys Driver .fon Font File Handling Overflow
76218 Microsoft Windows win32k.sys Driver NULL Dereference Unspecified Arbitrary Co...
75444 Microsoft Windows WINS Loopback Interface Crafted Packet Local Privilege Esca...
75382 Microsoft Windows Shell Extensions Path Subversion Arbitrary DLL Injection Co...

ExploitDB Exploits

id Description
35101 Windows TrackPopupMenu Win32k NULL Pointer Dereference
33213 Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)
27050 DirectShow Arbitrary Memory Overwrite Vulnerability (MS13-056)
26554 Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation
19037 MS12-005 Microsoft Office ClickOnce Unsafe Object Package Handling Vulnerability
19002 Microsoft Windows OLE Object File Handling Remote Code Execution
18426 MS12-004 midiOutPlayNextPolyEvent Heap Overflow
18372 Microsoft Windows Assembly Execution Vulnerability MS12-005
18176 MS11-080 Afd.sys Privilege Escalation Exploit
18024 MS11-077 Win32k Null Pointer De-reference Vulnerability POC
17978 MS11-077 .fon Kernel-Mode Buffer Overrun PoC
17831 MS WINS ECommEndDlg Input Validation Error
17659 MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow
17544 GDI+ CreateDashedPath Integer overflow in gdiplus.dll
16590 Internet Explorer DHTML Behaviors Use After Free
15985 MS10-073: Win32k Keyboard Layout Vulnerability
15158 MOAUB #30 - Microsoft Unicode Scripts Processor Remote Code Execution
14895 MOAUB #5 - Microsoft MPEG Layer-3 Remote Command Execution Exploit
14608 Microsoft Windows CreateWindow Function Callback Vulnerability (MS10-048)
11683 Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta)
11199 Windows NT - User Mode to Ring 0 Escalation Vulnerability
9893 Microsoft Internet Explorer 5,6,7 memory corruption PoC

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-07-09 Name : Microsoft Remote Desktop Protocol Remote Code Execution Vulnerabilities (2671...
File : nvt/secpod_ms12-020_remote.nasl
2012-12-18 Name : Fedora Update for xen FEDORA-2012-19828
File : nvt/gb_fedora_2012_19828_xen_fc16.nasl
2012-12-14 Name : Fedora Update for xen FEDORA-2012-19717
File : nvt/gb_fedora_2012_19717_xen_fc17.nasl
2012-12-13 Name : SuSE Update for xen openSUSE-SU-2012:0886-1 (xen)
File : nvt/gb_suse_2012_0886_1.nasl
2012-12-12 Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (...
File : nvt/secpod_ms12-078.nasl
2012-12-12 Name : Microsoft Windows File Handling Component Remote Code Execution Vulnerability...
File : nvt/secpod_ms12-081.nasl
2012-11-23 Name : Fedora Update for xen FEDORA-2012-18242
File : nvt/gb_fedora_2012_18242_xen_fc17.nasl
2012-11-23 Name : Fedora Update for xen FEDORA-2012-18249
File : nvt/gb_fedora_2012_18249_xen_fc16.nasl
2012-11-15 Name : Fedora Update for xen FEDORA-2012-17204
File : nvt/gb_fedora_2012_17204_xen_fc17.nasl
2012-11-15 Name : Fedora Update for xen FEDORA-2012-17408
File : nvt/gb_fedora_2012_17408_xen_fc16.nasl
2012-11-14 Name : Microsoft Windows Shell Remote Code Execution Vulnerabilities (2727528)
File : nvt/secpod_ms12-072.nasl
2012-11-14 Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (...
File : nvt/secpod_ms12-075.nasl
2012-10-10 Name : Microsoft Windows Kernel Privilege Elevation Vulnerability (2724197)
File : nvt/secpod_ms12-068.nasl
2012-09-28 Name : Google Chrome Windows Kernel Memory Corruption Vulnerability
File : nvt/gb_google_chrome_mem_crptn_vuln_win.nasl
2012-09-22 Name : Fedora Update for xen FEDORA-2012-13434
File : nvt/gb_fedora_2012_13434_xen_fc17.nasl
2012-09-22 Name : Fedora Update for xen FEDORA-2012-13443
File : nvt/gb_fedora_2012_13443_xen_fc16.nasl
2012-08-30 Name : Fedora Update for xen FEDORA-2012-11182
File : nvt/gb_fedora_2012_11182_xen_fc17.nasl
2012-08-30 Name : Fedora Update for xen FEDORA-2012-11755
File : nvt/gb_fedora_2012_11755_xen_fc17.nasl
2012-08-30 Name : Fedora Update for xen FEDORA-2012-9386
File : nvt/gb_fedora_2012_9386_xen_fc17.nasl
2012-08-24 Name : Fedora Update for xen FEDORA-2012-11785
File : nvt/gb_fedora_2012_11785_xen_fc16.nasl
2012-08-15 Name : Microsoft Windows Networking Components Remote Code Execution Vulnerabilities...
File : nvt/secpod_ms12-054.nasl
2012-08-15 Name : Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerability (2731...
File : nvt/secpod_ms12-055.nasl
2012-08-10 Name : Debian Security Advisory DSA 2501-1 (xen)
File : nvt/deb_2501_1.nasl
2012-08-10 Name : Debian Security Advisory DSA 2508-1 (kfreebsd-8)
File : nvt/deb_2508_1.nasl
2012-08-10 Name : FreeBSD Ports: FreeBSD
File : nvt/freebsd_FreeBSD16.nasl

Information Assurance Vulnerability Management (IAVM)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2015-A-0008 Microsoft Windows User Profile Service Privilege Escalation Vulnerability (MS...
Severity: Category II - VMSKEY: V0058209
2015-A-0007 Microsoft Windows Network Policy Server Remote Denial of Service Vulnerabilit...
Severity: Category I - VMSKEY: V0058207
2015-A-0006 Microsoft Windows Kernel-Mode Driver Privilege Escalation Vulnerability (MS15...
Severity: Category II - VMSKEY: V0058205
2015-B-0004 Microsoft Network Location Awareness Service Security Bypass Vulnerability (M...
Severity: Category II - VMSKEY: V0058201
2015-B-0006 Microsoft Windows Telnet Buffer Overflow Vulnerability (MS15-002)
Severity: Category I - VMSKEY: V0058199
2014-A-0180 Microsoft Windows Kerberos Privilege Escalation Vulnerability
Severity: Category I - VMSKEY: V0057571
2014-A-0148 Microsoft FAT32 Disk Partition Driver Privilege Escalation Vulnerability
Severity: Category I - VMSKEY: V0055429
2014-B-0093 Microsoft Ancillary Function Driver Privilege Escalation Vulnerability
Severity: Category II - VMSKEY: V0052955
2014-B-0028 Microsoft Security Account Manager Remote (SAMR) Security Bypass Vulnerability
Severity: Category II - VMSKEY: V0046171
2013-A-0226 Microsoft LRPC Client Privilege Escalation Vulnerability
Severity: Category II - VMSKEY: V0042591
2013-A-0232 Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Drivers
Severity: Category I - VMSKEY: V0042582
2013-B-0127 Microsoft Windows Ancillary Function Driver Information Disclosure Vulnerability
Severity: Category II - VMSKEY: V0042302
2013-A-0190 Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Drivers
Severity: Category I - VMSKEY: V0040763
2013-A-0189 Microsoft Windows Common Control Library Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0040760
2013-A-0187 Multiple Vulnerabilities in Microsoft .NET Framework
Severity: Category I - VMSKEY: V0040753
2013-B-0104 Microsoft Windows Theme File Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0040299
2013-A-0176 Microsoft Windows Object Linking and Embedding (OLE) Remote Code Execution Vu...
Severity: Category II - VMSKEY: V0040290
2013-B-0088 Multiple Privilege Escalation Vulnerabilities in Microsoft Windows Kernel
Severity: Category I - VMSKEY: V0040045
2013-A-0164 Microsoft Windows Unicode Scripts Processor Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0040037
2013-A-0163 Microsoft Windows Remote Procedure Call (RPC) Elevation of Privilege Vulnerab...
Severity: Category I - VMSKEY: V0040034
2013-B-0071 Multiple Vulnerabilities in Microsoft .NET Framework and Silverlight
Severity: Category II - VMSKEY: V0039211
2013-A-0134 Microsoft DirectShow Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0039200
2013-A-0135 Microsoft GDI+ Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0039199
2013-B-0034 Microsoft Windows Client/Server Run-time Subsystem Elevation of Privilege Vul...
Severity: Category II - VMSKEY: V0037616
2013-A-0080 Microsoft Windows Kernel Privilege Escalation Vulnerability
Severity: Category II - VMSKEY: V0037609

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2020-01-14 Microsoft Windows Wordpad Converter sprmT record heap overflow attempt
RuleID : 52422 - Type : FILE-OFFICE - Revision : 1
2020-01-14 Microsoft Windows Wordpad Converter sprmT record heap overflow attempt
RuleID : 52421 - Type : FILE-OFFICE - Revision : 1
2020-01-03 Microsoft Windows MHTML XSS attempt
RuleID : 52335 - Type : OS-WINDOWS - Revision : 1
2019-10-17 Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt
RuleID : 51557 - Type : OS-WINDOWS - Revision : 1
2019-10-17 Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt
RuleID : 51556 - Type : OS-WINDOWS - Revision : 1
2019-10-17 Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt
RuleID : 51555 - Type : OS-WINDOWS - Revision : 1
2019-10-10 Microsoft Windows WordPad and Office text converter integer overflow attempt
RuleID : 51473 - Type : FILE-OFFICE - Revision : 1
2019-10-10 Microsoft Windows WordPad and Office text converter integer overflow attempt
RuleID : 51472 - Type : FILE-OFFICE - Revision : 1
2019-09-17 Microsoft Windows Object Packager ClickOnce object remote code execution attempt
RuleID : 51029 - Type : OS-WINDOWS - Revision : 1
2019-09-17 Microsoft Windows Object Packager ClickOnce object remote code execution attempt
RuleID : 51028 - Type : OS-WINDOWS - Revision : 1
2019-09-05 Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt
RuleID : 50893 - Type : FILE-MULTIMEDIA - Revision : 1
2019-09-05 Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt
RuleID : 50892 - Type : FILE-MULTIMEDIA - Revision : 1
2019-09-05 Microsoft OpenType font index remote code execution attempt
RuleID : 50889 - Type : FILE-OTHER - Revision : 1
2019-09-05 Microsoft OpenType font index remote code execution attempt
RuleID : 50888 - Type : FILE-OTHER - Revision : 1
2019-09-05 Microsoft Windows GDI EMF parsing arbitrary code execution attempt
RuleID : 50885 - Type : FILE-OTHER - Revision : 1
2019-09-05 Microsoft Windows GDI EMF parsing arbitrary code execution attempt
RuleID : 50884 - Type : FILE-OTHER - Revision : 1
2019-09-05 Microsoft Fax Cover Page Editor heap corruption attempt
RuleID : 50873 - Type : OS-WINDOWS - Revision : 1
2019-09-05 Microsoft Fax Cover Page Editor heap corruption attempt
RuleID : 50872 - Type : OS-WINDOWS - Revision : 1
2019-08-31 Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap obfuscated ...
RuleID : 50849 - Type : FILE-OTHER - Revision : 1
2019-08-31 Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap obfuscated ...
RuleID : 50848 - Type : FILE-OTHER - Revision : 1
2019-07-18 Directshow GIF logical height overflow attempt
RuleID : 50454 - Type : FILE-IMAGE - Revision : 1
2019-07-18 Directshow GIF logical width overflow attempt
RuleID : 50453 - Type : FILE-IMAGE - Revision : 1
2019-04-18 Microsoft Windows TTF parsing counter overflow attempt
RuleID : 49483 - Type : FILE-OTHER - Revision : 1
2019-04-18 Microsoft Windows TTF parsing counter overflow attempt
RuleID : 49482 - Type : FILE-OTHER - Revision : 1
2019-04-13 Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap elevation o...
RuleID : 49423 - Type : FILE-OTHER - Revision : 2

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2018-04-03 Name: The remote web server may allow remote code execution.
File: iis_7_pci.nasl - Type: ACT_GATHER_INFO
2017-06-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_june_xp_2003.nasl - Type: ACT_GATHER_INFO
2015-06-09 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms15-061.nasl - Type: ACT_GATHER_INFO
2015-04-14 Name: The remote Windows host is affected by a remote code execution vulnerability.
File: smb_nt_ms15-035.nasl - Type: ACT_GATHER_INFO
2015-01-13 Name: The remote Windows host is affected by a remote code execution vulnerability.
File: smb_nt_ms15-002.nasl - Type: ACT_GATHER_INFO
2015-01-13 Name: The remote Windows host is affected by a privilege escalation vulnerability.
File: smb_nt_ms15-003.nasl - Type: ACT_GATHER_INFO
2015-01-13 Name: The remote Windows host is affected by a security bypass vulnerability.
File: smb_nt_ms15-005.nasl - Type: ACT_GATHER_INFO
2015-01-13 Name: The remote Windows host is affected by a denial of service vulnerability.
File: smb_nt_ms15-007.nasl - Type: ACT_GATHER_INFO
2015-01-13 Name: The remote Windows host is affected by a privilege escalation vulnerability.
File: smb_nt_ms15-008.nasl - Type: ACT_GATHER_INFO
2014-12-09 Name: The remote Windows host is affected by an information disclosure vulnerability.
File: smb_nt_ms14-085.nasl - Type: ACT_GATHER_INFO
2014-11-26 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2012-0020.nasl - Type: ACT_GATHER_INFO
2014-11-26 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2012-0021.nasl - Type: ACT_GATHER_INFO
2014-11-26 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2012-0022.nasl - Type: ACT_GATHER_INFO
2014-11-18 Name: The remote implementation of Kerberos KDC is affected by a privilege escalati...
File: smb_nt_ms14-068.nasl - Type: ACT_GATHER_INFO
2014-10-15 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms14-058.nasl - Type: ACT_GATHER_INFO
2014-10-15 Name: The remote Windows host is affected by a privilege escalation vulnerability.
File: smb_nt_ms14-063.nasl - Type: ACT_GATHER_INFO
2014-07-26 Name: The remote Solaris system is missing a security patch from CPU oct2012.
File: solaris_oct2012_SRU10_5.nasl - Type: ACT_GATHER_INFO
2014-07-08 Name: The remote Windows host contains a driver that allows elevation of privilege.
File: smb_nt_ms14-040.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2012-403.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2012-404.nasl - Type: ACT_GATHER_INFO
2014-03-11 Name: The remote Windows host is affected by a security feature bypass vulnerability.
File: smb_nt_ms14-016.nasl - Type: ACT_GATHER_INFO
2014-03-05 Name: The DNS server running on the remote host has multiple vulnerabilities.
File: ms_dns_kb2562485.nasl - Type: ACT_GATHER_INFO
2014-03-05 Name: The DNS server running on the remote host is susceptible to a denial of servi...
File: ms_dns_kb2647170.nasl - Type: ACT_GATHER_INFO
2014-03-05 Name: The DNS server running on the remote host is vulnerable to DNS spoofing attacks.
File: ms_dns_kb951746.nasl - Type: ACT_GATHER_INFO
2014-03-05 Name: The DNS server running on the remote host is vulnerable to DNS spoofing attacks.
File: ms_dns_kb961063.nasl - Type: ACT_GATHER_INFO