Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2007-09-27 |
| Product | Windows Server 2003 | Last view | 2017-06-22 |
| Version | * | Type | Os |
| Update | sp2 | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:microsoft:windows_server_2003 | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 8.1 | 2017-06-22 | CVE-2017-0176 | A buffer overflow in Smart Card authentication code in gpkcsp.dll in Microsoft Windows XP through SP3 and Server 2003 through SP2 allows a remote attacker to execute arbitrary code on the target computer, provided that the computer is joined in a Windows domain and has Remote Desktop Protocol connectivity (or Terminal Services) enabled. |
| 7.2 | 2015-06-09 | CVE-2015-1768 | win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Win32k Memory Corruption Elevation of Privilege Vulnerability." |
| 9.3 | 2015-04-14 | CVE-2015-1645 | Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to execute arbitrary code via a crafted Enhanced Metafile (EMF) image, aka "EMF Processing Remote Code Execution Vulnerability." |
| 7.8 | 2015-01-13 | CVE-2015-0015 | Microsoft Windows Server 2003 SP2, Server 2008 SP2 and R2 SP1, and Server 2012 Gold and R2 allow remote attackers to cause a denial of service (system hang and RADIUS outage) via crafted username strings to (1) Internet Authentication Service (IAS) or (2) Network Policy Server (NPS), aka "Network Policy Server RADIUS Implementation Denial of Service Vulnerability." |
| 10 | 2015-01-13 | CVE-2015-0014 | Buffer overflow in the Telnet service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows Telnet Service Buffer Overflow Vulnerability." |
| 4.7 | 2015-01-13 | CVE-2015-0011 | mrxdav.sys (aka the WebDAV driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to bypass an impersonation protection mechanism, and obtain privileges for redirection of WebDAV requests, via a crafted application, aka "WebDAV Elevation of Privilege Vulnerability." |
| 6.1 | 2015-01-13 | CVE-2015-0006 | The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows remote attackers to trigger an unintended permissive configuration by spoofing DNS and LDAP responses on a local network, aka "NLA Security Feature Bypass Vulnerability." |
| 7.2 | 2015-01-13 | CVE-2015-0004 | The User Profile Service (aka ProfSvc) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges by conducting a junction attack to load another user's UsrClass.dat registry hive, aka MSRC ID 20674 or "Microsoft User Profile Service Elevation of Privilege Vulnerability." |
| 5 | 2014-12-10 | CVE-2014-6355 | The Graphics Component in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly process JPEG images, which makes it easier for remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Graphics Component Information Disclosure Vulnerability." |
| 9 | 2014-11-18 | CVE-2014-6324 | The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote authenticated domain users to obtain domain administrator privileges via a forged signature in a ticket, as exploited in the wild in November 2014, aka "Kerberos Checksum Vulnerability." |
| 9.3 | 2014-10-15 | CVE-2014-4148 | win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted TrueType font, as exploited in the wild in October 2014, aka "TrueType Font Parsing Remote Code Execution Vulnerability." |
| 7.2 | 2014-10-15 | CVE-2014-4115 | fastfat.sys (aka the FASTFAT driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 does not properly allocate memory, which allows physically proximate attackers to execute arbitrary code or cause a denial of service (reserved-memory write) by connecting a crafted USB device, aka "Microsoft Windows Disk Partition Driver Elevation of Privilege Vulnerability." |
| 7.2 | 2014-10-15 | CVE-2014-4113 | win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, as exploited in the wild in October 2014, aka "Win32k.sys Elevation of Privilege Vulnerability." |
| 7.2 | 2014-07-08 | CVE-2014-1767 | Double free vulnerability in the Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability." |
| 5.4 | 2014-03-12 | CVE-2014-0317 | The Security Account Manager Remote (SAMR) protocol implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2 does not properly determine the user-lockout state, which makes it easier for remote attackers to bypass the account lockout policy and obtain access via a brute-force attack, aka "SAMR Security Feature Bypass Vulnerability." |
| 7.2 | 2013-12-10 | CVE-2013-3899 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate addresses, which allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption Vulnerability." |
| 6.9 | 2013-12-10 | CVE-2013-3878 | Stack-based buffer overflow in the LRPC client in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges by operating an LRPC server that sends a crafted LPC port message, aka "LRPC Client Buffer Overrun Vulnerability." |
| 4.9 | 2013-11-12 | CVE-2013-3887 | The Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows local users to obtain sensitive information from kernel memory by leveraging improper copy operations, aka "Ancillary Function Driver Information Disclosure Vulnerability." |
| 9.3 | 2013-10-09 | CVE-2013-3894 | The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted CMAP table in a TrueType font (TTF) file, aka "TrueType Font CMAP Table Vulnerability." |
| 7.2 | 2013-10-09 | CVE-2013-3879 | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Use After Free Vulnerability." |
| 7.2 | 2013-10-09 | CVE-2013-3200 | The USB drivers in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability." |
| 10 | 2013-10-09 | CVE-2013-3195 | The DSA_InsertItem function in Comctl32.dll in the Windows common control library in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted value in an argument to an ASP.NET web application, aka "Comctl32 Integer Overflow Vulnerability." |
| 9.3 | 2013-09-11 | CVE-2013-3863 | Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via a crafted OLE object in a file, aka "OLE Property Vulnerability." |
| 9.3 | 2013-09-11 | CVE-2013-0810 | Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, and Windows Server 2008 SP2 allow remote attackers to execute arbitrary code via a crafted screensaver in a theme file, aka "Windows Theme File Remote Code Execution Vulnerability." |
| 7.2 | 2013-08-14 | CVE-2013-3198 | The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly validate kernel-memory addresses, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Windows Kernel Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3196 and CVE-2013-3197. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 18% (60) | CWE-20 | Improper Input Validation |
| 17% (56) | CWE-399 | Resource Management Errors |
| 14% (48) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 12% (41) | CWE-264 | Permissions, Privileges, and Access Controls |
| 12% (41) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 10% (35) | CWE-362 | Race Condition |
| 5% (18) | CWE-189 | Numeric Errors |
| 1% (5) | CWE-200 | Information Exposure |
| 1% (4) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 0% (3) | CWE-16 | Configuration |
| 0% (2) | CWE-287 | Improper Authentication |
| 0% (2) | CWE-255 | Credentials Management |
| 0% (1) | CWE-415 | Double Free |
| 0% (1) | CWE-310 | Cryptographic Issues |
| 0% (1) | CWE-134 | Uncontrolled Format String |
| 0% (1) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
| 0% (1) | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('O... |
| 0% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
CAPEC : Common Attack Pattern Enumeration & Classification
| id | Name |
|---|---|
| CAPEC-3 | Using Leading 'Ghost' Character Sequences to Bypass Input Filters |
| CAPEC-7 | Blind SQL Injection |
| CAPEC-8 | Buffer Overflow in an API Call |
| CAPEC-9 | Buffer Overflow in Local Command-Line Utilities |
| CAPEC-10 | Buffer Overflow via Environment Variables |
| CAPEC-13 | Subverting Environment Variable Values |
| CAPEC-14 | Client-side Injection-induced Buffer Overflow |
| CAPEC-18 | Embedding Scripts in Nonscript Elements |
| CAPEC-22 | Exploiting Trust in Client (aka Make the Client Invisible) |
| CAPEC-24 | Filter Failure through Buffer Overflow |
| CAPEC-28 | Fuzzing |
| CAPEC-31 | Accessing/Intercepting/Modifying HTTP Cookies |
| CAPEC-32 | Embedding Scripts in HTTP Query Strings |
| CAPEC-42 | MIME Conversion |
| CAPEC-43 | Exploiting Multiple Input Interpretation Layers |
| CAPEC-45 | Buffer Overflow via Symbolic Links |
| CAPEC-46 | Overflow Variables and Tags |
| CAPEC-47 | Buffer Overflow via Parameter Expansion |
| CAPEC-52 | Embedding NULL Bytes |
| CAPEC-53 | Postfix, Null Terminate, and Backslash |
| CAPEC-63 | Simple Script Injection |
| CAPEC-64 | Using Slashes and URL Encoding Combined to Bypass Validation Logic |
| CAPEC-66 | SQL Injection |
| CAPEC-67 | String Format Overflow in syslog() |
| CAPEC-71 | Using Unicode Encoding to Bypass Validation Logic |
SAINT Exploits
| Description | Link |
|---|---|
| Internet Explorer iepeers.dll use-after-free vulnerability | More info here |
| Visual Studio Active Template Library object type mismatch vulnerability | More info here |
| Microsoft OLE Object File Handling vulnerability | More info here |
| Internet Explorer WinINet credential reflection vulnerability | More info here |
| Windows Thumbnail View CreateSizedDIBSECTION buffer overflow | More info here |
| Windows Media MIDI Invalid Channel | More info here |
| Microsoft DirectX DirectShow QuickTime movie parsing vulnerability | More info here |
| Windows Help and Support Center -FromHCP URL whitelist bypass | More info here |
| Microsoft Office ClickOnce Unsafe Execution | More info here |
| Windows Object Packager Insecure Execution | More info here |
| Windows Shell LNK file CONTROL item command execution | More info here |
| Microsoft Remote Desktop Connection Insecure Library Injection | More info here |
| Windows Crafted Theme File Handling Vulnerability | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 78212 | Microsoft Windows Object Packager Path Subversion packager.exe Loading Remote... |
| 78211 | Microsoft Windows Line21 DirectShow Filter Media File Handling Remote Code Ex... |
| 78210 | Microsoft Windows Multimedia Library (winmm.dll) MIDI File Handling Remote Co... |
| 78209 | Microsoft Windows Ntdll.dll Structured Exception Handling Tables Loading Safe... |
| 78207 | Microsoft Windows Embedded ClickOnce Application Office File Handling Remote ... |
| 78206 | Microsoft Windows Client/Server Run-time Subsystem (CSRSS) Unicode Character ... |
| 78057 | Microsoft .NET Framework ASP.NET Hash Collision Web Form Post Parsing Remote DoS |
| 78056 | Microsoft .NET Framework Forms Authentication Sliding Expiry Cached Content P... |
| 78055 | Microsoft .NET Framework ASP.NET Username Parsing Authentication Bypass |
| 78054 | Microsoft .NET Framework Forms Authentication Return URL Handling Arbitrary S... |
| 77908 | Microsoft Windows win32k.sys Safari IFRAME Height Attribute Handling Remote M... |
| 77667 | Microsoft Windows Active Directory Query Parsing Remote Overflow |
| 77666 | Microsoft Windows Kernel Exception Handler Local Privilege Escalation |
| 77665 | Microsoft Time ActiveX (DATIME.DLL) Unspecified IE Web Page Handling Remote C... |
| 77663 | Microsoft Windows Object Linking and Embedding (OLE) Object File Handling Rem... |
| 77662 | Microsoft Windows CSRSS Device Event Message Parsing Local Privilege Escalation |
| 76902 | Microsoft Windows Active Directory LDAPS CRL Handling Weakness Authentication... |
| 76843 | Microsoft Windows Win32k TrueType Font Handling Privilege Escalation |
| 76232 | Microsoft Windows Ancillary Function Driver afd.sys Local Privilege Escalation |
| 76231 | Microsoft Windows Active Accessibility Path Subversion Arbitrary DLL Injectio... |
| 76221 | Microsoft Windows win32k.sys Driver Use-after-free Driver Object Handling Arb... |
| 76220 | Microsoft Windows win32k.sys Driver .fon Font File Handling Overflow |
| 76218 | Microsoft Windows win32k.sys Driver NULL Dereference Unspecified Arbitrary Co... |
| 75444 | Microsoft Windows WINS Loopback Interface Crafted Packet Local Privilege Esca... |
| 75382 | Microsoft Windows Shell Extensions Path Subversion Arbitrary DLL Injection Co... |
ExploitDB Exploits
| id | Description |
|---|---|
| 35101 | Windows TrackPopupMenu Win32k NULL Pointer Dereference |
| 33213 | Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei) |
| 27050 | DirectShow Arbitrary Memory Overwrite Vulnerability (MS13-056) |
| 26554 | Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation |
| 19037 | MS12-005 Microsoft Office ClickOnce Unsafe Object Package Handling Vulnerability |
| 19002 | Microsoft Windows OLE Object File Handling Remote Code Execution |
| 18426 | MS12-004 midiOutPlayNextPolyEvent Heap Overflow |
| 18372 | Microsoft Windows Assembly Execution Vulnerability MS12-005 |
| 18176 | MS11-080 Afd.sys Privilege Escalation Exploit |
| 18024 | MS11-077 Win32k Null Pointer De-reference Vulnerability POC |
| 17978 | MS11-077 .fon Kernel-Mode Buffer Overrun PoC |
| 17831 | MS WINS ECommEndDlg Input Validation Error |
| 17659 | MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow |
| 17544 | GDI+ CreateDashedPath Integer overflow in gdiplus.dll |
| 16590 | Internet Explorer DHTML Behaviors Use After Free |
| 15985 | MS10-073: Win32k Keyboard Layout Vulnerability |
| 15158 | MOAUB #30 - Microsoft Unicode Scripts Processor Remote Code Execution |
| 14895 | MOAUB #5 - Microsoft MPEG Layer-3 Remote Command Execution Exploit |
| 14608 | Microsoft Windows CreateWindow Function Callback Vulnerability (MS10-048) |
| 11683 | Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta) |
| 11199 | Windows NT - User Mode to Ring 0 Escalation Vulnerability |
| 9893 | Microsoft Internet Explorer 5,6,7 memory corruption PoC |
OpenVAS Exploits
| id | Description |
|---|---|
| 2013-07-09 | Name : Microsoft Remote Desktop Protocol Remote Code Execution Vulnerabilities (2671... File : nvt/secpod_ms12-020_remote.nasl |
| 2012-12-18 | Name : Fedora Update for xen FEDORA-2012-19828 File : nvt/gb_fedora_2012_19828_xen_fc16.nasl |
| 2012-12-14 | Name : Fedora Update for xen FEDORA-2012-19717 File : nvt/gb_fedora_2012_19717_xen_fc17.nasl |
| 2012-12-13 | Name : SuSE Update for xen openSUSE-SU-2012:0886-1 (xen) File : nvt/gb_suse_2012_0886_1.nasl |
| 2012-12-12 | Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (... File : nvt/secpod_ms12-078.nasl |
| 2012-12-12 | Name : Microsoft Windows File Handling Component Remote Code Execution Vulnerability... File : nvt/secpod_ms12-081.nasl |
| 2012-11-23 | Name : Fedora Update for xen FEDORA-2012-18242 File : nvt/gb_fedora_2012_18242_xen_fc17.nasl |
| 2012-11-23 | Name : Fedora Update for xen FEDORA-2012-18249 File : nvt/gb_fedora_2012_18249_xen_fc16.nasl |
| 2012-11-15 | Name : Fedora Update for xen FEDORA-2012-17204 File : nvt/gb_fedora_2012_17204_xen_fc17.nasl |
| 2012-11-15 | Name : Fedora Update for xen FEDORA-2012-17408 File : nvt/gb_fedora_2012_17408_xen_fc16.nasl |
| 2012-11-14 | Name : Microsoft Windows Shell Remote Code Execution Vulnerabilities (2727528) File : nvt/secpod_ms12-072.nasl |
| 2012-11-14 | Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (... File : nvt/secpod_ms12-075.nasl |
| 2012-10-10 | Name : Microsoft Windows Kernel Privilege Elevation Vulnerability (2724197) File : nvt/secpod_ms12-068.nasl |
| 2012-09-28 | Name : Google Chrome Windows Kernel Memory Corruption Vulnerability File : nvt/gb_google_chrome_mem_crptn_vuln_win.nasl |
| 2012-09-22 | Name : Fedora Update for xen FEDORA-2012-13434 File : nvt/gb_fedora_2012_13434_xen_fc17.nasl |
| 2012-09-22 | Name : Fedora Update for xen FEDORA-2012-13443 File : nvt/gb_fedora_2012_13443_xen_fc16.nasl |
| 2012-08-30 | Name : Fedora Update for xen FEDORA-2012-11182 File : nvt/gb_fedora_2012_11182_xen_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for xen FEDORA-2012-11755 File : nvt/gb_fedora_2012_11755_xen_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for xen FEDORA-2012-9386 File : nvt/gb_fedora_2012_9386_xen_fc17.nasl |
| 2012-08-24 | Name : Fedora Update for xen FEDORA-2012-11785 File : nvt/gb_fedora_2012_11785_xen_fc16.nasl |
| 2012-08-15 | Name : Microsoft Windows Networking Components Remote Code Execution Vulnerabilities... File : nvt/secpod_ms12-054.nasl |
| 2012-08-15 | Name : Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerability (2731... File : nvt/secpod_ms12-055.nasl |
| 2012-08-10 | Name : Debian Security Advisory DSA 2501-1 (xen) File : nvt/deb_2501_1.nasl |
| 2012-08-10 | Name : Debian Security Advisory DSA 2508-1 (kfreebsd-8) File : nvt/deb_2508_1.nasl |
| 2012-08-10 | Name : FreeBSD Ports: FreeBSD File : nvt/freebsd_FreeBSD16.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-A-0008 | Microsoft Windows User Profile Service Privilege Escalation Vulnerability (MS... Severity: Category II - VMSKEY: V0058209 |
| 2015-A-0007 | Microsoft Windows Network Policy Server Remote Denial of Service Vulnerabilit... Severity: Category I - VMSKEY: V0058207 |
| 2015-A-0006 | Microsoft Windows Kernel-Mode Driver Privilege Escalation Vulnerability (MS15... Severity: Category II - VMSKEY: V0058205 |
| 2015-B-0004 | Microsoft Network Location Awareness Service Security Bypass Vulnerability (M... Severity: Category II - VMSKEY: V0058201 |
| 2015-B-0006 | Microsoft Windows Telnet Buffer Overflow Vulnerability (MS15-002) Severity: Category I - VMSKEY: V0058199 |
| 2014-A-0180 | Microsoft Windows Kerberos Privilege Escalation Vulnerability Severity: Category I - VMSKEY: V0057571 |
| 2014-A-0148 | Microsoft FAT32 Disk Partition Driver Privilege Escalation Vulnerability Severity: Category I - VMSKEY: V0055429 |
| 2014-B-0093 | Microsoft Ancillary Function Driver Privilege Escalation Vulnerability Severity: Category II - VMSKEY: V0052955 |
| 2014-B-0028 | Microsoft Security Account Manager Remote (SAMR) Security Bypass Vulnerability Severity: Category II - VMSKEY: V0046171 |
| 2013-A-0226 | Microsoft LRPC Client Privilege Escalation Vulnerability Severity: Category II - VMSKEY: V0042591 |
| 2013-A-0232 | Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Drivers Severity: Category I - VMSKEY: V0042582 |
| 2013-B-0127 | Microsoft Windows Ancillary Function Driver Information Disclosure Vulnerability Severity: Category II - VMSKEY: V0042302 |
| 2013-A-0190 | Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Drivers Severity: Category I - VMSKEY: V0040763 |
| 2013-A-0189 | Microsoft Windows Common Control Library Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0040760 |
| 2013-B-0104 | Microsoft Windows Theme File Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0040299 |
| 2013-A-0176 | Microsoft Windows Object Linking and Embedding (OLE) Remote Code Execution Vu... Severity: Category II - VMSKEY: V0040290 |
| 2013-B-0088 | Multiple Privilege Escalation Vulnerabilities in Microsoft Windows Kernel Severity: Category I - VMSKEY: V0040045 |
| 2013-A-0164 | Microsoft Windows Unicode Scripts Processor Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0040037 |
| 2013-A-0163 | Microsoft Windows Remote Procedure Call (RPC) Elevation of Privilege Vulnerab... Severity: Category I - VMSKEY: V0040034 |
| 2013-B-0071 | Multiple Vulnerabilities in Microsoft .NET Framework and Silverlight Severity: Category II - VMSKEY: V0039211 |
| 2013-A-0134 | Microsoft DirectShow Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0039200 |
| 2013-A-0135 | Microsoft GDI+ Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0039199 |
| 2013-B-0034 | Microsoft Windows Client/Server Run-time Subsystem Elevation of Privilege Vul... Severity: Category II - VMSKEY: V0037616 |
| 2013-A-0080 | Microsoft Windows Kernel Privilege Escalation Vulnerability Severity: Category II - VMSKEY: V0037609 |
| 2013-A-0063 | Microsoft Windows Kernel-Mode Drivers Privilege Escalation Vulnerability Severity: Category II - VMSKEY: V0037404 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2020-01-14 | Microsoft Windows Wordpad Converter sprmT record heap overflow attempt RuleID : 52422 - Type : FILE-OFFICE - Revision : 1 |
| 2020-01-14 | Microsoft Windows Wordpad Converter sprmT record heap overflow attempt RuleID : 52421 - Type : FILE-OFFICE - Revision : 1 |
| 2020-01-03 | Microsoft Windows MHTML XSS attempt RuleID : 52335 - Type : OS-WINDOWS - Revision : 1 |
| 2019-10-17 | Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt RuleID : 51557 - Type : OS-WINDOWS - Revision : 1 |
| 2019-10-17 | Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt RuleID : 51556 - Type : OS-WINDOWS - Revision : 1 |
| 2019-10-17 | Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt RuleID : 51555 - Type : OS-WINDOWS - Revision : 1 |
| 2019-10-10 | Microsoft Windows WordPad and Office text converter integer overflow attempt RuleID : 51473 - Type : FILE-OFFICE - Revision : 1 |
| 2019-10-10 | Microsoft Windows WordPad and Office text converter integer overflow attempt RuleID : 51472 - Type : FILE-OFFICE - Revision : 1 |
| 2019-09-17 | Microsoft Windows Object Packager ClickOnce object remote code execution attempt RuleID : 51029 - Type : OS-WINDOWS - Revision : 1 |
| 2019-09-17 | Microsoft Windows Object Packager ClickOnce object remote code execution attempt RuleID : 51028 - Type : OS-WINDOWS - Revision : 1 |
| 2019-09-05 | Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt RuleID : 50893 - Type : FILE-MULTIMEDIA - Revision : 1 |
| 2019-09-05 | Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt RuleID : 50892 - Type : FILE-MULTIMEDIA - Revision : 1 |
| 2019-09-05 | Microsoft OpenType font index remote code execution attempt RuleID : 50889 - Type : FILE-OTHER - Revision : 1 |
| 2019-09-05 | Microsoft OpenType font index remote code execution attempt RuleID : 50888 - Type : FILE-OTHER - Revision : 1 |
| 2019-09-05 | Microsoft Windows GDI EMF parsing arbitrary code execution attempt RuleID : 50885 - Type : FILE-OTHER - Revision : 1 |
| 2019-09-05 | Microsoft Windows GDI EMF parsing arbitrary code execution attempt RuleID : 50884 - Type : FILE-OTHER - Revision : 1 |
| 2019-09-05 | Microsoft Fax Cover Page Editor heap corruption attempt RuleID : 50873 - Type : OS-WINDOWS - Revision : 1 |
| 2019-09-05 | Microsoft Fax Cover Page Editor heap corruption attempt RuleID : 50872 - Type : OS-WINDOWS - Revision : 1 |
| 2019-08-31 | Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap obfuscated ... RuleID : 50849 - Type : FILE-OTHER - Revision : 1 |
| 2019-08-31 | Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap obfuscated ... RuleID : 50848 - Type : FILE-OTHER - Revision : 1 |
| 2019-07-18 | Directshow GIF logical height overflow attempt RuleID : 50454 - Type : FILE-IMAGE - Revision : 1 |
| 2019-07-18 | Directshow GIF logical width overflow attempt RuleID : 50453 - Type : FILE-IMAGE - Revision : 1 |
| 2019-04-18 | Microsoft Windows TTF parsing counter overflow attempt RuleID : 49483 - Type : FILE-OTHER - Revision : 1 |
| 2019-04-18 | Microsoft Windows TTF parsing counter overflow attempt RuleID : 49482 - Type : FILE-OTHER - Revision : 1 |
| 2019-04-13 | Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap elevation o... RuleID : 49423 - Type : FILE-OTHER - Revision : 2 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2018-04-03 | Name: The remote web server may allow remote code execution. File: iis_7_pci.nasl - Type: ACT_GATHER_INFO |
| 2017-06-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_june_xp_2003.nasl - Type: ACT_GATHER_INFO |
| 2015-06-09 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms15-061.nasl - Type: ACT_GATHER_INFO |
| 2015-04-14 | Name: The remote Windows host is affected by a remote code execution vulnerability. File: smb_nt_ms15-035.nasl - Type: ACT_GATHER_INFO |
| 2015-01-13 | Name: The remote Windows host is affected by a remote code execution vulnerability. File: smb_nt_ms15-002.nasl - Type: ACT_GATHER_INFO |
| 2015-01-13 | Name: The remote Windows host is affected by a privilege escalation vulnerability. File: smb_nt_ms15-003.nasl - Type: ACT_GATHER_INFO |
| 2015-01-13 | Name: The remote Windows host is affected by a security bypass vulnerability. File: smb_nt_ms15-005.nasl - Type: ACT_GATHER_INFO |
| 2015-01-13 | Name: The remote Windows host is affected by a denial of service vulnerability. File: smb_nt_ms15-007.nasl - Type: ACT_GATHER_INFO |
| 2015-01-13 | Name: The remote Windows host is affected by a privilege escalation vulnerability. File: smb_nt_ms15-008.nasl - Type: ACT_GATHER_INFO |
| 2014-12-09 | Name: The remote Windows host is affected by an information disclosure vulnerability. File: smb_nt_ms14-085.nasl - Type: ACT_GATHER_INFO |
| 2014-11-26 | Name: The remote OracleVM host is missing one or more security updates. File: oraclevm_OVMSA-2012-0020.nasl - Type: ACT_GATHER_INFO |
| 2014-11-26 | Name: The remote OracleVM host is missing one or more security updates. File: oraclevm_OVMSA-2012-0021.nasl - Type: ACT_GATHER_INFO |
| 2014-11-26 | Name: The remote OracleVM host is missing one or more security updates. File: oraclevm_OVMSA-2012-0022.nasl - Type: ACT_GATHER_INFO |
| 2014-11-18 | Name: The remote implementation of Kerberos KDC is affected by a privilege escalati... File: smb_nt_ms14-068.nasl - Type: ACT_GATHER_INFO |
| 2014-10-15 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms14-058.nasl - Type: ACT_GATHER_INFO |
| 2014-10-15 | Name: The remote Windows host is affected by a privilege escalation vulnerability. File: smb_nt_ms14-063.nasl - Type: ACT_GATHER_INFO |
| 2014-10-10 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL10509.nasl - Type: ACT_GATHER_INFO |
| 2014-07-26 | Name: The remote Solaris system is missing a security patch from CPU oct2012. File: solaris_oct2012_SRU10_5.nasl - Type: ACT_GATHER_INFO |
| 2014-07-08 | Name: The remote Windows host contains a driver that allows elevation of privilege. File: smb_nt_ms14-040.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2012-403.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2012-404.nasl - Type: ACT_GATHER_INFO |
| 2014-03-11 | Name: The remote Windows host is affected by a security feature bypass vulnerability. File: smb_nt_ms14-016.nasl - Type: ACT_GATHER_INFO |
| 2014-03-05 | Name: The DNS server running on the remote host has multiple vulnerabilities. File: ms_dns_kb2562485.nasl - Type: ACT_GATHER_INFO |
| 2014-03-05 | Name: The DNS server running on the remote host is susceptible to a denial of servi... File: ms_dns_kb2647170.nasl - Type: ACT_GATHER_INFO |
| 2014-03-05 | Name: The DNS server running on the remote host is vulnerable to DNS spoofing attacks. File: ms_dns_kb941672.nasl - Type: ACT_GATHER_INFO |
