This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2009-06-10
Product Windows Server 2008 Last view 2022-04-15
Version * Type Os
Update sp2  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:microsoft:windows_server_2008

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7 2022-04-15 CVE-2022-26904

Windows User Profile Service Elevation of Privilege Vulnerability.

7.8 2022-04-15 CVE-2022-26903

Windows Graphics Component Remote Code Execution Vulnerability.

7.5 2022-04-15 CVE-2022-26831

Windows LDAP Denial of Service Vulnerability.

7.8 2022-04-15 CVE-2022-26810

Windows File Server Resource Management Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26827.

9.8 2022-04-15 CVE-2022-26809

Remote Procedure Call Runtime Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24492, CVE-2022-24528.

7.8 2022-04-15 CVE-2022-26802

Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26803.

7.8 2022-04-15 CVE-2022-26801

Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26802, CVE-2022-26803.

7.8 2022-04-15 CVE-2022-26798

Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.

7.8 2022-04-15 CVE-2022-26797

Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.

7.8 2022-04-15 CVE-2022-26796

Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.

7.8 2022-04-15 CVE-2022-26794

Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.

7.8 2022-04-15 CVE-2022-26792

Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.

7.8 2022-04-15 CVE-2022-26790

Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.

7.8 2022-04-15 CVE-2022-24530

Windows Installer Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24499.

8.8 2022-04-15 CVE-2022-24528

Remote Procedure Call Runtime Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24492, CVE-2022-26809.

7.8 2022-04-15 CVE-2022-24527

Windows Endpoint Configuration Manager Elevation of Privilege Vulnerability.

7.8 2022-04-15 CVE-2022-24521

Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24481.

8.8 2022-04-15 CVE-2022-24500

Windows SMB Remote Code Execution Vulnerability.

7.8 2022-04-15 CVE-2022-24499

Windows Installer Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24530.

6.5 2022-04-15 CVE-2022-24498

Windows iSCSI Target Service Information Disclosure Vulnerability.

7.8 2022-04-15 CVE-2022-24494

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability.

8.8 2022-04-15 CVE-2022-24492

Remote Procedure Call Runtime Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24528, CVE-2022-26809.

7.5 2022-04-15 CVE-2022-24485

Win32 File Enumeration Remote Code Execution Vulnerability.

7.8 2022-04-15 CVE-2022-24481

Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24521.

7.8 2022-04-15 CVE-2022-24474

Windows Win32k Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24542.

CWE : Common Weakness Enumeration

%idName
31% (83) CWE-200 Information Exposure
20% (55) CWE-264 Permissions, Privileges, and Access Controls
12% (34) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
11% (31) CWE-20 Improper Input Validation
4% (12) CWE-281 Improper Preservation of Permissions
4% (12) CWE-269 Improper Privilege Management
2% (7) CWE-284 Access Control (Authorization) Issues
2% (7) CWE-94 Failure to Control Generation of Code ('Code Injection')
1% (5) CWE-254 Security Features
1% (4) CWE-19 Data Handling
1% (3) CWE-404 Improper Resource Shutdown or Release
0% (2) CWE-399 Resource Management Errors
0% (2) CWE-362 Race Condition
0% (2) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
0% (1) CWE-611 Information Leak Through XML External Entity File Disclosure
0% (1) CWE-416 Use After Free
0% (1) CWE-415 Double Free
0% (1) CWE-352 Cross-Site Request Forgery (CSRF)
0% (1) CWE-287 Improper Authentication
0% (1) CWE-255 Credentials Management
0% (1) CWE-131 Incorrect Calculation of Buffer Size
0% (1) CWE-17 Code

SAINT Exploits

Description Link
Windows OLE Package Manager CPackage::DoVerb() INF File Download Vulnerability More info here
Microsoft Word and WordPad RTF HTA handler command execution More info here

Open Source Vulnerability Database (OSVDB)

id Description
77908 Microsoft Windows win32k.sys Safari IFRAME Height Attribute Handling Remote M...
56698 Microsoft Visual Studio Active Template Library (ATL) Data Stream Object Inst...
54934 Microsoft Windows Print Spooler Load Library Crafted RPC Message Arbitrary DL...

ExploitDB Exploits

id Description
35236 MS14-064 Microsoft Windows OLE Package Manager Code Execution
35235 MS14-064 Microsoft Windows OLE Package Manager Code Execution Through Python
35216 MS Office 2007 and 2010 - OLE Arbitrary Command Execution
35101 Windows TrackPopupMenu Win32k NULL Pointer Dereference
35055 Windows OLE - Remote Code Execution "Sandworm" Exploit (MS14-060)
35020 MS14-060 Microsoft Windows OLE Package Manager Code Execution
35019 Windows OLE Package Manager SandWorm Exploit
26554 Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation

OpenVAS Exploits

id Description
2012-12-12 Name : Microsoft Windows File Handling Component Remote Code Execution Vulnerability...
File : nvt/secpod_ms12-081.nasl
2012-12-12 Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (...
File : nvt/secpod_ms12-078.nasl
2012-06-13 Name : Microsoft Lync Remote Code Execution Vulnerabilities (2707956)
File : nvt/secpod_ms12-039.nasl
2012-05-14 Name : Microsoft Silverlight Code Execution Vulnerabilities - 2681578 (Mac OS X)
File : nvt/secpod_ms12-034_macosx.nasl
2012-05-09 Name : MS Security Update For Microsoft Office, .NET Framework, and Silverlight (268...
File : nvt/secpod_ms12-034.nasl
2012-02-15 Name : Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (2660465)
File : nvt/secpod_ms12-008.nasl
2012-02-15 Name : MS Windows Color Control Panel Remote Code Execution Vulnerability (2643719)
File : nvt/secpod_ms12-012.nasl
2012-01-19 Name : Microsoft Windows Color Control Panel Privilege Escalation Vulnerability
File : nvt/gb_ms_win_color_control_panel_priv_escalation.nasl
2010-03-16 Name : FreeBSD Ports: openoffice.org
File : nvt/freebsd_openoffice.org.nasl
2009-12-04 Name : MS Internet Explorer 'Style' Object Remote Code Execution Vulnerability
File : nvt/gb_ms_ie_style_object_remote_code_exec_vuln.nasl
2009-11-11 Name : SLES11: Security update for IBM Java 1.6.0
File : nvt/sles11_java-1_6_0-ibm1.nasl
2009-10-14 Name : MS ATL ActiveX Controls for MS Office Could Allow Remote Code Execution (973965)
File : nvt/secpod_ms09-060.nasl
2009-10-14 Name : Microsoft Windows ATL COM Initialization Code Execution Vulnerability (973525)
File : nvt/secpod_ms09-055.nasl
2009-08-14 Name : Vulnerabilities in Microsoft ATL Could Allow Remote Code Execution (973908)
File : nvt/secpod_ms09-037.nasl
2009-08-03 Name : Microsoft Visual Studio ATL Remote Code Execution Vulnerability (969706)
File : nvt/secpod_ms09-035.nasl
2009-06-10 Name : Vulnerabilities in Print Spooler Could Allow Remote Code Execution (961501)
File : nvt/secpod_ms09-022.nasl
0000-00-00 Name : Microsoft Windows Kernel 'win32k.sys' Memory Corruption Vulnerability
File : nvt/gb_ms_win_kernel_win32k_sys_mem_corruption_vuln.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0212 Multiple Vulnerabilities in Microsoft Graphics Component (MS15-097)
Severity: Category II - VMSKEY: V0061385
2015-B-0110 Microsoft Active Directory Service Denial of Service Vulnerability (MS15-096)
Severity: Category II - VMSKEY: V0061369
2015-A-0198 Microsoft Server Message Block (SMB) Remote Code Execution Vulnerability (MS1...
Severity: Category II - VMSKEY: V0061315
2015-B-0097 Microsoft Windows UDDI Cross Site Scripting Vulnerability (MS15-087)
Severity: Category II - VMSKEY: V0061287
2015-A-0167 Multiple Vulnerabilities in Microsoft Windows (MS15-069)
Severity: Category II - VMSKEY: V0061129
2015-B-0091 Multiple Vulnerabilities in Microsoft Hyper-V (MS15-068)
Severity: Category II - VMSKEY: V0061119
2015-A-0162 Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Driver (MS15-073)
Severity: Category II - VMSKEY: V0061097
2015-A-0122 Microsoft Windows Kernel Elevation of Privilege Vulnerability (MS15-063)
Severity: Category II - VMSKEY: V0060961
2015-A-0048 Multiple Vulnerabilities in Windows Kernel (MS15-025)
Severity: Category II - VMSKEY: V0058995
2014-A-0180 Microsoft Windows Kerberos Privilege Escalation Vulnerability
Severity: Category I - VMSKEY: V0057571
2014-A-0171 Multiple Vulnerabilities in Windows OLE
Severity: Category I - VMSKEY: V0057379
2014-A-0148 Microsoft FAT32 Disk Partition Driver Privilege Escalation Vulnerability
Severity: Category I - VMSKEY: V0055429
2014-B-0093 Microsoft Ancillary Function Driver Privilege Escalation Vulnerability
Severity: Category II - VMSKEY: V0052955
2014-A-0095 Microsoft Windows Journal Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0052951
2013-A-0042 Microsoft Windows Media Decompression Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0036827
2012-A-0196 Microsoft Windows File Handling Component Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0035488
2012-B-0020 Microsoft Color Control Panel Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0031354
2009-A-0097 Multiple Vulnerabilities in Microsoft Active Template Library
Severity: Category II - VMSKEY: V0021756
2009-A-0067 Multiple Vulnerabilities in Microsoft Active Template Library
Severity: Category II - VMSKEY: V0019882
2009-B-0033 Multiple Vulnerabilities in Visual Studio Active Template Library
Severity: Category II - VMSKEY: V0019798

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2020-01-16 Microsoft Word internal OLE object update attempt
RuleID : 52482 - Type : INDICATOR-COMPROMISE - Revision : 1
2020-01-16 Microsoft Word internal OLE object update attempt
RuleID : 52481 - Type : INDICATOR-COMPROMISE - Revision : 1
2019-09-24 Microsoft Excel Jet Database Engine code execution attempt
RuleID : 51183 - Type : FILE-OFFICE - Revision : 1
2019-09-24 Microsoft Excel Jet Database Engine code execution attempt
RuleID : 51182 - Type : FILE-OFFICE - Revision : 1
2019-04-18 Microsoft Windows TTF parsing counter overflow attempt
RuleID : 49483 - Type : FILE-OTHER - Revision : 1
2019-04-18 Microsoft Windows TTF parsing counter overflow attempt
RuleID : 49482 - Type : FILE-OTHER - Revision : 1
2018-08-16 Microsoft Windows OTF parsing memory corruption attempt
RuleID : 47220 - Type : FILE-OTHER - Revision : 1
2018-08-16 Microsoft Windows OTF parsing memory corruption attempt
RuleID : 47219 - Type : FILE-OTHER - Revision : 1
2018-06-07 Microsoft Windows clfs.sys out of bounds local privilege escalation attempt
RuleID : 46604 - Type : OS-WINDOWS - Revision : 1
2018-06-07 Microsoft Windows clfs.sys out of bounds local privilege escalation attempt
RuleID : 46603 - Type : OS-WINDOWS - Revision : 1
2018-06-07 Microsoft Win32k privilege escalation attempt
RuleID : 46565 - Type : OS-WINDOWS - Revision : 1
2018-06-07 Microsoft Win32k privilege escalation attempt
RuleID : 46564 - Type : OS-WINDOWS - Revision : 1
2018-06-07 Microsoft Win32k privilege escalation attempt
RuleID : 46563 - Type : OS-WINDOWS - Revision : 1
2018-06-07 Microsoft Win32k privilege escalation attempt
RuleID : 46562 - Type : OS-WINDOWS - Revision : 1
2018-06-05 Microsoft Windows TTF cmap integer overflow attempt
RuleID : 46504 - Type : OS-WINDOWS - Revision : 1
2018-06-05 Microsoft Windows TTF cmap integer overflow attempt
RuleID : 46503 - Type : OS-WINDOWS - Revision : 1
2018-03-15 Microsoft Windows HIDPARSE.sys memory corruption attempt
RuleID : 45657 - Type : OS-WINDOWS - Revision : 1
2018-03-15 Microsoft Windows HIDPARSE.sys memory corruption attempt
RuleID : 45656 - Type : OS-WINDOWS - Revision : 1
2018-03-13 Microsoft Windows win32k.sys privilege escalation attempt
RuleID : 45650 - Type : OS-WINDOWS - Revision : 1
2018-03-13 Microsoft Windows win32k.sys privilege escalation attempt
RuleID : 45649 - Type : OS-WINDOWS - Revision : 1
2018-03-13 Microsoft Windows CLFS privilege escalation attempt
RuleID : 45631 - Type : FILE-OTHER - Revision : 3
2018-03-13 Microsoft Windows CLFS privilege escalation attempt
RuleID : 45630 - Type : FILE-OTHER - Revision : 3
2018-03-13 Microsoft Windows malformed shortcut file with comment buffer overflow attempt
RuleID : 45625 - Type : OS-WINDOWS - Revision : 2
2018-03-13 Microsoft Windows malformed shortcut file with comment buffer overflow attempt
RuleID : 45624 - Type : OS-WINDOWS - Revision : 2
2018-02-22 Microsoft Word internal object auto update attempt
RuleID : 45520 - Type : INDICATOR-COMPROMISE - Revision : 2

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2017-11-30 Name: The Internet Explorer installation on the remote host is affected by multiple...
File: smb_nt_ms17_jul_internet_explorer.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_4048952.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_4048953.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_4048954.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_4048955.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_4048956.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_4048957.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_4048958.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_4048959.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_win2008.nasl - Type: ACT_GATHER_INFO
2017-11-03 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_aug_4034668.nasl - Type: ACT_GATHER_INFO
2017-11-03 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_jul_4025338.nasl - Type: ACT_GATHER_INFO
2017-11-03 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_oct_4042895.nasl - Type: ACT_GATHER_INFO
2017-11-03 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_sep_4038781.nasl - Type: ACT_GATHER_INFO
2017-10-20 Name: The remote Windows host is affected by an information disclosure vulnerability.
File: smb_nt_ms17_apr_3217841.nasl - Type: ACT_GATHER_INFO
2017-10-20 Name: The remote Windows host is affected by an information disclosure vulnerability.
File: smb_nt_ms17_apr_4014793.nasl - Type: ACT_GATHER_INFO
2017-10-20 Name: The remote Windows host is affected by a remote code execution vulnerability.
File: smb_nt_ms17_may_4020535.nasl - Type: ACT_GATHER_INFO
2017-10-17 Name: The remote Windows host is affected by multiple vulnerabilities.
File: ms17_oct_smbv1_multi_vulns.nasl - Type: ACT_GATHER_INFO
2017-10-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_oct_win2008.nasl - Type: ACT_GATHER_INFO
2017-10-10 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_oct_4041676.nasl - Type: ACT_GATHER_INFO
2017-10-10 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_oct_4041681.nasl - Type: ACT_GATHER_INFO
2017-10-10 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_oct_4041689.nasl - Type: ACT_GATHER_INFO
2017-10-10 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_oct_4041690.nasl - Type: ACT_GATHER_INFO
2017-10-10 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_oct_4041691.nasl - Type: ACT_GATHER_INFO
2017-10-10 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_oct_4041693.nasl - Type: ACT_GATHER_INFO