This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2009-07-15
Product Windows Server 2008 Last view 2012-02-17
Version * Type Os
Update sp2  
Edition x32  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:microsoft:windows_server_2008

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
6.4 2012-02-17 CVE-2012-1194

The resolver in the DNS Server service in Microsoft Windows Server 2008 before R2 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.

9.3 2012-01-10 CVE-2012-0013

Incomplete blacklist vulnerability in the Windows Packager configuration in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted ClickOnce application in a Microsoft Office document, related to .application files, aka "Assembly Execution Vulnerability."

6.9 2012-01-10 CVE-2012-0005

The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2, when a Chinese, Japanese, or Korean system locale is used, can access uninitialized memory during the processing of Unicode characters, which allows local users to gain privileges via a crafted application, aka "CSRSS Elevation of Privilege Vulnerability."

9.3 2012-01-10 CVE-2012-0004

Unspecified vulnerability in DirectShow in DirectX in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted media file, related to Quartz.dll, Qdvd.dll, closed captioning, and the Line21 DirectShow filter, aka "DirectShow Remote Code Execution Vulnerability."

9.3 2012-01-10 CVE-2012-0003

Unspecified vulnerability in winmm.dll in Windows Multimedia Library in Windows Media Player (WMP) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via a crafted MIDI file, aka "MIDI Remote Code Execution Vulnerability."

9.3 2012-01-10 CVE-2012-0001

The kernel in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly load structured exception handling tables, which allows context-dependent attackers to bypass the SafeSEH security feature by leveraging a Visual C++ .NET 2003 application, aka "Windows Kernel SafeSEH Bypass Vulnerability."

7.2 2011-12-13 CVE-2011-3408

Csrsrv.dll in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly check permissions for sending inter-process device-event messages from low-integrity processes to high-integrity processes, which allows local users to gain privileges via a crafted application, aka "CSRSS Local Privilege Elevation Vulnerability."

9 2011-12-13 CVE-2011-3406

Buffer overflow in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote authenticated users to execute arbitrary code via a crafted query that leverages incorrect memory initialization, aka "Active Directory Buffer Overflow Vulnerability."

7.2 2011-12-13 CVE-2011-2018

The kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, and Windows 7 Gold and SP1 does not properly initialize objects, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Exception Handler Vulnerability."

9.3 2011-11-08 CVE-2011-2016

Untrusted search path vulnerability in Windows Mail and Windows Meeting Space in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .eml or .wcinv file, aka "Windows Mail Insecure Library Loading Vulnerability."

9 2011-11-08 CVE-2011-2014

The LDAP over SSL (aka LDAPS) implementation in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not examine Certificate Revocation Lists (CRLs), which allows remote authenticated users to bypass intended certificate restrictions and access Active Directory resources by leveraging a revoked X.509 certificate for a domain account, aka "LDAPS Authentication Bypass Vulnerability."

10 2011-11-08 CVE-2011-2013

Integer overflow in the TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code by sending a sequence of crafted UDP packets to a closed port, aka "Reference Counter Overflow Vulnerability."

9.3 2011-11-04 CVE-2011-3402

Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via crafted font data in a Word document or web page, as exploited in the wild in November 2011 by Duqu, aka "TrueType Font Parsing Vulnerability."

7.2 2011-10-11 CVE-2011-2011

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, aka "Win32k Use After Free Vulnerability."

9.3 2011-10-11 CVE-2011-2003

Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted .fon file, aka "Font Library File Buffer Overrun Vulnerability."

4.7 2011-10-11 CVE-2011-2002

win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle TrueType fonts, which allows local users to cause a denial of service (system hang) via a crafted font file, aka "Win32k TrueType Font Type Translation Vulnerability."

7.2 2011-10-11 CVE-2011-1985

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via a crafted application, aka "Win32k Null Pointer De-reference Vulnerability."

9.3 2011-10-11 CVE-2011-1247

Untrusted search path vulnerability in the Microsoft Active Accessibility component in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Active Accessibility Insecure Library Loading Vulnerability."

9.3 2011-09-15 CVE-2011-1991

Multiple untrusted search path vulnerabilities in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .doc, .rtf, or .txt file, related to (1) deskpan.dll in the Display Panning CPL Extension, (2) EAPHost Authenticator Service, (3) Folder Redirection, (4) HyperTerminal, (5) the Japanese Input Method Editor (IME), and (6) Microsoft Management Console (MMC), aka "Windows Components Insecure Library Loading Vulnerability."

7.2 2011-09-15 CVE-2011-1984

WINS in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and R2 SP1 allows local users to gain privileges by sending crafted packets over the loopback interface, aka "WINS Local Elevation of Privilege Vulnerability."

4.7 2011-08-10 CVE-2011-1971

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly parse file metadata, which allows local users to cause a denial of service (reboot) via a crafted file, aka "Windows Kernel Metadata Parsing DOS Vulnerability."

5 2011-08-10 CVE-2011-1970

The DNS server in Microsoft Windows Server 2003 SP2 and Windows Server 2008 SP2, R2, and R2 SP1 does not properly initialize memory, which allows remote attackers to cause a denial of service (service outage) via a query for a nonexistent domain, aka "DNS Uninitialized Memory Corruption Vulnerability."

7.2 2011-08-10 CVE-2011-1967

Winsrv.dll in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly check permissions for sending inter-process device-event messages from low-integrity processes to high-integrity processes, which allows local users to gain privileges via a crafted application, aka "CSRSS Vulnerability."

10 2011-08-10 CVE-2011-1966

The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 does not properly handle NAPTR queries that trigger recursive processing, which allows remote attackers to execute arbitrary code via a crafted query, aka "DNS NAPTR Query Vulnerability."

7.8 2011-08-10 CVE-2011-1871

Tcpip.sys in the TCP/IP stack in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (reboot) via a series of crafted ICMP messages, aka "ICMP Denial of Service Vulnerability."

CWE : Common Weakness Enumeration

%idName
31% (43) CWE-399 Resource Management Errors
22% (31) CWE-20 Improper Input Validation
13% (18) CWE-94 Failure to Control Generation of Code ('Code Injection')
10% (14) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
8% (12) CWE-264 Permissions, Privileges, and Access Controls
5% (8) CWE-189 Numeric Errors
2% (3) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
1% (2) CWE-362 Race Condition
1% (2) CWE-200 Information Exposure
0% (1) CWE-310 Cryptographic Issues
0% (1) CWE-287 Improper Authentication
0% (1) CWE-255 Credentials Management

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-2 Inducing Account Lockout
CAPEC-82 Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi...
CAPEC-147 XML Ping of Death
CAPEC-228 Resource Depletion through DTD Injection in a SOAP Message

SAINT Exploits

Description Link
Internet Explorer iepeers.dll use-after-free vulnerability More info here
Windows Thumbnail View CreateSizedDIBSECTION buffer overflow More info here
Windows Media MIDI Invalid Channel More info here
Microsoft Office ClickOnce Unsafe Execution More info here
Windows Shell LNK file CONTROL item command execution More info here
Microsoft Remote Desktop Connection Insecure Library Injection More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
78211 Microsoft Windows Line21 DirectShow Filter Media File Handling Remote Code Ex...
78210 Microsoft Windows Multimedia Library (winmm.dll) MIDI File Handling Remote Co...
78209 Microsoft Windows Ntdll.dll Structured Exception Handling Tables Loading Safe...
78207 Microsoft Windows Embedded ClickOnce Application Office File Handling Remote ...
78206 Microsoft Windows Client/Server Run-time Subsystem (CSRSS) Unicode Character ...
77667 Microsoft Windows Active Directory Query Parsing Remote Overflow
77666 Microsoft Windows Kernel Exception Handler Local Privilege Escalation
77662 Microsoft Windows CSRSS Device Event Message Parsing Local Privilege Escalation
76902 Microsoft Windows Active Directory LDAPS CRL Handling Weakness Authentication...
76901 Microsoft Windows Mail / Windows Meeting Space Path Subversion Arbitrary DLL ...
76899 Microsoft Windows TCP/IP Reference Counter Crafted UDP Packet Stream Remote O...
76843 Microsoft Windows Win32k TrueType Font Handling Privilege Escalation
76231 Microsoft Windows Active Accessibility Path Subversion Arbitrary DLL Injectio...
76221 Microsoft Windows win32k.sys Driver Use-after-free Driver Object Handling Arb...
76220 Microsoft Windows win32k.sys Driver .fon Font File Handling Overflow
76219 Microsoft Windows win32k.sys Driver Type Translation TrueType Font File Handl...
76218 Microsoft Windows win32k.sys Driver NULL Dereference Unspecified Arbitrary Co...
75444 Microsoft Windows WINS Loopback Interface Crafted Packet Local Privilege Esca...
75382 Microsoft Windows Shell Extensions Path Subversion Arbitrary DLL Injection Co...
74482 Microsoft Windows TCP/IP Stack (Tcpip.sys) ICMP Message Parsing Remote DoS
74407 Microsoft Windows Kernel File Metadata Handling Remote DoS
74401 Microsoft Windows Client/Server Run-time Subsystem (CSRSS) Inter-Process Devi...
74400 Microsoft Windows DNS Service Non-Existent Domain Query Parsing Remote DoS
74399 Microsoft Windows DNS Service NAPTR Query Parsing Overflow
73796 Microsoft Windows CSRSS SrvSetConsoleLocalEUDC() Function NULL Page Data Writ...

ExploitDB Exploits

id Description
19037 MS12-005 Microsoft Office ClickOnce Unsafe Object Package Handling Vulnerability
18426 MS12-004 midiOutPlayNextPolyEvent Heap Overflow
18372 Microsoft Windows Assembly Execution Vulnerability MS12-005
18024 MS11-077 Win32k Null Pointer De-reference Vulnerability POC
17978 MS11-077 .fon Kernel-Mode Buffer Overrun PoC
17831 MS WINS ECommEndDlg Input Validation Error
17544 GDI+ CreateDashedPath Integer overflow in gdiplus.dll
16590 Internet Explorer DHTML Behaviors Use After Free
15985 MS10-073: Win32k Keyboard Layout Vulnerability
15266 Windows NTLM Weak Nonce Vulnerability
15158 MOAUB #30 - Microsoft Unicode Scripts Processor Remote Code Execution
14670 Microsoft Windows nt!SeObjectCreateSaclAccessBits() Missed ACE Bounds Checks ...
14667 Microsoft Windows KTM Invalid Free with Reused Transaction GUID (MS10-047)
14610 Microsoft Windows Tracing Registry Key ACL Privilege Escalation Vulnerability
14608 Microsoft Windows CreateWindow Function Callback Vulnerability (MS10-048)
12273 Windows 7/2008R2 SMB Client Trans2 Stack Overflow 10-020 PoC
11683 Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta)

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-06-13 Name : Microsoft Lync Remote Code Execution Vulnerabilities (2707956)
File : nvt/secpod_ms12-039.nasl
2012-05-14 Name : Microsoft Silverlight Code Execution Vulnerabilities - 2681578 (Mac OS X)
File : nvt/secpod_ms12-034_macosx.nasl
2012-05-09 Name : MS Security Update For Microsoft Office, .NET Framework, and Silverlight (268...
File : nvt/secpod_ms12-034.nasl
2012-03-06 Name : Microsoft SMB Transaction Parsing Remote Code Execution Vulnerability
File : nvt/secpod_ms11-020_remote.nasl
2012-02-29 Name : MicroSoft SMB Server Trans2 Request Remote Code Execution Vulnerability
File : nvt/secpod_ms10-054_remote.nasl
2012-01-11 Name : Windows ClickOnce Application Installer Remote Code Execution Vulnerability (...
File : nvt/secpod_ms12-005.nasl
2012-01-11 Name : Microsoft Windows Media Could Allow Remote Code Execution Vulnerabilities (26...
File : nvt/secpod_ms12-004.nasl
2012-01-11 Name : MS Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerabilit...
File : nvt/secpod_ms12-003.nasl
2012-01-11 Name : Microsoft Windows Kernel Security Feature Bypass Vulnerability (2644615)
File : nvt/secpod_ms12-001.nasl
2011-12-14 Name : Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability (2...
File : nvt/secpod_ms11-097.nasl
2011-12-14 Name : Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (2567053)
File : nvt/secpod_ms11-087.nasl
2011-12-13 Name : Microsoft Windows Kernel Privilege Elevation Vulnerability (2633171)
File : nvt/secpod_ms11-098.nasl
2011-12-13 Name : MS Windows Active Directory Remote Code Execution Vulnerability (2640045)
File : nvt/secpod_ms11-095.nasl
2011-11-09 Name : Microsoft Windows Active Directory LDAPS Authentication Bypass Vulnerability ...
File : nvt/secpod_ms11-086.nasl
2011-11-09 Name : Microsoft Windows TCP/IP Remote Code Execution Vulnerability (2588516)
File : nvt/secpod_ms11-083.nasl
2011-11-09 Name : Windows Mail and Windows Meeting Space Remote Code Execution Vulnerability (2...
File : nvt/secpod_ms11-085.nasl
2011-11-07 Name : Microsoft Windows TrueType Font Parsing Privilege Elevation Vulnerability
File : nvt/gb_ms_truetype_font_privilege_elevation_vuln.nasl
2011-10-21 Name : Microsoft Windows WINS Remote Code Execution Vulnerability (2524426)
File : nvt/gb_ms11-035_remote.nasl
2011-10-12 Name : Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (2567053)
File : nvt/secpod_ms11-077.nasl
2011-10-12 Name : Microsoft Active Accessibility Remote Code Execution Vulnerability (2623699)
File : nvt/secpod_ms11-075.nasl
2011-09-14 Name : Microsoft Windows Components Remote Code Execution Vulnerabilities (2570947)
File : nvt/secpod_ms11-071.nasl
2011-09-14 Name : Microsoft Windows WINS Local Privilege Escalation Vulnerability (2571621)
File : nvt/secpod_ms11-070.nasl
2011-08-11 Name : Microsoft Windows DNS Server Remote Code Execution Vulnerability (2562485)
File : nvt/secpod_ms11-058.nasl
2011-08-11 Name : Microsoft Windows TCP/IP Stack Denial of Service Vulnerability (2563894)
File : nvt/secpod_ms11-064.nasl
2011-08-11 Name : Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulne...
File : nvt/secpod_ms11-063.nasl

Information Assurance Vulnerability Management (IAVM)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-A-0079 Combined Security Update for Microsoft Office Windows .NET Framework and Silv...
Severity: Category I - VMSKEY: V0032304
2012-A-0007 Microsoft Windows Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0031010
2012-A-0005 Multiple Remote Code Execution Vulnerabilities in Microsoft Windows Media
Severity: Category II - VMSKEY: V0031000
2012-A-0003 Microsoft Windows Kernel Security Bypass Vulnerability
Severity: Category I - VMSKEY: V0030998
2012-A-0002 Microsoft Windows Components Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0030932
2011-A-0162 Microsoft Windows Client/Server Run-time Subsystem Elevation of Privilege Vul...
Severity: Category II - VMSKEY: V0030835
2011-B-0135 Microsoft Windows Mail and Windows Meeting Space Remote Code Execution Vulner...
Severity: Category II - VMSKEY: V0030608
2011-A-0138 Microsoft Active Accessibility Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0030402
2011-A-0126 Microsoft Windows WINS Server Privilege Escalation Vulnerability
Severity: Category I - VMSKEY: V0030247
2011-A-0115 Microsoft Windows Client/Server Run-time Subsystem Elevation of Privilege Vul...
Severity: Category I - VMSKEY: V0029760
2011-B-0104 Microsoft Windows Kernel Remote Denial of Service Vulnerability
Severity: Category II - VMSKEY: V0029745
2011-B-0065 Microsoft MHTML Information Disclosure Vulnerability
Severity: Category II - VMSKEY: V0028617
2011-B-0068 Microsoft Active Directory Certificate Services Web Enrollment Privilege Esca...
Severity: Category II - VMSKEY: V0028615
2011-B-0067 Microsoft Windows Ancillary Function Driver Privilege Escalation Vulnerability
Severity: Category II - VMSKEY: V0028611
2011-A-0078 Microsoft Server Message Block (SMB) Denial of Service Vulnerability
Severity: Category I - VMSKEY: V0028598
2011-A-0081 Microsoft Windows OLE Automation Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0028597
2011-A-0087 Microsoft Distributed File System Remote Code Execution Vulnerabilities
Severity: Category I - VMSKEY: V0028593
2011-A-0079 Microsoft SMB Client Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0028592
2011-A-0050 Microsoft SMB Server Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0026521
2011-A-0039 Microsoft DNS Resolution Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0026514
2011-B-0045 Microsoft Windows Fax Cover Page Editor Vulnerability
Severity: Category II - VMSKEY: V0026509
2011-B-0033 Microsoft Remote Desktop Connection Client Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0026091
2011-A-0019 Microsoft Windows Shell Graphics Processing Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0026068
2010-B-0110 Microsoft Task Scheduler Elevation of Privilege Vulnerability
Severity: Category II - VMSKEY: V0025862
2010-B-0109 Microsoft Windows Netlogon Denial of Service Vulnerability
Severity: Category II - VMSKEY: V0025860

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX clsid access
RuleID : 53118 - Type : BROWSER-PLUGINS - Revision : 1
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt
RuleID : 53117 - Type : BROWSER-PLUGINS - Revision : 1
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt
RuleID : 53116 - Type : BROWSER-PLUGINS - Revision : 1
2020-01-03 Microsoft Windows MHTML XSS attempt
RuleID : 52335 - Type : OS-WINDOWS - Revision : 1
2019-09-17 Microsoft Windows Object Packager ClickOnce object remote code execution attempt
RuleID : 51029 - Type : OS-WINDOWS - Revision : 1
2019-09-17 Microsoft Windows Object Packager ClickOnce object remote code execution attempt
RuleID : 51028 - Type : OS-WINDOWS - Revision : 1
2019-09-05 Microsoft OpenType font index remote code execution attempt
RuleID : 50889 - Type : FILE-OTHER - Revision : 1
2019-09-05 Microsoft OpenType font index remote code execution attempt
RuleID : 50888 - Type : FILE-OTHER - Revision : 1
2019-09-05 Microsoft Fax Cover Page Editor heap corruption attempt
RuleID : 50873 - Type : OS-WINDOWS - Revision : 1
2019-09-05 Microsoft Fax Cover Page Editor heap corruption attempt
RuleID : 50872 - Type : OS-WINDOWS - Revision : 1
2019-08-31 Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap obfuscated ...
RuleID : 50849 - Type : FILE-OTHER - Revision : 1
2019-08-31 Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap obfuscated ...
RuleID : 50848 - Type : FILE-OTHER - Revision : 1
2019-04-13 Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap elevation o...
RuleID : 49423 - Type : FILE-OTHER - Revision : 2
2019-04-13 Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap elevation o...
RuleID : 49422 - Type : FILE-OTHER - Revision : 2
2019-04-13 Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap elevation o...
RuleID : 49421 - Type : FILE-OTHER - Revision : 2
2018-06-12 SMB client NULL deref race condition attempt
RuleID : 46637 - Type : NETBIOS - Revision : 1
2017-10-03 Microsoft Windows Shell Handler remote code execution attempt
RuleID : 44218 - Type : OS-WINDOWS - Revision : 1
2017-10-03 Microsoft Windows Shell Handler remote code execution attempt
RuleID : 44217 - Type : OS-WINDOWS - Revision : 1
2017-10-03 Microsoft Windows Shell Handler remote code execution attempt
RuleID : 44216 - Type : OS-WINDOWS - Revision : 1
2016-11-08 Microsoft Windows Media Runtime malformed ASF codec memory corruption attempt
RuleID : 40354 - Type : OS-WINDOWS - Revision : 2
2016-09-13 Microsoft Windows win32k.sys escalation of privilege attempt
RuleID : 39863 - Type : OS-WINDOWS - Revision : 2
2015-07-13 Win.Trojan.Fanny outbound connection
RuleID : 34857 - Type : MALWARE-CNC - Revision : 2
2015-06-23 Microsoft Windows Font Library file buffer overflow attempt
RuleID : 34566 - Type : FILE-OTHER - Revision : 3
2015-04-07 Microsoft Windows Media MIDI file memory corruption attempt
RuleID : 33684 - Type : FILE-OTHER - Revision : 3
2015-03-17 Microsoft Windows Comctl32.dll third-party SVG viewer heap overflow attempt
RuleID : 33479 - Type : OS-WINDOWS - Revision : 2

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2014-03-05 Name: The DNS server running on the remote host has multiple vulnerabilities.
File: ms_dns_kb2562485.nasl - Type: ACT_GATHER_INFO
2012-06-13 Name: Arbitrary code can be executed on the remote host through Microsoft Lync.
File: smb_nt_ms12-039.nasl - Type: ACT_GATHER_INFO
2012-05-09 Name: A multimedia application framework installed on the remote Mac OS X host is a...
File: macosx_ms12-034.nasl - Type: ACT_GATHER_INFO
2012-05-09 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms12-034.nasl - Type: ACT_GATHER_INFO
2012-01-10 Name: Opening a specially crafted Microsoft Office file could result in arbitrary c...
File: smb_nt_ms12-005.nasl - Type: ACT_GATHER_INFO
2012-01-10 Name: Opening a specially crafted media file could result in arbitrary code execution.
File: smb_nt_ms12-004.nasl - Type: ACT_GATHER_INFO
2012-01-10 Name: The remote Windows host has a privilege escalation vulnerability.
File: smb_nt_ms12-003.nasl - Type: ACT_GATHER_INFO
2012-01-10 Name: The remote Windows host has a flaw in a security feature that is utilized by ...
File: smb_nt_ms12-001.nasl - Type: ACT_GATHER_INFO
2011-12-13 Name: The remote Windows kernel is affected by a remote code execution vulnerability.
File: smb_nt_ms11-087.nasl - Type: ACT_GATHER_INFO
2011-12-13 Name: The Windows kernel is affected by a vulnerability that could result in privil...
File: smb_nt_ms11-098.nasl - Type: ACT_GATHER_INFO
2011-12-13 Name: The remote Windows host has a privilege escalation vulnerability.
File: smb_nt_ms11-097.nasl - Type: ACT_GATHER_INFO
2011-12-13 Name: The installed version of Active Directory is affected by a vulnerability that...
File: smb_nt_ms11-095.nasl - Type: ACT_GATHER_INFO
2011-11-08 Name: The remote Windows host has a code execution vulnerability.
File: smb_nt_ms11-083.nasl - Type: ACT_GATHER_INFO
2011-11-08 Name: The remote Windows host is affected by a remote code execution vulnerability.
File: smb_nt_ms11-085.nasl - Type: ACT_GATHER_INFO
2011-11-08 Name: The installed version of Active Directory is affected by a vulnerability that...
File: smb_nt_ms11-086.nasl - Type: ACT_GATHER_INFO
2011-10-11 Name: The remote Windows kernel is affected by multiple vulnerabilities.
File: smb_nt_ms11-077.nasl - Type: ACT_GATHER_INFO
2011-10-11 Name: The remote Windows host contains a component that could allow remote code exe...
File: smb_nt_ms11-075.nasl - Type: ACT_GATHER_INFO
2011-09-14 Name: The remote Windows host is affected by a code execution vulnerability.
File: smb_nt_ms11-071.nasl - Type: ACT_GATHER_INFO
2011-09-14 Name: Arbitrary code can be executed on the remote host through Microsoft Windows I...
File: smb_nt_ms11-070.nasl - Type: ACT_GATHER_INFO
2011-09-01 Name: The remote Windows host is susceptible to denial of service attacks.
File: qos_kb2563894.nasl - Type: ACT_GATHER_INFO
2011-08-17 Name: The DNS server running on the remote host is affected by a memory corruption ...
File: dns_ms11-058.nasl - Type: ACT_GATHER_INFO
2011-08-09 Name: The Windows kernel is affected by a vulnerability that could result in a deni...
File: smb_nt_ms11-068.nasl - Type: ACT_GATHER_INFO
2011-08-09 Name: The remote Windows host is susceptible to denial of service attacks.
File: smb_nt_ms11-064.nasl - Type: ACT_GATHER_INFO
2011-08-09 Name: The remote Windows host has a privilege escalation vulnerability.
File: smb_nt_ms11-063.nasl - Type: ACT_GATHER_INFO
2011-08-09 Name: The DNS server running on the remote host has multiple vulnerabilities.
File: smb_nt_ms11-058.nasl - Type: ACT_GATHER_INFO