This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2007-06-06
Product Windows Server 2008 Last view 2012-02-17
Version - Type Os
Update -  
Edition x32  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:microsoft:windows_server_2008

Activity : Overall

Related : CVE

  Date Alert Description
6.4 2012-02-17 CVE-2012-1194

The resolver in the DNS Server service in Microsoft Windows Server 2008 before R2 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.

9.3 2010-02-10 CVE-2010-0250

Heap-based buffer overflow in DirectShow in Microsoft DirectX, as used in the AVI Filter on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2, and in Quartz on Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, allows remote attackers to execute arbitrary code via an AVI file with a crafted length field in an unspecified video stream, which is not properly handled by the RLE video decompressor, aka "DirectShow Heap Overflow Vulnerability."

8.5 2009-09-08 CVE-2009-2499

Microsoft Windows Media Format Runtime 9.0, 9.5, and 11; and Microsoft Media Foundation on Windows Vista Gold, SP1, and SP2 and Server 2008; allows remote attackers to execute arbitrary code via an MP3 file with crafted metadata that triggers memory corruption, aka "Windows Media Playback Memory Corruption Vulnerability."

9.3 2009-09-08 CVE-2009-2498

Microsoft Windows Media Format Runtime 9.0, 9.5, and 11 and Windows Media Services 9.1 and 2008 do not properly parse malformed headers in Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted (1) .asf, (2) .wmv, or (3) .wma file, aka "Windows Media Header Parsing Invalid Free Vulnerability."

7.8 2009-09-08 CVE-2009-1926

Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to cause a denial of service (TCP outage) via a series of TCP sessions that have pending data and a (1) small or (2) zero receive window size, and remain in the FIN-WAIT-1 or FIN-WAIT-2 state indefinitely, aka "TCP/IP Orphaned Connections Vulnerability."

10 2009-09-08 CVE-2009-1925

The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 does not properly manage state information, which allows remote attackers to execute arbitrary code by sending packets to a listening service, and thereby triggering misinterpretation of an unspecified field as a function pointer, aka "TCP/IP Timestamps Code Execution Vulnerability."

9.3 2009-09-08 CVE-2009-1920

The JScript scripting engine 5.1, 5.6, 5.7, and 5.8 in JScript.dll in Microsoft Windows, as used in Internet Explorer, does not properly load decoded scripts into memory before execution, which allows remote attackers to execute arbitrary code via a crafted web site that triggers memory corruption, aka "JScript Remote Code Execution Vulnerability."

9.3 2009-09-08 CVE-2009-1132

Heap-based buffer overflow in the Wireless LAN AutoConfig Service (aka Wlansvc) in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a malformed wireless frame, aka "Wireless Frame Parsing Remote Code Execution Vulnerability."

10 2009-08-12 CVE-2009-2494

The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via vectors related to erroneous free operations after reading a variant from a stream and deleting this variant, aka "ATL Object Type Mismatch Vulnerability."

10 2009-08-12 CVE-2009-1930

The Telnet service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote Telnet servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, aka "Telnet Credential Reflection Vulnerability," a related issue to CVE-2000-0834.

9.3 2009-08-12 CVE-2009-1929

Heap-based buffer overflow in the Microsoft Terminal Services Client ActiveX control running RDP 6.1 on Windows XP SP2, Vista SP1 or SP2, or Server 2008 Gold or SP2; or 5.2 or 6.1 on Windows XP SP3; allows remote attackers to execute arbitrary code via unspecified parameters to unknown methods, aka "Remote Desktop Connection ActiveX Control Heap Overflow Vulnerability."

8.5 2009-08-12 CVE-2009-1546

Integer overflow in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows allows remote attackers to execute arbitrary code on a Windows 2000 SP4 system via a crafted AVI file, or cause a denial of service on a Windows XP SP2 or SP3, Server 2003 SP2, Vista Gold, SP1, or SP2, or Server 2008 Gold or SP2 system via a crafted AVI file, aka "AVI Integer Overflow Vulnerability."

9.3 2009-08-12 CVE-2009-1545

Unspecified vulnerability in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a malformed header in a crafted AVI file, aka "Malformed AVI Header Vulnerability."

9 2009-08-12 CVE-2009-1544

Double free vulnerability in the Workstation service in Microsoft Windows allows remote authenticated users to gain privileges via a crafted RPC message to a Windows XP SP2 or SP3 or Server 2003 SP2 system, or cause a denial of service via a crafted RPC message to a Vista Gold, SP1, or SP2 or Server 2008 Gold or SP2 system, aka "Workstation Service Memory Corruption Vulnerability."

9.3 2009-08-12 CVE-2009-1133

Heap-based buffer overflow in Microsoft Remote Desktop Connection (formerly Terminal Services Client) running RDP 5.0 through 6.1 on Windows, and Remote Desktop Connection Client for Mac 2.0, allows remote attackers to execute arbitrary code via unspecified parameters, aka "Remote Desktop Connection Heap Overflow Vulnerability."

9.3 2009-07-29 CVE-2009-1919

Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly handle attempts to access deleted objects in memory, which allows remote attackers to execute arbitrary code via an HTML document containing embedded style sheets that modify unspecified rule properties that cause the behavior element to be "improperly processed," aka "Uninitialized Memory Corruption Vulnerability."

7.1 2007-06-06 CVE-2007-3091

Race condition in Microsoft Internet Explorer 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code or perform other actions upon a page transition, with the permissions of the old page and the content of the new page, as demonstrated by setInterval functions that set location.href within a try/catch expression, aka the "bait & switch vulnerability" or "Race Condition Cross-Domain Information Disclosure Vulnerability."

CWE : Common Weakness Enumeration

%idName
46% (7) CWE-94 Failure to Control Generation of Code ('Code Injection')
26% (4) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
6% (1) CWE-399 Resource Management Errors
6% (1) CWE-362 Race Condition
6% (1) CWE-255 Credentials Management
6% (1) CWE-189 Numeric Errors

SAINT Exploits

Description Link
Visual Studio Active Template Library object type mismatch vulnerability More info here
Windows Telnet credential reflection More info here

Open Source Vulnerability Database (OSVDB)

id Description
62257 Microsoft Windows DirectShow AVI File Decompression Overflow
57806 Microsoft Windows Wireless LAN AutoConfig Service (wlansvc) Frame Parsing Arb...
57804 Microsoft JScript Scripting Engine Memory Corruption Arbitrary Code Execution
57803 Microsoft Windows Media MP3 File Handling Memory Corruption
57802 Microsoft Windows Media ASF Header Parsing Invalid Free Arbitrary Code Execution
57797 Microsoft Windows TCP/IP Orphaned Connection Handling Remote DoS
57796 Microsoft Windows TCP/IP Packet State Information Handling Remote Code Execution
56912 Microsoft Windows Terminal Services Client ActiveX Unspecified Overflow
56911 Microsoft Remote Desktop Server (RDS) mstscax.dll Packet Parsing Remote Overflow
56910 Microsoft Visual Studio Active Template Library (ATL) Header Mismatch Remote ...
56909 Microsoft Windows AVI Media File Parsing Unspecified Overflow
56908 Microsoft Windows Malformed AVI Header Parsing Arbitrary Code Execution
56904 Microsoft Windows Telnet NTLM Credential Reflection Remote Access
56902 Microsoft Windows Workstation Service NetrGetJoinInformation Function Local M...
56695 Microsoft IE HTML Embedded CSS Property Modification Memory Corruption
54944 Microsoft IE Race Condition Cross-Domain Information Disclosure
38497 Microsoft IE Page Transaction Race Condition Arbitrary Code Execution

OpenVAS Exploits

id Description
2010-12-06 Name : Microsoft Wireless LAN AutoConfig Service Remote Code Execution Vulnerabilit...
File : nvt/gb_ms09-049.nasl
2010-02-10 Name : Microsoft DirectShow Remote Code Execution Vulnerability (977935)
File : nvt/secpod_ms10-013.nasl
2009-09-10 Name : Microsoft JScript Scripting Engine Remote Code Execution Vulnerability (971961)
File : nvt/secpod_ms09-045.nasl
2009-09-10 Name : Microsoft Windows Media Format Remote Code Execution Vulnerability (973812)
File : nvt/secpod_ms09-047.nasl
2009-09-10 Name : Microsoft Windows TCP/IP Remote Code Execution Vulnerability (967723)
File : nvt/secpod_ms09-048.nasl
2009-08-14 Name : Vulnerabilities in Microsoft ATL Could Allow Remote Code Execution (973908)
File : nvt/secpod_ms09-037.nasl
2009-08-12 Name : Microsoft Windows AVI Media File Parsing Vulnerabilities (971557)
File : nvt/secpod_ms09-038.nasl
2009-08-12 Name : Vulnerability in Workstation Service Could Allow Elevation of Privilege (971657)
File : nvt/secpod_ms09-041.nasl
2009-08-12 Name : Telnet NTLM Credential Reflection Authentication Bypass Vulnerability (960859)
File : nvt/secpod_ms09-042.nasl
2009-08-12 Name : Microsoft Remote Desktop Connection Remote Code Execution Vulnerability (969706)
File : nvt/secpod_ms09-044.nasl
2009-07-29 Name : Cumulative Security Update for Internet Explorer (972260)
File : nvt/secpod_ms09-034.nasl
2009-06-15 Name : Ubuntu USN-785-1 (ipsec-tools)
File : nvt/ubuntu_785_1.nasl
2009-06-10 Name : Cumulative Security Update for Internet Explorer (969897)
File : nvt/secpod_ms09-019.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2010-A-0025 Microsoft DirectShow Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0022679
2009-A-0078 Microsoft Wireless LAN AutoConfig Service Vulnerability
Severity: Category I - VMSKEY: V0019913
2009-A-0074 Microsoft JScript Scripting Engine Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0019914
2009-A-0076 Multiple Vulnerabilities in Microsoft Windows Media Format
Severity: Category II - VMSKEY: V0019916
2009-A-0077 Multiple Microsoft TCP/IP Remote Code Execution Vulnerabilities
Severity: Category I - VMSKEY: V0019917
2009-B-0037 Microsoft Telnet Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0019879
2009-B-0035 Microsoft Windows Workstation Service Elevation of Privilege Vulnerability
Severity: Category II - VMSKEY: V0019880
2009-A-0067 Multiple Vulnerabilities in Microsoft Active Template Library
Severity: Category II - VMSKEY: V0019882
2009-A-0071 Multiple Vulnerabilities in Microsoft Remote Desktop Connection
Severity: Category II - VMSKEY: V0019884

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2019-09-05 Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt
RuleID : 50893 - Type : FILE-MULTIMEDIA - Revision : 1
2019-09-05 Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt
RuleID : 50892 - Type : FILE-MULTIMEDIA - Revision : 1
2017-10-10 Microsoft DirectShow memory corruption attempt
RuleID : 44306 - Type : OS-WINDOWS - Revision : 2
2017-10-10 Microsoft DirectShow memory corruption attempt
RuleID : 44305 - Type : OS-WINDOWS - Revision : 2
2017-07-25 Microsoft Windows DirectX directshow wav file overflow attempt
RuleID : 43270 - Type : FILE-MULTIMEDIA - Revision : 1
2017-07-25 Microsoft Windows DirectX directshow wav file overflow attempt
RuleID : 43269 - Type : FILE-MULTIMEDIA - Revision : 1
2016-04-19 DCERPC Direct detection of malicious DCE RPC request in suspicious pcap
RuleID : 38264 - Type : OS-WINDOWS - Revision : 1
2014-01-10 Microsoft Windows Media encryption sample ID header RCE attempt
RuleID : 23576 - Type : FILE-MULTIMEDIA - Revision : 5
2014-01-10 Microsoft Windows Media encryption sample ID header RCE attempt
RuleID : 23575 - Type : FILE-MULTIMEDIA - Revision : 5
2014-01-10 Microsoft Windows Media pixel aspect ratio header RCE attempt
RuleID : 23574 - Type : FILE-MULTIMEDIA - Revision : 5
2014-01-10 Microsoft Windows Media content type header RCE attempt
RuleID : 23573 - Type : FILE-MULTIMEDIA - Revision : 5
2014-01-10 Microsoft Windows Media file name header RCE attempt
RuleID : 23572 - Type : FILE-MULTIMEDIA - Revision : 5
2014-01-10 Microsoft Windows Media Timecode header RCE attempt
RuleID : 23571 - Type : FILE-MULTIMEDIA - Revision : 5
2014-01-10 Microsoft Windows Media sample duration header RCE attempt
RuleID : 23570 - Type : FILE-MULTIMEDIA - Revision : 5
2014-01-10 Microsoft Windows AVIFile truncated media file processing memory corruption a...
RuleID : 23569 - Type : FILE-MULTIMEDIA - Revision : 5
2014-01-10 Microsoft Windows AVIFile media file processing memory corruption attempt
RuleID : 23568 - Type : FILE-MULTIMEDIA - Revision : 5
2014-01-10 Microsoft Windows AVI Header insufficient data corruption attempt
RuleID : 23567 - Type : FILE-MULTIMEDIA - Revision : 5
2014-01-10 Microsoft Windows Remote Desktop Client ActiveX clsid access
RuleID : 20175 - Type : BROWSER-PLUGINS - Revision : 12
2014-01-10 Microsoft Windows Media encryption sample ID header RCE attempt
RuleID : 19450 - Type : FILE-MULTIMEDIA - Revision : 13
2014-01-10 Microsoft Windows Media encryption sample ID header RCE attempt
RuleID : 19449 - Type : FILE-MULTIMEDIA - Revision : 13
2014-01-10 Microsoft Windows Media pixel aspect ratio header RCE attempt
RuleID : 19448 - Type : FILE-MULTIMEDIA - Revision : 13
2014-01-10 Microsoft Windows Media content type header RCE attempt
RuleID : 19447 - Type : FILE-MULTIMEDIA - Revision : 13
2014-01-10 Microsoft Windows Media file name header RCE attempt
RuleID : 19446 - Type : FILE-MULTIMEDIA - Revision : 13
2014-01-10 Microsoft Windows Media Timecode header RCE attempt
RuleID : 19445 - Type : FILE-MULTIMEDIA - Revision : 13
2014-01-10 Microsoft Windows Media sample duration header RCE attempt
RuleID : 19444 - Type : FILE-MULTIMEDIA - Revision : 12

Nessus® Vulnerability Scanner

id Description
2010-02-09 Name: It is possible to execute arbitrary code on the remote Windows host using Dir...
File: smb_nt_ms10-013.nasl - Type: ACT_GATHER_INFO
2009-09-08 Name: Arbitrary code can be executed on the remote host through the web or email cl...
File: smb_nt_ms09-045.nasl - Type: ACT_GATHER_INFO
2009-09-08 Name: Arbitrary code can be executed on the remote host through opening a Windows M...
File: smb_nt_ms09-047.nasl - Type: ACT_GATHER_INFO
2009-09-08 Name: Multiple vulnerabilities in the Windows TCP/IP implementation could lead to d...
File: smb_nt_ms09-048.nasl - Type: ACT_GATHER_INFO
2009-09-08 Name: Arbitrary code can be executed on the remote host through the Wireless LAN Au...
File: smb_nt_ms09-049.nasl - Type: ACT_GATHER_INFO
2009-08-11 Name: Arbitrary code can be executed on the remote host through Microsoft Remote De...
File: macosx_rdesktop.nasl - Type: ACT_GATHER_INFO
2009-08-11 Name: Arbitrary code can be executed on the remote host through Microsoft Active Te...
File: smb_nt_ms09-037.nasl - Type: ACT_GATHER_INFO
2009-08-11 Name: Arbitrary code can be executed on the remote host through Windows Media file ...
File: smb_nt_ms09-038.nasl - Type: ACT_GATHER_INFO
2009-08-11 Name: Users can elevate their privileges on the remote host.
File: smb_nt_ms09-041.nasl - Type: ACT_GATHER_INFO
2009-08-11 Name: Arbitrary code can be executed on the remote host through the remote Telnet c...
File: smb_nt_ms09-042.nasl - Type: ACT_GATHER_INFO
2009-08-11 Name: It is possible to execute arbitrary code on the remote host.
File: smb_nt_ms09-044.nasl - Type: ACT_GATHER_INFO
2009-07-28 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms09-034.nasl - Type: ACT_GATHER_INFO
2009-06-10 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms09-019.nasl - Type: ACT_GATHER_INFO