Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2011-11-11 |
| Product | Windows Server 2008 | Last view | 2020-11-11 |
| Version | r2 | Type | Os |
| Update | sp1 | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:microsoft:windows_server_2008 | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 9.8 | 2020-11-11 | CVE-2020-17051 | Windows Network File System Remote Code Execution Vulnerability |
| 7.5 | 2020-11-11 | CVE-2020-17047 | Windows Network File System Denial of Service Vulnerability |
| 5.5 | 2020-11-11 | CVE-2020-17045 | Windows KernelStream Information Disclosure Vulnerability |
| 8.8 | 2020-11-11 | CVE-2020-17042 | Windows Print Spooler Remote Code Execution Vulnerability |
| 7.8 | 2020-11-11 | CVE-2020-17038 | Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17010. |
| 5.5 | 2020-11-11 | CVE-2020-17036 | Windows Function Discovery SSDP Provider Information Disclosure Vulnerability |
| 5.5 | 2020-11-11 | CVE-2020-17029 | Windows Canonical Display Driver Information Disclosure Vulnerability |
| 7.8 | 2020-10-16 | CVE-2020-16902 | An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka 'Windows Installer Elevation of Privilege Vulnerability'. |
| 7.8 | 2020-10-16 | CVE-2020-16900 | An elevation of privilege vulnerability exists when the Windows Event System improperly handles objects in memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Event System Elevation of Privilege Vulnerability'. |
| 7.8 | 2020-08-17 | CVE-2020-1584 | An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory, aka 'Windows dnsrslvr.dll Elevation of Privilege Vulnerability'. |
| 7.8 | 2020-07-14 | CVE-2020-1437 | An elevation of privilege vulnerability exists in the way that the Windows Network Location Awareness Service handles objects in memory, aka 'Windows Network Location Awareness Service Elevation of Privilege Vulnerability'. |
| 8.8 | 2020-07-14 | CVE-2020-1436 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted fonts.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely, aka 'Windows Font Library Remote Code Execution Vulnerability'. |
| 8.8 | 2020-07-14 | CVE-2020-1435 | A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. |
| 7.8 | 2020-04-15 | CVE-2020-0907 | A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'. |
| 6.5 | 2020-03-12 | CVE-2020-0774 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0874, CVE-2020-0879, CVE-2020-0880, CVE-2020-0882. |
| 7.5 | 2020-03-12 | CVE-2020-0645 | A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request headers, aka 'Microsoft IIS Server Tampering Vulnerability'. |
| 7.8 | 2019-10-10 | CVE-2019-1339 | An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1315, CVE-2019-1342. |
| 7.8 | 2019-08-14 | CVE-2019-1178 | An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1177, CVE-2019-1179, CVE-2019-1180, CVE-2019-1184, CVE-2019-1186. |
| 8.8 | 2019-08-14 | CVE-2019-1152 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151. |
| 8.8 | 2019-08-14 | CVE-2019-1151 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1152. |
| 8.8 | 2019-08-14 | CVE-2019-1150 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1151, CVE-2019-1152. |
| 8.8 | 2019-08-14 | CVE-2019-1149 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152. |
| 8.8 | 2019-08-14 | CVE-2019-1145 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152. |
| 8.8 | 2019-08-14 | CVE-2019-1144 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152. |
| 5.5 | 2019-03-05 | CVE-2019-0636 | An information vulnerability exists when Windows improperly discloses file information, aka 'Windows Information Disclosure Vulnerability'. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 34% (133) | CWE-200 | Information Exposure |
| 18% (73) | CWE-264 | Permissions, Privileges, and Access Controls |
| 12% (47) | CWE-20 | Improper Input Validation |
| 11% (44) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 3% (13) | CWE-281 | Improper Preservation of Permissions |
| 2% (9) | CWE-284 | Access Control (Authorization) Issues |
| 2% (8) | CWE-665 | Improper Initialization |
| 1% (7) | CWE-404 | Improper Resource Shutdown or Release |
| 1% (7) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 1% (7) | CWE-19 | Data Handling |
| 1% (5) | CWE-269 | Improper Privilege Management |
| 1% (5) | CWE-254 | Security Features |
| 1% (4) | CWE-787 | Out-of-bounds Write |
| 0% (3) | CWE-611 | Information Leak Through XML External Entity File Disclosure |
| 0% (2) | CWE-415 | Double Free |
| 0% (2) | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory L... |
| 0% (2) | CWE-399 | Resource Management Errors |
| 0% (2) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
| 0% (2) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
| 0% (1) | CWE-755 | Improper Handling of Exceptional Conditions |
| 0% (1) | CWE-732 | Incorrect Permission Assignment for Critical Resource |
| 0% (1) | CWE-416 | Use After Free |
| 0% (1) | CWE-362 | Race Condition |
| 0% (1) | CWE-352 | Cross-Site Request Forgery (CSRF) |
| 0% (1) | CWE-287 | Improper Authentication |
SAINT Exploits
| Description | Link |
|---|---|
| Windows OLE Package Manager CPackage::DoVerb() INF File Download Vulnerability | More info here |
| Microsoft Word and WordPad RTF HTA handler command execution | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 77908 | Microsoft Windows win32k.sys Safari IFRAME Height Attribute Handling Remote M... |
| 77213 | Microsoft Windows AppLocker Rule Weakness Local Access Restriction Bypass |
ExploitDB Exploits
| id | Description |
|---|---|
| 35236 | MS14-064 Microsoft Windows OLE Package Manager Code Execution |
| 35235 | MS14-064 Microsoft Windows OLE Package Manager Code Execution Through Python |
| 35216 | MS Office 2007 and 2010 - OLE Arbitrary Command Execution |
| 35101 | Windows TrackPopupMenu Win32k NULL Pointer Dereference |
| 35055 | Windows OLE - Remote Code Execution "Sandworm" Exploit (MS14-060) |
| 35020 | MS14-060 Microsoft Windows OLE Package Manager Code Execution |
| 35019 | Windows OLE Package Manager SandWorm Exploit |
| 26554 | Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation |
OpenVAS Exploits
| id | Description |
|---|---|
| 2012-12-12 | Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (... File : nvt/secpod_ms12-078.nasl |
| 2012-12-12 | Name : Microsoft Windows File Handling Component Remote Code Execution Vulnerability... File : nvt/secpod_ms12-081.nasl |
| 2012-06-13 | Name : Microsoft Lync Remote Code Execution Vulnerabilities (2707956) File : nvt/secpod_ms12-039.nasl |
| 2012-05-14 | Name : Microsoft Silverlight Code Execution Vulnerabilities - 2681578 (Mac OS X) File : nvt/secpod_ms12-034_macosx.nasl |
| 2012-05-09 | Name : Microsoft Windows TCP/IP Privilege Elevation Vulnerabilities (2688338) File : nvt/secpod_ms12-032.nasl |
| 2012-05-09 | Name : MS Security Update For Microsoft Office, .NET Framework, and Silverlight (268... File : nvt/secpod_ms12-034.nasl |
| 2012-02-15 | Name : Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (2660465) File : nvt/secpod_ms12-008.nasl |
| 0000-00-00 | Name : Microsoft Windows Kernel 'win32k.sys' Memory Corruption Vulnerability File : nvt/gb_ms_win_kernel_win32k_sys_mem_corruption_vuln.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-B-0110 | Microsoft Active Directory Service Denial of Service Vulnerability (MS15-096) Severity: Category II - VMSKEY: V0061369 |
| 2015-A-0190 | Multiple Vulnerabilities in Microsoft Remote Desktop Protocol (RDP) (MS15-082) Severity: Category II - VMSKEY: V0061299 |
| 2015-A-0167 | Multiple Vulnerabilities in Microsoft Windows (MS15-069) Severity: Category II - VMSKEY: V0061129 |
| 2015-B-0091 | Multiple Vulnerabilities in Microsoft Hyper-V (MS15-068) Severity: Category II - VMSKEY: V0061119 |
| 2015-A-0173 | Microsoft Windows Netlogon Privilege Escalation Vulnerability (MS15-071) Severity: Category II - VMSKEY: V0061111 |
| 2015-A-0168 | Microsoft Graphics Component Privilege Escalation Vulnerability (MS15-072) Severity: Category II - VMSKEY: V0061105 |
| 2015-A-0169 | Multiple Vulnerabilities in Microsoft OLE (MS15-075) Severity: Category II - VMSKEY: V0061103 |
| 2015-A-0162 | Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Driver (MS15-073) Severity: Category II - VMSKEY: V0061097 |
| 2015-A-0164 | Microsoft Windows Installer Privilege Escalation Vulnerability (MS15-074) Severity: Category II - VMSKEY: V0061095 |
| 2015-A-0165 | Microsoft Remote Procedure Call (RPC) Privilege Escalation Vulnerability (MS1... Severity: Category II - VMSKEY: V0061093 |
| 2015-A-0122 | Microsoft Windows Kernel Elevation of Privilege Vulnerability (MS15-063) Severity: Category II - VMSKEY: V0060961 |
| 2015-A-0088 | Microsoft Windows Task Scheduler Privilege Escalation Vulnerability (MS15-037) Severity: Category II - VMSKEY: V0059891 |
| 2015-A-0048 | Multiple Vulnerabilities in Windows Kernel (MS15-025) Severity: Category II - VMSKEY: V0058995 |
| 2015-A-0008 | Microsoft Windows User Profile Service Privilege Escalation Vulnerability (MS... Severity: Category II - VMSKEY: V0058209 |
| 2015-A-0007 | Microsoft Windows Network Policy Server Remote Denial of Service Vulnerabilit... Severity: Category I - VMSKEY: V0058207 |
| 2015-A-0006 | Microsoft Windows Kernel-Mode Driver Privilege Escalation Vulnerability (MS15... Severity: Category II - VMSKEY: V0058205 |
| 2015-A-0010 | Microsoft Windows Remote Privilege Escalation Vulnerability (MS15-004) Severity: Category II - VMSKEY: V0058203 |
| 2015-B-0004 | Microsoft Network Location Awareness Service Security Bypass Vulnerability (M... Severity: Category II - VMSKEY: V0058201 |
| 2015-B-0006 | Microsoft Windows Telnet Buffer Overflow Vulnerability (MS15-002) Severity: Category I - VMSKEY: V0058199 |
| 2014-A-0180 | Microsoft Windows Kerberos Privilege Escalation Vulnerability Severity: Category I - VMSKEY: V0057571 |
| 2014-A-0171 | Multiple Vulnerabilities in Windows OLE Severity: Category I - VMSKEY: V0057379 |
| 2014-B-0093 | Microsoft Ancillary Function Driver Privilege Escalation Vulnerability Severity: Category II - VMSKEY: V0052955 |
| 2014-B-0059 | Multiple Vulnerabilities in Microsoft Windows Severity: Category I - VMSKEY: V0050447 |
| 2012-A-0196 | Microsoft Windows File Handling Component Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0035488 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2020-10-13 | Microsoft Windows NDIS.SYS driver buffer overflow attempt RuleID : 55198 - Type : OS-WINDOWS - Revision : 1 |
| 2020-10-13 | Microsoft Windows NDIS.SYS driver buffer overflow attempt RuleID : 55197 - Type : OS-WINDOWS - Revision : 1 |
| 2020-09-15 | Microsoft Windows DNS Resolver local privilege escalation attempt RuleID : 54736 - Type : OS-WINDOWS - Revision : 1 |
| 2020-09-15 | Microsoft Windows DNS Resolver local privilege escalation attempt RuleID : 54735 - Type : OS-WINDOWS - Revision : 1 |
| 2020-01-16 | Microsoft Word internal OLE object update attempt RuleID : 52482 - Type : INDICATOR-COMPROMISE - Revision : 1 |
| 2020-01-16 | Microsoft Word internal OLE object update attempt RuleID : 52481 - Type : INDICATOR-COMPROMISE - Revision : 1 |
| 2019-12-05 | Microsoft JET Database ExcelExtractString stack buffer overflow attempt RuleID : 52073 - Type : SERVER-OTHER - Revision : 1 |
| 2019-12-05 | Microsoft JET Database ExcelExtractString stack buffer overflow attempt RuleID : 52072 - Type : SERVER-OTHER - Revision : 1 |
| 2019-09-24 | Microsoft Excel Jet Database Engine code execution attempt RuleID : 51183 - Type : FILE-OFFICE - Revision : 1 |
| 2019-09-24 | Microsoft Excel Jet Database Engine code execution attempt RuleID : 51182 - Type : FILE-OFFICE - Revision : 1 |
| 2019-04-18 | Microsoft Windows TTF parsing counter overflow attempt RuleID : 49483 - Type : FILE-OTHER - Revision : 1 |
| 2019-04-18 | Microsoft Windows TTF parsing counter overflow attempt RuleID : 49482 - Type : FILE-OTHER - Revision : 1 |
| 2019-03-12 | Microsoft Windows SMB remote code execution attempt RuleID : 49177 - Type : OS-WINDOWS - Revision : 1 |
| 2019-03-12 | Microsoft Windows SMB remote code execution attempt RuleID : 49176 - Type : OS-WINDOWS - Revision : 1 |
| 2019-03-12 | Microsoft Windows SMB remote code execution attempt RuleID : 49175 - Type : OS-WINDOWS - Revision : 1 |
| 2019-03-12 | Microsoft Windows SMB remote code execution attempt RuleID : 49174 - Type : OS-WINDOWS - Revision : 1 |
| 2019-03-12 | Microsoft Windows SMB named pipe buffer overflow attempt RuleID : 49146 - Type : OS-WINDOWS - Revision : 2 |
| 2019-02-07 | Microsoft Windows arbitrary file read attempt RuleID : 48800 - Type : OS-WINDOWS - Revision : 2 |
| 2019-02-07 | Microsoft Windows arbitrary file read attempt RuleID : 48799 - Type : OS-WINDOWS - Revision : 2 |
| 2019-02-07 | Microsoft Windows kernel out of bounds read attempt RuleID : 48790 - Type : OS-WINDOWS - Revision : 1 |
| 2019-02-07 | Microsoft Windows kernel out of bounds read attempt RuleID : 48789 - Type : OS-WINDOWS - Revision : 1 |
| 2018-12-14 | Microsoft Internet Explorer DirectX information disclosure attempt RuleID : 48371 - Type : BROWSER-IE - Revision : 1 |
| 2018-12-14 | Microsoft Internet Explorer DirectX information disclosure attempt RuleID : 48370 - Type : BROWSER-IE - Revision : 1 |
| 2018-11-10 | Microsoft Windows privilege escalation attempt RuleID : 48129 - Type : OS-WINDOWS - Revision : 1 |
| 2018-11-10 | Microsoft Windows privilege escalation attempt RuleID : 48128 - Type : OS-WINDOWS - Revision : 1 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2018-10-22 | Name: An application installed on the remote macOS or Mac OS X host is affected by ... File: macos_ms18_oct_office.nasl - Type: ACT_GATHER_INFO |
| 2017-12-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_dec_4053578.nasl - Type: ACT_GATHER_INFO |
| 2017-12-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_dec_4053579.nasl - Type: ACT_GATHER_INFO |
| 2017-12-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_dec_4053580.nasl - Type: ACT_GATHER_INFO |
| 2017-12-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_dec_4053581.nasl - Type: ACT_GATHER_INFO |
| 2017-12-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_dec_4054517.nasl - Type: ACT_GATHER_INFO |
| 2017-12-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_dec_4054518.nasl - Type: ACT_GATHER_INFO |
| 2017-12-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_dec_4054519.nasl - Type: ACT_GATHER_INFO |
| 2017-12-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_dec_4054520.nasl - Type: ACT_GATHER_INFO |
| 2017-12-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_dec_win2008.nasl - Type: ACT_GATHER_INFO |
| 2017-11-30 | Name: The Internet Explorer installation on the remote host is affected by multiple... File: smb_nt_ms17_jul_internet_explorer.nasl - Type: ACT_GATHER_INFO |
| 2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048952.nasl - Type: ACT_GATHER_INFO |
| 2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048953.nasl - Type: ACT_GATHER_INFO |
| 2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048954.nasl - Type: ACT_GATHER_INFO |
| 2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048955.nasl - Type: ACT_GATHER_INFO |
| 2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048956.nasl - Type: ACT_GATHER_INFO |
| 2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048957.nasl - Type: ACT_GATHER_INFO |
| 2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048958.nasl - Type: ACT_GATHER_INFO |
| 2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048959.nasl - Type: ACT_GATHER_INFO |
| 2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_win2008.nasl - Type: ACT_GATHER_INFO |
| 2017-11-03 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_aug_4034668.nasl - Type: ACT_GATHER_INFO |
| 2017-11-03 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_jul_4025338.nasl - Type: ACT_GATHER_INFO |
| 2017-11-03 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_oct_4042895.nasl - Type: ACT_GATHER_INFO |
| 2017-11-03 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_sep_4038781.nasl - Type: ACT_GATHER_INFO |
| 2017-10-20 | Name: The remote Windows host is affected by an information disclosure vulnerability. File: smb_nt_ms17_apr_3217841.nasl - Type: ACT_GATHER_INFO |
