This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2012-02-17
Product Windows Server 2008 Last view 2021-06-08
Version sp2 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:microsoft:windows_server_2008

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
8.8 2021-06-08 CVE-2021-33742

Windows MSHTML Platform Remote Code Execution Vulnerability

7.8 2021-06-08 CVE-2021-31973

Windows GPSVC Elevation of Privilege Vulnerability

8.8 2021-06-08 CVE-2021-31971

Windows HTML Platform Security Feature Bypass Vulnerability

7.5 2021-06-08 CVE-2021-31968

Windows Remote Desktop Services Denial of Service Vulnerability

9.8 2021-06-08 CVE-2021-31962

Kerberos AppContainer Security Feature Bypass Vulnerability

8.8 2021-06-08 CVE-2021-31958

Windows NTLM Elevation of Privilege Vulnerability

7.8 2021-06-08 CVE-2021-31956

Windows NTFS Elevation of Privilege Vulnerability

5.5 2021-04-13 CVE-2021-28437

Windows Installer Information Disclosure Vulnerability

7.8 2021-04-13 CVE-2021-28350

Windows GDI+ Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28348, CVE-2021-28349.

7.8 2021-04-13 CVE-2021-28349

Windows GDI+ Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28348, CVE-2021-28350.

7.8 2021-04-13 CVE-2021-28348

Windows GDI+ Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28349, CVE-2021-28350.

6.5 2021-04-13 CVE-2021-28328

Windows DNS Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-28323.

5.5 2021-04-13 CVE-2021-26413

Windows Installer Spoofing Vulnerability

7.5 2021-03-11 CVE-2021-27063

Windows DNS Server Denial of Service Vulnerability This CVE ID is unique from CVE-2021-26896.

7.8 2021-03-11 CVE-2021-26901

Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26872, CVE-2021-26898.

7.8 2021-03-11 CVE-2021-26899

Windows UPnP Device Host Elevation of Privilege Vulnerability

7.8 2021-03-11 CVE-2021-26898

Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26872, CVE-2021-26901.

9.8 2021-03-11 CVE-2021-26897

Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895.

9.8 2021-03-11 CVE-2021-26894

Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877, CVE-2021-26893, CVE-2021-26895, CVE-2021-26897.

7.8 2021-03-11 CVE-2021-26872

Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26898, CVE-2021-26901.

5.4 2018-09-12 CVE-2018-8434

An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

6.5 2018-09-12 CVE-2018-8424

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8422.

7.8 2018-09-12 CVE-2018-8393

A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system, aka "Microsoft JET Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8392.

7.8 2018-09-12 CVE-2018-8392

A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system, aka "Microsoft JET Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8393.

5.5 2018-05-22 CVE-2018-3639

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

CWE : Common Weakness Enumeration

%idName
58% (7) CWE-269 Improper Privilege Management
16% (2) CWE-200 Information Exposure
8% (1) CWE-203 Information Exposure Through Discrepancy
8% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
8% (1) CWE-20 Improper Input Validation

Information Assurance Vulnerability Management (IAVM)

id Description
2013-A-0213 Cumulative Security Update of Microsoft ActiveX Kill Bits
Severity: Category II - VMSKEY: V0042293

Snort® IPS/IDS

Date Description
2019-12-05 Microsoft JET Database ExcelExtractString stack buffer overflow attempt
RuleID : 52073 - Type : SERVER-OTHER - Revision : 1
2019-12-05 Microsoft JET Database ExcelExtractString stack buffer overflow attempt
RuleID : 52072 - Type : SERVER-OTHER - Revision : 1
2016-03-24 InformationCardSigninHelper ActiveX function call access
RuleID : 37823 - Type : BROWSER-PLUGINS - Revision : 1
2016-03-24 InformationCardSigninHelper ActiveX clsid access
RuleID : 37822 - Type : BROWSER-PLUGINS - Revision : 2
2014-01-10 InformationCardSigninHelper ActiveX function call access
RuleID : 28506 - Type : BROWSER-PLUGINS - Revision : 7
2014-01-10 InformationCardSigninHelper ActiveX clsid access
RuleID : 28505 - Type : BROWSER-PLUGINS - Revision : 8
2014-10-14 DeputyDog diskless method outbound connection
RuleID : 28493-community - Type : MALWARE-CNC - Revision : 6
2014-01-10 DeputyDog diskless method outbound connection
RuleID : 28493 - Type : MALWARE-CNC - Revision : 6

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-10 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa10917_183R1.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-db0d3e157e.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-5521156807.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-527698a904.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-44f8a7454d.nasl - Type: ACT_GATHER_INFO
2018-10-31 Name: The remote host is missing a macOS security update that fixes multiple vulner...
File: macosx_SecUpd_10_13_6_2018-002.nasl - Type: ACT_GATHER_INFO
2018-10-18 Name: The remote host is missing a macOS update that fixes multiple security vulner...
File: macos_10_14.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1271.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1265.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1267.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1270.nasl - Type: ACT_GATHER_INFO
2018-09-17 Name: The remote Debian host is missing a security update.
File: debian_DLA-1506.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4273.nasl - Type: ACT_GATHER_INFO
2018-07-30 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2018-208-01.nasl - Type: ACT_GATHER_INFO
2018-07-27 Name: The remote Debian host is missing a security update.
File: debian_DLA-1446.nasl - Type: ACT_GATHER_INFO
2018-07-26 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2018-1049.nasl - Type: ACT_GATHER_INFO
2018-07-24 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-1_0-0151.nasl - Type: ACT_GATHER_INFO
2018-07-24 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-2_0-0049.nasl - Type: ACT_GATHER_INFO
2018-07-20 Name: The remote Debian host is missing a security update.
File: debian_DLA-1423.nasl - Type: ACT_GATHER_INFO
2018-07-18 Name: The remote Virtuozzo host is missing multiple security updates.
File: Virtuozzo_VZA-2018-048.nasl - Type: ACT_GATHER_INFO
2018-07-16 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-2164.nasl - Type: ACT_GATHER_INFO
2018-07-16 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-2162.nasl - Type: ACT_GATHER_INFO
2018-07-09 Name: The remote Fedora host is missing a security update.
File: fedora_2018-9f02e5ed7b.nasl - Type: ACT_GATHER_INFO
2018-07-05 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-1965.nasl - Type: ACT_GATHER_INFO
2018-07-05 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-1997.nasl - Type: ACT_GATHER_INFO