Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2013-12-10 |
| Product | Windows Server 2012 | Last view | 2018-10-10 |
| Version | r2 | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | standard | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:microsoft:windows_server_2012 | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5.5 | 2018-10-10 | CVE-2018-8486 | An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. |
| 7.8 | 2018-10-10 | CVE-2018-8423 | A remote code execution vulnerability exists in the Microsoft JET Database Engine, aka "Microsoft JET Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. |
| 3.1 | 2018-03-14 | CVE-2018-0878 | Windows Remote Assistance in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how XML External Entities (XXE) are processed, aka "Windows Remote Assistance Information Disclosure Vulnerability". |
| 7 | 2018-03-14 | CVE-2018-0868 | Windows Installer in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how input is sanitized, aka "Windows Installer Elevation of Privilege Vulnerability". |
| 7 | 2018-03-14 | CVE-2018-0817 | The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows GDI Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0815 and CVE-2018-0816. |
| 7 | 2018-03-14 | CVE-2018-0816 | The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows GDI Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0815 and CVE-2018-0817. |
| 5.5 | 2016-12-20 | CVE-2016-7295 | The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to obtain sensitive information from process memory via a crafted application, aka "Windows Common Log File System Driver Information Disclosure Vulnerability." |
| 7.8 | 2016-12-20 | CVE-2016-7292 | The Installer in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Windows Installer Elevation of Privilege Vulnerability." |
| 5 | 2016-06-15 | CVE-2016-3232 | The Virtual PCI (VPCI) virtual service provider in Microsoft Windows Server 2012 Gold and R2 allows local users to obtain sensitive information from uninitialized memory locations via a crafted application, aka "Windows Virtual PCI Information Disclosure Vulnerability." |
| 8.8 | 2016-06-15 | CVE-2016-3228 | Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows Server 2012 Gold and R2 allow remote authenticated users to execute arbitrary code via a crafted NetLogon request, aka "Windows Netlogon Memory Corruption Remote Code Execution Vulnerability." |
| 9.8 | 2016-06-15 | CVE-2016-3227 | Use-after-free vulnerability in the DNS Server component in Microsoft Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted requests, aka "Windows DNS Server Use After Free Vulnerability." |
| 6.5 | 2016-06-15 | CVE-2016-3226 | Active Directory in Microsoft Windows Server 2008 R2 SP1 and Server 2012 Gold and R2 allows remote authenticated users to cause a denial of service (service hang) by creating many machine accounts, aka "Active Directory Denial of Service Vulnerability." |
| 5.3 | 2016-02-10 | CVE-2016-0050 | Network Policy Server (NPS) in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 misparses username queries, which allows remote attackers to cause a denial of service (RADIUS authentication outage) via crafted requests, aka "Network Policy Server RADIUS Implementation Denial of Service Vulnerability." |
| 7.5 | 2016-02-10 | CVE-2016-0037 | The forms-based authentication implementation in Active Directory Federation Services (ADFS) 3.0 in Microsoft Windows Server 2012 R2 allows remote attackers to cause a denial of service (daemon outage) via crafted data, aka "Microsoft Active Directory Federation Services Denial of Service Vulnerability." |
| 9.3 | 2015-12-09 | CVE-2015-6125 | Use-after-free vulnerability in the DNS server in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted requests, aka "Windows DNS Use After Free Vulnerability." |
| 4 | 2015-09-08 | CVE-2015-2535 | Active Directory in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allows remote authenticated users to cause a denial of service (service outage) by creating multiple machine accounts, aka "Active Directory Denial of Service Vulnerability." |
| 5 | 2015-07-14 | CVE-2015-2417 | OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via crafted input, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "OLE Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-2416. |
| 5 | 2015-07-14 | CVE-2015-2416 | OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via crafted input, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "OLE Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-2417. |
| 7.2 | 2015-07-14 | CVE-2015-2387 | ATMFD.DLL in the Adobe Type Manager Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "ATMFD.DLL Memory Corruption Vulnerability." |
| 2.1 | 2015-07-14 | CVE-2015-2382 | win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from kernel memory via a crafted application, aka "Win32k Information Disclosure Vulnerability," a different vulnerability than CVE-2015-2381. |
| 2.1 | 2015-07-14 | CVE-2015-2381 | win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from kernel memory via a crafted application, aka "Win32k Information Disclosure Vulnerability," a different vulnerability than CVE-2015-2382. |
| 3.3 | 2015-07-14 | CVE-2015-2374 | The Netlogon service in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2 does not properly implement domain-controller communication, which allows remote attackers to discover credentials by leveraging certain PDC access and spoofing the BDC role in a PDC communication channel, aka "Elevation of Privilege Vulnerability in Netlogon." |
| 6.9 | 2015-07-14 | CVE-2015-2371 | The Windows Installer service in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a custom action script associated with a .msi package, aka "Windows Installer EoP Vulnerability." |
| 7.2 | 2015-07-14 | CVE-2015-2370 | The authentication implementation in the RPC subsystem in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not prevent DCE/RPC connection reflection, which allows local users to gain privileges via a crafted application, aka "Windows RPC Elevation of Privilege Vulnerability." |
| 6.9 | 2015-07-14 | CVE-2015-2368 | Untrusted search path vulnerability in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Windows DLL Remote Code Execution Vulnerability." |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 31% (10) | CWE-20 | Improper Input Validation |
| 25% (8) | CWE-264 | Permissions, Privileges, and Access Controls |
| 21% (7) | CWE-200 | Information Exposure |
| 6% (2) | CWE-254 | Security Features |
| 3% (1) | CWE-611 | Information Leak Through XML External Entity File Disclosure |
| 3% (1) | CWE-284 | Access Control (Authorization) Issues |
| 3% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 3% (1) | CWE-19 | Data Handling |
| 3% (1) | CWE-17 | Code |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-B-0110 | Microsoft Active Directory Service Denial of Service Vulnerability (MS15-096) Severity: Category II - VMSKEY: V0061369 |
| 2015-A-0165 | Microsoft Remote Procedure Call (RPC) Privilege Escalation Vulnerability (MS1... Severity: Category II - VMSKEY: V0061093 |
| 2015-A-0164 | Microsoft Windows Installer Privilege Escalation Vulnerability (MS15-074) Severity: Category II - VMSKEY: V0061095 |
| 2015-A-0162 | Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Driver (MS15-073) Severity: Category II - VMSKEY: V0061097 |
| 2015-A-0169 | Multiple Vulnerabilities in Microsoft OLE (MS15-075) Severity: Category II - VMSKEY: V0061103 |
| 2015-A-0168 | Microsoft Graphics Component Privilege Escalation Vulnerability (MS15-072) Severity: Category II - VMSKEY: V0061105 |
| 2015-A-0173 | Microsoft Windows Netlogon Privilege Escalation Vulnerability (MS15-071) Severity: Category II - VMSKEY: V0061111 |
| 2015-B-0091 | Multiple Vulnerabilities in Microsoft Hyper-V (MS15-068) Severity: Category II - VMSKEY: V0061119 |
| 2015-A-0167 | Multiple Vulnerabilities in Microsoft Windows (MS15-069) Severity: Category II - VMSKEY: V0061129 |
| 2015-B-0051 | Microsoft Active Directory Federation Services Information Disclosure Vulnera... Severity: Category II - VMSKEY: V0059913 |
| 2014-B-0059 | Multiple Vulnerabilities in Microsoft Windows Severity: Category I - VMSKEY: V0050447 |
| 2014-B-0028 | Microsoft Security Account Manager Remote (SAMR) Security Bypass Vulnerability Severity: Category II - VMSKEY: V0046171 |
| 2013-A-0232 | Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Drivers Severity: Category I - VMSKEY: V0042582 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2018-11-06 | Microsoft Windows dxgkrnl.sys kernel memory information leak attempt RuleID : 48048 - Type : OS-WINDOWS - Revision : 1 |
| 2018-11-06 | Microsoft Windows dxgkrnl.sys kernel memory information leak attempt RuleID : 48047 - Type : OS-WINDOWS - Revision : 1 |
| 2018-10-25 | Microsoft Windows JET Database Engine ActiveX clsid access attempt RuleID : 47888 - Type : BROWSER-PLUGINS - Revision : 4 |
| 2018-10-25 | Microsoft Windows JET Database Engine ActiveX clsid access attempt RuleID : 47887 - Type : BROWSER-PLUGINS - Revision : 4 |
| 2018-10-25 | Microsoft Windows JET Database Engine out-of-bounds write attempt RuleID : 47886 - Type : FILE-OTHER - Revision : 4 |
| 2018-10-25 | Microsoft Windows JET Database Engine out-of-bounds write attempt RuleID : 47885 - Type : FILE-OTHER - Revision : 4 |
| 2018-04-27 | Microsoft Windows Remote Assistance external entity remote file download attempt RuleID : 46075 - Type : FILE-OTHER - Revision : 2 |
| 2018-04-27 | Microsoft Windows Remote Assistance external entity remote file download attempt RuleID : 46074 - Type : FILE-OTHER - Revision : 2 |
| 2018-04-11 | Microsoft Windows 10 gdi32 library integer overflow attempt RuleID : 45882 - Type : OS-WINDOWS - Revision : 1 |
| 2018-04-11 | Microsoft Windows 10 gdi32 library integer overflow attempt RuleID : 45881 - Type : OS-WINDOWS - Revision : 1 |
| 2017-01-10 | Microsoft Windows MSIEXEC privilege escalation attempt RuleID : 40985 - Type : OS-WINDOWS - Revision : 2 |
| 2017-01-10 | Microsoft Windows MSIEXEC privilege escalation attempt RuleID : 40984 - Type : OS-WINDOWS - Revision : 2 |
| 2017-01-10 | Microsoft CLFS.sys information leak attempt RuleID : 40937 - Type : FILE-EXECUTABLE - Revision : 2 |
| 2017-01-10 | Microsoft CLFS.sys information leak attempt RuleID : 40936 - Type : FILE-EXECUTABLE - Revision : 2 |
| 2016-03-14 | DNS DNAME query detected - possible attack attempt RuleID : 37015 - Type : PROTOCOL-DNS - Revision : 2 |
| 2015-08-14 | Microsoft Internet Explorer protected mode request for atlthunk.dll over SMB ... RuleID : 35216 - Type : BROWSER-IE - Revision : 3 |
| 2015-08-14 | Microsoft Internet Explorer protected mode atlthunk.dll dll-load exploit attempt RuleID : 35215 - Type : BROWSER-IE - Revision : 3 |
| 2015-08-14 | Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt RuleID : 35189 - Type : FILE-FLASH - Revision : 3 |
| 2015-08-14 | Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt RuleID : 35188 - Type : FILE-FLASH - Revision : 3 |
| 2015-08-14 | Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt RuleID : 35187 - Type : FILE-FLASH - Revision : 3 |
| 2015-08-14 | Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt RuleID : 35186 - Type : FILE-FLASH - Revision : 3 |
| 2015-08-14 | DCOM DCE/RPC NTLM reflection elevation of privilege attempt RuleID : 35175 - Type : OS-WINDOWS - Revision : 3 |
| 2015-08-14 | DCOM DCE/RPC NTLM reflection elevation of privilege attempt RuleID : 35174 - Type : OS-WINDOWS - Revision : 3 |
| 2015-08-14 | Microsoft Internet Explorer IDataObject bitmap data conversion integer overfl... RuleID : 35163 - Type : FILE-FLASH - Revision : 3 |
| 2015-08-14 | Microsoft Internet Explorer IDataObject bitmap data conversion integer overfl... RuleID : 35162 - Type : FILE-FLASH - Revision : 3 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2016-12-14 | Name: The remote Windows host is affected multiple vulnerabilities. File: smb_nt_ms16-149.nasl - Type: ACT_GATHER_INFO |
| 2016-12-13 | Name: The remote host is affected by an information disclosure vulnerability. File: smb_nt_ms16-153.nasl - Type: ACT_GATHER_INFO |
| 2016-06-14 | Name: The remote host is affected by a denial of service vulnerability. File: smb_nt_ms16-081.nasl - Type: ACT_GATHER_INFO |
| 2016-06-14 | Name: The remote Windows host is affected by a remote code execution vulnerability. File: smb_nt_ms16-076.nasl - Type: ACT_GATHER_INFO |
| 2016-06-14 | Name: The remote host is affected by multiple vulnerabilities. File: smb_nt_ms16-073.nasl - Type: ACT_GATHER_INFO |
| 2016-06-14 | Name: The remote host is affected by a remote code execution vulnerability. File: smb_nt_ms16-071.nasl - Type: ACT_GATHER_INFO |
| 2016-04-14 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-3548.nasl - Type: ACT_GATHER_INFO |
| 2016-02-09 | Name: The remote Windows host is affected by a denial of service vulnerability. File: smb_nt_ms16-021.nasl - Type: ACT_GATHER_INFO |
| 2016-02-09 | Name: The remote Windows host is affected by a denial of service vulnerability. File: smb_nt_ms16-020.nasl - Type: ACT_GATHER_INFO |
| 2016-01-04 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-3433.nasl - Type: ACT_GATHER_INFO |
| 2015-12-21 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_ef434839a6a411e58275000c292e4fd8.nasl - Type: ACT_GATHER_INFO |
| 2015-12-08 | Name: The remote host is affected by a remote code execution vulnerability. File: smb_nt_ms15-127.nasl - Type: ACT_GATHER_INFO |
| 2015-09-08 | Name: The remote Windows host is affected by a denial of service vulnerability. File: smb_nt_ms15-096.nasl - Type: ACT_GATHER_INFO |
| 2015-07-15 | Name: The remote Windows host is affected by multiple remote code execution vulnera... File: smb_nt_ms15-068.nasl - Type: ACT_GATHER_INFO |
| 2015-07-14 | Name: The Adobe Font driver on the remote host is affected by a privilege escalatio... File: smb_nt_ms15-077.nasl - Type: ACT_GATHER_INFO |
| 2015-07-14 | Name: The remote Windows host is affected by a privilege escalation vulnerability. File: smb_nt_ms15-076.nasl - Type: ACT_GATHER_INFO |
| 2015-07-14 | Name: The remote Windows host is affected by multiple elevation of privilege vulner... File: smb_nt_ms15-075.nasl - Type: ACT_GATHER_INFO |
| 2015-07-14 | Name: The remote Windows host is affected by a privilege escalation vulnerability. File: smb_nt_ms15-074.nasl - Type: ACT_GATHER_INFO |
| 2015-07-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms15-073.nasl - Type: ACT_GATHER_INFO |
| 2015-07-14 | Name: The remote Windows host is affected by a privilege escalation vulnerability. File: smb_nt_ms15-072.nasl - Type: ACT_GATHER_INFO |
| 2015-07-14 | Name: The remote Windows host is affected by a privilege escalation vulnerability. File: smb_nt_ms15-071.nasl - Type: ACT_GATHER_INFO |
| 2015-07-14 | Name: The remote Windows host is affected by multiple remote code execution vulnera... File: smb_nt_ms15-069.nasl - Type: ACT_GATHER_INFO |
| 2015-04-14 | Name: The remote Windows host is affected by an information disclosure vulnerability. File: smb_nt_ms15-040.nasl - Type: ACT_GATHER_INFO |
| 2015-03-10 | Name: The remote Windows host is affected by a spoofing vulnerability. File: smb_nt_ms15-027.nasl - Type: ACT_GATHER_INFO |
| 2014-05-14 | Name: The remote Windows host is affected by multiple denial of service vulnerabili... File: smb_nt_ms14-028.nasl - Type: ACT_GATHER_INFO |
