This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2007-03-20
Product Windows Vista Last view 2018-02-26
Version * Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:microsoft:windows_vista

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
5.5 2018-02-26 CVE-2018-7250

An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. An uninitialized kernel pool allocation in IOCTL 0xCA002813 allows a local unprivileged attacker to leak 16 bits of uninitialized kernel PagedPool data.

7 2018-02-26 CVE-2018-7249

An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. Two carefully timed calls to IOCTL 0xCA002813 can cause a race condition that leads to a use-after-free. When exploited, an unprivileged attacker can run arbitrary code in the kernel.

7.2 2013-07-31 CVE-2013-3697

Integer overflow in the NWFS.SYS kernel driver 4.91.5.8 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003 and the NCPL.SYS kernel driver in Novell Client 2 SP2 on Windows Vista and Windows Server 2008 and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 might allow local users to gain privileges via a crafted 0x1439EB IOCTL call.

6.2 2012-03-28 CVE-2007-6753

Untrusted search path vulnerability in Shell32.dll in Microsoft Windows 2000, Windows XP, Windows Vista, Windows Server 2008, and Windows 7, when using an environment configured with a string such as %APPDATA% or %PROGRAMFILES% in a certain way, allows local users to gain privileges via a Trojan horse DLL under the current working directory, as demonstrated by iTunes and Safari.

4.3 2012-02-02 CVE-2010-4562

Microsoft Windows 2008, 7, Vista, 2003, 2000, and XP, when using IPv6, allows remote attackers to determine whether a host is sniffing the network by sending an ICMPv6 Echo Request to a multicast address and determining whether an Echo Reply is sent, as demonstrated by thcping. NOTE: due to a typo, some sources map CVE-2010-4562 to a ProFTPd mod_sql vulnerability, but that issue is covered by CVE-2010-4652.

9.3 2011-04-13 CVE-2011-0660

The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote SMB servers to execute arbitrary code via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Client Response Parsing Vulnerability."

7.8 2011-01-07 CVE-2010-4669

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 allows remote attackers to cause a denial of service (CPU consumption and system hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package.

7.2 2010-12-06 CVE-2010-4398

Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges, and bypass the User Account Control (UAC) feature, via a crafted REG_BINARY value for a SystemDefaultEUDCFont registry key, aka "Driver Improper Interaction with Windows Kernel Vulnerability."

6.8 2010-07-02 CVE-2010-2594

Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in InterSect Alliance Snare Agent 3.2.3 and earlier on Solaris, Snare Agent 3.1.7 and earlier on Windows, Snare Agent 1.5.0 and earlier on Linux and AIX, Snare Agent 1.4 and earlier on IRIX, Snare Epilog 1.5.3 and earlier on Windows, and Snare Epilog 1.2 and earlier on UNIX allow remote attackers to hijack the authentication of administrators for requests that (1) change the password or (2) change the listening port.

6.4 2010-04-14 CVE-2010-0812

Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to bypass intended IPv4 source-address restrictions via a mismatched IPv6 source address in a tunneled ISATAP packet, aka "ISATAP IPv6 Source Address Spoofing Vulnerability."

4.7 2010-04-14 CVE-2010-0810

The kernel in Microsoft Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, does not properly handle unspecified exceptions, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Exception Handler Vulnerability."

9.3 2010-04-14 CVE-2010-0487

The Authenticode Signature verification functionality in cabview.dll in Cabinet File Viewer Shell Extension 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly use unspecified fields in a file digest, which allows remote attackers to execute arbitrary code via a modified cabinet (aka .CAB) file that incorrectly appears to have a valid signature, aka "Cabview Corruption Validation Vulnerability."

9.3 2010-04-14 CVE-2010-0486

The WinVerifyTrust function in Authenticode Signature Verification 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly use unspecified fields in a file digest, which allows user-assisted remote attackers to execute arbitrary code via a modified (1) Portable Executable (PE) or (2) cabinet (aka .CAB) file that incorrectly appears to have a valid signature, aka "WinVerifyTrust Signature Validation Vulnerability."

4.7 2010-04-14 CVE-2010-0481

The kernel in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly translate a registry key's virtual path to its real path, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Virtual Path Parsing Vulnerability."

9.3 2010-04-14 CVE-2010-0480

Multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to execute arbitrary code via a crafted AVI file, aka "MPEG Layer-3 Audio Decoder Stack Overflow Vulnerability."

10 2010-04-14 CVE-2010-0476

The SMB client in Microsoft Windows Server 2003 SP2, Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2 allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and reboot) via a crafted SMB transaction response that uses (1) SMBv1 or (2) SMBv2, aka "SMB Client Response Parsing Vulnerability."

10 2010-04-14 CVE-2010-0269

The SMB client in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly allocate memory for SMB responses, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Client Memory Allocation Vulnerability."

4.9 2010-04-14 CVE-2010-0238

Unspecified vulnerability in registry-key validation in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Registry Key Vulnerability."

7.2 2010-04-14 CVE-2010-0236

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not properly allocate memory for the destination key associated with a symbolic-link registry key, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Allocation Vulnerability."

4.7 2010-04-14 CVE-2010-0235

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not perform the expected validation before creating a symbolic link, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Symbolic Link Value Vulnerability."

4.7 2010-04-14 CVE-2010-0234

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not properly validate a registry-key argument to an unspecified system call, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Null Pointer Vulnerability."

9.3 2010-03-31 CVE-2010-0807

Microsoft Internet Explorer 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, leading to memory corruption, aka "HTML Rendering Memory Corruption Vulnerability."

4.3 2010-03-31 CVE-2010-0494

Cross-domain vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 allows user-assisted remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted HTML document in a situation where the client user drags one browser window across another browser window, aka "HTML Element Cross-Domain Vulnerability."

9.3 2010-03-31 CVE-2010-0492

Use-after-free vulnerability in mstime.dll in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via vectors related to the TIME2 behavior, the CTimeAction object, and destruction of markup, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability."

9.3 2010-03-31 CVE-2010-0490

Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."

CWE : Common Weakness Enumeration

%idName
28% (31) CWE-94 Failure to Control Generation of Code ('Code Injection')
12% (13) CWE-20 Improper Input Validation
11% (12) CWE-399 Resource Management Errors
9% (10) CWE-189 Numeric Errors
9% (10) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
8% (9) CWE-264 Permissions, Privileges, and Access Controls
7% (8) CWE-362 Race Condition
5% (6) CWE-200 Information Exposure
1% (2) CWE-310 Cryptographic Issues
1% (2) CWE-16 Configuration
0% (1) CWE-416 Use After Free
0% (1) CWE-352 Cross-Site Request Forgery (CSRF)
0% (1) CWE-255 Credentials Management
0% (1) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-2 Inducing Account Lockout
CAPEC-26 Leveraging Race Conditions
CAPEC-29 Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
CAPEC-82 Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi...
CAPEC-147 XML Ping of Death
CAPEC-228 Resource Depletion through DTD Injection in a SOAP Message

SAINT Exploits

Description Link
Internet Explorer iepeers.dll use-after-free vulnerability More info here
Visual Studio Active Template Library object type mismatch vulnerability More info here
Windows Server Service buffer overflow MS08-067 More info here
Microsoft Windows Movie Maker IsValidWMToolsStream buffer overflow More info here
Microsoft Office Art Property Table Memory Corruption More info here
Windows SMB2 buffer overflow More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
71772 Microsoft Windows SMB Client Response Parsing Unspecified Remote Code Execution
70390 Microsoft Windows IPv6 Stack Neighbor Discovery Router Advertisement Message ...
69501 Microsoft Windows win32k.sys Driver GreEnableEUDC() Function Local Overflow
65829 Snare Agent Multiple Unspecified CSRF
64928 Microsoft Windows SMB Client Transaction Response Handling Memory Corruption ...
64925 Microsoft Windows SMB Client Unspecified Response Handling Memory Corruption ...
63749 Microsoft Windows MPEG Layer-3 Audio Decoder AVI File Handling Overflow
63747 Microsoft Windows ISATAP Component IPv6 Tunneled Packet IP Address Spoofing W...
63746 Microsoft Windows Authenticode Signature Verification Cabview Manipulation Pr...
63745 Microsoft Windows Authenticode WinVerifyTrust Signature Manipulation Validati...
63736 Microsoft Windows Kernel Symbolic Link Value Processing Unspecified Local DoS
63735 Microsoft Windows Kernel Exception Handling Unspecified Local DoS
63733 Microsoft Windows Kernel Registry Link Symbolic Link Extraction Local Privile...
63730 Microsoft Windows Kernel Registry Key Validation Unspecified Local DoS
63729 Microsoft Windows Kernel Virtual Path Parsing Local DoS
63728 Microsoft Windows Unspecified Kernel System Call Registry Handling Local DoS
63335 Microsoft IE Unspecified Uninitialized Memory Corruption
63334 Microsoft IE Post Encoding Information Disclosure
63333 Microsoft IE Unspecified Race Condition Memory Corruption
63332 Microsoft IE Object Handling Unspecified Memory Corruption (2010-0490)
63330 Microsoft IE HTML Rendering Unspecified Memory Corruption
63328 Microsoft IE HTML Element Handling Cross-Domain Information Disclosure
63327 Microsoft IE CTimeAction Object TIME2 Handling Memory Corruption
62811 Microsoft Windows Movie Maker / Producer IsValidWMToolsStream() Function Proj...
62810 Microsoft IE iepeers.dll Use-After-Free Arbitrary Code Execution

ExploitDB Exploits

id Description
29813 Microsoft Windows Vista ARP Table Entries Denial of Service Vulnerability
17659 MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow
16590 Internet Explorer DHTML Behaviors Use After Free
15266 Windows NTLM Weak Nonce Vulnerability
14895 MOAUB #5 - Microsoft MPEG Layer-3 Remote Command Execution Exploit
14886 MOAUB #4 - Movie Maker Remote Code Execution (MS10-016)
12273 Windows 7/2008R2 SMB Client Trans2 Stack Overflow 10-020 PoC
11683 Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta)
11199 Windows NT - User Mode to Ring 0 Escalation Vulnerability
9893 Microsoft Internet Explorer 5,6,7 memory corruption PoC
3926 MS Windows Vista - Forged ARP packet Network Stack DoS Exploit

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2011-05-12 Name : Debian Security Advisory DSA 2191-1 (proftpd-dfsg)
File : nvt/deb_2191_1.nasl
2011-04-13 Name : Microsoft SMB Client Remote Code Execution Vulnerabilities (2511455)
File : nvt/secpod_ms11-019.nasl
2011-04-11 Name : Microsoft Windows IPv4 Default Configuration Security Bypass Vulnerability
File : nvt/gb_ms_windows_nic_security_bypass_vuln.nasl
2011-02-09 Name : Microsoft Windows Kernel Elevation of Privilege Vulnerability (2393802)
File : nvt/secpod_ms11-011.nasl
2011-01-14 Name : Microsoft Windows CSRSS CSRFinalizeContext Local Privilege Escalation Vulnera...
File : nvt/gb_ms07-021.nasl
2011-01-14 Name : Microsoft Windows Vista Teredo Interface Firewall Bypass Vulnerability
File : nvt/gb_ms07-038.nasl
2011-01-14 Name : Vulnerability in RPC Could Allow Denial of Service (933729)
File : nvt/gb_ms07-058.nasl
2011-01-13 Name : Microsoft Windows TCP/IP Remote Code Execution Vulnerabilities (941644)
File : nvt/gb_ms08-001.nasl
2011-01-13 Name : Microsoft Windows TCP/IP Denial of Service Vulnerability (946456)
File : nvt/gb_ms08-004.nasl
2010-12-21 Name : Microsoft Windows IPsec Policy Processing Information Disclosure Vulnerabilit...
File : nvt/gb_ms08-047.nasl
2010-12-13 Name : Microsoft Windows ASP.NET Denial of Service Vulnerability(970957)
File : nvt/gb_ms09-036.nasl
2010-12-06 Name : Microsoft Wireless LAN AutoConfig Service Remote Code Execution Vulnerabilit...
File : nvt/gb_ms09-049.nasl
2010-11-25 Name : Microsoft Web Services on Devices API Remote Code Execution Vulnerability (97...
File : nvt/gb_ms09-063.nasl
2010-11-25 Name : Microsoft Windows TCP/IP Could Allow Remote Code Execution (974145)
File : nvt/gb_ms10-009.nasl
2010-10-22 Name : Microsoft Windows SMB Server NTLM Multiple Vulnerabilities (971468)
File : nvt/secpod_ms10-012-remote.nasl
2010-04-14 Name : Microsoft Windows Authentication Verification Remote Code Execution Vulnerabi...
File : nvt/secpod_ms10-019.nasl
2010-04-14 Name : Microsoft SMB Client Remote Code Execution Vulnerabilities (980232)
File : nvt/secpod_ms10-020.nasl
2010-04-14 Name : Microsoft Windows Kernel Could Allow Elevation of Privilege (979683)
File : nvt/secpod_ms10-021.nasl
2010-04-14 Name : Microsoft MPEG Layer-3 Codecs Remote Code Execution Vulnerability (977816)
File : nvt/secpod_ms10-026.nasl
2010-04-14 Name : Microsoft 'ISATAP' Component Spoofing Vulnerability (978338)
File : nvt/secpod_ms10-029.nasl
2010-04-01 Name : Microsoft Internet Explorer Multiple Vulnerabilities (980182)
File : nvt/secpod_ms10-018.nasl
2010-03-18 Name : Vulnerabilities in SMB Could Allow Remote Code Execution (958687) - Remote
File : nvt/secpod_ms09-001_remote.nasl
2010-03-10 Name : Microsoft Windows Movie Maker Could Allow Remote Code Execution Vulnerability...
File : nvt/secpod_ms10-016.nasl
2010-03-10 Name : MS Internet Explorer Remote Code Execution Vulnerability (981374)
File : nvt/gb_ms_ie_remote_code_exe_vuln_981374.nasl
2010-02-10 Name : Microsoft SMB Client Remote Code Execution Vulnerabilities (978251)
File : nvt/secpod_ms10-006.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2011-A-0022 Multiple Vulnerabilities in Microsoft Windows Kernel
Severity: Category I - VMSKEY: V0026065
2010-A-0053 Microsoft MPEG Layer-3 Codecs Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0023999
2010-B-0030 Microsoft Windows ISATAP Spoofing Vulnerability
Severity: Category I - VMSKEY: V0023956
2010-A-0030 Multiple Vulnerabilities in Microsoft Windows TCP/IP
Severity: Category I - VMSKEY: V0022684
2010-A-0029 Microsoft Windows Shell Handler Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0022683
2009-A-0126 Microsoft Internet Authentication Service Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0022101
2009-A-0115 Microsoft Windows Web Services on Devices API Remote Code Execution Vulnerabi...
Severity: Category I - VMSKEY: V0021938
2009-A-0095 Multiple Vulnerabilities in Microsoft Windows CryptoAPI
Severity: Category I - VMSKEY: V0021760
2009-A-0099 Multiple Vulnerabilities in Microsoft GDI+
Severity: Category I - VMSKEY: V0021759
2009-B-0054 Microsoft Windows Local Security Authority Subsystem Service (LSASS) Denial o...
Severity: Category I - VMSKEY: V0021747
2009-A-0091 Multiple Vulnerabilities in Microsoft Windows Media Runtime
Severity: Category II - VMSKEY: V0021744
2009-A-0077 Multiple Microsoft TCP/IP Remote Code Execution Vulnerabilities
Severity: Category I - VMSKEY: V0019917
2009-A-0076 Multiple Vulnerabilities in Microsoft Windows Media Format
Severity: Category II - VMSKEY: V0019916
2009-A-0074 Microsoft JScript Scripting Engine Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0019914
2009-A-0078 Microsoft Wireless LAN AutoConfig Service Vulnerability
Severity: Category I - VMSKEY: V0019913
2009-A-0071 Multiple Vulnerabilities in Microsoft Remote Desktop Connection
Severity: Category II - VMSKEY: V0019884
2009-A-0067 Multiple Vulnerabilities in Microsoft Active Template Library
Severity: Category II - VMSKEY: V0019882
2009-B-0036 Microsoft ASP.NET Denial of Service Vulnerability
Severity: Category I - VMSKEY: V0019878
2009-A-0034 Microsoft Windows HTTP Services Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0018756
2008-A-0081 Microsoft Server Service Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0017870
2008-T-0038 Microsoft IPsec Policy Processing Information Disclosure Vulnerability
Severity: Category I - VMSKEY: V0016742
2008-B-0015 Microsoft Windows Vista TCP/IP Remote Denial Of Service Vulnerability
Severity: Category II - VMSKEY: V0015737
2007-T-0040 Microsoft Windows RPC NTLMSSP Remote Denial Of Service Vulnerability
Severity: Category I - VMSKEY: V0015305
2007-T-0032 Windows Vista Gadgets Remote Code Execution Vulnerabilities
Severity: Category II - VMSKEY: V0014837

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 Microsoft Multiple Products malformed PNG detected tEXt overflow attempt
RuleID : 6700 - Type : FILE-IMAGE - Revision : 20
2019-09-05 Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt
RuleID : 50893 - Type : FILE-MULTIMEDIA - Revision : 1
2019-09-05 Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt
RuleID : 50892 - Type : FILE-MULTIMEDIA - Revision : 1
2019-08-27 Microsoft Windows GDI+ interlaced PNG file parsing heap overflow attempt
RuleID : 50798 - Type : FILE-IMAGE - Revision : 1
2018-06-12 SMB client NULL deref race condition attempt
RuleID : 46637 - Type : NETBIOS - Revision : 1
2018-02-27 Microsoft Windows Movie Maker project file heap buffer overflow attempt
RuleID : 45554 - Type : FILE-MULTIMEDIA - Revision : 1
2018-02-27 Microsoft Windows Movie Maker project file heap buffer overflow attempt
RuleID : 45553 - Type : FILE-MULTIMEDIA - Revision : 1
2014-01-10 DECODE_IPV6_ISATAP_SPOOF
RuleID : 453 - Type : DECODE_IPV6_ISATAP_SPOOF - Revision : 1
2017-10-03 Microsoft Windows Shell Handler remote code execution attempt
RuleID : 44218 - Type : OS-WINDOWS - Revision : 1
2017-10-03 Microsoft Windows Shell Handler remote code execution attempt
RuleID : 44217 - Type : OS-WINDOWS - Revision : 1
2017-10-03 Microsoft Windows Shell Handler remote code execution attempt
RuleID : 44216 - Type : OS-WINDOWS - Revision : 1
2017-08-31 Microsoft ASP.NET bad request denial of service attempt
RuleID : 43808 - Type : SERVER-IIS - Revision : 1
2017-08-31 Microsoft ASP.NET bad request denial of service attempt
RuleID : 43807 - Type : SERVER-IIS - Revision : 1
2017-08-29 Microsoft Windows Vista contacts gadget code execution attempt
RuleID : 43732 - Type : OS-WINDOWS - Revision : 1
2017-08-29 Microsoft Windows Vista contacts gadget code execution attempt
RuleID : 43731 - Type : OS-WINDOWS - Revision : 1
2017-05-31 Microsoft Internet Explorer uninitialized or deleted object access attempt
RuleID : 42389 - Type : BROWSER-IE - Revision : 2
2017-02-21 Microsoft Windows RtlQueryRegistryValues buffer overflow attempt
RuleID : 41365 - Type : OS-WINDOWS - Revision : 3
2016-11-08 Microsoft Windows Media Runtime malformed ASF codec memory corruption attempt
RuleID : 40354 - Type : OS-WINDOWS - Revision : 2
2016-03-15 Microsoft Windows Movie Maker project file heap buffer overflow attempt
RuleID : 37663 - Type : FILE-MULTIMEDIA - Revision : 1
2016-03-14 Microsoft Windows malformed WMF meta escape record memory corruption attempt
RuleID : 36856 - Type : FILE-IMAGE - Revision : 2
2016-03-14 Microsoft Internet Explorer data stream header remote code execution attempt
RuleID : 36791 - Type : BROWSER-IE - Revision : 2
2015-03-19 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 33518 - Type : FILE-IMAGE - Revision : 3
2015-03-19 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 33517 - Type : FILE-IMAGE - Revision : 3
2015-03-19 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 33516 - Type : FILE-IMAGE - Revision : 3
2015-03-19 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 33515 - Type : FILE-IMAGE - Revision : 3

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2014-10-10 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL10509.nasl - Type: ACT_GATHER_INFO
2014-03-10 Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r...
File: smb_kb957488.nasl - Type: ACT_GATHER_INFO
2013-09-03 Name: The remote host has a client application installed that is affected by multip...
File: novell_client_priv_escalation2.nasl - Type: ACT_GATHER_INFO
2011-04-13 Name: Arbitrary code can be executed on the remote host through the installed SMB c...
File: smb_nt_ms11-019.nasl - Type: ACT_GATHER_INFO
2011-03-15 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-2191.nasl - Type: ACT_GATHER_INFO
2011-02-08 Name: The Windows kernel is affected by several vulnerabilities that could allow es...
File: smb_nt_ms11-011.nasl - Type: ACT_GATHER_INFO
2010-09-13 Name: It is possible to execute arbitrary code on the remote Windows host due to fl...
File: smb_kb971468.nasl - Type: ACT_GATHER_INFO
2010-09-01 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20090908-tcp24http.nasl - Type: ACT_GATHER_INFO
2010-04-13 Name: The remote host is vulnerable to network spoofing attacks.
File: smb_nt_ms10-029.nasl - Type: ACT_GATHER_INFO
2010-04-13 Name: An audio codec on the remote Windows host has a buffer overflow vulnerability.
File: smb_nt_ms10-026.nasl - Type: ACT_GATHER_INFO
2010-04-13 Name: The Windows kernel is affected by eight vulnerabilities, including some that ...
File: smb_nt_ms10-021.nasl - Type: ACT_GATHER_INFO
2010-04-13 Name: Arbitrary code can be executed on the remote host through the installed SMB c...
File: smb_nt_ms10-020.nasl - Type: ACT_GATHER_INFO
2010-04-13 Name: The remote Windows host has multiple code execution vulnerabilities.
File: smb_nt_ms10-019.nasl - Type: ACT_GATHER_INFO
2010-03-30 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms10-018.nasl - Type: ACT_GATHER_INFO
2010-03-09 Name: Arbitrary code can be executed on the remote host through Windows Movie Maker.
File: smb_nt_ms10-016.nasl - Type: ACT_GATHER_INFO
2010-02-09 Name: Arbitrary code can be executed on the remote host through its SMB client.
File: smb_nt_ms10-006.nasl - Type: ACT_GATHER_INFO
2010-02-09 Name: An API function on the remote host has a code execution vulnerability.
File: smb_nt_ms10-007.nasl - Type: ACT_GATHER_INFO
2010-02-09 Name: The remote host has multiple vulnerabilities in its TCP/IP implementation.
File: smb_nt_ms10-009.nasl - Type: ACT_GATHER_INFO
2010-02-09 Name: The Windows kernel is affected by two vulnerabilities allowing a local attack...
File: smb_nt_ms10-015.nasl - Type: ACT_GATHER_INFO
2010-02-09 Name: It is possible to execute arbitrary code on the remote Windows host due to fl...
File: smb_nt_ms10-012.nasl - Type: ACT_GATHER_INFO
2010-01-12 Name: It is possible to execute arbitrary code on the remote Windows host using the...
File: smb_nt_ms10-001.nasl - Type: ACT_GATHER_INFO
2009-12-08 Name: The remote Windows host has multiple vulnerabilities in an authentication ser...
File: smb_nt_ms09-071.nasl - Type: ACT_GATHER_INFO
2009-11-10 Name: The installed version of Active Directory is affected by a denial of service ...
File: smb_nt_ms09-066.nasl - Type: ACT_GATHER_INFO
2009-11-10 Name: The remote Windows kernel is affected by remote privilege escalation vulnerab...
File: smb_nt_ms09-065.nasl - Type: ACT_GATHER_INFO
2009-11-10 Name: Arbitrary code can be executed on the remote host through the Web Services fo...
File: smb_nt_ms09-063.nasl - Type: ACT_GATHER_INFO