This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2007-07-10
Product Windows Vista Last view 2011-04-13
Version * Type Os
Update *  
Edition x64  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:microsoft:windows_vista

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
9.3 2011-04-13 CVE-2011-0660

The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote SMB servers to execute arbitrary code via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Client Response Parsing Vulnerability."

6.4 2010-04-14 CVE-2010-0812

Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to bypass intended IPv4 source-address restrictions via a mismatched IPv6 source address in a tunneled ISATAP packet, aka "ISATAP IPv6 Source Address Spoofing Vulnerability."

4.7 2010-04-14 CVE-2010-0810

The kernel in Microsoft Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, does not properly handle unspecified exceptions, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Exception Handler Vulnerability."

9.3 2010-04-14 CVE-2010-0487

The Authenticode Signature verification functionality in cabview.dll in Cabinet File Viewer Shell Extension 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly use unspecified fields in a file digest, which allows remote attackers to execute arbitrary code via a modified cabinet (aka .CAB) file that incorrectly appears to have a valid signature, aka "Cabview Corruption Validation Vulnerability."

9.3 2010-04-14 CVE-2010-0486

The WinVerifyTrust function in Authenticode Signature Verification 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly use unspecified fields in a file digest, which allows user-assisted remote attackers to execute arbitrary code via a modified (1) Portable Executable (PE) or (2) cabinet (aka .CAB) file that incorrectly appears to have a valid signature, aka "WinVerifyTrust Signature Validation Vulnerability."

4.7 2010-04-14 CVE-2010-0481

The kernel in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly translate a registry key's virtual path to its real path, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Virtual Path Parsing Vulnerability."

9.3 2010-04-14 CVE-2010-0480

Multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to execute arbitrary code via a crafted AVI file, aka "MPEG Layer-3 Audio Decoder Stack Overflow Vulnerability."

10 2010-04-14 CVE-2010-0476

The SMB client in Microsoft Windows Server 2003 SP2, Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2 allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and reboot) via a crafted SMB transaction response that uses (1) SMBv1 or (2) SMBv2, aka "SMB Client Response Parsing Vulnerability."

10 2010-04-14 CVE-2010-0269

The SMB client in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly allocate memory for SMB responses, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Client Memory Allocation Vulnerability."

4.9 2010-04-14 CVE-2010-0238

Unspecified vulnerability in registry-key validation in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Registry Key Vulnerability."

7.2 2010-04-14 CVE-2010-0236

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not properly allocate memory for the destination key associated with a symbolic-link registry key, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Allocation Vulnerability."

4.7 2010-04-14 CVE-2010-0235

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not perform the expected validation before creating a symbolic link, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Symbolic Link Value Vulnerability."

4.7 2010-04-14 CVE-2010-0234

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not properly validate a registry-key argument to an unspecified system call, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Null Pointer Vulnerability."

9.3 2010-03-31 CVE-2010-0807

Microsoft Internet Explorer 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, leading to memory corruption, aka "HTML Rendering Memory Corruption Vulnerability."

4.3 2010-03-31 CVE-2010-0494

Cross-domain vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 allows user-assisted remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted HTML document in a situation where the client user drags one browser window across another browser window, aka "HTML Element Cross-Domain Vulnerability."

9.3 2010-03-31 CVE-2010-0492

Use-after-free vulnerability in mstime.dll in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via vectors related to the TIME2 behavior, the CTimeAction object, and destruction of markup, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability."

9.3 2010-03-31 CVE-2010-0490

Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."

9.3 2010-03-31 CVE-2010-0489

Race condition in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Race Condition Memory Corruption Vulnerability."

4.3 2010-03-31 CVE-2010-0488

Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 does not properly handle unspecified "encoding strings," which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site, aka "Post Encoding Information Disclosure Vulnerability."

9.3 2010-03-31 CVE-2010-0267

Microsoft Internet Explorer 6, 6 SP1, and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."

9.3 2010-03-10 CVE-2010-0806

Use-after-free vulnerability in the Peer Objects component (aka iepeers.dll) in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010, aka "Uninitialized Memory Corruption Vulnerability."

9.3 2010-03-10 CVE-2010-0265

Buffer overflow in Microsoft Windows Movie Maker 2.1, 2.6, and 6.0, and Microsoft Producer 2003, allows remote attackers to execute arbitrary code via a crafted project (.MSWMM) file, aka "Movie Maker and Producer Buffer Overflow Vulnerability."

7.8 2010-02-10 CVE-2010-0242

The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows remote attackers to cause a denial of service (system hang) via crafted packets with malformed TCP selective acknowledgement (SACK) values, aka "TCP/IP Selective Acknowledgement Vulnerability."

10 2010-02-10 CVE-2010-0241

The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when IPv6 is enabled, does not properly perform bounds checking on ICMPv6 Route Information packets, which allows remote attackers to execute arbitrary code via crafted packets, aka "ICMPv6 Route Information Vulnerability."

10 2010-02-10 CVE-2010-0240

The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when a custom network driver is used, does not properly handle local fragmentation of Encapsulating Security Payload (ESP) over UDP packets, which allows remote attackers to execute arbitrary code via crafted packets, aka "Header MDL Fragmentation Vulnerability."

CWE : Common Weakness Enumeration

%idName
25% (24) CWE-94 Failure to Control Generation of Code ('Code Injection')
20% (20) CWE-20 Improper Input Validation
12% (12) CWE-399 Resource Management Errors
12% (12) CWE-189 Numeric Errors
11% (11) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
7% (7) CWE-264 Permissions, Privileges, and Access Controls
2% (2) CWE-362 Race Condition
2% (2) CWE-310 Cryptographic Issues
2% (2) CWE-200 Information Exposure
1% (1) CWE-287 Improper Authentication
1% (1) CWE-255 Credentials Management
1% (1) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
1% (1) CWE-16 Configuration

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-2 Inducing Account Lockout
CAPEC-82 Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi...
CAPEC-147 XML Ping of Death
CAPEC-228 Resource Depletion through DTD Injection in a SOAP Message

SAINT Exploits

Description Link
Internet Explorer iepeers.dll use-after-free vulnerability More info here
Windows Server Service buffer overflow MS08-067 More info here
Microsoft Windows Movie Maker IsValidWMToolsStream buffer overflow More info here
Internet Explorer WinINet credential reflection vulnerability More info here
Windows GDI EMF filename buffer overflow More info here
Windows search-ms protocol handler command execution vulnerability More info here
Microsoft Office Art Property Table Memory Corruption More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
71772 Microsoft Windows SMB Client Response Parsing Unspecified Remote Code Execution
64928 Microsoft Windows SMB Client Transaction Response Handling Memory Corruption ...
64925 Microsoft Windows SMB Client Unspecified Response Handling Memory Corruption ...
63749 Microsoft Windows MPEG Layer-3 Audio Decoder AVI File Handling Overflow
63747 Microsoft Windows ISATAP Component IPv6 Tunneled Packet IP Address Spoofing W...
63746 Microsoft Windows Authenticode Signature Verification Cabview Manipulation Pr...
63745 Microsoft Windows Authenticode WinVerifyTrust Signature Manipulation Validati...
63736 Microsoft Windows Kernel Symbolic Link Value Processing Unspecified Local DoS
63735 Microsoft Windows Kernel Exception Handling Unspecified Local DoS
63733 Microsoft Windows Kernel Registry Link Symbolic Link Extraction Local Privile...
63730 Microsoft Windows Kernel Registry Key Validation Unspecified Local DoS
63729 Microsoft Windows Kernel Virtual Path Parsing Local DoS
63728 Microsoft Windows Unspecified Kernel System Call Registry Handling Local DoS
63335 Microsoft IE Unspecified Uninitialized Memory Corruption
63334 Microsoft IE Post Encoding Information Disclosure
63333 Microsoft IE Unspecified Race Condition Memory Corruption
63332 Microsoft IE Object Handling Unspecified Memory Corruption (2010-0490)
63330 Microsoft IE HTML Rendering Unspecified Memory Corruption
63328 Microsoft IE HTML Element Handling Cross-Domain Information Disclosure
63327 Microsoft IE CTimeAction Object TIME2 Handling Memory Corruption
62811 Microsoft Windows Movie Maker / Producer IsValidWMToolsStream() Function Proj...
62810 Microsoft IE iepeers.dll Use-After-Free Arbitrary Code Execution
62256 Microsoft Windows SMB Server Crafted Network Message Remote Code Execution
62255 Microsoft Windows SMB Server Crafted Packet Handling Remote DoS
62254 Microsoft Windows SMB Server Crafted Packet Handling NULL Dereference Remote DoS

ExploitDB Exploits

id Description
17659 MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow
16590 Internet Explorer DHTML Behaviors Use After Free
15266 Windows NTLM Weak Nonce Vulnerability
14895 MOAUB #5 - Microsoft MPEG Layer-3 Remote Command Execution Exploit
14886 MOAUB #4 - Movie Maker Remote Code Execution (MS10-016)
12273 Windows 7/2008R2 SMB Client Trans2 Stack Overflow 10-020 PoC
11683 Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta)
11199 Windows NT - User Mode to Ring 0 Escalation Vulnerability

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2011-04-13 Name : Microsoft SMB Client Remote Code Execution Vulnerabilities (2511455)
File : nvt/secpod_ms11-019.nasl
2011-04-11 Name : Microsoft Windows IPv4 Default Configuration Security Bypass Vulnerability
File : nvt/gb_ms_windows_nic_security_bypass_vuln.nasl
2011-01-14 Name : Microsoft Windows Vista Teredo Interface Firewall Bypass Vulnerability
File : nvt/gb_ms07-038.nasl
2011-01-14 Name : Vulnerability in RPC Could Allow Denial of Service (933729)
File : nvt/gb_ms07-058.nasl
2011-01-10 Name : Microsoft Windows Kernel Usermode Callback Local Privilege Elevation Vulnerab...
File : nvt/gb_ms08-025.nasl
2010-12-14 Name : Microsoft Windows Search Remote Code Execution Vulnerability (959349)
File : nvt/gb_ms08-075.nasl
2010-11-25 Name : Microsoft Web Services on Devices API Remote Code Execution Vulnerability (97...
File : nvt/gb_ms09-063.nasl
2010-11-25 Name : Microsoft Windows TCP/IP Could Allow Remote Code Execution (974145)
File : nvt/gb_ms10-009.nasl
2010-10-22 Name : Microsoft Windows SMB Server NTLM Multiple Vulnerabilities (971468)
File : nvt/secpod_ms10-012-remote.nasl
2010-04-14 Name : Microsoft Windows Authentication Verification Remote Code Execution Vulnerabi...
File : nvt/secpod_ms10-019.nasl
2010-04-14 Name : Microsoft SMB Client Remote Code Execution Vulnerabilities (980232)
File : nvt/secpod_ms10-020.nasl
2010-04-14 Name : Microsoft 'ISATAP' Component Spoofing Vulnerability (978338)
File : nvt/secpod_ms10-029.nasl
2010-04-14 Name : Microsoft MPEG Layer-3 Codecs Remote Code Execution Vulnerability (977816)
File : nvt/secpod_ms10-026.nasl
2010-04-14 Name : Microsoft Windows Kernel Could Allow Elevation of Privilege (979683)
File : nvt/secpod_ms10-021.nasl
2010-04-01 Name : Microsoft Internet Explorer Multiple Vulnerabilities (980182)
File : nvt/secpod_ms10-018.nasl
2010-03-18 Name : Vulnerabilities in SMB Could Allow Remote Code Execution (958687) - Remote
File : nvt/secpod_ms09-001_remote.nasl
2010-03-10 Name : MS Internet Explorer Remote Code Execution Vulnerability (981374)
File : nvt/gb_ms_ie_remote_code_exe_vuln_981374.nasl
2010-03-10 Name : Microsoft Windows Movie Maker Could Allow Remote Code Execution Vulnerability...
File : nvt/secpod_ms10-016.nasl
2010-02-10 Name : Microsoft Windows SMB Server Multiple Vulnerabilities (971468)
File : nvt/secpod_ms10-012.nasl
2010-02-10 Name : Microsoft Windows Shell Handler Could Allow Remote Code Execution Vulnerabili...
File : nvt/secpod_ms10-007.nasl
2010-02-10 Name : Microsoft Windows Kernel Could Allow Elevation of Privilege (977165)
File : nvt/secpod_ms10-015.nasl
2010-01-22 Name : Microsoft Windows GP Trap Handler Privilege Escalation Vulnerability
File : nvt/gb_ms_kernel_prv_esc_vuln.nasl
2010-01-22 Name : Microsoft Internet Explorer Multiple Vulnerabilities (978207)
File : nvt/secpod_ms10-002.nasl
2010-01-13 Name : Microsoft Embedded OpenType Font Engine Remote Code Execution Vulnerabilities...
File : nvt/secpod_ms10-001.nasl
2009-12-09 Name : Microsoft Windows IAS Remote Code Execution Vulnerability (974318)
File : nvt/secpod_ms09-071.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2010-A-0053 Microsoft MPEG Layer-3 Codecs Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0023999
2010-B-0030 Microsoft Windows ISATAP Spoofing Vulnerability
Severity: Category I - VMSKEY: V0023956
2010-A-0030 Multiple Vulnerabilities in Microsoft Windows TCP/IP
Severity: Category I - VMSKEY: V0022684
2010-A-0029 Microsoft Windows Shell Handler Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0022683
2009-A-0126 Microsoft Internet Authentication Service Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0022101
2009-A-0115 Microsoft Windows Web Services on Devices API Remote Code Execution Vulnerabi...
Severity: Category I - VMSKEY: V0021938
2009-A-0091 Multiple Vulnerabilities in Microsoft Windows Media Runtime
Severity: Category II - VMSKEY: V0021744
2009-A-0095 Multiple Vulnerabilities in Microsoft Windows CryptoAPI
Severity: Category I - VMSKEY: V0021760
2009-A-0099 Multiple Vulnerabilities in Microsoft GDI+
Severity: Category I - VMSKEY: V0021759
2009-B-0054 Microsoft Windows Local Security Authority Subsystem Service (LSASS) Denial o...
Severity: Category I - VMSKEY: V0021747
2009-A-0076 Multiple Vulnerabilities in Microsoft Windows Media Format
Severity: Category II - VMSKEY: V0019916
2009-A-0071 Multiple Vulnerabilities in Microsoft Remote Desktop Connection
Severity: Category II - VMSKEY: V0019884
2009-A-0034 Microsoft Windows HTTP Services Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0018756
2009-A-0019 Microsoft Windows Secure Channel Vulnerability
Severity: Category II - VMSKEY: V0018549
2008-B-0083 Multiple Windows Search Remote Code Execution Vulnerabilities
Severity: Category II - VMSKEY: V0017913
2008-A-0086 Microsoft GDI Remote Code Execution Vulnerabilities
Severity: Category II - VMSKEY: V0017910
2008-A-0081 Microsoft Server Service Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0017870
2008-B-0049 Microsoft Bluetooth Stack Remote Code Execution Vulnerability (951376)
Severity: Category I - VMSKEY: V0016051
2007-T-0040 Microsoft Windows RPC NTLMSSP Remote Denial Of Service Vulnerability
Severity: Category I - VMSKEY: V0015305
2007-T-0032 Windows Vista Gadgets Remote Code Execution Vulnerabilities
Severity: Category II - VMSKEY: V0014837

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 Microsoft Multiple Products malformed PNG detected tEXt overflow attempt
RuleID : 6700 - Type : FILE-IMAGE - Revision : 20
2019-09-05 Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt
RuleID : 50893 - Type : FILE-MULTIMEDIA - Revision : 1
2019-09-05 Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt
RuleID : 50892 - Type : FILE-MULTIMEDIA - Revision : 1
2019-09-05 Microsoft Windows GDI EMF parsing arbitrary code execution attempt
RuleID : 50885 - Type : FILE-OTHER - Revision : 1
2019-09-05 Microsoft Windows GDI EMF parsing arbitrary code execution attempt
RuleID : 50884 - Type : FILE-OTHER - Revision : 1
2019-08-27 Microsoft Windows GDI+ interlaced PNG file parsing heap overflow attempt
RuleID : 50798 - Type : FILE-IMAGE - Revision : 1
2018-06-12 SMB client NULL deref race condition attempt
RuleID : 46637 - Type : NETBIOS - Revision : 1
2018-02-27 Microsoft Windows Movie Maker project file heap buffer overflow attempt
RuleID : 45554 - Type : FILE-MULTIMEDIA - Revision : 1
2018-02-27 Microsoft Windows Movie Maker project file heap buffer overflow attempt
RuleID : 45553 - Type : FILE-MULTIMEDIA - Revision : 1
2014-01-10 DECODE_IPV6_ISATAP_SPOOF
RuleID : 453 - Type : DECODE_IPV6_ISATAP_SPOOF - Revision : 1
2017-10-03 Microsoft Windows Shell Handler remote code execution attempt
RuleID : 44218 - Type : OS-WINDOWS - Revision : 1
2017-10-03 Microsoft Windows Shell Handler remote code execution attempt
RuleID : 44217 - Type : OS-WINDOWS - Revision : 1
2017-10-03 Microsoft Windows Shell Handler remote code execution attempt
RuleID : 44216 - Type : OS-WINDOWS - Revision : 1
2017-08-29 Microsoft Windows Vista contacts gadget code execution attempt
RuleID : 43732 - Type : OS-WINDOWS - Revision : 1
2017-08-29 Microsoft Windows Vista contacts gadget code execution attempt
RuleID : 43731 - Type : OS-WINDOWS - Revision : 1
2017-08-01 Microsoft GDI WMF file parsing integer overflow attempt
RuleID : 43362 - Type : FILE-IMAGE - Revision : 2
2017-08-01 Microsoft GDI WMF file parsing integer overflow attempt
RuleID : 43361 - Type : FILE-IMAGE - Revision : 2
2017-08-01 Microsoft GDI WMF file parsing integer overflow attempt
RuleID : 43360 - Type : FILE-IMAGE - Revision : 2
2017-08-01 Microsoft GDI WMF file parsing integer overflow attempt
RuleID : 43359 - Type : FILE-IMAGE - Revision : 2
2016-11-08 Microsoft Windows Media Runtime malformed ASF codec memory corruption attempt
RuleID : 40354 - Type : OS-WINDOWS - Revision : 2
2016-09-13 Microsoft Windows GDI emf filename buffer overflow attempt
RuleID : 40130 - Type : OS-WINDOWS - Revision : 2
2016-03-15 Microsoft Windows Movie Maker project file heap buffer overflow attempt
RuleID : 37663 - Type : FILE-MULTIMEDIA - Revision : 1
2016-03-14 Microsoft Windows malformed WMF meta escape record memory corruption attempt
RuleID : 36856 - Type : FILE-IMAGE - Revision : 2
2015-03-19 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 33518 - Type : FILE-IMAGE - Revision : 3
2015-03-19 Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 33517 - Type : FILE-IMAGE - Revision : 3

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2014-03-10 Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r...
File: smb_kb957488.nasl - Type: ACT_GATHER_INFO
2011-04-13 Name: Arbitrary code can be executed on the remote host through the installed SMB c...
File: smb_nt_ms11-019.nasl - Type: ACT_GATHER_INFO
2010-09-13 Name: It is possible to execute arbitrary code on the remote Windows host due to fl...
File: smb_kb971468.nasl - Type: ACT_GATHER_INFO
2010-04-13 Name: The remote host is vulnerable to network spoofing attacks.
File: smb_nt_ms10-029.nasl - Type: ACT_GATHER_INFO
2010-04-13 Name: An audio codec on the remote Windows host has a buffer overflow vulnerability.
File: smb_nt_ms10-026.nasl - Type: ACT_GATHER_INFO
2010-04-13 Name: The Windows kernel is affected by eight vulnerabilities, including some that ...
File: smb_nt_ms10-021.nasl - Type: ACT_GATHER_INFO
2010-04-13 Name: Arbitrary code can be executed on the remote host through the installed SMB c...
File: smb_nt_ms10-020.nasl - Type: ACT_GATHER_INFO
2010-04-13 Name: The remote Windows host has multiple code execution vulnerabilities.
File: smb_nt_ms10-019.nasl - Type: ACT_GATHER_INFO
2010-03-30 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms10-018.nasl - Type: ACT_GATHER_INFO
2010-03-09 Name: Arbitrary code can be executed on the remote host through Windows Movie Maker.
File: smb_nt_ms10-016.nasl - Type: ACT_GATHER_INFO
2010-02-09 Name: The remote host has multiple vulnerabilities in its TCP/IP implementation.
File: smb_nt_ms10-009.nasl - Type: ACT_GATHER_INFO
2010-02-09 Name: An API function on the remote host has a code execution vulnerability.
File: smb_nt_ms10-007.nasl - Type: ACT_GATHER_INFO
2010-02-09 Name: It is possible to execute arbitrary code on the remote Windows host due to fl...
File: smb_nt_ms10-012.nasl - Type: ACT_GATHER_INFO
2010-02-09 Name: The Windows kernel is affected by two vulnerabilities allowing a local attack...
File: smb_nt_ms10-015.nasl - Type: ACT_GATHER_INFO
2010-01-12 Name: It is possible to execute arbitrary code on the remote Windows host using the...
File: smb_nt_ms10-001.nasl - Type: ACT_GATHER_INFO
2009-12-08 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms09-072.nasl - Type: ACT_GATHER_INFO
2009-12-08 Name: The remote Windows host has multiple vulnerabilities in an authentication ser...
File: smb_nt_ms09-071.nasl - Type: ACT_GATHER_INFO
2009-11-10 Name: The installed version of Active Directory is affected by a denial of service ...
File: smb_nt_ms09-066.nasl - Type: ACT_GATHER_INFO
2009-11-10 Name: The remote Windows kernel is affected by remote privilege escalation vulnerab...
File: smb_nt_ms09-065.nasl - Type: ACT_GATHER_INFO
2009-11-10 Name: Arbitrary code can be executed on the remote host through the Web Services fo...
File: smb_nt_ms09-063.nasl - Type: ACT_GATHER_INFO
2009-10-15 Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r...
File: smb_nt_ms09-062.nasl - Type: ACT_GATHER_INFO
2009-10-14 Name: The Microsoft .NET Common Language Runtime is affected by multiple vulnerabil...
File: smb_nt_ms09-061.nasl - Type: ACT_GATHER_INFO
2009-10-13 Name: The remote SMB server can be abused to execute code remotely.
File: smb_nt_ms09-050.nasl - Type: ACT_GATHER_INFO
2009-10-13 Name: The remote Windows host is prone to a denial of service attack.
File: smb_nt_ms09-059.nasl - Type: ACT_GATHER_INFO
2009-10-13 Name: The Windows kernel is vulnerable to multiple buffer overflow attacks.
File: smb_nt_ms09-058.nasl - Type: ACT_GATHER_INFO