This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2007-06-06
Product Windows Vista Last view 2011-07-13
Version * Type Os
Update sp1  
Edition x64  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:microsoft:windows_vista

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.2 2011-07-13 CVE-2011-1888

win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Null Pointer De-reference Vulnerability."

7.2 2011-07-13 CVE-2011-1887

win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Null Pointer De-reference Vulnerability."

7.2 2011-07-13 CVE-2011-1885

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Null Pointer De-reference Vulnerability."

7.2 2011-07-13 CVE-2011-1884

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability."

7.2 2011-07-13 CVE-2011-1883

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability."

7.2 2011-07-13 CVE-2011-1882

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability."

7.2 2011-07-13 CVE-2011-1881

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Null Pointer De-reference Vulnerability."

7.2 2011-07-13 CVE-2011-1880

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Null Pointer De-reference Vulnerability."

7.2 2011-07-13 CVE-2011-1879

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability."

7.2 2011-07-13 CVE-2011-1878

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability."

7.2 2011-07-13 CVE-2011-1877

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, aka "Win32k Use After Free Vulnerability."

7.2 2011-07-13 CVE-2011-1876

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability."

7.2 2011-07-13 CVE-2011-1875

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability."

7.2 2011-07-13 CVE-2011-1874

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability."

7.2 2011-07-13 CVE-2011-1284

Integer overflow in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka "CSRSS Local EOP SrvWriteConsoleOutput Vulnerability."

7.2 2011-07-13 CVE-2011-1283

The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 does not ensure that an unspecified array index has a non-negative value before performing read and write operations, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka "CSRSS Local EOP SrvSetConsoleNumberOfCommand Vulnerability."

7.2 2011-07-13 CVE-2011-1282

The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly initialize memory and consequently uses a NULL pointer in an unspecified function call, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka "CSRSS Local EOP SrvSetConsoleLocalEUDC Vulnerability."

7.2 2011-07-13 CVE-2011-1281

The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly restrict the number of console objects for a process, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka "CSRSS Local EOP AllocConsole Vulnerability."

4.3 2011-06-16 CVE-2011-1894

The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for embedded content in an HTML document, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted EMBED element in a web page that is visited in Internet Explorer, aka "MHTML Mime-Formatted Request Vulnerability."

9.3 2011-06-16 CVE-2011-1873

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 on 64-bit platforms does not properly validate pointers during the parsing of OpenType (aka OTF) fonts, which allows remote attackers to execute arbitrary code via a crafted font file, aka "Win32k OTF Validation Vulnerability."

7.8 2011-06-16 CVE-2011-1869

The Distributed File System (DFS) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote DFS servers to cause a denial of service (system hang) via a crafted referral response, aka "DFS Referral Response Vulnerability."

10 2011-06-16 CVE-2011-1268

The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote SMB servers to execute arbitrary code via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Response Parsing Vulnerability."

9.3 2011-06-16 CVE-2011-0658

Integer underflow in the OLE Automation protocol implementation in VBScript.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted WMF file, aka "OLE Automation Underflow Vulnerability."

7.2 2011-04-13 CVE-2011-1242

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability."

7.2 2011-04-13 CVE-2011-1241

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability."

CWE : Common Weakness Enumeration

%idName
24% (48) CWE-399 Resource Management Errors
21% (42) CWE-20 Improper Input Validation
20% (40) CWE-94 Failure to Control Generation of Code ('Code Injection')
11% (22) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
8% (17) CWE-189 Numeric Errors
6% (12) CWE-264 Permissions, Privileges, and Access Controls
2% (4) CWE-362 Race Condition
1% (3) CWE-200 Information Exposure
1% (2) CWE-310 Cryptographic Issues
1% (2) CWE-255 Credentials Management
1% (2) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
0% (1) CWE-287 Improper Authentication
0% (1) CWE-16 Configuration

CAPEC : Common Attack Pattern Enumeration & Classification

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Name
CAPEC-2 Inducing Account Lockout
CAPEC-3 Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-7 Blind SQL Injection
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-13 Subverting Environment Variable Values
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-18 Embedding Scripts in Nonscript Elements
CAPEC-22 Exploiting Trust in Client (aka Make the Client Invisible)
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-28 Fuzzing
CAPEC-31 Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-32 Embedding Scripts in HTTP Query Strings
CAPEC-42 MIME Conversion
CAPEC-43 Exploiting Multiple Input Interpretation Layers
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-52 Embedding NULL Bytes
CAPEC-53 Postfix, Null Terminate, and Backslash
CAPEC-63 Simple Script Injection
CAPEC-64 Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-66 SQL Injection
CAPEC-67 String Format Overflow in syslog()

SAINT Exploits

Description Link
Internet Explorer iepeers.dll use-after-free vulnerability More info here
Visual Studio Active Template Library object type mismatch vulnerability More info here
Windows Server Service buffer overflow MS08-067 More info here
Microsoft Windows Movie Maker IsValidWMToolsStream buffer overflow More info here
Microsoft Windows Media Player DVR-MS File Code Execution More info here
Windows Telnet credential reflection More info here
Internet Explorer WinINet credential reflection vulnerability More info here
Windows Thumbnail View CreateSizedDIBSECTION buffer overflow More info here
Windows search-ms protocol handler command execution vulnerability More info here
Windows Shell LNK file CONTROL item command execution More info here
Microsoft Remote Desktop Connection Insecure Library Injection More info here
Microsoft Office Art Property Table Memory Corruption More info here
Windows SMB2 buffer overflow More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
73796 Microsoft Windows CSRSS SrvSetConsoleLocalEUDC() Function NULL Page Data Writ...
73794 Microsoft Windows CSRSS SrvWriteConsoleOutput() Function Local Overflow
73793 Microsoft Windows CSRSS SrvSetConsoleNumberOfCommand() Function Kernel Memory...
73792 Microsoft Windows CSRSS AllocConsole() Function Multiple Console Object Orpha...
73790 Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc...
73789 Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc...
73788 Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc...
73787 Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc...
73786 Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc...
73785 Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg...
73784 Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg...
73783 Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg...
73782 Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg...
73781 Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg...
73780 Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg...
73779 Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg...
73778 Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg...
73777 Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg...
72960 Microsoft SMB Client Response Handling Remote Code Execution
72959 Microsoft Windows Object Linking and Embedding (OLE) Automation Remote Code E...
72935 Microsoft Windows MHTML Mime-Formatted Request Unspecified XSS
72929 Microsoft Windows Distributed File System (DFS) Referral Response Handling Re...
72919 Microsoft Windows OpenType Font (OTF) Pointer Validation Arbitrary Code Execu...
71781 Microsoft Windows SMB Transaction Parsing Unspecified Remote Code Execution
71780 Microsoft Windows DNS Client Service LLMNR Query Processing Remote Code Execu...

ExploitDB Exploits

id Description
17659 MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow
17544 GDI+ CreateDashedPath Integer overflow in gdiplus.dll
16590 Internet Explorer DHTML Behaviors Use After Free
15985 MS10-073: Win32k Keyboard Layout Vulnerability
15266 Windows NTLM Weak Nonce Vulnerability
15158 MOAUB #30 - Microsoft Unicode Scripts Processor Remote Code Execution
15112 MOAUB #26 - Microsoft Cinepak Codec CVDecompress Heap Overflow
14895 MOAUB #5 - Microsoft MPEG Layer-3 Remote Command Execution Exploit
14886 MOAUB #4 - Movie Maker Remote Code Execution (MS10-016)
14670 Microsoft Windows nt!SeObjectCreateSaclAccessBits() Missed ACE Bounds Checks ...
14667 Microsoft Windows KTM Invalid Free with Reused Transaction GUID (MS10-047)
14610 Microsoft Windows Tracing Registry Key ACL Privilege Escalation Vulnerability
14608 Microsoft Windows CreateWindow Function Callback Vulnerability (MS10-048)
12273 Windows 7/2008R2 SMB Client Trans2 Stack Overflow 10-020 PoC
11683 Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta)
11199 Windows NT - User Mode to Ring 0 Escalation Vulnerability
9893 Microsoft Internet Explorer 5,6,7 memory corruption PoC

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-03-06 Name : Microsoft SMB Transaction Parsing Remote Code Execution Vulnerability
File : nvt/secpod_ms11-020_remote.nasl
2012-02-29 Name : MicroSoft SMB Server Trans2 Request Remote Code Execution Vulnerability
File : nvt/secpod_ms10-054_remote.nasl
2011-07-13 Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2555917)
File : nvt/secpod_ms11-054.nasl
2011-07-13 Name : Microsoft Windows CSRSS Privilege Escalation Vulnerabilities (2507938)
File : nvt/secpod_ms11-056.nasl
2011-06-15 Name : Windows MHTML Information Disclosure Vulnerability (2544893)
File : nvt/secpod_ms11-037.nasl
2011-06-15 Name : Microsoft Windows OLE Automation Remote Code Execution Vulnerability (2476490)
File : nvt/secpod_ms11-038.nasl
2011-06-15 Name : Microsoft Distributed File System Remote Code Execution Vulnerabilities (2535...
File : nvt/secpod_ms11-042.nasl
2011-06-15 Name : Microsoft SMB Client Remote Code Execution Vulnerabilities (2536276)
File : nvt/secpod_ms11-043.nasl
2011-04-13 Name : Microsoft SMB Client Remote Code Execution Vulnerabilities (2511455)
File : nvt/secpod_ms11-019.nasl
2011-04-13 Name : Microsoft Windows SMB Server Remote Code Execution Vulnerability (2508429)
File : nvt/secpod_ms11-020.nasl
2011-04-13 Name : Windows Fax Cover Page Editor Remote Code Execution Vulnerability (2527308)
File : nvt/secpod_ms11-024.nasl
2011-04-13 Name : Windows MHTML Information Disclosure Vulnerability (2503658)
File : nvt/secpod_ms11-026.nasl
2011-04-13 Name : Microsoft IE Developer Tools WMITools and Windows Messenger ActiveX Control V...
File : nvt/secpod_ms11-027.nasl
2011-04-13 Name : Microsoft GDI+ Remote Code Execution Vulnerability (2489979)
File : nvt/secpod_ms11-029.nasl
2011-04-13 Name : Microsoft DNS Resolution Remote Code Execution Vulnerability (2509553)
File : nvt/secpod_ms11-030.nasl
2011-04-13 Name : Windows OpenType Compact Font Format (CFF) Driver Remote Code Execution Vulne...
File : nvt/secpod_ms11-032.nasl
2011-04-13 Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2506223)
File : nvt/secpod_ms11-034.nasl
2011-04-11 Name : Microsoft Windows IPv4 Default Configuration Security Bypass Vulnerability
File : nvt/gb_ms_windows_nic_security_bypass_vuln.nasl
2011-03-09 Name : Microsoft Windows Media Remote Code Execution Vulnerabilities (2510030)
File : nvt/secpod_ms11-015.nasl
2011-03-09 Name : Microsoft Remote Desktop Client Remote Code Execution Vulnerability (2508062)
File : nvt/secpod_ms11-017.nasl
2011-02-09 Name : Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Ex...
File : nvt/secpod_ms11-006.nasl
2011-02-09 Name : Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Re...
File : nvt/secpod_ms11-007.nasl
2011-02-09 Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2479628)
File : nvt/secpod_ms11-012.nasl
2011-02-05 Name : Microsoft Internet Explorer Information Disclosure Vulnerability (2501696)
File : nvt/secpod_ms_ie_mhtml_info_disc_vuln.nasl
2011-01-12 Name : Windows Backup Manager Remote Code Execution Vulnerability (2478935)
File : nvt/secpod_ms11-001.nasl

Information Assurance Vulnerability Management (IAVM)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2011-B-0065 Microsoft MHTML Information Disclosure Vulnerability
Severity: Category II - VMSKEY: V0028617
2011-A-0081 Microsoft Windows OLE Automation Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0028597
2011-A-0087 Microsoft Distributed File System Remote Code Execution Vulnerabilities
Severity: Category I - VMSKEY: V0028593
2011-A-0079 Microsoft SMB Client Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0028592
2011-A-0050 Microsoft SMB Server Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0026521
2011-A-0039 Microsoft DNS Resolution Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0026514
2011-B-0045 Microsoft Windows Fax Cover Page Editor Vulnerability
Severity: Category II - VMSKEY: V0026509
2011-B-0033 Microsoft Remote Desktop Connection Client Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0026091
2011-A-0031 Multiple Vulnerabilities in Microsoft Windows Media
Severity: Category II - VMSKEY: V0026088
2011-A-0019 Microsoft Windows Shell Graphics Processing Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0026068
2011-B-0007 Microsoft Windows Backup Manager Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0025889
2010-B-0110 Microsoft Task Scheduler Elevation of Privilege Vulnerability
Severity: Category II - VMSKEY: V0025862
2010-B-0117 Microsoft Windows Consent User Interface Elevation of Privilege Vulnerability
Severity: Category II - VMSKEY: V0025851
2010-A-0173 Microsoft Windows Address Book Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0025845
2010-B-0090 Microsoft Windows Common Control Library Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0025534
2010-A-0135 Microsoft Windows Embedded OpenType Font Engine Vulnerability
Severity: Category I - VMSKEY: V0025528
2010-A-0141 Microsoft Windows Media Player Network Sharing Service Remote Code Execution ...
Severity: Category II - VMSKEY: V0025520
2010-A-0124 Microsoft Windows Print Spooler Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0025362
2010-A-0122 Microsoft MPEG Layer-4 Codec Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0025359
2010-B-0064 Multiple Vulnerabilities in Microsoft Windows Tracing Feature for Services
Severity: Category I - VMSKEY: V0025074
2010-A-0103 Microsoft Cinepak Codec Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0025067
2010-B-0030 Microsoft Windows ISATAP Spoofing Vulnerability
Severity: Category I - VMSKEY: V0023956
2010-A-0053 Microsoft MPEG Layer-3 Codecs Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0023999
2010-A-0030 Multiple Vulnerabilities in Microsoft Windows TCP/IP
Severity: Category I - VMSKEY: V0022684
2010-A-0029 Microsoft Windows Shell Handler Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0022683

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 Microsoft Multiple Products malformed PNG detected tEXt overflow attempt
RuleID : 6700 - Type : FILE-IMAGE - Revision : 20
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX clsid access
RuleID : 53118 - Type : BROWSER-PLUGINS - Revision : 1
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt
RuleID : 53117 - Type : BROWSER-PLUGINS - Revision : 1
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt
RuleID : 53116 - Type : BROWSER-PLUGINS - Revision : 1
2020-01-03 Microsoft Windows MHTML XSS attempt
RuleID : 52335 - Type : OS-WINDOWS - Revision : 1
2019-09-05 Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt
RuleID : 50893 - Type : FILE-MULTIMEDIA - Revision : 1
2019-09-05 Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt
RuleID : 50892 - Type : FILE-MULTIMEDIA - Revision : 1
2019-09-05 Microsoft OpenType font index remote code execution attempt
RuleID : 50889 - Type : FILE-OTHER - Revision : 1
2019-09-05 Microsoft OpenType font index remote code execution attempt
RuleID : 50888 - Type : FILE-OTHER - Revision : 1
2019-09-05 Microsoft Windows GDI EMF parsing arbitrary code execution attempt
RuleID : 50885 - Type : FILE-OTHER - Revision : 1
2019-09-05 Microsoft Windows GDI EMF parsing arbitrary code execution attempt
RuleID : 50884 - Type : FILE-OTHER - Revision : 1
2019-09-05 Microsoft Fax Cover Page Editor heap corruption attempt
RuleID : 50873 - Type : OS-WINDOWS - Revision : 1
2019-09-05 Microsoft Fax Cover Page Editor heap corruption attempt
RuleID : 50872 - Type : OS-WINDOWS - Revision : 1
2019-08-27 Microsoft Windows GDI+ interlaced PNG file parsing heap overflow attempt
RuleID : 50798 - Type : FILE-IMAGE - Revision : 1
2018-06-12 SMB client NULL deref race condition attempt
RuleID : 46637 - Type : NETBIOS - Revision : 1
2018-02-27 Microsoft Windows Movie Maker project file heap buffer overflow attempt
RuleID : 45554 - Type : FILE-MULTIMEDIA - Revision : 1
2018-02-27 Microsoft Windows Movie Maker project file heap buffer overflow attempt
RuleID : 45553 - Type : FILE-MULTIMEDIA - Revision : 1
2014-01-10 DECODE_IPV6_ISATAP_SPOOF
RuleID : 453 - Type : DECODE_IPV6_ISATAP_SPOOF - Revision : 1
2017-10-10 Microsoft DirectShow memory corruption attempt
RuleID : 44306 - Type : OS-WINDOWS - Revision : 2
2017-10-10 Microsoft DirectShow memory corruption attempt
RuleID : 44305 - Type : OS-WINDOWS - Revision : 2
2017-10-03 Microsoft Windows Shell Handler remote code execution attempt
RuleID : 44218 - Type : OS-WINDOWS - Revision : 1
2017-10-03 Microsoft Windows Shell Handler remote code execution attempt
RuleID : 44217 - Type : OS-WINDOWS - Revision : 1
2017-10-03 Microsoft Windows Shell Handler remote code execution attempt
RuleID : 44216 - Type : OS-WINDOWS - Revision : 1
2017-08-01 Microsoft GDI WMF file parsing integer overflow attempt
RuleID : 43362 - Type : FILE-IMAGE - Revision : 2
2017-08-01 Microsoft GDI WMF file parsing integer overflow attempt
RuleID : 43361 - Type : FILE-IMAGE - Revision : 2

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2014-03-10 Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r...
File: smb_kb957488.nasl - Type: ACT_GATHER_INFO
2011-07-12 Name: The remote Windows kernel is affected by multiple vulnerabilities.
File: smb_nt_ms11-054.nasl - Type: ACT_GATHER_INFO
2011-07-12 Name: Users can elevate their privileges on the remote host.
File: smb_nt_ms11-056.nasl - Type: ACT_GATHER_INFO
2011-06-15 Name: The remote Windows host is affected by an information disclosure vulnerability.
File: smb_nt_ms11-037.nasl - Type: ACT_GATHER_INFO
2011-06-15 Name: The remote Windows host is affected by a remote code execution vulnerability.
File: smb_nt_ms11-038.nasl - Type: ACT_GATHER_INFO
2011-06-15 Name: The remote Windows kernel is affected by a remote code execution vulnerability.
File: smb_nt_ms11-041.nasl - Type: ACT_GATHER_INFO
2011-06-15 Name: A distributed file system on the remote Windows host has multiple vulnerabili...
File: smb_nt_ms11-042.nasl - Type: ACT_GATHER_INFO
2011-06-15 Name: Arbitrary code can be executed on the remote host through the installed SMB c...
File: smb_nt_ms11-043.nasl - Type: ACT_GATHER_INFO
2011-04-21 Name: Arbitrary code can be executed on the remote host through the installed Windo...
File: llmnr-ms11-030.nasl - Type: ACT_GATHER_INFO
2011-04-20 Name: It is possible to execute arbitrary code on the remote Windows host due to fl...
File: smb_kb2508429.nasl - Type: ACT_GATHER_INFO
2011-04-13 Name: Arbitrary code can be executed on the remote host through the installed SMB c...
File: smb_nt_ms11-019.nasl - Type: ACT_GATHER_INFO
2011-04-13 Name: It is possible to execute arbitrary code on the remote Windows host due to fl...
File: smb_nt_ms11-020.nasl - Type: ACT_GATHER_INFO
2011-04-13 Name: A fax cover page editor on the remote host has a memory corruption vulnerabil...
File: smb_nt_ms11-024.nasl - Type: ACT_GATHER_INFO
2011-04-13 Name: The remote Windows host is affected by an information disclosure vulnerability.
File: smb_nt_ms11-026.nasl - Type: ACT_GATHER_INFO
2011-04-13 Name: The remote Windows host is missing an update that disables selected ActiveX c...
File: smb_nt_ms11-027.nasl - Type: ACT_GATHER_INFO
2011-04-13 Name: Arbitrary code can be executed on the remote Windows host through Microsoft's...
File: smb_nt_ms11-029.nasl - Type: ACT_GATHER_INFO
2011-04-13 Name: Arbitrary code can be executed on the remote host through the installed Windo...
File: smb_nt_ms11-030.nasl - Type: ACT_GATHER_INFO
2011-04-13 Name: The remote Windows host contains a font driver that is affected by a privileg...
File: smb_nt_ms11-032.nasl - Type: ACT_GATHER_INFO
2011-04-13 Name: The remote Windows kernel is affected by multiple vulnerabilities.
File: smb_nt_ms11-034.nasl - Type: ACT_GATHER_INFO
2011-03-08 Name: The version of Windows Media installed on the remote host has multiple code e...
File: smb_nt_ms11-015.nasl - Type: ACT_GATHER_INFO
2011-03-08 Name: It is possible to execute arbitrary code on the remote host through the Remot...
File: smb_nt_ms11-017.nasl - Type: ACT_GATHER_INFO
2011-02-08 Name: It may be possible to execute arbitrary code on the remote host using the gra...
File: smb_nt_ms11-006.nasl - Type: ACT_GATHER_INFO
2011-02-08 Name: The remote Windows host contains a font driver that is affected by a privileg...
File: smb_nt_ms11-007.nasl - Type: ACT_GATHER_INFO
2011-02-08 Name: The remote Windows kernel is affected by multiple vulnerabilities.
File: smb_nt_ms11-012.nasl - Type: ACT_GATHER_INFO
2011-01-11 Name: The remote Windows host is affected by a code execution vulnerability in the ...
File: smb_nt_ms11-001.nasl - Type: ACT_GATHER_INFO