This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2009-06-10
Product Windows Vista Last view 2014-03-12
Version * Type Os
Update sp2  
Edition x64  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:microsoft:windows_vista

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
5.4 2014-03-12 CVE-2014-0317

The Security Account Manager Remote (SAMR) protocol implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2 does not properly determine the user-lockout state, which makes it easier for remote attackers to bypass the account lockout policy and obtain access via a brute-force attack, aka "SAMR Security Feature Bypass Vulnerability."

7.2 2013-12-10 CVE-2013-3907

portcls.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Port-Class Driver Double Fetch Vulnerability."

4.9 2013-11-12 CVE-2013-3887

The Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows local users to obtain sensitive information from kernel memory by leveraging improper copy operations, aka "Ancillary Function Driver Information Disclosure Vulnerability."

9.3 2013-11-06 CVE-2013-3906

GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafted TIFF image, as demonstrated by an image in a Word document, and exploited in the wild in October and November 2013.

9.3 2013-10-09 CVE-2013-3894

The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted CMAP table in a TrueType font (TTF) file, aka "TrueType Font CMAP Table Vulnerability."

7.2 2013-10-09 CVE-2013-3888

dxgkrnl.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "DirectX Graphics Kernel Subsystem Double Fetch Vulnerability."

7.2 2013-10-09 CVE-2013-3879

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Use After Free Vulnerability."

7.2 2013-10-09 CVE-2013-3200

The USB drivers in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability."

10 2013-10-09 CVE-2013-3195

The DSA_InsertItem function in Comctl32.dll in the Windows common control library in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted value in an argument to an ASP.NET web application, aka "Comctl32 Integer Overflow Vulnerability."

9.3 2013-10-09 CVE-2013-3128

The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5, allow remote attackers to execute arbitrary code via a crafted OpenType font (OTF) file, aka "OpenType Font Parsing Vulnerability."

5 2013-09-11 CVE-2013-3868

Microsoft Active Directory Lightweight Directory Service (AD LDS) on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 and Active Directory Services on Windows Server 2008 SP2 and R2 SP1 and Server 2012 allow remote attackers to cause a denial of service (LDAP directory-service outage) via a crafted LDAP query, aka "Remote Anonymous DoS Vulnerability."

7.2 2013-09-11 CVE-2013-3866

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."

7.2 2013-09-11 CVE-2013-3865

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-1344, and CVE-2013-3864.

7.2 2013-09-11 CVE-2013-3864

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-1344, and CVE-2013-3865.

7.2 2013-09-11 CVE-2013-1344

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-3864, and CVE-2013-3865.

7.2 2013-09-11 CVE-2013-1343

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865.

7.2 2013-09-11 CVE-2013-1342

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1343, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865.

7.2 2013-09-11 CVE-2013-1341

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability."

9.3 2013-09-11 CVE-2013-0810

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, and Windows Server 2008 SP2 allow remote attackers to execute arbitrary code via a crafted screensaver in a theme file, aka "Windows Theme File Remote Code Execution Vulnerability."

7.8 2013-08-14 CVE-2013-3183

The TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly perform memory allocation for inbound ICMPv6 packets, which allows remote attackers to cause a denial of service (system hang) via crafted packets, aka "ICMPv6 Vulnerability."

10 2013-08-14 CVE-2013-3175

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a malformed asynchronous RPC request, aka "Remote Procedure Call Vulnerability."

9.3 2013-07-09 CVE-2013-3174

DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows remote attackers to execute arbitrary code via a crafted GIF file, aka "DirectShow Arbitrary Memory Overwrite Vulnerability."

7.2 2013-07-09 CVE-2013-3173

Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Win32k Buffer Overwrite Vulnerability."

4.9 2013-07-09 CVE-2013-3172

Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to cause a denial of service (system hang) via a crafted application that leverages improper handling of objects in memory, aka "Win32k Buffer Overflow Vulnerability."

7.2 2013-07-09 CVE-2013-3167

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Information Disclosure Vulnerability."

CWE : Common Weakness Enumeration

%idName
19% (58) CWE-399 Resource Management Errors
18% (54) CWE-20 Improper Input Validation
16% (48) CWE-94 Failure to Control Generation of Code ('Code Injection')
13% (38) CWE-362 Race Condition
12% (36) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
9% (28) CWE-264 Permissions, Privileges, and Access Controls
5% (16) CWE-189 Numeric Errors
1% (5) CWE-200 Information Exposure
0% (2) CWE-310 Cryptographic Issues
0% (2) CWE-287 Improper Authentication
0% (2) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
0% (1) CWE-255 Credentials Management
0% (1) CWE-134 Uncontrolled Format String

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-2 Inducing Account Lockout
CAPEC-82 Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi...
CAPEC-147 XML Ping of Death
CAPEC-228 Resource Depletion through DTD Injection in a SOAP Message

SAINT Exploits

Description Link
Internet Explorer iepeers.dll use-after-free vulnerability More info here
Visual Studio Active Template Library object type mismatch vulnerability More info here
Microsoft Windows Movie Maker IsValidWMToolsStream buffer overflow More info here
Microsoft Windows Media Player DVR-MS File Code Execution More info here
Windows Telnet credential reflection More info here
Windows Thumbnail View CreateSizedDIBSECTION buffer overflow More info here
Windows Media MIDI Invalid Channel More info here
Microsoft Office ClickOnce Unsafe Execution More info here
Windows Shell LNK file CONTROL item command execution More info here
Microsoft Remote Desktop Connection Insecure Library Injection More info here
Windows Crafted Theme File Handling Vulnerability More info here
Windows SMB2 buffer overflow More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
78211 Microsoft Windows Line21 DirectShow Filter Media File Handling Remote Code Ex...
78210 Microsoft Windows Multimedia Library (winmm.dll) MIDI File Handling Remote Co...
78209 Microsoft Windows Ntdll.dll Structured Exception Handling Tables Loading Safe...
78207 Microsoft Windows Embedded ClickOnce Application Office File Handling Remote ...
78206 Microsoft Windows Client/Server Run-time Subsystem (CSRSS) Unicode Character ...
78057 Microsoft .NET Framework ASP.NET Hash Collision Web Form Post Parsing Remote DoS
78056 Microsoft .NET Framework Forms Authentication Sliding Expiry Cached Content P...
78055 Microsoft .NET Framework ASP.NET Username Parsing Authentication Bypass
78054 Microsoft .NET Framework Forms Authentication Return URL Handling Arbitrary S...
77667 Microsoft Windows Active Directory Query Parsing Remote Overflow
77662 Microsoft Windows CSRSS Device Event Message Parsing Local Privilege Escalation
77660 Microsoft Windows Media Player / Center DVR-MS File Handling Remote Memory Co...
76902 Microsoft Windows Active Directory LDAPS CRL Handling Weakness Authentication...
76901 Microsoft Windows Mail / Windows Meeting Space Path Subversion Arbitrary DLL ...
76899 Microsoft Windows TCP/IP Reference Counter Crafted UDP Packet Stream Remote O...
76843 Microsoft Windows Win32k TrueType Font Handling Privilege Escalation
76231 Microsoft Windows Active Accessibility Path Subversion Arbitrary DLL Injectio...
76221 Microsoft Windows win32k.sys Driver Use-after-free Driver Object Handling Arb...
76220 Microsoft Windows win32k.sys Driver .fon Font File Handling Overflow
76219 Microsoft Windows win32k.sys Driver Type Translation TrueType Font File Handl...
76218 Microsoft Windows win32k.sys Driver NULL Dereference Unspecified Arbitrary Co...
76205 Microsoft Windows Media Center Path Subversion Arbitrary DLL Injection Code E...
75382 Microsoft Windows Shell Extensions Path Subversion Arbitrary DLL Injection Co...
74482 Microsoft Windows TCP/IP Stack (Tcpip.sys) ICMP Message Parsing Remote DoS
74407 Microsoft Windows Kernel File Metadata Handling Remote DoS

ExploitDB Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
33213 Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)
30011 Microsoft Tagged Image File Format (TIFF) Integer Overflow
27050 DirectShow Arbitrary Memory Overwrite Vulnerability (MS13-056)
24485 MS13-005 HWND_BROADCAST PoC
19037 MS12-005 Microsoft Office ClickOnce Unsafe Object Package Handling Vulnerability
18426 MS12-004 midiOutPlayNextPolyEvent Heap Overflow
18372 Microsoft Windows Assembly Execution Vulnerability MS12-005
18024 MS11-077 Win32k Null Pointer De-reference Vulnerability POC
17978 MS11-077 .fon Kernel-Mode Buffer Overrun PoC
17659 MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow
17544 GDI+ CreateDashedPath Integer overflow in gdiplus.dll
16590 Internet Explorer DHTML Behaviors Use After Free
15985 MS10-073: Win32k Keyboard Layout Vulnerability
15266 Windows NTLM Weak Nonce Vulnerability
15158 MOAUB #30 - Microsoft Unicode Scripts Processor Remote Code Execution
15112 MOAUB #26 - Microsoft Cinepak Codec CVDecompress Heap Overflow
14895 MOAUB #5 - Microsoft MPEG Layer-3 Remote Command Execution Exploit
14886 MOAUB #4 - Movie Maker Remote Code Execution (MS10-016)
14670 Microsoft Windows nt!SeObjectCreateSaclAccessBits() Missed ACE Bounds Checks ...
14667 Microsoft Windows KTM Invalid Free with Reused Transaction GUID (MS10-047)
14610 Microsoft Windows Tracing Registry Key ACL Privilege Escalation Vulnerability
14608 Microsoft Windows CreateWindow Function Callback Vulnerability (MS10-048)
12273 Windows 7/2008R2 SMB Client Trans2 Stack Overflow 10-020 PoC
11683 Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta)
11199 Windows NT - User Mode to Ring 0 Escalation Vulnerability

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-07-09 Name : Microsoft Remote Desktop Protocol Remote Code Execution Vulnerabilities (2671...
File : nvt/secpod_ms12-020_remote.nasl
2012-12-12 Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (...
File : nvt/secpod_ms12-078.nasl
2012-12-12 Name : Microsoft Windows File Handling Component Remote Code Execution Vulnerability...
File : nvt/secpod_ms12-081.nasl
2012-11-14 Name : Microsoft Windows Shell Remote Code Execution Vulnerabilities (2727528)
File : nvt/secpod_ms12-072.nasl
2012-11-14 Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (...
File : nvt/secpod_ms12-075.nasl
2012-10-10 Name : Microsoft Windows Kernel Privilege Elevation Vulnerability (2724197)
File : nvt/secpod_ms12-068.nasl
2012-09-28 Name : Google Chrome Windows Kernel Memory Corruption Vulnerability
File : nvt/gb_google_chrome_mem_crptn_vuln_win.nasl
2012-08-15 Name : Microsoft Windows Networking Components Remote Code Execution Vulnerabilities...
File : nvt/secpod_ms12-054.nasl
2012-08-15 Name : Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerability (2731...
File : nvt/secpod_ms12-055.nasl
2012-07-11 Name : Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (27...
File : nvt/secpod_ms12-047.nasl
2012-07-11 Name : Microsoft Windows Shell Remote Code Execution Vulnerability (2691442)
File : nvt/secpod_ms12-048.nasl
2012-07-11 Name : Microsoft Windows TLS Protocol Information Disclosure Vulnerability (2655992)
File : nvt/secpod_ms12-049.nasl
2012-06-13 Name : Microsoft Remote Desktop Protocol Remote Code Execution Vulnerability (2685939)
File : nvt/secpod_ms12-036.nasl
2012-06-13 Name : Microsoft Lync Remote Code Execution Vulnerabilities (2707956)
File : nvt/secpod_ms12-039.nasl
2012-06-13 Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2709162)
File : nvt/secpod_ms12-041.nasl
2012-05-14 Name : Microsoft Silverlight Code Execution Vulnerabilities - 2681578 (Mac OS X)
File : nvt/secpod_ms12-034_macosx.nasl
2012-05-09 Name : Microsoft Windows Prtition Manager Privilege Elevation Vulnerability (2690533)
File : nvt/secpod_ms12-033.nasl
2012-05-09 Name : MS Security Update For Microsoft Office, .NET Framework, and Silverlight (268...
File : nvt/secpod_ms12-034.nasl
2012-04-11 Name : Windows Authenticode Signature Remote Code Execution Vulnerability (2653956)
File : nvt/secpod_ms12-024.nasl
2012-03-14 Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerability (2641653)
File : nvt/secpod_ms12-018.nasl
2012-03-14 Name : Microsoft Windows DirectWrite Denial of Service Vulnerability (2665364)
File : nvt/secpod_ms12-019.nasl
2012-03-14 Name : Microsoft Remote Desktop Protocol Remote Code Execution Vulnerabilities (2671...
File : nvt/secpod_ms12-020.nasl
2012-03-06 Name : Microsoft SMB Transaction Parsing Remote Code Execution Vulnerability
File : nvt/secpod_ms11-020_remote.nasl
2012-02-29 Name : MicroSoft SMB Server Trans2 Request Remote Code Execution Vulnerability
File : nvt/secpod_ms10-054_remote.nasl
2012-02-15 Name : Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (2660465)
File : nvt/secpod_ms12-008.nasl

Information Assurance Vulnerability Management (IAVM)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2014-B-0028 Microsoft Security Account Manager Remote (SAMR) Security Bypass Vulnerability
Severity: Category II - VMSKEY: V0046171
2013-A-0225 Microsoft GDI Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0042593
2013-A-0232 Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Drivers
Severity: Category I - VMSKEY: V0042582
2013-B-0127 Microsoft Windows Ancillary Function Driver Information Disclosure Vulnerability
Severity: Category II - VMSKEY: V0042302
2013-A-0190 Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Drivers
Severity: Category I - VMSKEY: V0040763
2013-A-0189 Microsoft Windows Common Control Library Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0040760
2013-A-0187 Multiple Vulnerabilities in Microsoft .NET Framework
Severity: Category I - VMSKEY: V0040753
2013-B-0100 Microsoft Active Directory Denial of Service Vulnerability
Severity: Category I - VMSKEY: V0040303
2013-B-0104 Microsoft Windows Theme File Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0040299
2013-A-0161 Microsoft ICMPv6 Denial of Service Vulnerability
Severity: Category I - VMSKEY: V0040035
2013-A-0163 Microsoft Windows Remote Procedure Call (RPC) Elevation of Privilege Vulnerab...
Severity: Category I - VMSKEY: V0040034
2013-B-0088 Multiple Privilege Escalation Vulnerabilities in Microsoft Windows Kernel
Severity: Category I - VMSKEY: V0040045
2013-B-0071 Multiple Vulnerabilities in Microsoft .NET Framework and Silverlight
Severity: Category II - VMSKEY: V0039211
2013-A-0134 Microsoft DirectShow Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0039200
2013-A-0135 Microsoft GDI+ Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0039199
2013-A-0120 Microsoft Windows Print Spooler Privilege Escalation Vulnerability
Severity: Category I - VMSKEY: V0039072
2013-B-0034 Microsoft Windows Client/Server Run-time Subsystem Elevation of Privilege Vul...
Severity: Category II - VMSKEY: V0037616
2013-A-0080 Microsoft Windows Kernel Privilege Escalation Vulnerability
Severity: Category II - VMSKEY: V0037609
2013-A-0063 Microsoft Windows Kernel-Mode Drivers Privilege Escalation Vulnerability
Severity: Category II - VMSKEY: V0037404
2013-A-0042 Microsoft Windows Media Decompression Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0036827
2013-A-0004 Multiple Vulnerabilities in Microsoft XML Core Services
Severity: Category I - VMSKEY: V0036444
2013-B-0003 Microsoft Windows Security Bypass Vulnerability
Severity: Category I - VMSKEY: V0036450
2012-A-0196 Microsoft Windows File Handling Component Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0035488
2012-A-0185 Multiple Vulnerabilities in Microsoft Windows Shell
Severity: Category I - VMSKEY: V0034956
2012-A-0137 Multiple Vulnerabilities in Microsoft Windows Networking Components
Severity: Category I - VMSKEY: V0033657

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX clsid access
RuleID : 53118 - Type : BROWSER-PLUGINS - Revision : 1
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt
RuleID : 53117 - Type : BROWSER-PLUGINS - Revision : 1
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt
RuleID : 53116 - Type : BROWSER-PLUGINS - Revision : 1
2020-01-03 Microsoft Windows MHTML XSS attempt
RuleID : 52335 - Type : OS-WINDOWS - Revision : 1
2019-09-17 Microsoft Windows Object Packager ClickOnce object remote code execution attempt
RuleID : 51029 - Type : OS-WINDOWS - Revision : 1
2019-09-17 Microsoft Windows Object Packager ClickOnce object remote code execution attempt
RuleID : 51028 - Type : OS-WINDOWS - Revision : 1
2019-09-05 Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt
RuleID : 50893 - Type : FILE-MULTIMEDIA - Revision : 1
2019-09-05 Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt
RuleID : 50892 - Type : FILE-MULTIMEDIA - Revision : 1
2019-09-05 Microsoft OpenType font index remote code execution attempt
RuleID : 50889 - Type : FILE-OTHER - Revision : 1
2019-09-05 Microsoft OpenType font index remote code execution attempt
RuleID : 50888 - Type : FILE-OTHER - Revision : 1
2019-09-05 Microsoft Fax Cover Page Editor heap corruption attempt
RuleID : 50873 - Type : OS-WINDOWS - Revision : 1
2019-09-05 Microsoft Fax Cover Page Editor heap corruption attempt
RuleID : 50872 - Type : OS-WINDOWS - Revision : 1
2019-08-31 Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap obfuscated ...
RuleID : 50849 - Type : FILE-OTHER - Revision : 1
2019-08-31 Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap obfuscated ...
RuleID : 50848 - Type : FILE-OTHER - Revision : 1
2019-07-18 Directshow GIF logical height overflow attempt
RuleID : 50454 - Type : FILE-IMAGE - Revision : 1
2019-07-18 Directshow GIF logical width overflow attempt
RuleID : 50453 - Type : FILE-IMAGE - Revision : 1
2019-04-18 Microsoft Windows TTF parsing counter overflow attempt
RuleID : 49483 - Type : FILE-OTHER - Revision : 1
2019-04-18 Microsoft Windows TTF parsing counter overflow attempt
RuleID : 49482 - Type : FILE-OTHER - Revision : 1
2019-04-13 Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap elevation o...
RuleID : 49423 - Type : FILE-OTHER - Revision : 2
2019-04-13 Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap elevation o...
RuleID : 49422 - Type : FILE-OTHER - Revision : 2
2019-04-13 Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap elevation o...
RuleID : 49421 - Type : FILE-OTHER - Revision : 2
2018-06-12 SMB client NULL deref race condition attempt
RuleID : 46637 - Type : NETBIOS - Revision : 1
2018-02-27 Microsoft Windows Movie Maker project file heap buffer overflow attempt
RuleID : 45554 - Type : FILE-MULTIMEDIA - Revision : 1
2018-02-27 Microsoft Windows Movie Maker project file heap buffer overflow attempt
RuleID : 45553 - Type : FILE-MULTIMEDIA - Revision : 1
2014-01-10 DECODE_IPV6_ISATAP_SPOOF
RuleID : 453 - Type : DECODE_IPV6_ISATAP_SPOOF - Revision : 1

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2014-03-11 Name: The remote Windows host is affected by a security feature bypass vulnerability.
File: smb_nt_ms14-016.nasl - Type: ACT_GATHER_INFO
2013-12-11 Name: The remote Windows host has a remote code execution vulnerability.
File: smb_nt_ms13-096.nasl - Type: ACT_GATHER_INFO
2013-12-11 Name: The Windows kernel drivers on the remote host are affected by multiple vulner...
File: smb_nt_ms13-101.nasl - Type: ACT_GATHER_INFO
2013-11-13 Name: The remote Windows host contains a driver that allows information disclosure.
File: smb_nt_ms13-093.nasl - Type: ACT_GATHER_INFO
2013-10-09 Name: The Windows kernel drivers on the remote host are affected by multiple vulner...
File: smb_nt_ms13-081.nasl - Type: ACT_GATHER_INFO
2013-10-09 Name: The .NET Framework install on the remote Windows host could allow arbitrary c...
File: smb_nt_ms13-082.nasl - Type: ACT_GATHER_INFO
2013-10-09 Name: A library on the remote Windows host has an integer overflow vulnerability.
File: smb_nt_ms13-083.nasl - Type: ACT_GATHER_INFO
2013-09-11 Name: The remote Windows host is affected by a code execution vulnerability.
File: smb_nt_ms13-071.nasl - Type: ACT_GATHER_INFO
2013-09-11 Name: The Windows kernel on the remote host is affected by multiple vulnerabilities.
File: smb_nt_ms13-076.nasl - Type: ACT_GATHER_INFO
2013-09-11 Name: The remote host is affected by an Active Directory denial of service vulnerab...
File: smb_nt_ms13-079.nasl - Type: ACT_GATHER_INFO
2013-08-14 Name: The Windows install on the remote host is affected by a privilege escalation ...
File: smb_nt_ms13-062.nasl - Type: ACT_GATHER_INFO
2013-08-14 Name: The Windows kernel on the remote host is affected by multiple vulnerabilities.
File: smb_nt_ms13-063.nasl - Type: ACT_GATHER_INFO
2013-08-14 Name: The remote Windows host is affected by a denial of service vulnerability.
File: smb_nt_ms13-065.nasl - Type: ACT_GATHER_INFO
2013-07-10 Name: The .NET Framework install on the remote Windows host could allow arbitrary c...
File: smb_nt_ms13-052.nasl - Type: ACT_GATHER_INFO
2013-07-10 Name: The Windows kernel on the remote host is affected by multiple vulnerabilities.
File: smb_nt_ms13-053.nasl - Type: ACT_GATHER_INFO
2013-07-10 Name: The remote Windows host has a remote code execution vulnerability.
File: smb_nt_ms13-054.nasl - Type: ACT_GATHER_INFO
2013-07-10 Name: The remote Windows host is potentially affected by a remote code execution vu...
File: smb_nt_ms13-056.nasl - Type: ACT_GATHER_INFO
2013-06-11 Name: The remote Windows host is affected by a denial of service vulnerability.
File: smb_nt_ms13-049.nasl - Type: ACT_GATHER_INFO
2013-06-11 Name: The remote Windows host is potentially affected by a privilege escalation vul...
File: smb_nt_ms13-050.nasl - Type: ACT_GATHER_INFO
2013-05-15 Name: The Windows kernel on the remote host is affected by multiple vulnerabilities.
File: smb_nt_ms13-046.nasl - Type: ACT_GATHER_INFO
2013-04-10 Name: The Windows kernel on the remote host is affected by multiple vulnerabilities.
File: smb_nt_ms13-031.nasl - Type: ACT_GATHER_INFO
2013-04-10 Name: The remote Windows host has a privilege escalation vulnerability.
File: smb_nt_ms13-033.nasl - Type: ACT_GATHER_INFO
2013-04-10 Name: The Windows kernel on the remote host is affected by multiple vulnerabilities.
File: smb_nt_ms13-036.nasl - Type: ACT_GATHER_INFO
2013-03-12 Name: The Windows kernel on the remote host is affected by a privilege escalation v...
File: smb_nt_ms13-027.nasl - Type: ACT_GATHER_INFO
2013-02-12 Name: The remote host is affected by multiple code execution vulnerabilities.
File: smb_nt_ms13-009.nasl - Type: ACT_GATHER_INFO