This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2007-06-06
Product Windows Vista Last view 2013-11-17
Version - Type Os
Update sp1  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:microsoft:windows_vista

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.1 2013-11-17 CVE-2013-3876

DirectAccess in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly verify server X.509 certificates, which allows man-in-the-middle attackers to spoof servers and read encrypted domain credentials via a crafted certificate.

7.2 2011-04-13 CVE-2011-1229

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability."

9.3 2011-04-13 CVE-2011-0660

The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote SMB servers to execute arbitrary code via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Client Response Parsing Vulnerability."

9.3 2011-02-10 CVE-2011-0033

The OpenType Compact Font Format (CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate parameter values in OpenType fonts, which allows remote attackers to execute arbitrary code via a crafted font, aka "OpenType Font Encoded Character Vulnerability."

7.2 2011-02-08 CVE-2011-0090

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption Vulnerability."

7.2 2011-02-08 CVE-2011-0089

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Window Class Improper Pointer Validation Vulnerability."

7.2 2011-02-08 CVE-2011-0088

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Window Class Pointer Confusion Vulnerability."

7.2 2011-02-08 CVE-2011-0087

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Insufficient User Input Validation Vulnerability."

7.2 2011-02-08 CVE-2011-0086

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Improper User Input Validation Vulnerability."

7.2 2011-01-20 CVE-2010-2743

The kernel-mode drivers in Microsoft Windows XP SP3 do not properly perform indexing of a function-pointer table during the loading of keyboard layouts from disk, which allows local users to gain privileges via a crafted application, as demonstrated in the wild in July 2010 by the Stuxnet worm, aka "Win32k Keyboard Layout Vulnerability." NOTE: this might be a duplicate of CVE-2010-3888 or CVE-2010-3889.

6.9 2010-12-16 CVE-2010-3959

The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a crafted CMAP table in an OpenType font, aka "OpenType CMAP Table Vulnerability."

6.9 2010-12-16 CVE-2010-3957

Double free vulnerability in the OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a crafted OpenType font, aka "OpenType Font Double Free Vulnerability."

9.3 2010-12-16 CVE-2010-3956

The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly perform array indexing, which allows local users to gain privileges via a crafted OpenType font, aka "OpenType Font Index Vulnerability."

7.2 2010-12-16 CVE-2010-3943

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly link driver objects, which allows local users to gain privileges via a crafted application that triggers linked-list corruption, aka "Win32k Cursor Linking Vulnerability."

7.2 2010-12-16 CVE-2010-3942

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly allocate memory for copies from user mode, which allows local users to gain privileges via a crafted application, aka "Win32k WriteAV Vulnerability."

7.2 2010-12-16 CVE-2010-3941

Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold and SP2, and Windows 7 allows local users to gain privileges via a crafted application, aka "Win32k Double Free Vulnerability."

7.2 2010-12-16 CVE-2010-3940

Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a crafted application, aka "Win32k PFE Pointer Double Free Vulnerability."

7.2 2010-12-16 CVE-2010-3939

Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via vectors related to improper memory allocation for copies from user mode, aka "Win32k Buffer Overflow Vulnerability."

9.3 2010-10-26 CVE-2010-3227

Stack-based buffer overflow in the UpdateFrameTitleForDocument method in the CFrameWnd class in mfc42.dll in the Microsoft Foundation Class (MFC) Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows context-dependent attackers to execute arbitrary code via a long window title that this library attempts to create at the request of an application, as demonstrated by the Trident PowerZip 7.2 Build 4010 application, aka "Windows MFC Document Title Updating Buffer Overflow Vulnerability."

7.2 2010-10-13 CVE-2010-2744

The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly manage a window class, which allows local users to gain privileges by creating a window, then using (1) the SetWindowLongPtr function to modify the popup menu structure, or (2) the SwitchWndProc function with a switch window information pointer, which is not re-initialized when a WM_NCCREATE message is processed, aka "Win32k Window Class Vulnerability."

9.3 2010-10-13 CVE-2010-1883

Integer overflow in the Embedded OpenType (EOT) Font Engine in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to execute arbitrary code via a crafted table in an embedded font, aka "Embedded OpenType Font Integer Overflow Vulnerability."

9.3 2010-09-15 CVE-2010-2738

The Uniscribe (aka new Unicode Script Processor) implementation in USP10.DLL in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2, and Microsoft Office XP SP3, 2003 SP3, and 2007 SP2, does not properly validate tables associated with malformed OpenType fonts, which allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) Office document, aka "Uniscribe Font Parsing Engine Memory Corruption Vulnerability."

9.3 2010-09-15 CVE-2010-2729

The Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when printer sharing is enabled, does not properly validate spooler access permissions, which allows remote attackers to create files in a system directory, and consequently execute arbitrary code, by sending a crafted print request over RPC, as exploited in the wild in September 2010, aka "Print Spooler Service Impersonation Vulnerability."

9.3 2010-08-27 CVE-2010-3147

Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windows Address Book in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a Trojan horse wab32res.dll file in the current working directory, as demonstrated by a directory that contains a Windows Address Book (WAB), VCF (aka vCard), or P7C file, aka "Insecure Library Loading Vulnerability." NOTE: the codebase for this product may overlap the codebase for the product referenced in CVE-2010-3143.

6.8 2010-08-11 CVE-2010-2555

The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the length of strings in the registry, which allows local users to gain privileges or cause a denial of service (memory corruption) via vectors involving a long string, aka "Tracing Memory Corruption Vulnerability."

CWE : Common Weakness Enumeration

%idName
33% (27) CWE-20 Improper Input Validation
24% (20) CWE-94 Failure to Control Generation of Code ('Code Injection')
12% (10) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
9% (8) CWE-399 Resource Management Errors
8% (7) CWE-264 Permissions, Privileges, and Access Controls
3% (3) CWE-189 Numeric Errors
2% (2) CWE-200 Information Exposure
1% (1) CWE-476 NULL Pointer Dereference
1% (1) CWE-362 Race Condition
1% (1) CWE-287 Improper Authentication
1% (1) CWE-255 Credentials Management

CAPEC : Common Attack Pattern Enumeration & Classification

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Name
CAPEC-3 Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-7 Blind SQL Injection
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-13 Subverting Environment Variable Values
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-18 Embedding Scripts in Nonscript Elements
CAPEC-22 Exploiting Trust in Client (aka Make the Client Invisible)
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-28 Fuzzing
CAPEC-31 Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-32 Embedding Scripts in HTTP Query Strings
CAPEC-42 MIME Conversion
CAPEC-43 Exploiting Multiple Input Interpretation Layers
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-52 Embedding NULL Bytes
CAPEC-53 Postfix, Null Terminate, and Backslash
CAPEC-63 Simple Script Injection
CAPEC-64 Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-66 SQL Injection
CAPEC-67 String Format Overflow in syslog()
CAPEC-71 Using Unicode Encoding to Bypass Validation Logic

SAINT Exploits

Description Link
Visual Studio Active Template Library object type mismatch vulnerability More info here
Windows SMB credential reflection vulnerability More info here
Windows Telnet credential reflection More info here
Windows Shell LNK file CONTROL item command execution More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
71772 Microsoft Windows SMB Client Response Parsing Unspecified Remote Code Execution
71735 Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc...
70821 Microsoft OpenType Compact Font Format (CFF) Parsing Remote Code Execution
70819 Microsoft Windows Kernel Unspecified User Input Validation Weakness Local Pri...
70818 Microsoft Windows Kernel Unspecified User Input Validation Weakness Local Pri...
70817 Microsoft Windows Kernel Class Improper Pointer Validation Unspecified Local ...
70816 Microsoft Windows Kernel Window Class Pointer Confusion Unspecified Local Pri...
70814 Microsoft Windows Kernel Unspecified Memory Corruption Local Privilege Escala...
69822 Microsoft Windows OpenType Font Driver CMAP Table Parsing Arbitrary Code Exec...
69821 Microsoft Windows OpenType Font Driver Pointer Handling Double-free Arbitrary...
69820 Microsoft Windows OpenType Font Driver Index Array Unspecified Code Execution
69802 Microsoft Windows win32k.sys Cursor Linking Unspecified Local Privilege Escal...
69801 Microsoft Windows win32k.sys WriteAV Unspecified Local Privilege Escalation
69800 Microsoft Windows win32k.sys Unspecified Double-free Local Privilege Escalation
69799 Microsoft Windows win32k.sys PFE Pointer Double-free Local Privilege Escalation
69797 Microsoft Windows win32k.sys Unspecified Local Overflow
68585 Microsoft Foundation Classes (MFC) Library Window Title Handling Remote Overflow
68553 Microsoft Windows t2embed.dll Embedded OpenType Font Parsing hdmx Record Pars...
68552 Microsoft Windows win32k.sys Driver Keyboard Layout Loading Local Privilege E...
68551 Microsoft Windows win32k.sys Driver Window Class Data Validation Local Privil...
67988 Microsoft Windows Print Spooler Service RPC Impersonation StartDocPrinter Pro...
67984 Microsoft Multiple Products Unicode Scripts Processor (Usp10.dll) OpenType Fo...
67553 Microsoft Windows Contacts Path Subversion Arbitrary DLL Injection Code Execu...
66990 Microsoft Windows Kernel Object ACL Validation SeObjectCreateSaclAccessBits()...
66989 Microsoft Windows Kernel Object Initialization Error Handling Local Privilege...

ExploitDB Exploits

id Description
17659 MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow
15985 MS10-073: Win32k Keyboard Layout Vulnerability
15158 MOAUB #30 - Microsoft Unicode Scripts Processor Remote Code Execution
15112 MOAUB #26 - Microsoft Cinepak Codec CVDecompress Heap Overflow
14895 MOAUB #5 - Microsoft MPEG Layer-3 Remote Command Execution Exploit
14670 Microsoft Windows nt!SeObjectCreateSaclAccessBits() Missed ACE Bounds Checks ...
14667 Microsoft Windows KTM Invalid Free with Reused Transaction GUID (MS10-047)
14610 Microsoft Windows Tracing Registry Key ACL Privilege Escalation Vulnerability
14608 Microsoft Windows CreateWindow Function Callback Vulnerability (MS10-048)
9893 Microsoft Internet Explorer 5,6,7 memory corruption PoC

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-02-29 Name : MicroSoft SMB Server Trans2 Request Remote Code Execution Vulnerability
File : nvt/secpod_ms10-054_remote.nasl
2011-04-13 Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2506223)
File : nvt/secpod_ms11-034.nasl
2011-04-13 Name : Microsoft IE Developer Tools WMITools and Windows Messenger ActiveX Control V...
File : nvt/secpod_ms11-027.nasl
2011-04-13 Name : Microsoft SMB Client Remote Code Execution Vulnerabilities (2511455)
File : nvt/secpod_ms11-019.nasl
2011-02-09 Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2479628)
File : nvt/secpod_ms11-012.nasl
2011-02-09 Name : Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Re...
File : nvt/secpod_ms11-007.nasl
2011-01-18 Name : Microsoft Products GDI Plus Remote Code Execution Vulnerabilities (954593)
File : nvt/gb_ms08-052.nasl
2011-01-10 Name : Microsoft Pragmatic General Multicast (PGM) Denial of Service Vulnerability ...
File : nvt/gb_ms08-036.nasl
2010-12-21 Name : Microsoft Windows IPsec Policy Processing Information Disclosure Vulnerabilit...
File : nvt/gb_ms08-047.nasl
2010-12-15 Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2436673)
File : nvt/secpod_ms10-098.nasl
2010-12-15 Name : Microsoft Windows Address Book Remote Code Execution Vulnerability (2423089)
File : nvt/secpod_ms10-096.nasl
2010-12-15 Name : Microsoft Windows OpenType Compact Font Format Driver Privilege Escalation Vu...
File : nvt/secpod_ms10-091.nasl
2010-12-13 Name : Microsoft Windows ASP.NET Denial of Service Vulnerability(970957)
File : nvt/gb_ms09-036.nasl
2010-12-06 Name : Microsoft Wireless LAN AutoConfig Service Remote Code Execution Vulnerabilit...
File : nvt/gb_ms09-049.nasl
2010-11-25 Name : Microsoft Web Services on Devices API Remote Code Execution Vulnerability (97...
File : nvt/gb_ms09-063.nasl
2010-10-13 Name : Microsoft Foundation Classes Could Allow Remote Code Execution Vulnerability ...
File : nvt/secpod_ms10-074.nasl
2010-10-13 Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (981957)
File : nvt/secpod_ms10-073.nasl
2010-10-13 Name : Embedded OpenType Font Engine Remote Code Execution Vulnerability (982132)
File : nvt/secpod_ms10-076.nasl
2010-09-15 Name : MS Unicode Scripts Processor and MS Office Could Code Execution Vulnerability...
File : nvt/secpod_ms10-063.nasl
2010-09-15 Name : Microsoft Windows Print Spooler Service Remote Code Execution Vulnerability(2...
File : nvt/secpod_ms10-061.nasl
2010-08-26 Name : Microsoft Windows Tracing Feature Privilege Elevation Vulnerabilities (982799)
File : nvt/secpod_ms10-059.nasl
2010-08-11 Name : Remote Code Execution Vulnerability in Cinepak Codec (982665)
File : nvt/secpod_ms10-055.nasl
2010-08-11 Name : Microsoft Windows SMB Code Execution and DoS Vulnerabilities (982214)
File : nvt/secpod_ms10-054.nasl
2010-08-11 Name : Microsoft Windows Kernel Mode Drivers Privilege Elevation Vulnerabilities (21...
File : nvt/secpod_ms10-048.nasl
2010-08-11 Name : Microsoft Windows Kernel Privilege Elevation Vulnerabilities (981852)
File : nvt/secpod_ms10-047.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2010-A-0173 Microsoft Windows Address Book Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0025845
2010-B-0091 Microsoft Foundation Classes Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0025532
2010-A-0135 Microsoft Windows Embedded OpenType Font Engine Vulnerability
Severity: Category I - VMSKEY: V0025528
2010-A-0124 Microsoft Windows Print Spooler Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0025362
2010-B-0064 Multiple Vulnerabilities in Microsoft Windows Tracing Feature for Services
Severity: Category I - VMSKEY: V0025074
2010-A-0103 Microsoft Cinepak Codec Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0025067
2010-A-0053 Microsoft MPEG Layer-3 Codecs Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0023999
2010-B-0030 Microsoft Windows ISATAP Spoofing Vulnerability
Severity: Category I - VMSKEY: V0023956
2009-A-0115 Microsoft Windows Web Services on Devices API Remote Code Execution Vulnerabi...
Severity: Category I - VMSKEY: V0021938
2009-A-0076 Multiple Vulnerabilities in Microsoft Windows Media Format
Severity: Category II - VMSKEY: V0019916
2009-A-0077 Multiple Microsoft TCP/IP Remote Code Execution Vulnerabilities
Severity: Category I - VMSKEY: V0019917
2009-A-0074 Microsoft JScript Scripting Engine Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0019914
2009-A-0078 Microsoft Wireless LAN AutoConfig Service Vulnerability
Severity: Category I - VMSKEY: V0019913
2009-A-0071 Multiple Vulnerabilities in Microsoft Remote Desktop Connection
Severity: Category II - VMSKEY: V0019884
2009-A-0067 Multiple Vulnerabilities in Microsoft Active Template Library
Severity: Category II - VMSKEY: V0019882
2009-B-0037 Microsoft Telnet Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0019879
2009-B-0036 Microsoft ASP.NET Denial of Service Vulnerability
Severity: Category I - VMSKEY: V0019878
2008-T-0053 WinZip gdiplus.dll Microsoft Module Unspecified Security Vulnerability
Severity: Category II - VMSKEY: V0017532
2008-T-0039 Multiple Microsoft Event System Remote Code Execution Vulnerabilities
Severity: Category I - VMSKEY: V0016744
2008-T-0038 Microsoft IPsec Policy Processing Information Disclosure Vulnerability
Severity: Category I - VMSKEY: V0016742
2008-T-0025 Microsoft Pragmatic General Multicast (PGM) Denial of Service Vulnerabilities
Severity: Category I - VMSKEY: V0016038

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2021-01-26 Microsoft ASP.NET bad request denial of service attempt
RuleID : 56804 - Type : SERVER-IIS - Revision : 1
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX clsid access
RuleID : 53118 - Type : BROWSER-PLUGINS - Revision : 1
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt
RuleID : 53117 - Type : BROWSER-PLUGINS - Revision : 1
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt
RuleID : 53116 - Type : BROWSER-PLUGINS - Revision : 1
2019-09-05 Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt
RuleID : 50893 - Type : FILE-MULTIMEDIA - Revision : 1
2019-09-05 Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt
RuleID : 50892 - Type : FILE-MULTIMEDIA - Revision : 1
2019-09-05 Microsoft OpenType font index remote code execution attempt
RuleID : 50889 - Type : FILE-OTHER - Revision : 1
2019-09-05 Microsoft OpenType font index remote code execution attempt
RuleID : 50888 - Type : FILE-OTHER - Revision : 1
2014-01-10 (ipv6)ISATAP-addressedIPv6trafficspoofingattempt
RuleID : 453 - Type : - Revision : 2
2017-11-02 ZIP file name overflow attempt
RuleID : 44473 - Type : FILE-OTHER - Revision : 2
2017-08-31 Microsoft ASP.NET bad request denial of service attempt
RuleID : 43808 - Type : SERVER-IIS - Revision : 1
2017-08-31 Microsoft ASP.NET bad request denial of service attempt
RuleID : 43807 - Type : SERVER-IIS - Revision : 1
2017-08-23 Microsoft Internet Explorer GDI VML gradient size heap overflow attempt
RuleID : 43622 - Type : BROWSER-IE - Revision : 1
2017-05-31 Microsoft Internet Explorer uninitialized or deleted object access attempt
RuleID : 42389 - Type : BROWSER-IE - Revision : 2
2016-03-14 Microsoft Internet Explorer data stream header remote code execution attempt
RuleID : 36791 - Type : BROWSER-IE - Revision : 2
2015-07-13 Win.Trojan.Fanny outbound connection
RuleID : 34857 - Type : MALWARE-CNC - Revision : 2
2015-01-20 Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access
RuleID : 32843 - Type : BROWSER-PLUGINS - Revision : 3
2015-01-20 Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access
RuleID : 32842 - Type : BROWSER-PLUGINS - Revision : 4
2015-01-20 Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access
RuleID : 32840 - Type : BROWSER-PLUGINS - Revision : 4
2015-01-06 Web Service on Devices API WSDAPI URL processing buffer corruption attempt
RuleID : 32673 - Type : SERVER-OTHER - Revision : 2
2014-11-16 Microsoft Internet Explorer outerHTML against incomplete element heap corrupt...
RuleID : 31504 - Type : BROWSER-IE - Revision : 3
2014-01-10 DNS request for known malware domain level4-co1-as30912.su
RuleID : 28067 - Type : BLACKLIST - Revision : 2
2014-01-10 DNS request for known malware domain level4-co2-as30938.su
RuleID : 28066 - Type : BLACKLIST - Revision : 2
2014-01-10 DNS request for known malware domain x2v9.com
RuleID : 28065 - Type : BLACKLIST - Revision : 2
2014-01-10 DNS request for known malware domain intelbackupsrv.su
RuleID : 28064 - Type : BLACKLIST - Revision : 2

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-11-13 Name: The remote host is affected by a security feature bypass vulnerability.
File: smb_kb2862152.nasl - Type: ACT_GATHER_INFO
2011-04-13 Name: The remote Windows kernel is affected by multiple vulnerabilities.
File: smb_nt_ms11-034.nasl - Type: ACT_GATHER_INFO
2011-04-13 Name: The remote Windows host is missing an update that disables selected ActiveX c...
File: smb_nt_ms11-027.nasl - Type: ACT_GATHER_INFO
2011-04-13 Name: Arbitrary code can be executed on the remote host through the installed SMB c...
File: smb_nt_ms11-019.nasl - Type: ACT_GATHER_INFO
2011-02-08 Name: The remote Windows kernel is affected by multiple vulnerabilities.
File: smb_nt_ms11-012.nasl - Type: ACT_GATHER_INFO
2011-02-08 Name: The remote Windows host contains a font driver that is affected by a privileg...
File: smb_nt_ms11-007.nasl - Type: ACT_GATHER_INFO
2010-12-15 Name: A privilege escalation vulnerability exists in the Windows kernel.
File: smb_nt_ms10-098.nasl - Type: ACT_GATHER_INFO
2010-12-15 Name: Arbitrary code can be executed on the remote host through Windows Address Book.
File: smb_nt_ms10-096.nasl - Type: ACT_GATHER_INFO
2010-12-15 Name: The remote Windows host contains a font driver that allows arbitrary code exe...
File: smb_nt_ms10-091.nasl - Type: ACT_GATHER_INFO
2010-10-13 Name: The Windows kernel is affected by multiple vulnerabilities that could allow e...
File: smb_nt_ms10-073.nasl - Type: ACT_GATHER_INFO
2010-10-13 Name: It is possible to execute arbitrary code on the remote Windows host through t...
File: smb_nt_ms10-074.nasl - Type: ACT_GATHER_INFO
2010-10-13 Name: It is possible to execute arbitrary code on the remote Windows host using the...
File: smb_nt_ms10-076.nasl - Type: ACT_GATHER_INFO
2010-09-20 Name: Arbitrary code can be executed on the remote host due to a flaw in the Spoole...
File: spoolsv_kb2347290.nasl - Type: ACT_ATTACK
2010-09-14 Name: It is possible to execute arbitrary code on the remote Windows host using the...
File: smb_nt_ms10-063.nasl - Type: ACT_GATHER_INFO
2010-09-14 Name: Arbitrary code can be executed on the remote host due to a flaw in the Spoole...
File: smb_nt_ms10-061.nasl - Type: ACT_GATHER_INFO
2010-08-23 Name: It is possible to execute arbitrary code on the remote Windows host due to fl...
File: smb_pool_overflow.nasl - Type: ACT_GATHER_INFO
2010-08-11 Name: The remote Windows host has multiple privilege escalation vulnerabilities.
File: smb_nt_ms10-059.nasl - Type: ACT_GATHER_INFO
2010-08-11 Name: A media codec on the remote Windows host has a code execution vulnerability.
File: smb_nt_ms10-055.nasl - Type: ACT_GATHER_INFO
2010-08-11 Name: It is possible to execute arbitrary code on the remote Windows host due to fl...
File: smb_nt_ms10-054.nasl - Type: ACT_GATHER_INFO
2010-08-11 Name: The Windows kernel is affected by several vulnerabilities that could allow es...
File: smb_nt_ms10-048.nasl - Type: ACT_GATHER_INFO
2010-08-11 Name: The Windows kernel is affected by several vulnerabilities that could allow es...
File: smb_nt_ms10-047.nasl - Type: ACT_GATHER_INFO
2010-08-02 Name: The remote windows host is affected by a remote code execution vulnerability.
File: smb_nt_ms10-046.nasl - Type: ACT_GATHER_INFO
2010-07-18 Name: It may be possible to execute arbitrary code on the remote Windows host using...
File: smb_kb_2286198.nasl - Type: ACT_GATHER_INFO
2010-06-09 Name: The remote Windows host contains a font driver that is affected by a privileg...
File: smb_nt_ms10-037.nasl - Type: ACT_GATHER_INFO
2010-06-09 Name: The remote Windows host is missing an update that disables selected ActiveX c...
File: smb_nt_ms10-034.nasl - Type: ACT_GATHER_INFO