This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2007-06-06
Product Windows Vista Last view 2019-05-16
Version - Type Os
Update sp2  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:microsoft:windows_vista

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
9.8 2019-05-16 CVE-2019-0708

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

8.1 2017-04-12 CVE-2017-0166

An elevation of privilege vulnerability exists in Windows when LDAP request buffer lengths are improperly calculated. In a remote attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to send malicious traffic to a Domain Controller, aka "LDAP Elevation of Privilege Vulnerability."

7.8 2017-03-16 CVE-2017-0108

The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Live Meeting 2007; Silverlight 5; Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Graphics Component Remote Code Execution Vulnerability." This vulnerability is different from that described in CVE-2017-0014.

7 2017-03-16 CVE-2017-0103

The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows Server 2012 mishandles registry objects in memory, which allows local users to gain privileges via a crafted application, aka "Windows Registry Elevation of Privilege Vulnerability."

7.8 2017-03-16 CVE-2017-0102

Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 let attackers with access to targets systems gain privileges when Windows fails to properly validate buffer lengths, aka "Windows Elevation of Privilege Vulnerability."

7.8 2017-03-16 CVE-2017-0101

The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Windows Elevation of Privilege Vulnerability."

7.5 2017-01-10 CVE-2017-0004

The Local Security Authority Subsystem Service (LSASS) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to cause a denial of service (reboot) via a crafted authentication request, aka "Local Security Authority Subsystem Service Denial of Service Vulnerability."

5.5 2016-12-20 CVE-2016-7295

The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to obtain sensitive information from process memory via a crafted application, aka "Windows Common Log File System Driver Information Disclosure Vulnerability."

7.8 2016-12-20 CVE-2016-7292

The Installer in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Windows Installer Elevation of Privilege Vulnerability."

9.8 2016-10-13 CVE-2016-7182

The Graphics component in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Console allows attackers to execute arbitrary code via a crafted True Type font, aka "True Type Font Parsing Elevation of Privilege Vulnerability."

7.8 2016-10-13 CVE-2016-3396

Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Console allows remote attackers to execute arbitrary code via a crafted embedded font, aka "GDI+ Remote Code Execution Vulnerability."

5.5 2016-10-13 CVE-2016-3263

Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Console allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka "GDI+ Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3262.

5.5 2016-10-13 CVE-2016-3262

Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Console allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka "GDI+ Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3263.

5.5 2016-10-13 CVE-2016-3209

Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; Live Meeting 2007 Console; .NET Framework 3.0 SP2, 3.5, 3.5.1, 4.5.2, and 4.6; and Silverlight 5 allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka "True Type Font Parsing Information Disclosure Vulnerability."

7.8 2016-09-14 CVE-2016-3306

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 mishandles session objects, which allows local users to hijack sessions, and consequently gain privileges, via a crafted application, aka "Windows Session Object Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3305.

7.8 2016-09-14 CVE-2016-3305

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 mishandles session objects, which allows local users to hijack sessions, and consequently gain privileges, via a crafted application, aka "Windows Session Object Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3306.

7.5 2016-08-09 CVE-2016-3237

Kerberos in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows man-in-the-middle attackers to bypass authentication via vectors related to a fallback to NTLM authentication during a domain account password change, aka "Kerberos Security Feature Bypass Vulnerability."

6.5 2016-03-09 CVE-2016-0120

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to cause a denial of service (system hang) via a crafted OpenType font, aka "OpenType Font Parsing Vulnerability."

7.8 2016-03-09 CVE-2016-0094

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0093, CVE-2016-0095, and CVE-2016-0096.

7.8 2016-03-09 CVE-2016-0093

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0094, CVE-2016-0095, and CVE-2016-0096.

7.8 2016-02-10 CVE-2016-0040

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "Windows Elevation of Privilege Vulnerability."

7.8 2016-02-10 CVE-2016-0038

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted Journal file, aka "Windows Journal Memory Corruption Vulnerability."

7.8 2016-01-13 CVE-2016-0016

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability."

7.8 2016-01-13 CVE-2016-0015

DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka "DirectShow Heap Corruption Remote Code Execution Vulnerability."

7.8 2016-01-13 CVE-2016-0014

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Elevation of Privilege Vulnerability."

CWE : Common Weakness Enumeration

%idName
23% (56) CWE-264 Permissions, Privileges, and Access Controls
14% (34) CWE-20 Improper Input Validation
13% (33) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
13% (32) CWE-94 Failure to Control Generation of Code ('Code Injection')
11% (27) CWE-200 Information Exposure
4% (11) CWE-399 Resource Management Errors
3% (9) CWE-416 Use After Free
2% (6) CWE-19 Data Handling
1% (4) CWE-426 Untrusted Search Path
1% (4) CWE-310 Cryptographic Issues
1% (3) CWE-476 NULL Pointer Dereference
1% (3) CWE-255 Credentials Management
1% (3) CWE-254 Security Features
1% (3) CWE-190 Integer Overflow or Wraparound
1% (3) CWE-189 Numeric Errors
0% (2) CWE-362 Race Condition
0% (2) CWE-284 Access Control (Authorization) Issues
0% (2) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
0% (1) CWE-415 Double Free
0% (1) CWE-287 Improper Authentication
0% (1) CWE-131 Incorrect Calculation of Buffer Size
0% (1) CWE-129 Improper Validation of Array Index

SAINT Exploits

Description Link
Visual Studio Active Template Library object type mismatch vulnerability More info here
Windows OLE Automation Array command execution More info here
Windows Telnet credential reflection More info here
Windows Media Center command execution More info here
Windows Shell LNK file CONTROL item command execution More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
78057 Microsoft .NET Framework ASP.NET Hash Collision Web Form Post Parsing Remote DoS
78056 Microsoft .NET Framework Forms Authentication Sliding Expiry Cached Content P...
78055 Microsoft .NET Framework ASP.NET Username Parsing Authentication Bypass
78054 Microsoft .NET Framework Forms Authentication Return URL Handling Arbitrary S...
71772 Microsoft Windows SMB Client Response Parsing Unspecified Remote Code Execution
71735 Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc...
68585 Microsoft Foundation Classes (MFC) Library Window Title Handling Remote Overflow
68553 Microsoft Windows t2embed.dll Embedded OpenType Font Parsing hdmx Record Pars...
67988 Microsoft Windows Print Spooler Service RPC Impersonation StartDocPrinter Pro...
67984 Microsoft Multiple Products Unicode Scripts Processor (Usp10.dll) OpenType Fo...
66990 Microsoft Windows Kernel Object ACL Validation SeObjectCreateSaclAccessBits()...
66989 Microsoft Windows Kernel Object Initialization Error Handling Local Privilege...
66984 Microsoft Windows iccvid.dll VIDC (Cinepak) Codec Decompression Arbitrary Cod...
66978 Microsoft Windows Tracing Feature for Services Registry String Handling Memor...
66977 Microsoft Windows Tracing Feature for Services Registry Key ACL Local Privile...
66387 Microsoft Windows Shell LNK File Parsing Arbitrary Command Execution
65225 Microsoft Windows Kernel-Mode Driver Window Creation Local Privilege Escalation
65224 Microsoft Windows Kernel-Mode Driver Win32k.sys GetDCEx() Function Device Con...
65223 Microsoft Windows Kernel-Mode Driver TrueType Font Parsing Local Privilege Es...
65218 Microsoft IE 8 Developer Tools ActiveX Remote Code Execution
65217 Microsoft Windows OpenType Compact Font Format (CFF) Driver Privilege Escalation
64928 Microsoft Windows SMB Client Transaction Response Handling Memory Corruption ...
64925 Microsoft Windows SMB Client Unspecified Response Handling Memory Corruption ...
63749 Microsoft Windows MPEG Layer-3 Audio Decoder AVI File Handling Overflow
63747 Microsoft Windows ISATAP Component IPv6 Tunneled Packet IP Address Spoofing W...

ExploitDB Exploits

id Description
35230 Internet Explorer < 11 - OLE Automation Array Remote Code Execution (MSF)
35229 Internet Explorer <11 - OLE Automation Array Remote Code Execution
30397 Windows Kernel win32k.sys - Integer Overflow (MS13-101)
17659 MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow
15158 MOAUB #30 - Microsoft Unicode Scripts Processor Remote Code Execution
15112 MOAUB #26 - Microsoft Cinepak Codec CVDecompress Heap Overflow
14895 MOAUB #5 - Microsoft MPEG Layer-3 Remote Command Execution Exploit
14670 Microsoft Windows nt!SeObjectCreateSaclAccessBits() Missed ACE Bounds Checks ...
14667 Microsoft Windows KTM Invalid Free with Reused Transaction GUID (MS10-047)
14610 Microsoft Windows Tracing Registry Key ACL Privilege Escalation Vulnerability
14608 Microsoft Windows CreateWindow Function Callback Vulnerability (MS10-048)
9893 Microsoft Internet Explorer 5,6,7 memory corruption PoC

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-11-14 Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (...
File : nvt/secpod_ms12-075.nasl
2012-09-28 Name : Google Chrome Windows Kernel Memory Corruption Vulnerability
File : nvt/gb_google_chrome_mem_crptn_vuln_win.nasl
2012-06-13 Name : Microsoft Lync Remote Code Execution Vulnerabilities (2707956)
File : nvt/secpod_ms12-039.nasl
2012-05-14 Name : Microsoft Silverlight Code Execution Vulnerabilities - 2681578 (Mac OS X)
File : nvt/secpod_ms12-034_macosx.nasl
2012-05-09 Name : MS Security Update For Microsoft Office, .NET Framework, and Silverlight (268...
File : nvt/secpod_ms12-034.nasl
2012-05-09 Name : Microsoft Windows TCP/IP Privilege Elevation Vulnerabilities (2688338)
File : nvt/secpod_ms12-032.nasl
2011-12-30 Name : Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2638420)
File : nvt/secpod_ms11-100.nasl
2011-04-13 Name : Microsoft SMB Client Remote Code Execution Vulnerabilities (2511455)
File : nvt/secpod_ms11-019.nasl
2011-04-13 Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2506223)
File : nvt/secpod_ms11-034.nasl
2011-04-13 Name : Microsoft IE Developer Tools WMITools and Windows Messenger ActiveX Control V...
File : nvt/secpod_ms11-027.nasl
2010-12-06 Name : Microsoft Wireless LAN AutoConfig Service Remote Code Execution Vulnerabilit...
File : nvt/gb_ms09-049.nasl
2010-11-25 Name : Microsoft Web Services on Devices API Remote Code Execution Vulnerability (97...
File : nvt/gb_ms09-063.nasl
2010-10-13 Name : Embedded OpenType Font Engine Remote Code Execution Vulnerability (982132)
File : nvt/secpod_ms10-076.nasl
2010-10-13 Name : Microsoft Foundation Classes Could Allow Remote Code Execution Vulnerability ...
File : nvt/secpod_ms10-074.nasl
2010-09-15 Name : MS Unicode Scripts Processor and MS Office Could Code Execution Vulnerability...
File : nvt/secpod_ms10-063.nasl
2010-09-15 Name : Microsoft Windows Print Spooler Service Remote Code Execution Vulnerability(2...
File : nvt/secpod_ms10-061.nasl
2010-08-26 Name : Microsoft Windows Tracing Feature Privilege Elevation Vulnerabilities (982799)
File : nvt/secpod_ms10-059.nasl
2010-08-11 Name : Remote Code Execution Vulnerability in Cinepak Codec (982665)
File : nvt/secpod_ms10-055.nasl
2010-08-11 Name : Microsoft Windows Kernel Privilege Elevation Vulnerabilities (981852)
File : nvt/secpod_ms10-047.nasl
2010-08-04 Name : Microsoft Windows Shell Remote Code Execution Vulnerability (2286198)
File : nvt/secpod_ms10-046.nasl
2010-06-09 Name : Microsoft Windows Kernel Mode Drivers Privilege Escalation Vulnerabilities (9...
File : nvt/secpod_ms10-032.nasl
2010-06-09 Name : Microsoft Windows OpenType Compact Font Format Driver Privilege Escalation Vu...
File : nvt/secpod_ms10-037.nasl
2010-06-09 Name : Microsoft Data Analyzer and IE Developer Tools ActiveX Control Vulnerability ...
File : nvt/secpod_ms10-034.nasl
2010-04-14 Name : Microsoft 'ISATAP' Component Spoofing Vulnerability (978338)
File : nvt/secpod_ms10-029.nasl
2010-04-14 Name : Microsoft MPEG Layer-3 Codecs Remote Code Execution Vulnerability (977816)
File : nvt/secpod_ms10-026.nasl

Information Assurance Vulnerability Management (IAVM)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2015-A-0216 Multiple Vulnerabilities in Microsoft Windows Journal (MS15-098)
Severity: Category II - VMSKEY: V0061393
2015-A-0215 Multiple Vulnerabilities in Microsoft Windows Task Management (MS15-102)
Severity: Category II - VMSKEY: V0061391
2015-A-0212 Multiple Vulnerabilities in Microsoft Graphics Component (MS15-097)
Severity: Category II - VMSKEY: V0061385
2015-B-0112 Microsoft Media Center Remote Code Execution Vulnerability (MS15-100)
Severity: Category II - VMSKEY: V0061373
2015-A-0198 Microsoft Server Message Block (SMB) Remote Code Execution Vulnerability (MS1...
Severity: Category II - VMSKEY: V0061315
2015-A-0197 Microsoft Command Line Parameter Information Disclosure Vulnerability (MS15-088)
Severity: Category II - VMSKEY: V0061313
2015-A-0196 Multiple Vulnerabilities in Microsoft Graphics Component (MS15-080)
Severity: Category II - VMSKEY: V0061311
2015-A-0194 Multiple Vulnerabilities in Microsoft Office (MS15-081)
Severity: Category II - VMSKEY: V0061307
2015-A-0193 Multiple Privilege Escalation Vulnerabilities in Microsoft Windows (MS15-090)
Severity: Category II - VMSKEY: V0061305
2015-A-0192 Microsoft Windows Mount Manager Privilege Escalation Vulnerability (MS15-085)
Severity: Category I - VMSKEY: V0061303
2015-A-0190 Multiple Vulnerabilities in Microsoft Remote Desktop Protocol (RDP) (MS15-082)
Severity: Category II - VMSKEY: V0061299
2015-A-0188 Cumulative Security Update for Microsoft Internet Explorer (MS15-079)
Severity: Category I - VMSKEY: V0061297
2015-B-0096 Microsoft WebDAV Information Disclosure Vulnerability (MS15-089)
Severity: Category II - VMSKEY: V0061285
2015-A-0125 Microsoft Common Controls Could Allow Remote Code Execution Vulnerability (MS...
Severity: Category II - VMSKEY: V0060943
2015-A-0107 Microsoft Service Control Manager Privilege Escalation Vulnerability (MS15-050)
Severity: Category II - VMSKEY: V0060651
2015-A-0108 Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Driver (MS15-051)
Severity: Category II - VMSKEY: V0060653
2015-A-0111 Microsoft SChannel Information Disclosure Vulnerability (MS15-055)
Severity: Category I - VMSKEY: V0060659
2015-A-0091 Multiple Vulnerabilities in Microsoft Windows (MS15-038)
Severity: Category II - VMSKEY: V0059897
2015-B-0036 Microsoft Windows Information Disclosure Vulnerability (MS15-024)
Severity: Category II - VMSKEY: V0059021
2015-B-0034 Microsoft Windows Photo Decoder Component Information Disclosure Vulnerabilit...
Severity: Category II - VMSKEY: V0059017
2015-A-0053 Multiple Vulnerabilities in Microsoft Windows (MS15-020)
Severity: Category II - VMSKEY: V0059001
2015-A-0048 Multiple Vulnerabilities in Windows Kernel (MS15-025)
Severity: Category II - VMSKEY: V0058995
2015-B-0017 Microsoft Group Policy Security Feature Bypass Vulnerability (MS15-014)
Severity: Category I - VMSKEY: V0058755
2015-A-0033 Microsoft Group Policy Remote Code Execution (MS15-011)
Severity: Category I - VMSKEY: V0058743
2015-A-0008 Microsoft Windows User Profile Service Privilege Escalation Vulnerability (MS...
Severity: Category II - VMSKEY: V0058209

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX clsid access
RuleID : 53118 - Type : BROWSER-PLUGINS - Revision : 1
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt
RuleID : 53117 - Type : BROWSER-PLUGINS - Revision : 1
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt
RuleID : 53116 - Type : BROWSER-PLUGINS - Revision : 1
2019-09-05 Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt
RuleID : 50893 - Type : FILE-MULTIMEDIA - Revision : 1
2019-09-05 Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt
RuleID : 50892 - Type : FILE-MULTIMEDIA - Revision : 1
2019-08-13 Microsoft Windows SChannel CertificateVerify buffer overflow attempt
RuleID : 50707 - Type : OS-WINDOWS - Revision : 1
2019-08-13 Microsoft Windows SChannel CertificateVerify buffer overflow attempt
RuleID : 50706 - Type : OS-WINDOWS - Revision : 1
2019-08-13 Microsoft Windows SChannel CertificateVerify buffer overflow attempt
RuleID : 50705 - Type : OS-WINDOWS - Revision : 1
2019-08-13 Microsoft Windows SChannel CertificateVerify buffer overflow attempt
RuleID : 50704 - Type : OS-WINDOWS - Revision : 1
2019-05-21 Microsoft Windows RDP MS_T120 channel bind attempt
RuleID : 50137-community - Type : OS-WINDOWS - Revision : 2
2019-06-18 Microsoft Windows RDP MS_T120 channel bind attempt
RuleID : 50137 - Type : OS-WINDOWS - Revision : 2
2019-05-30 Microsoft Windows SChannel CertificateVerify buffer overflow attempt
RuleID : 49977 - Type : OS-WINDOWS - Revision : 1
2019-05-30 Microsoft Windows SChannel CertificateVerify buffer overflow attempt
RuleID : 49976 - Type : OS-WINDOWS - Revision : 1
2019-05-30 Microsoft Windows SChannel CertificateVerify buffer overflow attempt
RuleID : 49975 - Type : OS-WINDOWS - Revision : 1
2019-05-30 Microsoft Windows SChannel CertificateVerify buffer overflow attempt
RuleID : 49974 - Type : OS-WINDOWS - Revision : 1
2019-05-30 Microsoft Windows SChannel CertificateVerify buffer overflow attempt
RuleID : 49973 - Type : OS-WINDOWS - Revision : 1
2019-05-30 Microsoft Windows SChannel CertificateVerify buffer overflow attempt
RuleID : 49972 - Type : OS-WINDOWS - Revision : 1
2019-05-30 Microsoft Windows SChannel CertificateVerify buffer overflow attempt
RuleID : 49971 - Type : OS-WINDOWS - Revision : 1
2019-05-30 Microsoft Windows SChannel CertificateVerify buffer overflow attempt
RuleID : 49970 - Type : OS-WINDOWS - Revision : 1
2019-05-30 Microsoft Windows SChannel CertificateVerify buffer overflow attempt
RuleID : 49969 - Type : OS-WINDOWS - Revision : 1
2019-04-18 Microsoft Windows TTF parsing counter overflow attempt
RuleID : 49483 - Type : FILE-OTHER - Revision : 1
2019-04-18 Microsoft Windows TTF parsing counter overflow attempt
RuleID : 49482 - Type : FILE-OTHER - Revision : 1
2019-04-13 Microsoft Wordpad embedded BMP overflow attempt
RuleID : 49428 - Type : FILE-OTHER - Revision : 1
2019-04-13 Microsoft Wordpad embedded BMP overflow attempt
RuleID : 49427 - Type : FILE-OTHER - Revision : 1
2018-09-11 CTSWebProxy ActiveX privilege escalation attempt
RuleID : 47462 - Type : BROWSER-PLUGINS - Revision : 2

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2017-04-12 Name: The remote Windows host is affected by an elevation of privilege vulnerability.
File: smb_nt_ms17_apr_4015068.nasl - Type: ACT_GATHER_INFO
2017-04-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_apr_4015549.nasl - Type: ACT_GATHER_INFO
2017-04-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_apr_4015550.nasl - Type: ACT_GATHER_INFO
2017-04-11 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17-apr_4015551.nasl - Type: ACT_GATHER_INFO
2017-04-11 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_apr_4015217.nasl - Type: ACT_GATHER_INFO
2017-04-11 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_apr_4015219.nasl - Type: ACT_GATHER_INFO
2017-04-11 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_apr_4015221.nasl - Type: ACT_GATHER_INFO
2017-04-11 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_apr_4015583.nasl - Type: ACT_GATHER_INFO
2017-03-17 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17-013.nasl - Type: ACT_GATHER_INFO
2017-03-14 Name: The remote Windows host is affected multiple elevation of privilege vulnerabi...
File: smb_nt_ms17-017.nasl - Type: ACT_GATHER_INFO
2017-01-10 Name: The remote Windows host is affected multiple vulnerabilities.
File: smb_nt_ms17-004.nasl - Type: ACT_GATHER_INFO
2016-12-14 Name: The remote Windows host is affected multiple vulnerabilities.
File: smb_nt_ms16-149.nasl - Type: ACT_GATHER_INFO
2016-12-13 Name: The remote host is affected by an information disclosure vulnerability.
File: smb_nt_ms16-153.nasl - Type: ACT_GATHER_INFO
2016-10-12 Name: A multimedia application framework installed on the remote macOS or Mac OS X ...
File: macosx_ms16-120.nasl - Type: ACT_GATHER_INFO
2016-10-12 Name: The remote host is affected by multiple vulnerabilities.
File: smb_nt_ms16-120.nasl - Type: ACT_GATHER_INFO
2016-09-13 Name: The remote host is affected by multiple vulnerabilities.
File: smb_nt_ms16-111.nasl - Type: ACT_GATHER_INFO
2016-08-09 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms16-101.nasl - Type: ACT_GATHER_INFO
2016-03-08 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms16-026.nasl - Type: ACT_GATHER_INFO
2016-03-08 Name: The remote host is affected by multiple vulnerabilities.
File: smb_nt_ms16-034.nasl - Type: ACT_GATHER_INFO
2016-02-09 Name: The remote Windows host is affected by a remote code execution vulnerability.
File: smb_nt_ms16-013.nasl - Type: ACT_GATHER_INFO
2016-02-09 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms16-014.nasl - Type: ACT_GATHER_INFO
2016-01-13 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms16-005.nasl - Type: ACT_GATHER_INFO
2016-01-13 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms16-007.nasl - Type: ACT_GATHER_INFO
2016-01-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms16-008.nasl - Type: ACT_GATHER_INFO
2015-12-08 Name: A multimedia application framework installed on the remote Mac OS X host is a...
File: macosx_ms15-128.nasl - Type: ACT_GATHER_INFO