This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2008-08-12
Product Windows Xp Last view 2017-06-22
Version * Type Os
Update sp3  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:microsoft:windows_xp

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
8.1 2017-06-22 CVE-2017-0176

A buffer overflow in Smart Card authentication code in gpkcsp.dll in Microsoft Windows XP through SP3 and Server 2003 through SP2 allows a remote attacker to execute arbitrary code on the target computer, provided that the computer is joined in a Windows domain and has Remote Desktop Protocol connectivity (or Terminal Services) enabled.

7.2 2014-07-26 CVE-2014-4971

Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the MQAC.sys driver in the MQ Access Control subsystem and (2) the BthPan.sys driver in the Bluetooth Personal Area Networking subsystem.

5.4 2014-03-12 CVE-2014-0317

The Security Account Manager Remote (SAMR) protocol implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2 does not properly determine the user-lockout state, which makes it easier for remote attackers to bypass the account lockout policy and obtain access via a brute-force attack, aka "SAMR Security Feature Bypass Vulnerability."

9.3 2013-12-10 CVE-2013-5056

Use-after-free vulnerability in the Scripting Runtime Object Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site that is visited with Internet Explorer, aka "Use-After-Free Vulnerability in Microsoft Scripting Runtime Object Library."

7.6 2013-12-10 CVE-2013-3900

The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate PE file digests during Authenticode signature verification, which allows remote attackers to execute arbitrary code via a crafted PE file, aka "WinVerifyTrust Signature Validation Vulnerability."

7.2 2013-12-10 CVE-2013-3899

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate addresses, which allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption Vulnerability."

6.9 2013-12-10 CVE-2013-3878

Stack-based buffer overflow in the LRPC client in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges by operating an LRPC server that sends a crafted LPC port message, aka "LRPC Client Buffer Overrun Vulnerability."

7.2 2013-11-27 CVE-2013-5065

NDProxy.sys in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in November 2013.

9.3 2013-10-09 CVE-2013-3894

The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted CMAP table in a TrueType font (TTF) file, aka "TrueType Font CMAP Table Vulnerability."

7.2 2013-10-09 CVE-2013-3879

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Use After Free Vulnerability."

7.2 2013-10-09 CVE-2013-3200

The USB drivers in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability."

9.3 2013-10-09 CVE-2013-3128

The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5, allow remote attackers to execute arbitrary code via a crafted OpenType font (OTF) file, aka "OpenType Font Parsing Vulnerability."

7.2 2013-09-11 CVE-2013-3866

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."

7.2 2013-09-11 CVE-2013-3865

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-1344, and CVE-2013-3864.

7.2 2013-09-11 CVE-2013-3864

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-1344, and CVE-2013-3865.

9.3 2013-09-11 CVE-2013-3863

Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via a crafted OLE object in a file, aka "OLE Property Vulnerability."

7.2 2013-09-11 CVE-2013-1344

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-3864, and CVE-2013-3865.

7.2 2013-09-11 CVE-2013-1343

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865.

7.2 2013-09-11 CVE-2013-1342

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1343, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865.

7.2 2013-09-11 CVE-2013-1341

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability."

9.3 2013-09-11 CVE-2013-0810

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, and Windows Server 2008 SP2 allow remote attackers to execute arbitrary code via a crafted screensaver in a theme file, aka "Windows Theme File Remote Code Execution Vulnerability."

7.2 2013-08-14 CVE-2013-3198

The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly validate kernel-memory addresses, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Windows Kernel Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3196 and CVE-2013-3197.

7.2 2013-08-14 CVE-2013-3197

The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly validate kernel-memory addresses, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Windows Kernel Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3196 and CVE-2013-3198.

7.2 2013-08-14 CVE-2013-3196

The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly validate kernel-memory addresses, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Windows Kernel Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3197 and CVE-2013-3198.

9.3 2013-08-14 CVE-2013-3181

usp10.dll in the Unicode Scripts Processor in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "Uniscribe Font Parsing Engine Memory Corruption Vulnerability."

CWE : Common Weakness Enumeration

%idName
18% (62) CWE-20 Improper Input Validation
16% (57) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
15% (53) CWE-399 Resource Management Errors
15% (53) CWE-94 Failure to Control Generation of Code ('Code Injection')
11% (38) CWE-362 Race Condition
10% (37) CWE-264 Permissions, Privileges, and Access Controls
6% (22) CWE-189 Numeric Errors
0% (3) CWE-310 Cryptographic Issues
0% (3) CWE-287 Improper Authentication
0% (3) CWE-200 Information Exposure
0% (3) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
0% (2) CWE-16 Configuration
0% (1) CWE-416 Use After Free
0% (1) CWE-255 Credentials Management
0% (1) CWE-134 Uncontrolled Format String
0% (1) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
0% (1) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...
0% (1) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...

CAPEC : Common Attack Pattern Enumeration & Classification

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Name
CAPEC-2 Inducing Account Lockout
CAPEC-3 Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-7 Blind SQL Injection
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-13 Subverting Environment Variable Values
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-18 Embedding Scripts in Nonscript Elements
CAPEC-22 Exploiting Trust in Client (aka Make the Client Invisible)
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-28 Fuzzing
CAPEC-31 Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-32 Embedding Scripts in HTTP Query Strings
CAPEC-42 MIME Conversion
CAPEC-43 Exploiting Multiple Input Interpretation Layers
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-52 Embedding NULL Bytes
CAPEC-53 Postfix, Null Terminate, and Backslash
CAPEC-63 Simple Script Injection
CAPEC-64 Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-66 SQL Injection
CAPEC-67 String Format Overflow in syslog()

SAINT Exploits

Description Link
Internet Explorer iepeers.dll use-after-free vulnerability More info here
Windows Server Service buffer overflow MS08-067 More info here
Microsoft Windows Movie Maker IsValidWMToolsStream buffer overflow More info here
Microsoft OLE Object File Handling vulnerability More info here
Microsoft Windows Media Player DVR-MS File Code Execution More info here
Internet Explorer WinINet credential reflection vulnerability More info here
Microsoft WordPad Word97 text converter buffer overflow More info here
Windows Thumbnail View CreateSizedDIBSECTION buffer overflow More info here
Internet Explorer Tabular Data Control DataURL memory corruption More info here
Windows Media MIDI Invalid Channel More info here
Microsoft DirectX DirectShow QuickTime movie parsing vulnerability More info here
Windows Help and Support Center -FromHCP URL whitelist bypass More info here
Microsoft Office ClickOnce Unsafe Execution More info here
Microsoft Windows Fax Cover Page Editor Double Free Memory Corruption Vulnerability More info here
Windows Object Packager Insecure Execution More info here
Windows Shell LNK file CONTROL item command execution More info here
Microsoft Remote Desktop Connection Insecure Library Injection More info here
Windows Crafted Theme File Handling Vulnerability More info here
Microsoft Office Art Property Table Memory Corruption More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
78212 Microsoft Windows Object Packager Path Subversion packager.exe Loading Remote...
78211 Microsoft Windows Line21 DirectShow Filter Media File Handling Remote Code Ex...
78210 Microsoft Windows Multimedia Library (winmm.dll) MIDI File Handling Remote Co...
78207 Microsoft Windows Embedded ClickOnce Application Office File Handling Remote ...
78206 Microsoft Windows Client/Server Run-time Subsystem (CSRSS) Unicode Character ...
77908 Microsoft Windows win32k.sys Safari IFRAME Height Attribute Handling Remote M...
77667 Microsoft Windows Active Directory Query Parsing Remote Overflow
77666 Microsoft Windows Kernel Exception Handler Local Privilege Escalation
77665 Microsoft Time ActiveX (DATIME.DLL) Unspecified IE Web Page Handling Remote C...
77663 Microsoft Windows Object Linking and Embedding (OLE) Object File Handling Rem...
77662 Microsoft Windows CSRSS Device Event Message Parsing Local Privilege Escalation
77660 Microsoft Windows Media Player / Center DVR-MS File Handling Remote Memory Co...
76902 Microsoft Windows Active Directory LDAPS CRL Handling Weakness Authentication...
76843 Microsoft Windows Win32k TrueType Font Handling Privilege Escalation
76232 Microsoft Windows Ancillary Function Driver afd.sys Local Privilege Escalation
76221 Microsoft Windows win32k.sys Driver Use-after-free Driver Object Handling Arb...
76220 Microsoft Windows win32k.sys Driver .fon Font File Handling Overflow
76218 Microsoft Windows win32k.sys Driver NULL Dereference Unspecified Arbitrary Co...
75382 Microsoft Windows Shell Extensions Path Subversion Arbitrary DLL Injection Co...
74405 Microsoft Windows Remote Desktop Protocol RDP Packet Parsing Remote DoS
74402 Microsoft Windows Remote Access Service NDISTAPI Driver User Input Validation...
74401 Microsoft Windows Client/Server Run-time Subsystem (CSRSS) Inter-Process Devi...
73796 Microsoft Windows CSRSS SrvSetConsoleLocalEUDC() Function NULL Page Data Writ...
73795 Microsoft Windows CSRSS SrvWriteConsoleOutputString() Function Local Overflow
73794 Microsoft Windows CSRSS SrvWriteConsoleOutput() Function Local Overflow

ExploitDB Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
34131 Microsoft XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation
34112 Microsoft XP SP3 MQAC.sys - Arbitrary Write Privilege Escalation
33213 Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)
30392 Microsoft Windows ndproxy.sys - Local Privilege Escalation
30014 Windows NDPROXY Local SYSTEM Privilege Escalation
27050 DirectShow Arbitrary Memory Overwrite Vulnerability (MS13-056)
26554 Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation
19037 MS12-005 Microsoft Office ClickOnce Unsafe Object Package Handling Vulnerability
19002 Microsoft Windows OLE Object File Handling Remote Code Execution
18426 MS12-004 midiOutPlayNextPolyEvent Heap Overflow
18372 Microsoft Windows Assembly Execution Vulnerability MS12-005
18176 MS11-080 Afd.sys Privilege Escalation Exploit
18024 MS11-077 Win32k Null Pointer De-reference Vulnerability POC
17978 MS11-077 .fon Kernel-Mode Buffer Overrun PoC
17659 MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow
17544 GDI+ CreateDashedPath Integer overflow in gdiplus.dll
16590 Internet Explorer DHTML Behaviors Use After Free
16262 MS11-011(CVE-2011-0045): MS Windows XP WmiTraceMessageVa Integer Truncation V...
15985 MS10-073: Win32k Keyboard Layout Vulnerability
15266 Windows NTLM Weak Nonce Vulnerability
15158 MOAUB #30 - Microsoft Unicode Scripts Processor Remote Code Execution
15112 MOAUB #26 - Microsoft Cinepak Codec CVDecompress Heap Overflow
14895 MOAUB #5 - Microsoft MPEG Layer-3 Remote Command Execution Exploit
14886 MOAUB #4 - Movie Maker Remote Code Execution (MS10-016)
14666 Microsoft Windows nt!NtCreateThread Race Condition with Invalid Code Segment ...

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-07-09 Name : Microsoft Remote Desktop Protocol Remote Code Execution Vulnerabilities (2671...
File : nvt/secpod_ms12-020_remote.nasl
2012-12-18 Name : Fedora Update for xen FEDORA-2012-19828
File : nvt/gb_fedora_2012_19828_xen_fc16.nasl
2012-12-14 Name : Fedora Update for xen FEDORA-2012-19717
File : nvt/gb_fedora_2012_19717_xen_fc17.nasl
2012-12-13 Name : SuSE Update for xen openSUSE-SU-2012:0886-1 (xen)
File : nvt/gb_suse_2012_0886_1.nasl
2012-12-12 Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (...
File : nvt/secpod_ms12-078.nasl
2012-12-12 Name : Microsoft Windows File Handling Component Remote Code Execution Vulnerability...
File : nvt/secpod_ms12-081.nasl
2012-11-23 Name : Fedora Update for xen FEDORA-2012-18242
File : nvt/gb_fedora_2012_18242_xen_fc17.nasl
2012-11-23 Name : Fedora Update for xen FEDORA-2012-18249
File : nvt/gb_fedora_2012_18249_xen_fc16.nasl
2012-11-15 Name : Fedora Update for xen FEDORA-2012-17204
File : nvt/gb_fedora_2012_17204_xen_fc17.nasl
2012-11-15 Name : Fedora Update for xen FEDORA-2012-17408
File : nvt/gb_fedora_2012_17408_xen_fc16.nasl
2012-11-14 Name : Microsoft Windows Shell Remote Code Execution Vulnerabilities (2727528)
File : nvt/secpod_ms12-072.nasl
2012-11-14 Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (...
File : nvt/secpod_ms12-075.nasl
2012-10-10 Name : Microsoft Windows Kernel Privilege Elevation Vulnerability (2724197)
File : nvt/secpod_ms12-068.nasl
2012-09-28 Name : Google Chrome Windows Kernel Memory Corruption Vulnerability
File : nvt/gb_google_chrome_mem_crptn_vuln_win.nasl
2012-09-22 Name : Fedora Update for xen FEDORA-2012-13434
File : nvt/gb_fedora_2012_13434_xen_fc17.nasl
2012-09-22 Name : Fedora Update for xen FEDORA-2012-13443
File : nvt/gb_fedora_2012_13443_xen_fc16.nasl
2012-08-30 Name : Fedora Update for xen FEDORA-2012-11182
File : nvt/gb_fedora_2012_11182_xen_fc17.nasl
2012-08-30 Name : Fedora Update for xen FEDORA-2012-11755
File : nvt/gb_fedora_2012_11755_xen_fc17.nasl
2012-08-30 Name : Fedora Update for xen FEDORA-2012-9386
File : nvt/gb_fedora_2012_9386_xen_fc17.nasl
2012-08-24 Name : Fedora Update for xen FEDORA-2012-11785
File : nvt/gb_fedora_2012_11785_xen_fc16.nasl
2012-08-15 Name : Microsoft Remote Desktop Protocol Remote Code Execution Vulnerability (2723135)
File : nvt/secpod_ms12-053.nasl
2012-08-15 Name : Microsoft Windows Networking Components Remote Code Execution Vulnerabilities...
File : nvt/secpod_ms12-054.nasl
2012-08-15 Name : Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerability (2731...
File : nvt/secpod_ms12-055.nasl
2012-08-10 Name : Debian Security Advisory DSA 2501-1 (xen)
File : nvt/deb_2501_1.nasl
2012-08-10 Name : Debian Security Advisory DSA 2508-1 (kfreebsd-8)
File : nvt/deb_2508_1.nasl

Information Assurance Vulnerability Management (IAVM)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2014-A-0150 Microsoft Message Queuing Service Privilege Escalation Vulnerability
Severity: Category II - VMSKEY: V0055433
2014-B-0028 Microsoft Security Account Manager Remote (SAMR) Security Bypass Vulnerability
Severity: Category II - VMSKEY: V0046171
2014-A-0004 Microsoft Windows Kernel Privilege Escalation Vulnerability
Severity: Category II - VMSKEY: V0043405
2013-A-0226 Microsoft LRPC Client Privilege Escalation Vulnerability
Severity: Category II - VMSKEY: V0042591
2013-A-0232 Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Drivers
Severity: Category I - VMSKEY: V0042582
2013-A-0227 Microsoft Windows (WinVerifyTrust) Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0042581
2013-A-0228 Microsoft Windows Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0042580
2013-A-0190 Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Drivers
Severity: Category I - VMSKEY: V0040763
2013-A-0187 Multiple Vulnerabilities in Microsoft .NET Framework
Severity: Category I - VMSKEY: V0040753
2013-A-0176 Microsoft Windows Object Linking and Embedding (OLE) Remote Code Execution Vu...
Severity: Category II - VMSKEY: V0040290
2013-B-0104 Microsoft Windows Theme File Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0040299
2013-B-0088 Multiple Privilege Escalation Vulnerabilities in Microsoft Windows Kernel
Severity: Category I - VMSKEY: V0040045
2013-A-0164 Microsoft Windows Unicode Scripts Processor Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0040037
2013-A-0163 Microsoft Windows Remote Procedure Call (RPC) Elevation of Privilege Vulnerab...
Severity: Category I - VMSKEY: V0040034
2013-B-0071 Multiple Vulnerabilities in Microsoft .NET Framework and Silverlight
Severity: Category II - VMSKEY: V0039211
2013-A-0134 Microsoft DirectShow Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0039200
2013-A-0135 Microsoft GDI+ Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0039199
2013-B-0034 Microsoft Windows Client/Server Run-time Subsystem Elevation of Privilege Vul...
Severity: Category II - VMSKEY: V0037616
2013-A-0080 Microsoft Windows Kernel Privilege Escalation Vulnerability
Severity: Category II - VMSKEY: V0037609
2013-A-0063 Microsoft Windows Kernel-Mode Drivers Privilege Escalation Vulnerability
Severity: Category II - VMSKEY: V0037404
2013-A-0042 Microsoft Windows Media Decompression Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0036827
2013-A-0004 Multiple Vulnerabilities in Microsoft XML Core Services
Severity: Category I - VMSKEY: V0036444
2012-A-0196 Microsoft Windows File Handling Component Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0035488
2012-A-0185 Multiple Vulnerabilities in Microsoft Windows Shell
Severity: Category I - VMSKEY: V0034956
2012-A-0131 Microsoft Remote Desktop Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0033658

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 Microsoft Multiple Products malformed PNG detected tEXt overflow attempt
RuleID : 6700 - Type : FILE-IMAGE - Revision : 20
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX clsid access
RuleID : 53118 - Type : BROWSER-PLUGINS - Revision : 1
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt
RuleID : 53117 - Type : BROWSER-PLUGINS - Revision : 1
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt
RuleID : 53116 - Type : BROWSER-PLUGINS - Revision : 1
2020-01-14 Microsoft Windows Wordpad Converter sprmT record heap overflow attempt
RuleID : 52422 - Type : FILE-OFFICE - Revision : 1
2020-01-14 Microsoft Windows Wordpad Converter sprmT record heap overflow attempt
RuleID : 52421 - Type : FILE-OFFICE - Revision : 1
2020-01-03 Microsoft Windows MHTML XSS attempt
RuleID : 52335 - Type : OS-WINDOWS - Revision : 1
2019-12-03 Microsoft Windows GDI+ EMF buffer overwrite attempt
RuleID : 52035 - Type : OS-WINDOWS - Revision : 1
2019-12-03 Microsoft Windows GDI+ EMF buffer overwrite attempt
RuleID : 52034 - Type : OS-WINDOWS - Revision : 1
2019-12-03 Microsoft Windows GDI+ EMF buffer overwrite attempt
RuleID : 52033 - Type : OS-WINDOWS - Revision : 1
2019-12-03 Microsoft Windows GDI+ EMF buffer overwrite attempt
RuleID : 52032 - Type : OS-WINDOWS - Revision : 1
2019-12-03 Microsoft Windows GDI+ EMF buffer overwrite attempt
RuleID : 52031 - Type : OS-WINDOWS - Revision : 1
2019-12-03 Microsoft Windows GDI+ EMF buffer overwrite attempt
RuleID : 52030 - Type : OS-WINDOWS - Revision : 1
2019-10-10 Microsoft Windows WordPad and Office text converter integer overflow attempt
RuleID : 51473 - Type : FILE-OFFICE - Revision : 1
2019-10-10 Microsoft Windows WordPad and Office text converter integer overflow attempt
RuleID : 51472 - Type : FILE-OFFICE - Revision : 1
2019-09-17 Microsoft Windows Object Packager ClickOnce object remote code execution attempt
RuleID : 51029 - Type : OS-WINDOWS - Revision : 1
2019-09-17 Microsoft Windows Object Packager ClickOnce object remote code execution attempt
RuleID : 51028 - Type : OS-WINDOWS - Revision : 1
2019-09-05 Microsoft OpenType font index remote code execution attempt
RuleID : 50889 - Type : FILE-OTHER - Revision : 1
2019-09-05 Microsoft OpenType font index remote code execution attempt
RuleID : 50888 - Type : FILE-OTHER - Revision : 1
2019-09-05 Microsoft Windows GDI EMF parsing arbitrary code execution attempt
RuleID : 50885 - Type : FILE-OTHER - Revision : 1
2019-09-05 Microsoft Windows GDI EMF parsing arbitrary code execution attempt
RuleID : 50884 - Type : FILE-OTHER - Revision : 1
2019-09-05 Microsoft Fax Cover Page Editor heap corruption attempt
RuleID : 50873 - Type : OS-WINDOWS - Revision : 1
2019-09-05 Microsoft Fax Cover Page Editor heap corruption attempt
RuleID : 50872 - Type : OS-WINDOWS - Revision : 1
2019-08-31 Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap obfuscated ...
RuleID : 50849 - Type : FILE-OTHER - Revision : 1
2019-08-31 Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap obfuscated ...
RuleID : 50848 - Type : FILE-OTHER - Revision : 1

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2018-04-03 Name: The remote web server may allow remote code execution.
File: iis_7_pci.nasl - Type: ACT_GATHER_INFO
2017-06-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_june_xp_2003.nasl - Type: ACT_GATHER_INFO
2014-11-26 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2012-0020.nasl - Type: ACT_GATHER_INFO
2014-11-26 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2012-0021.nasl - Type: ACT_GATHER_INFO
2014-11-26 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2012-0022.nasl - Type: ACT_GATHER_INFO
2014-10-15 Name: The remote Windows host is affected by a privilege escalation vulnerability.
File: smb_nt_ms14-062.nasl - Type: ACT_GATHER_INFO
2014-10-10 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL10509.nasl - Type: ACT_GATHER_INFO
2014-07-26 Name: The remote Solaris system is missing a security patch from CPU oct2012.
File: solaris_oct2012_SRU10_5.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2012-403.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2012-404.nasl - Type: ACT_GATHER_INFO
2014-03-11 Name: The remote Windows host is affected by a security feature bypass vulnerability.
File: smb_nt_ms14-016.nasl - Type: ACT_GATHER_INFO
2014-03-10 Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r...
File: smb_kb957488.nasl - Type: ACT_GATHER_INFO
2014-01-14 Name: The Windows kernel on the remote host is affected by a privilege escalation v...
File: smb_nt_ms14-002.nasl - Type: ACT_GATHER_INFO
2013-12-11 Name: The remote host is affected by a remote code execution vulnerability.
File: smb_nt_ms13-098.nasl - Type: ACT_GATHER_INFO
2013-12-11 Name: The remote host is affected by a remote code execution vulnerability.
File: smb_nt_ms13-099.nasl - Type: ACT_GATHER_INFO
2013-12-11 Name: The Windows kernel drivers on the remote host are affected by multiple vulner...
File: smb_nt_ms13-101.nasl - Type: ACT_GATHER_INFO
2013-12-11 Name: A client on the host is vulnerable to a privilege escalation vulnerability.
File: smb_nt_ms13-102.nasl - Type: ACT_GATHER_INFO
2013-10-09 Name: The Windows kernel drivers on the remote host are affected by multiple vulner...
File: smb_nt_ms13-081.nasl - Type: ACT_GATHER_INFO
2013-10-09 Name: The .NET Framework install on the remote Windows host could allow arbitrary c...
File: smb_nt_ms13-082.nasl - Type: ACT_GATHER_INFO
2013-09-28 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201309-24.nasl - Type: ACT_GATHER_INFO
2013-09-11 Name: The remote Windows host is affected by a code execution vulnerability.
File: smb_nt_ms13-070.nasl - Type: ACT_GATHER_INFO
2013-09-11 Name: The remote Windows host is affected by a code execution vulnerability.
File: smb_nt_ms13-071.nasl - Type: ACT_GATHER_INFO
2013-09-11 Name: The Windows kernel on the remote host is affected by multiple vulnerabilities.
File: smb_nt_ms13-076.nasl - Type: ACT_GATHER_INFO
2013-08-14 Name: It is possible to execute arbitrary code on the remote Windows host using the...
File: smb_nt_ms13-060.nasl - Type: ACT_GATHER_INFO
2013-08-14 Name: The Windows install on the remote host is affected by a privilege escalation ...
File: smb_nt_ms13-062.nasl - Type: ACT_GATHER_INFO