Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2008-08-12 |
| Product | Windows Xp | Last view | 2017-06-22 |
| Version | * | Type | Os |
| Update | sp3 | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:microsoft:windows_xp | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 8.1 | 2017-06-22 | CVE-2017-0176 | A buffer overflow in Smart Card authentication code in gpkcsp.dll in Microsoft Windows XP through SP3 and Server 2003 through SP2 allows a remote attacker to execute arbitrary code on the target computer, provided that the computer is joined in a Windows domain and has Remote Desktop Protocol connectivity (or Terminal Services) enabled. |
| 7.2 | 2014-07-26 | CVE-2014-4971 | Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the MQAC.sys driver in the MQ Access Control subsystem and (2) the BthPan.sys driver in the Bluetooth Personal Area Networking subsystem. |
| 5.4 | 2014-03-12 | CVE-2014-0317 | The Security Account Manager Remote (SAMR) protocol implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2 does not properly determine the user-lockout state, which makes it easier for remote attackers to bypass the account lockout policy and obtain access via a brute-force attack, aka "SAMR Security Feature Bypass Vulnerability." |
| 9.3 | 2013-12-10 | CVE-2013-5056 | Use-after-free vulnerability in the Scripting Runtime Object Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site that is visited with Internet Explorer, aka "Use-After-Free Vulnerability in Microsoft Scripting Runtime Object Library." |
| 7.6 | 2013-12-10 | CVE-2013-3900 | The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate PE file digests during Authenticode signature verification, which allows remote attackers to execute arbitrary code via a crafted PE file, aka "WinVerifyTrust Signature Validation Vulnerability." |
| 7.2 | 2013-12-10 | CVE-2013-3899 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate addresses, which allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption Vulnerability." |
| 6.9 | 2013-12-10 | CVE-2013-3878 | Stack-based buffer overflow in the LRPC client in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges by operating an LRPC server that sends a crafted LPC port message, aka "LRPC Client Buffer Overrun Vulnerability." |
| 7.2 | 2013-11-27 | CVE-2013-5065 | NDProxy.sys in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in November 2013. |
| 9.3 | 2013-10-09 | CVE-2013-3894 | The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted CMAP table in a TrueType font (TTF) file, aka "TrueType Font CMAP Table Vulnerability." |
| 7.2 | 2013-10-09 | CVE-2013-3879 | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Use After Free Vulnerability." |
| 7.2 | 2013-10-09 | CVE-2013-3200 | The USB drivers in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability." |
| 7.2 | 2013-09-11 | CVE-2013-3866 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." |
| 7.2 | 2013-09-11 | CVE-2013-3865 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-1344, and CVE-2013-3864. |
| 7.2 | 2013-09-11 | CVE-2013-3864 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-1344, and CVE-2013-3865. |
| 9.3 | 2013-09-11 | CVE-2013-3863 | Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via a crafted OLE object in a file, aka "OLE Property Vulnerability." |
| 7.2 | 2013-09-11 | CVE-2013-1344 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-3864, and CVE-2013-3865. |
| 7.2 | 2013-09-11 | CVE-2013-1343 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865. |
| 7.2 | 2013-09-11 | CVE-2013-1342 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1343, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865. |
| 7.2 | 2013-09-11 | CVE-2013-1341 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability." |
| 9.3 | 2013-09-11 | CVE-2013-0810 | Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, and Windows Server 2008 SP2 allow remote attackers to execute arbitrary code via a crafted screensaver in a theme file, aka "Windows Theme File Remote Code Execution Vulnerability." |
| 7.2 | 2013-08-14 | CVE-2013-3198 | The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly validate kernel-memory addresses, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Windows Kernel Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3196 and CVE-2013-3197. |
| 7.2 | 2013-08-14 | CVE-2013-3197 | The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly validate kernel-memory addresses, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Windows Kernel Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3196 and CVE-2013-3198. |
| 7.2 | 2013-08-14 | CVE-2013-3196 | The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly validate kernel-memory addresses, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Windows Kernel Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3197 and CVE-2013-3198. |
| 9.3 | 2013-08-14 | CVE-2013-3181 | usp10.dll in the Unicode Scripts Processor in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "Uniscribe Font Parsing Engine Memory Corruption Vulnerability." |
| 10 | 2013-08-14 | CVE-2013-3175 | Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a malformed asynchronous RPC request, aka "Remote Procedure Call Vulnerability." |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 17% (61) | CWE-20 | Improper Input Validation |
| 16% (57) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 15% (53) | CWE-399 | Resource Management Errors |
| 15% (53) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 11% (38) | CWE-362 | Race Condition |
| 10% (37) | CWE-264 | Permissions, Privileges, and Access Controls |
| 6% (21) | CWE-189 | Numeric Errors |
| 0% (3) | CWE-310 | Cryptographic Issues |
| 0% (3) | CWE-287 | Improper Authentication |
| 0% (3) | CWE-200 | Information Exposure |
| 0% (3) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 0% (2) | CWE-16 | Configuration |
| 0% (1) | CWE-416 | Use After Free |
| 0% (1) | CWE-255 | Credentials Management |
| 0% (1) | CWE-134 | Uncontrolled Format String |
| 0% (1) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
| 0% (1) | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('O... |
| 0% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
CAPEC : Common Attack Pattern Enumeration & Classification
| id | Name |
|---|---|
| CAPEC-2 | Inducing Account Lockout |
| CAPEC-3 | Using Leading 'Ghost' Character Sequences to Bypass Input Filters |
| CAPEC-7 | Blind SQL Injection |
| CAPEC-8 | Buffer Overflow in an API Call |
| CAPEC-9 | Buffer Overflow in Local Command-Line Utilities |
| CAPEC-10 | Buffer Overflow via Environment Variables |
| CAPEC-13 | Subverting Environment Variable Values |
| CAPEC-14 | Client-side Injection-induced Buffer Overflow |
| CAPEC-18 | Embedding Scripts in Nonscript Elements |
| CAPEC-22 | Exploiting Trust in Client (aka Make the Client Invisible) |
| CAPEC-24 | Filter Failure through Buffer Overflow |
| CAPEC-28 | Fuzzing |
| CAPEC-31 | Accessing/Intercepting/Modifying HTTP Cookies |
| CAPEC-32 | Embedding Scripts in HTTP Query Strings |
| CAPEC-42 | MIME Conversion |
| CAPEC-43 | Exploiting Multiple Input Interpretation Layers |
| CAPEC-45 | Buffer Overflow via Symbolic Links |
| CAPEC-46 | Overflow Variables and Tags |
| CAPEC-47 | Buffer Overflow via Parameter Expansion |
| CAPEC-52 | Embedding NULL Bytes |
| CAPEC-53 | Postfix, Null Terminate, and Backslash |
| CAPEC-63 | Simple Script Injection |
| CAPEC-64 | Using Slashes and URL Encoding Combined to Bypass Validation Logic |
| CAPEC-66 | SQL Injection |
| CAPEC-67 | String Format Overflow in syslog() |
SAINT Exploits
| Description | Link |
|---|---|
| Internet Explorer iepeers.dll use-after-free vulnerability | More info here |
| Windows Server Service buffer overflow MS08-067 | More info here |
| Microsoft Windows Movie Maker IsValidWMToolsStream buffer overflow | More info here |
| Microsoft OLE Object File Handling vulnerability | More info here |
| Microsoft Windows Media Player DVR-MS File Code Execution | More info here |
| Internet Explorer WinINet credential reflection vulnerability | More info here |
| Microsoft WordPad Word97 text converter buffer overflow | More info here |
| Windows Thumbnail View CreateSizedDIBSECTION buffer overflow | More info here |
| Internet Explorer Tabular Data Control DataURL memory corruption | More info here |
| Windows Media MIDI Invalid Channel | More info here |
| Microsoft DirectX DirectShow QuickTime movie parsing vulnerability | More info here |
| Windows Help and Support Center -FromHCP URL whitelist bypass | More info here |
| Microsoft Office ClickOnce Unsafe Execution | More info here |
| Microsoft Windows Fax Cover Page Editor Double Free Memory Corruption Vulnerability | More info here |
| Windows Object Packager Insecure Execution | More info here |
| Windows Shell LNK file CONTROL item command execution | More info here |
| Microsoft Remote Desktop Connection Insecure Library Injection | More info here |
| Windows Crafted Theme File Handling Vulnerability | More info here |
| Microsoft Office Art Property Table Memory Corruption | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 78212 | Microsoft Windows Object Packager Path Subversion packager.exe Loading Remote... |
| 78211 | Microsoft Windows Line21 DirectShow Filter Media File Handling Remote Code Ex... |
| 78210 | Microsoft Windows Multimedia Library (winmm.dll) MIDI File Handling Remote Co... |
| 78207 | Microsoft Windows Embedded ClickOnce Application Office File Handling Remote ... |
| 78206 | Microsoft Windows Client/Server Run-time Subsystem (CSRSS) Unicode Character ... |
| 77908 | Microsoft Windows win32k.sys Safari IFRAME Height Attribute Handling Remote M... |
| 77667 | Microsoft Windows Active Directory Query Parsing Remote Overflow |
| 77666 | Microsoft Windows Kernel Exception Handler Local Privilege Escalation |
| 77665 | Microsoft Time ActiveX (DATIME.DLL) Unspecified IE Web Page Handling Remote C... |
| 77663 | Microsoft Windows Object Linking and Embedding (OLE) Object File Handling Rem... |
| 77662 | Microsoft Windows CSRSS Device Event Message Parsing Local Privilege Escalation |
| 77660 | Microsoft Windows Media Player / Center DVR-MS File Handling Remote Memory Co... |
| 76902 | Microsoft Windows Active Directory LDAPS CRL Handling Weakness Authentication... |
| 76843 | Microsoft Windows Win32k TrueType Font Handling Privilege Escalation |
| 76232 | Microsoft Windows Ancillary Function Driver afd.sys Local Privilege Escalation |
| 76221 | Microsoft Windows win32k.sys Driver Use-after-free Driver Object Handling Arb... |
| 76220 | Microsoft Windows win32k.sys Driver .fon Font File Handling Overflow |
| 76218 | Microsoft Windows win32k.sys Driver NULL Dereference Unspecified Arbitrary Co... |
| 75382 | Microsoft Windows Shell Extensions Path Subversion Arbitrary DLL Injection Co... |
| 74405 | Microsoft Windows Remote Desktop Protocol RDP Packet Parsing Remote DoS |
| 74402 | Microsoft Windows Remote Access Service NDISTAPI Driver User Input Validation... |
| 74401 | Microsoft Windows Client/Server Run-time Subsystem (CSRSS) Inter-Process Devi... |
| 73796 | Microsoft Windows CSRSS SrvSetConsoleLocalEUDC() Function NULL Page Data Writ... |
| 73795 | Microsoft Windows CSRSS SrvWriteConsoleOutputString() Function Local Overflow |
| 73794 | Microsoft Windows CSRSS SrvWriteConsoleOutput() Function Local Overflow |
ExploitDB Exploits
| id | Description |
|---|---|
| 34131 | Microsoft XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation |
| 34112 | Microsoft XP SP3 MQAC.sys - Arbitrary Write Privilege Escalation |
| 33213 | Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei) |
| 30392 | Microsoft Windows ndproxy.sys - Local Privilege Escalation |
| 30014 | Windows NDPROXY Local SYSTEM Privilege Escalation |
| 27050 | DirectShow Arbitrary Memory Overwrite Vulnerability (MS13-056) |
| 26554 | Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation |
| 19037 | MS12-005 Microsoft Office ClickOnce Unsafe Object Package Handling Vulnerability |
| 19002 | Microsoft Windows OLE Object File Handling Remote Code Execution |
| 18426 | MS12-004 midiOutPlayNextPolyEvent Heap Overflow |
| 18372 | Microsoft Windows Assembly Execution Vulnerability MS12-005 |
| 18176 | MS11-080 Afd.sys Privilege Escalation Exploit |
| 18024 | MS11-077 Win32k Null Pointer De-reference Vulnerability POC |
| 17978 | MS11-077 .fon Kernel-Mode Buffer Overrun PoC |
| 17659 | MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow |
| 17544 | GDI+ CreateDashedPath Integer overflow in gdiplus.dll |
| 16590 | Internet Explorer DHTML Behaviors Use After Free |
| 16262 | MS11-011(CVE-2011-0045): MS Windows XP WmiTraceMessageVa Integer Truncation V... |
| 15985 | MS10-073: Win32k Keyboard Layout Vulnerability |
| 15266 | Windows NTLM Weak Nonce Vulnerability |
| 15158 | MOAUB #30 - Microsoft Unicode Scripts Processor Remote Code Execution |
| 15112 | MOAUB #26 - Microsoft Cinepak Codec CVDecompress Heap Overflow |
| 14895 | MOAUB #5 - Microsoft MPEG Layer-3 Remote Command Execution Exploit |
| 14886 | MOAUB #4 - Movie Maker Remote Code Execution (MS10-016) |
| 14666 | Microsoft Windows nt!NtCreateThread Race Condition with Invalid Code Segment ... |
OpenVAS Exploits
| id | Description |
|---|---|
| 2013-07-09 | Name : Microsoft Remote Desktop Protocol Remote Code Execution Vulnerabilities (2671... File : nvt/secpod_ms12-020_remote.nasl |
| 2012-12-18 | Name : Fedora Update for xen FEDORA-2012-19828 File : nvt/gb_fedora_2012_19828_xen_fc16.nasl |
| 2012-12-14 | Name : Fedora Update for xen FEDORA-2012-19717 File : nvt/gb_fedora_2012_19717_xen_fc17.nasl |
| 2012-12-13 | Name : SuSE Update for xen openSUSE-SU-2012:0886-1 (xen) File : nvt/gb_suse_2012_0886_1.nasl |
| 2012-12-12 | Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (... File : nvt/secpod_ms12-078.nasl |
| 2012-12-12 | Name : Microsoft Windows File Handling Component Remote Code Execution Vulnerability... File : nvt/secpod_ms12-081.nasl |
| 2012-11-23 | Name : Fedora Update for xen FEDORA-2012-18242 File : nvt/gb_fedora_2012_18242_xen_fc17.nasl |
| 2012-11-23 | Name : Fedora Update for xen FEDORA-2012-18249 File : nvt/gb_fedora_2012_18249_xen_fc16.nasl |
| 2012-11-15 | Name : Fedora Update for xen FEDORA-2012-17204 File : nvt/gb_fedora_2012_17204_xen_fc17.nasl |
| 2012-11-15 | Name : Fedora Update for xen FEDORA-2012-17408 File : nvt/gb_fedora_2012_17408_xen_fc16.nasl |
| 2012-11-14 | Name : Microsoft Windows Shell Remote Code Execution Vulnerabilities (2727528) File : nvt/secpod_ms12-072.nasl |
| 2012-11-14 | Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (... File : nvt/secpod_ms12-075.nasl |
| 2012-10-10 | Name : Microsoft Windows Kernel Privilege Elevation Vulnerability (2724197) File : nvt/secpod_ms12-068.nasl |
| 2012-09-28 | Name : Google Chrome Windows Kernel Memory Corruption Vulnerability File : nvt/gb_google_chrome_mem_crptn_vuln_win.nasl |
| 2012-09-22 | Name : Fedora Update for xen FEDORA-2012-13434 File : nvt/gb_fedora_2012_13434_xen_fc17.nasl |
| 2012-09-22 | Name : Fedora Update for xen FEDORA-2012-13443 File : nvt/gb_fedora_2012_13443_xen_fc16.nasl |
| 2012-08-30 | Name : Fedora Update for xen FEDORA-2012-11182 File : nvt/gb_fedora_2012_11182_xen_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for xen FEDORA-2012-11755 File : nvt/gb_fedora_2012_11755_xen_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for xen FEDORA-2012-9386 File : nvt/gb_fedora_2012_9386_xen_fc17.nasl |
| 2012-08-24 | Name : Fedora Update for xen FEDORA-2012-11785 File : nvt/gb_fedora_2012_11785_xen_fc16.nasl |
| 2012-08-15 | Name : Microsoft Remote Desktop Protocol Remote Code Execution Vulnerability (2723135) File : nvt/secpod_ms12-053.nasl |
| 2012-08-15 | Name : Microsoft Windows Networking Components Remote Code Execution Vulnerabilities... File : nvt/secpod_ms12-054.nasl |
| 2012-08-15 | Name : Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerability (2731... File : nvt/secpod_ms12-055.nasl |
| 2012-08-10 | Name : Debian Security Advisory DSA 2501-1 (xen) File : nvt/deb_2501_1.nasl |
| 2012-08-10 | Name : Debian Security Advisory DSA 2508-1 (kfreebsd-8) File : nvt/deb_2508_1.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2014-A-0150 | Microsoft Message Queuing Service Privilege Escalation Vulnerability Severity: Category II - VMSKEY: V0055433 |
| 2014-B-0028 | Microsoft Security Account Manager Remote (SAMR) Security Bypass Vulnerability Severity: Category II - VMSKEY: V0046171 |
| 2014-A-0004 | Microsoft Windows Kernel Privilege Escalation Vulnerability Severity: Category II - VMSKEY: V0043405 |
| 2013-A-0226 | Microsoft LRPC Client Privilege Escalation Vulnerability Severity: Category II - VMSKEY: V0042591 |
| 2013-A-0232 | Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Drivers Severity: Category I - VMSKEY: V0042582 |
| 2013-A-0227 | Microsoft Windows (WinVerifyTrust) Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0042581 |
| 2013-A-0228 | Microsoft Windows Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0042580 |
| 2013-A-0190 | Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Drivers Severity: Category I - VMSKEY: V0040763 |
| 2013-B-0104 | Microsoft Windows Theme File Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0040299 |
| 2013-A-0176 | Microsoft Windows Object Linking and Embedding (OLE) Remote Code Execution Vu... Severity: Category II - VMSKEY: V0040290 |
| 2013-B-0088 | Multiple Privilege Escalation Vulnerabilities in Microsoft Windows Kernel Severity: Category I - VMSKEY: V0040045 |
| 2013-A-0163 | Microsoft Windows Remote Procedure Call (RPC) Elevation of Privilege Vulnerab... Severity: Category I - VMSKEY: V0040034 |
| 2013-A-0164 | Microsoft Windows Unicode Scripts Processor Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0040037 |
| 2013-B-0071 | Multiple Vulnerabilities in Microsoft .NET Framework and Silverlight Severity: Category II - VMSKEY: V0039211 |
| 2013-A-0134 | Microsoft DirectShow Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0039200 |
| 2013-A-0135 | Microsoft GDI+ Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0039199 |
| 2013-B-0034 | Microsoft Windows Client/Server Run-time Subsystem Elevation of Privilege Vul... Severity: Category II - VMSKEY: V0037616 |
| 2013-A-0080 | Microsoft Windows Kernel Privilege Escalation Vulnerability Severity: Category II - VMSKEY: V0037609 |
| 2013-A-0063 | Microsoft Windows Kernel-Mode Drivers Privilege Escalation Vulnerability Severity: Category II - VMSKEY: V0037404 |
| 2013-A-0042 | Microsoft Windows Media Decompression Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0036827 |
| 2013-A-0004 | Multiple Vulnerabilities in Microsoft XML Core Services Severity: Category I - VMSKEY: V0036444 |
| 2012-A-0196 | Microsoft Windows File Handling Component Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0035488 |
| 2012-A-0185 | Multiple Vulnerabilities in Microsoft Windows Shell Severity: Category I - VMSKEY: V0034956 |
| 2012-A-0131 | Microsoft Remote Desktop Remote Code Execution Vulnerability Severity: Category I - VMSKEY: V0033658 |
| 2012-A-0137 | Multiple Vulnerabilities in Microsoft Windows Networking Components Severity: Category I - VMSKEY: V0033657 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Microsoft Multiple Products malformed PNG detected tEXt overflow attempt RuleID : 6700 - Type : FILE-IMAGE - Revision : 20 |
| 2020-03-19 | Microsoft Windows Data Analyzer 3.5 ActiveX clsid access RuleID : 53118 - Type : BROWSER-PLUGINS - Revision : 1 |
| 2020-03-19 | Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt RuleID : 53117 - Type : BROWSER-PLUGINS - Revision : 1 |
| 2020-03-19 | Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt RuleID : 53116 - Type : BROWSER-PLUGINS - Revision : 1 |
| 2020-01-14 | Microsoft Windows Wordpad Converter sprmT record heap overflow attempt RuleID : 52422 - Type : FILE-OFFICE - Revision : 1 |
| 2020-01-14 | Microsoft Windows Wordpad Converter sprmT record heap overflow attempt RuleID : 52421 - Type : FILE-OFFICE - Revision : 1 |
| 2020-01-03 | Microsoft Windows MHTML XSS attempt RuleID : 52335 - Type : OS-WINDOWS - Revision : 1 |
| 2019-12-03 | Microsoft Windows GDI+ EMF buffer overwrite attempt RuleID : 52035 - Type : OS-WINDOWS - Revision : 1 |
| 2019-12-03 | Microsoft Windows GDI+ EMF buffer overwrite attempt RuleID : 52034 - Type : OS-WINDOWS - Revision : 1 |
| 2019-12-03 | Microsoft Windows GDI+ EMF buffer overwrite attempt RuleID : 52033 - Type : OS-WINDOWS - Revision : 1 |
| 2019-12-03 | Microsoft Windows GDI+ EMF buffer overwrite attempt RuleID : 52032 - Type : OS-WINDOWS - Revision : 1 |
| 2019-12-03 | Microsoft Windows GDI+ EMF buffer overwrite attempt RuleID : 52031 - Type : OS-WINDOWS - Revision : 1 |
| 2019-12-03 | Microsoft Windows GDI+ EMF buffer overwrite attempt RuleID : 52030 - Type : OS-WINDOWS - Revision : 1 |
| 2019-10-10 | Microsoft Windows WordPad and Office text converter integer overflow attempt RuleID : 51473 - Type : FILE-OFFICE - Revision : 1 |
| 2019-10-10 | Microsoft Windows WordPad and Office text converter integer overflow attempt RuleID : 51472 - Type : FILE-OFFICE - Revision : 1 |
| 2019-09-17 | Microsoft Windows Object Packager ClickOnce object remote code execution attempt RuleID : 51029 - Type : OS-WINDOWS - Revision : 1 |
| 2019-09-17 | Microsoft Windows Object Packager ClickOnce object remote code execution attempt RuleID : 51028 - Type : OS-WINDOWS - Revision : 1 |
| 2019-09-05 | Microsoft OpenType font index remote code execution attempt RuleID : 50889 - Type : FILE-OTHER - Revision : 1 |
| 2019-09-05 | Microsoft OpenType font index remote code execution attempt RuleID : 50888 - Type : FILE-OTHER - Revision : 1 |
| 2019-09-05 | Microsoft Windows GDI EMF parsing arbitrary code execution attempt RuleID : 50885 - Type : FILE-OTHER - Revision : 1 |
| 2019-09-05 | Microsoft Windows GDI EMF parsing arbitrary code execution attempt RuleID : 50884 - Type : FILE-OTHER - Revision : 1 |
| 2019-09-05 | Microsoft Fax Cover Page Editor heap corruption attempt RuleID : 50873 - Type : OS-WINDOWS - Revision : 1 |
| 2019-09-05 | Microsoft Fax Cover Page Editor heap corruption attempt RuleID : 50872 - Type : OS-WINDOWS - Revision : 1 |
| 2019-08-31 | Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap obfuscated ... RuleID : 50849 - Type : FILE-OTHER - Revision : 1 |
| 2019-08-31 | Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap obfuscated ... RuleID : 50848 - Type : FILE-OTHER - Revision : 1 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2018-04-03 | Name: The remote web server may allow remote code execution. File: iis_7_pci.nasl - Type: ACT_GATHER_INFO |
| 2017-06-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_june_xp_2003.nasl - Type: ACT_GATHER_INFO |
| 2014-11-26 | Name: The remote OracleVM host is missing one or more security updates. File: oraclevm_OVMSA-2012-0020.nasl - Type: ACT_GATHER_INFO |
| 2014-11-26 | Name: The remote OracleVM host is missing one or more security updates. File: oraclevm_OVMSA-2012-0021.nasl - Type: ACT_GATHER_INFO |
| 2014-11-26 | Name: The remote OracleVM host is missing one or more security updates. File: oraclevm_OVMSA-2012-0022.nasl - Type: ACT_GATHER_INFO |
| 2014-10-15 | Name: The remote Windows host is affected by a privilege escalation vulnerability. File: smb_nt_ms14-062.nasl - Type: ACT_GATHER_INFO |
| 2014-10-10 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL10509.nasl - Type: ACT_GATHER_INFO |
| 2014-07-26 | Name: The remote Solaris system is missing a security patch from CPU oct2012. File: solaris_oct2012_SRU10_5.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2012-403.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2012-404.nasl - Type: ACT_GATHER_INFO |
| 2014-03-11 | Name: The remote Windows host is affected by a security feature bypass vulnerability. File: smb_nt_ms14-016.nasl - Type: ACT_GATHER_INFO |
| 2014-03-10 | Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r... File: smb_kb957488.nasl - Type: ACT_GATHER_INFO |
| 2014-01-14 | Name: The Windows kernel on the remote host is affected by a privilege escalation v... File: smb_nt_ms14-002.nasl - Type: ACT_GATHER_INFO |
| 2013-12-11 | Name: The remote host is affected by a remote code execution vulnerability. File: smb_nt_ms13-098.nasl - Type: ACT_GATHER_INFO |
| 2013-12-11 | Name: The remote host is affected by a remote code execution vulnerability. File: smb_nt_ms13-099.nasl - Type: ACT_GATHER_INFO |
| 2013-12-11 | Name: The Windows kernel drivers on the remote host are affected by multiple vulner... File: smb_nt_ms13-101.nasl - Type: ACT_GATHER_INFO |
| 2013-12-11 | Name: A client on the host is vulnerable to a privilege escalation vulnerability. File: smb_nt_ms13-102.nasl - Type: ACT_GATHER_INFO |
| 2013-10-09 | Name: The Windows kernel drivers on the remote host are affected by multiple vulner... File: smb_nt_ms13-081.nasl - Type: ACT_GATHER_INFO |
| 2013-09-28 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201309-24.nasl - Type: ACT_GATHER_INFO |
| 2013-09-11 | Name: The remote Windows host is affected by a code execution vulnerability. File: smb_nt_ms13-070.nasl - Type: ACT_GATHER_INFO |
| 2013-09-11 | Name: The remote Windows host is affected by a code execution vulnerability. File: smb_nt_ms13-071.nasl - Type: ACT_GATHER_INFO |
| 2013-09-11 | Name: The Windows kernel on the remote host is affected by multiple vulnerabilities. File: smb_nt_ms13-076.nasl - Type: ACT_GATHER_INFO |
| 2013-08-14 | Name: It is possible to execute arbitrary code on the remote Windows host using the... File: smb_nt_ms13-060.nasl - Type: ACT_GATHER_INFO |
| 2013-08-14 | Name: The Windows install on the remote host is affected by a privilege escalation ... File: smb_nt_ms13-062.nasl - Type: ACT_GATHER_INFO |
| 2013-08-14 | Name: The Windows kernel on the remote host is affected by multiple vulnerabilities. File: smb_nt_ms13-063.nasl - Type: ACT_GATHER_INFO |
