This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2006-06-13
Product Windows Xp Last view 2010-05-07
Version - Type Os
Update sp2  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:microsoft:windows_xp

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
6.4 2010-05-07 CVE-2010-1690

The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier, Windows XP SP3 and earlier, Windows Server 2003 SP2 and earlier, Windows Server 2008 SP2 and earlier, Windows Server 2008 R2, Exchange Server 2003 SP3 and earlier, Exchange Server 2007 SP2 and earlier, and Exchange Server 2010 does not verify that transaction IDs of responses match transaction IDs of queries, which makes it easier for man-in-the-middle attackers to spoof DNS responses, a different vulnerability than CVE-2010-0024 and CVE-2010-0025.

6.4 2010-05-07 CVE-2010-1689

The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier, Windows XP SP3 and earlier, Windows Server 2003 SP2 and earlier, Windows Server 2008 SP2 and earlier, Windows Server 2008 R2, Exchange Server 2003 SP3 and earlier, Exchange Server 2007 SP2 and earlier, and Exchange Server 2010 uses predictable transaction IDs that are formed by incrementing a previous ID by 1, which makes it easier for man-in-the-middle attackers to spoof DNS responses, a different vulnerability than CVE-2010-0024 and CVE-2010-0025.

5 2010-04-14 CVE-2010-0025

The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server 2000 SP3, does not properly allocate memory for SMTP command replies, which allows remote attackers to read fragments of e-mail messages by sending a series of invalid commands and then sending a STARTTLS command, aka "SMTP Memory Allocation Vulnerability."

5 2010-04-14 CVE-2010-0024

The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server 2003 SP2, does not properly parse MX records, which allows remote DNS servers to cause a denial of service (service outage) via a crafted response to a DNS MX record query, aka "SMTP Server MX Record Vulnerability."

9.3 2010-02-10 CVE-2010-0250

Heap-based buffer overflow in DirectShow in Microsoft DirectX, as used in the AVI Filter on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2, and in Quartz on Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, allows remote attackers to execute arbitrary code via an AVI file with a crafted length field in an unspecified video stream, which is not properly handled by the RLE video decompressor, aka "DirectShow Heap Overflow Vulnerability."

9.3 2009-12-12 CVE-2009-4313

ir32_32.dll 3.24.15.3 in the Indeo32 codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service (heap corruption) or execute arbitrary code via malformed data in a stream in a media file, as demonstrated by an AVI file.

9.3 2009-12-12 CVE-2009-4312

Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Dave Lenoe of Adobe.

9.3 2009-12-12 CVE-2009-4311

Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Paul Byrne of NGS Software. NOTE: this might overlap CVE-2008-3615.

9.3 2009-12-12 CVE-2009-4310

Stack-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted compressed video data in an IV41 stream in a media file, leading to many loop iterations, as demonstrated by data in an AVI file.

9.3 2009-12-12 CVE-2009-4309

Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 stream in a media file, as demonstrated by an AVI file.

9.3 2009-12-12 CVE-2009-4210

The Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted media content.

9.3 2009-09-08 CVE-2009-2519

The DHTML Editing Component ActiveX control in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly format HTML markup, which allows remote attackers to execute arbitrary code via a crafted web site that triggers "system state" corruption, aka "DHTML Editing Component ActiveX Control Vulnerability."

8.5 2009-09-08 CVE-2009-2499

Microsoft Windows Media Format Runtime 9.0, 9.5, and 11; and Microsoft Media Foundation on Windows Vista Gold, SP1, and SP2 and Server 2008; allows remote attackers to execute arbitrary code via an MP3 file with crafted metadata that triggers memory corruption, aka "Windows Media Playback Memory Corruption Vulnerability."

9.3 2009-09-08 CVE-2009-2498

Microsoft Windows Media Format Runtime 9.0, 9.5, and 11 and Windows Media Services 9.1 and 2008 do not properly parse malformed headers in Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted (1) .asf, (2) .wmv, or (3) .wma file, aka "Windows Media Header Parsing Invalid Free Vulnerability."

9.3 2009-09-08 CVE-2009-1920

The JScript scripting engine 5.1, 5.6, 5.7, and 5.8 in JScript.dll in Microsoft Windows, as used in Internet Explorer, does not properly load decoded scripts into memory before execution, which allows remote attackers to execute arbitrary code via a crafted web site that triggers memory corruption, aka "JScript Remote Code Execution Vulnerability."

10 2009-08-12 CVE-2009-2494

The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via vectors related to erroneous free operations after reading a variant from a stream and deleting this variant, aka "ATL Object Type Mismatch Vulnerability."

10 2009-08-12 CVE-2009-1930

The Telnet service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote Telnet servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, aka "Telnet Credential Reflection Vulnerability," a related issue to CVE-2000-0834.

9.3 2009-08-12 CVE-2009-1929

Heap-based buffer overflow in the Microsoft Terminal Services Client ActiveX control running RDP 6.1 on Windows XP SP2, Vista SP1 or SP2, or Server 2008 Gold or SP2; or 5.2 or 6.1 on Windows XP SP3; allows remote attackers to execute arbitrary code via unspecified parameters to unknown methods, aka "Remote Desktop Connection ActiveX Control Heap Overflow Vulnerability."

6.9 2009-08-12 CVE-2009-1922

The Message Queuing (aka MSMQ) service for Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP2, and Vista Gold does not properly validate unspecified IOCTL request data from user mode before passing this data to kernel mode, which allows local users to gain privileges via a crafted request, aka "MSMQ Null Pointer Vulnerability."

8.5 2009-08-12 CVE-2009-1546

Integer overflow in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows allows remote attackers to execute arbitrary code on a Windows 2000 SP4 system via a crafted AVI file, or cause a denial of service on a Windows XP SP2 or SP3, Server 2003 SP2, Vista Gold, SP1, or SP2, or Server 2008 Gold or SP2 system via a crafted AVI file, aka "AVI Integer Overflow Vulnerability."

9.3 2009-08-12 CVE-2009-1545

Unspecified vulnerability in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a malformed header in a crafted AVI file, aka "Malformed AVI Header Vulnerability."

9 2009-08-12 CVE-2009-1544

Double free vulnerability in the Workstation service in Microsoft Windows allows remote authenticated users to gain privileges via a crafted RPC message to a Windows XP SP2 or SP3 or Server 2003 SP2 system, or cause a denial of service via a crafted RPC message to a Vista Gold, SP1, or SP2 or Server 2008 Gold or SP2 system, aka "Workstation Service Memory Corruption Vulnerability."

9.3 2009-08-12 CVE-2009-1133

Heap-based buffer overflow in Microsoft Remote Desktop Connection (formerly Terminal Services Client) running RDP 5.0 through 6.1 on Windows, and Remote Desktop Connection Client for Mac 2.0, allows remote attackers to execute arbitrary code via unspecified parameters, aka "Remote Desktop Connection Heap Overflow Vulnerability."

4.6 2009-08-03 CVE-2009-2653

** DISPUTED ** The NtUserConsoleControl function in win32k.sys in Microsoft Windows XP SP2 and SP3, and Server 2003 before SP1, allows local administrators to bypass unspecified "security software" and gain privileges via a crafted call that triggers an overwrite of an arbitrary memory location. NOTE: the vendor disputes the significance of this report, stating that 'the Administrator to SYSTEM "escalation" is not a security boundary we defend.'

9.3 2009-07-29 CVE-2009-1919

Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly handle attempts to access deleted objects in memory, which allows remote attackers to execute arbitrary code via an HTML document containing embedded style sheets that modify unspecified rule properties that cause the behavior element to be "improperly processed," aka "Uninitialized Memory Corruption Vulnerability."

CWE : Common Weakness Enumeration

%idName
32% (13) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
30% (12) CWE-94 Failure to Control Generation of Code ('Code Injection')
10% (4) CWE-264 Permissions, Privileges, and Access Controls
10% (4) CWE-20 Improper Input Validation
5% (2) CWE-399 Resource Management Errors
5% (2) CWE-189 Numeric Errors
2% (1) CWE-310 Cryptographic Issues
2% (1) CWE-255 Credentials Management
2% (1) CWE-200 Information Exposure

CAPEC : Common Attack Pattern Enumeration & Classification

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Name
CAPEC-3 Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-7 Blind SQL Injection
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-13 Subverting Environment Variable Values
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-18 Embedding Scripts in Nonscript Elements
CAPEC-22 Exploiting Trust in Client (aka Make the Client Invisible)
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-28 Fuzzing
CAPEC-31 Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-32 Embedding Scripts in HTTP Query Strings
CAPEC-42 MIME Conversion
CAPEC-43 Exploiting Multiple Input Interpretation Layers
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-52 Embedding NULL Bytes
CAPEC-53 Postfix, Null Terminate, and Backslash
CAPEC-63 Simple Script Injection
CAPEC-64 Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-66 SQL Injection
CAPEC-67 String Format Overflow in syslog()
CAPEC-71 Using Unicode Encoding to Bypass Validation Logic

SAINT Exploits

Description Link
Visual Studio Active Template Library object type mismatch vulnerability More info here
Windows Telnet credential reflection More info here
Microsoft DirectShow Video Streaming ActiveX IMPEG2TuneRequest Overflow More info here
Windows Media Encoder 9 wmex.dll ActiveX buffer overflow More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
64794 Microsoft Multiple Products smtpsvc.dll DNS Implementation Predictable Transa...
64793 Microsoft Multiple Products smtpsvc.dll DNS Implementation ID Transaction Ver...
63739 Microsoft Windows SMTP / Exchange Server Malformed Command Sequence Remote In...
63738 Microsoft Windows SMTP / Exchange Server DNS Mail Exchanger (MX) Resource Rec...
62257 Microsoft Windows DirectShow AVI File Decompression Overflow
61037 Microsoft Windows Indeo Codec Crafted Media Content Arbitrary Code Execution ...
61036 Microsoft Windows Indeo Codec Crafted Media Content Arbitrary Code Execution ...
60858 Microsoft Windows Intel Indeo32 Codec (ir32_32.dll) IV32 FourCC Code Handling...
60857 Microsoft Windows Indeo Codec Unspecified Memory Corruption
60856 Microsoft Windows Intel Indeo41 Codec IV41 Stream Video Decompression Overflow
60855 Microsoft Windows Intel Indeo41 Codec IV41 movi Record Handling Overflow
57804 Microsoft JScript Scripting Engine Memory Corruption Arbitrary Code Execution
57803 Microsoft Windows Media MP3 File Handling Memory Corruption
57802 Microsoft Windows Media ASF Header Parsing Invalid Free Arbitrary Code Execution
57798 Microsoft Windows DHTML Editing Component ActiveX Arbitrary Code Execution
56912 Microsoft Windows Terminal Services Client ActiveX Unspecified Overflow
56911 Microsoft Remote Desktop Server (RDS) mstscax.dll Packet Parsing Remote Overflow
56910 Microsoft Visual Studio Active Template Library (ATL) Header Mismatch Remote ...
56909 Microsoft Windows AVI Media File Parsing Unspecified Overflow
56908 Microsoft Windows Malformed AVI Header Parsing Arbitrary Code Execution
56904 Microsoft Windows Telnet NTLM Credential Reflection Remote Access
56902 Microsoft Windows Workstation Service NetrGetJoinInformation Function Local M...
56901 Microsoft Windows Message Queuing Service (MSMQ) mqac.sys IOCTL Request Parsi...
56780 Microsoft Windows win32k.sys NtUserConsoleControl Function Memory Manipulatio...
56695 Microsoft IE HTML Embedded CSS Property Modification Memory Corruption

OpenVAS Exploits

id Description
2011-01-18 Name : Microsoft Products GDI Plus Remote Code Execution Vulnerabilities (954593)
File : nvt/gb_ms08-052.nasl
2011-01-10 Name : Microsoft Pragmatic General Multicast (PGM) Denial of Service Vulnerability ...
File : nvt/gb_ms08-036.nasl
2010-05-05 Name : Microsoft Windows SMTP Server DNS spoofing vulnerability
File : nvt/gb_ms_smtp_dns_spoofing_vulnerability.nasl
2010-04-23 Name : Microsoft Exchange and Windows SMTP Service Denial of Service Vulnerability (...
File : nvt/secpod_ms10-024.nasl
2010-04-22 Name : Microsoft Windows SMTP Server MX Record Denial of Service Vulnerability
File : nvt/gb_ms10_024.nasl
2010-02-10 Name : Microsoft DirectShow Remote Code Execution Vulnerability (977935)
File : nvt/secpod_ms10-013.nasl
2009-12-17 Name : Microsoft Windows Indeo Codec Multiple Vulnerabilities
File : nvt/gb_ms_indeo_codec_mult_vuln.nasl
2009-09-10 Name : Microsoft Windows Media Format Remote Code Execution Vulnerability (973812)
File : nvt/secpod_ms09-047.nasl
2009-09-10 Name : Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability...
File : nvt/secpod_ms09-046.nasl
2009-09-10 Name : Microsoft JScript Scripting Engine Remote Code Execution Vulnerability (971961)
File : nvt/secpod_ms09-045.nasl
2009-08-14 Name : Vulnerabilities in Microsoft ATL Could Allow Remote Code Execution (973908)
File : nvt/secpod_ms09-037.nasl
2009-08-13 Name : Microsoft Windows Message Queuing Privilege Escalation Vulnerability (971032)
File : nvt/secpod_ms09-040.nasl
2009-08-12 Name : Microsoft Windows AVI Media File Parsing Vulnerabilities (971557)
File : nvt/secpod_ms09-038.nasl
2009-08-12 Name : Vulnerability in Workstation Service Could Allow Elevation of Privilege (971657)
File : nvt/secpod_ms09-041.nasl
2009-08-12 Name : Telnet NTLM Credential Reflection Authentication Bypass Vulnerability (960859)
File : nvt/secpod_ms09-042.nasl
2009-08-12 Name : Microsoft Remote Desktop Connection Remote Code Execution Vulnerability (969706)
File : nvt/secpod_ms09-044.nasl
2009-08-11 Name : Microsoft Windows Kernel win32k.sys Privilege Escalation Vulnerability
File : nvt/gb_ms_win_kernel_win32k_sys_priv_esc_vuln.nasl
2009-07-29 Name : Cumulative Security Update for Internet Explorer (972260)
File : nvt/secpod_ms09-034.nasl
2009-07-15 Name : Microsoft DirectShow Remote Code Execution Vulnerability (961373)
File : nvt/secpod_ms09-028.nasl
2009-07-09 Name : Microsoft Video ActiveX Control 'msvidctl.dll' BOF Vulnerability
File : nvt/gb_ms_video_actvx_bof_vuln_jul09.nasl
2008-10-15 Name : Windows Kernel Elevation of Privilege Vulnerability (954211)
File : nvt/secpod_ms08-061_900051.nasl
2008-09-10 Name : Windows Media Encoder 9 Remote Code Execution Vulnerability (954156)
File : nvt/secpod_ms08-053_900044.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2010-B-0029 Multiple Vulnerabilities in Microsoft Exchange and Windows SMTP Service
Severity: Category II - VMSKEY: V0023955
2010-A-0025 Microsoft DirectShow Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0022679
2009-B-0069 Multiple Vulnerabilities in Indeo Codec affecting Microsoft Windows
Severity: Category II - VMSKEY: V0022163
2009-A-0074 Microsoft JScript Scripting Engine Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0019914
2009-A-0075 Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0019915
2009-A-0076 Multiple Vulnerabilities in Microsoft Windows Media Format
Severity: Category II - VMSKEY: V0019916
2009-B-0037 Microsoft Telnet Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0019879
2009-B-0035 Microsoft Windows Workstation Service Elevation of Privilege Vulnerability
Severity: Category II - VMSKEY: V0019880
2009-A-0067 Multiple Vulnerabilities in Microsoft Active Template Library
Severity: Category II - VMSKEY: V0019882
2009-A-0071 Multiple Vulnerabilities in Microsoft Remote Desktop Connection
Severity: Category II - VMSKEY: V0019884
2008-T-0053 WinZip gdiplus.dll Microsoft Module Unspecified Security Vulnerability
Severity: Category II - VMSKEY: V0017532
2008-B-0057 Microsoft Windows Media Encoder Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0017344
2008-T-0025 Microsoft Pragmatic General Multicast (PGM) Denial of Service Vulnerabilities
Severity: Category I - VMSKEY: V0016038

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2019-10-17 Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt
RuleID : 51557 - Type : OS-WINDOWS - Revision : 1
2019-10-17 Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt
RuleID : 51556 - Type : OS-WINDOWS - Revision : 1
2019-10-17 Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt
RuleID : 51555 - Type : OS-WINDOWS - Revision : 1
2019-09-05 Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt
RuleID : 50893 - Type : FILE-MULTIMEDIA - Revision : 1
2019-09-05 Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt
RuleID : 50892 - Type : FILE-MULTIMEDIA - Revision : 1
2017-10-10 Microsoft DirectShow memory corruption attempt
RuleID : 44306 - Type : OS-WINDOWS - Revision : 2
2017-10-10 Microsoft DirectShow memory corruption attempt
RuleID : 44305 - Type : OS-WINDOWS - Revision : 2
2017-08-23 Microsoft Internet Explorer GDI VML gradient size heap overflow attempt
RuleID : 43622 - Type : BROWSER-IE - Revision : 1
2017-07-25 Microsoft Windows DirectX directshow wav file overflow attempt
RuleID : 43270 - Type : FILE-MULTIMEDIA - Revision : 1
2017-07-25 Microsoft Windows DirectX directshow wav file overflow attempt
RuleID : 43269 - Type : FILE-MULTIMEDIA - Revision : 1
2014-01-10 Microsoft Internet Explorer DHTML Editing ActiveX clsid access
RuleID : 4148 - Type : BROWSER-PLUGINS - Revision : 23
2016-04-19 DCERPC Direct detection of malicious DCE RPC request in suspicious pcap
RuleID : 38264 - Type : OS-WINDOWS - Revision : 1
2016-03-14 Microsoft Internet Explorer DHTML Editing ActiveX clsid access
RuleID : 36783 - Type : BROWSER-PLUGINS - Revision : 3
2016-03-14 Microsoft Internet Explorer DHTML Editing ActiveX clsid access
RuleID : 36782 - Type : BROWSER-PLUGINS - Revision : 3
2014-11-16 Apple QuickTime pict image poly structure memory corruption attempt
RuleID : 31309 - Type : FILE-MULTIMEDIA - Revision : 5
2014-11-16 Apple QuickTime pict image poly structure memory corruption attempt
RuleID : 31308 - Type : FILE-MULTIMEDIA - Revision : 5
2014-02-21 Apple QuickTime pict image poly structure memory corruption attempt
RuleID : 29436 - Type : FILE-MULTIMEDIA - Revision : 3
2014-02-21 Apple QuickTime pict image poly structure memory corruption attempt
RuleID : 29435 - Type : FILE-MULTIMEDIA - Revision : 3
2014-01-10 Microsoft Windows Media Encoder 9 ActiveX function call access
RuleID : 27800 - Type : BROWSER-PLUGINS - Revision : 2
2014-01-10 Apple QuickTime pict image poly structure memory corruption attempt
RuleID : 26472 - Type : FILE-MULTIMEDIA - Revision : 5
2014-01-10 Microsoft GDI EMF malformed file buffer overflow attempt
RuleID : 25502 - Type : FILE-MULTIMEDIA - Revision : 4
2014-01-10 Microsoft Windows Media encryption sample ID header RCE attempt
RuleID : 23576 - Type : FILE-MULTIMEDIA - Revision : 5
2014-01-10 Microsoft Windows Media encryption sample ID header RCE attempt
RuleID : 23575 - Type : FILE-MULTIMEDIA - Revision : 5
2014-01-10 Microsoft Windows Media pixel aspect ratio header RCE attempt
RuleID : 23574 - Type : FILE-MULTIMEDIA - Revision : 5
2014-01-10 Microsoft Windows Media content type header RCE attempt
RuleID : 23573 - Type : FILE-MULTIMEDIA - Revision : 5

Nessus® Vulnerability Scanner

id Description
2018-04-03 Name: The remote mail server may be affected by multiple vulnerabilities.
File: exchange_ms10-024.nasl - Type: ACT_GATHER_INFO
2010-04-13 Name: The remote mail server may be affected by multiple vulnerabilities.
File: smtp_kb981832.nasl - Type: ACT_GATHER_INFO
2010-04-13 Name: The remote mail server may be affected by multiple vulnerabilities.
File: smb_nt_ms10-024.nasl - Type: ACT_GATHER_INFO
2010-02-09 Name: It is possible to execute arbitrary code on the remote Windows host using Dir...
File: smb_nt_ms10-013.nasl - Type: ACT_GATHER_INFO
2009-12-09 Name: The remote host is missing a security update that mitigates multiple vulnerab...
File: smb_kb_955759.nasl - Type: ACT_GATHER_INFO
2009-09-08 Name: Arbitrary code can be executed on the remote host through opening a Windows M...
File: smb_nt_ms09-047.nasl - Type: ACT_GATHER_INFO
2009-09-08 Name: Arbitrary code can be executed on the remote host through an ActiveX control.
File: smb_nt_ms09-046.nasl - Type: ACT_GATHER_INFO
2009-09-08 Name: Arbitrary code can be executed on the remote host through the web or email cl...
File: smb_nt_ms09-045.nasl - Type: ACT_GATHER_INFO
2009-08-11 Name: Arbitrary code can be executed on the remote host through Microsoft Active Te...
File: smb_nt_ms09-037.nasl - Type: ACT_GATHER_INFO
2009-08-11 Name: It is possible to execute arbitrary code on the remote host.
File: smb_nt_ms09-044.nasl - Type: ACT_GATHER_INFO
2009-08-11 Name: Arbitrary code can be executed on the remote host through the remote Telnet c...
File: smb_nt_ms09-042.nasl - Type: ACT_GATHER_INFO
2009-08-11 Name: Users can elevate their privileges on the remote host.
File: smb_nt_ms09-041.nasl - Type: ACT_GATHER_INFO
2009-08-11 Name: Users can elevate their privileges on the remote host.
File: smb_nt_ms09-040.nasl - Type: ACT_GATHER_INFO
2009-08-11 Name: Arbitrary code can be executed on the remote host through Windows Media file ...
File: smb_nt_ms09-038.nasl - Type: ACT_GATHER_INFO
2009-08-11 Name: Arbitrary code can be executed on the remote host through Microsoft Remote De...
File: macosx_rdesktop.nasl - Type: ACT_GATHER_INFO
2009-07-28 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms09-034.nasl - Type: ACT_GATHER_INFO
2009-07-14 Name: It is possible to execute arbitrary code on the remote Windows host using Dir...
File: smb_nt_ms09-028.nasl - Type: ACT_GATHER_INFO
2009-07-07 Name: The remote Windows host is missing a security update containing ActiveX kill ...
File: smb_kb_972890.nasl - Type: ACT_GATHER_INFO
2008-10-15 Name: A local user can elevate his privileges on the remote host.
File: smb_nt_ms08-061.nasl - Type: ACT_GATHER_INFO
2008-09-10 Name: Arbitrary code can be executed on the remote host through Media Player.
File: smb_nt_ms08-053.nasl - Type: ACT_GATHER_INFO
2008-09-10 Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r...
File: smb_nt_ms08-052.nasl - Type: ACT_GATHER_INFO
2008-06-10 Name: An unauthenticated attacker can crash the remote host.
File: smb_nt_ms08-036.nasl - Type: ACT_GATHER_INFO
2007-11-06 Name: The remote Mac OS X host contains an application that is affected by multiple...
File: macosx_Quicktime73.nasl - Type: ACT_GATHER_INFO
2007-11-06 Name: The remote Windows host contains an application that is affected by multiple ...
File: quicktime_73.nasl - Type: ACT_GATHER_INFO
2006-06-13 Name: It is possible to execute code on the remote host.
File: smb_nt_ms06-030.nasl - Type: ACT_GATHER_INFO