Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2006-06-13 |
| Product | Windows Xp | Last view | 2010-05-07 |
| Version | - | Type | Os |
| Update | sp2 | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:microsoft:windows_xp | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 6.4 | 2010-05-07 | CVE-2010-1690 | The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier, Windows XP SP3 and earlier, Windows Server 2003 SP2 and earlier, Windows Server 2008 SP2 and earlier, Windows Server 2008 R2, Exchange Server 2003 SP3 and earlier, Exchange Server 2007 SP2 and earlier, and Exchange Server 2010 does not verify that transaction IDs of responses match transaction IDs of queries, which makes it easier for man-in-the-middle attackers to spoof DNS responses, a different vulnerability than CVE-2010-0024 and CVE-2010-0025. |
| 6.4 | 2010-05-07 | CVE-2010-1689 | The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier, Windows XP SP3 and earlier, Windows Server 2003 SP2 and earlier, Windows Server 2008 SP2 and earlier, Windows Server 2008 R2, Exchange Server 2003 SP3 and earlier, Exchange Server 2007 SP2 and earlier, and Exchange Server 2010 uses predictable transaction IDs that are formed by incrementing a previous ID by 1, which makes it easier for man-in-the-middle attackers to spoof DNS responses, a different vulnerability than CVE-2010-0024 and CVE-2010-0025. |
| 5 | 2010-04-14 | CVE-2010-0025 | The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server 2000 SP3, does not properly allocate memory for SMTP command replies, which allows remote attackers to read fragments of e-mail messages by sending a series of invalid commands and then sending a STARTTLS command, aka "SMTP Memory Allocation Vulnerability." |
| 5 | 2010-04-14 | CVE-2010-0024 | The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server 2003 SP2, does not properly parse MX records, which allows remote DNS servers to cause a denial of service (service outage) via a crafted response to a DNS MX record query, aka "SMTP Server MX Record Vulnerability." |
| 9.3 | 2010-02-10 | CVE-2010-0250 | Heap-based buffer overflow in DirectShow in Microsoft DirectX, as used in the AVI Filter on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2, and in Quartz on Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, allows remote attackers to execute arbitrary code via an AVI file with a crafted length field in an unspecified video stream, which is not properly handled by the RLE video decompressor, aka "DirectShow Heap Overflow Vulnerability." |
| 9.3 | 2009-12-12 | CVE-2009-4313 | ir32_32.dll 3.24.15.3 in the Indeo32 codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service (heap corruption) or execute arbitrary code via malformed data in a stream in a media file, as demonstrated by an AVI file. |
| 9.3 | 2009-12-12 | CVE-2009-4312 | Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Dave Lenoe of Adobe. |
| 9.3 | 2009-12-12 | CVE-2009-4311 | Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Paul Byrne of NGS Software. NOTE: this might overlap CVE-2008-3615. |
| 9.3 | 2009-12-12 | CVE-2009-4310 | Stack-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted compressed video data in an IV41 stream in a media file, leading to many loop iterations, as demonstrated by data in an AVI file. |
| 9.3 | 2009-12-12 | CVE-2009-4309 | Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 stream in a media file, as demonstrated by an AVI file. |
| 9.3 | 2009-12-12 | CVE-2009-4210 | The Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted media content. |
| 9.3 | 2009-09-08 | CVE-2009-2519 | The DHTML Editing Component ActiveX control in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly format HTML markup, which allows remote attackers to execute arbitrary code via a crafted web site that triggers "system state" corruption, aka "DHTML Editing Component ActiveX Control Vulnerability." |
| 8.5 | 2009-09-08 | CVE-2009-2499 | Microsoft Windows Media Format Runtime 9.0, 9.5, and 11; and Microsoft Media Foundation on Windows Vista Gold, SP1, and SP2 and Server 2008; allows remote attackers to execute arbitrary code via an MP3 file with crafted metadata that triggers memory corruption, aka "Windows Media Playback Memory Corruption Vulnerability." |
| 9.3 | 2009-09-08 | CVE-2009-2498 | Microsoft Windows Media Format Runtime 9.0, 9.5, and 11 and Windows Media Services 9.1 and 2008 do not properly parse malformed headers in Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted (1) .asf, (2) .wmv, or (3) .wma file, aka "Windows Media Header Parsing Invalid Free Vulnerability." |
| 9.3 | 2009-09-08 | CVE-2009-1920 | The JScript scripting engine 5.1, 5.6, 5.7, and 5.8 in JScript.dll in Microsoft Windows, as used in Internet Explorer, does not properly load decoded scripts into memory before execution, which allows remote attackers to execute arbitrary code via a crafted web site that triggers memory corruption, aka "JScript Remote Code Execution Vulnerability." |
| 10 | 2009-08-12 | CVE-2009-2494 | The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via vectors related to erroneous free operations after reading a variant from a stream and deleting this variant, aka "ATL Object Type Mismatch Vulnerability." |
| 10 | 2009-08-12 | CVE-2009-1930 | The Telnet service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote Telnet servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, aka "Telnet Credential Reflection Vulnerability," a related issue to CVE-2000-0834. |
| 9.3 | 2009-08-12 | CVE-2009-1929 | Heap-based buffer overflow in the Microsoft Terminal Services Client ActiveX control running RDP 6.1 on Windows XP SP2, Vista SP1 or SP2, or Server 2008 Gold or SP2; or 5.2 or 6.1 on Windows XP SP3; allows remote attackers to execute arbitrary code via unspecified parameters to unknown methods, aka "Remote Desktop Connection ActiveX Control Heap Overflow Vulnerability." |
| 6.9 | 2009-08-12 | CVE-2009-1922 | The Message Queuing (aka MSMQ) service for Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP2, and Vista Gold does not properly validate unspecified IOCTL request data from user mode before passing this data to kernel mode, which allows local users to gain privileges via a crafted request, aka "MSMQ Null Pointer Vulnerability." |
| 8.5 | 2009-08-12 | CVE-2009-1546 | Integer overflow in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows allows remote attackers to execute arbitrary code on a Windows 2000 SP4 system via a crafted AVI file, or cause a denial of service on a Windows XP SP2 or SP3, Server 2003 SP2, Vista Gold, SP1, or SP2, or Server 2008 Gold or SP2 system via a crafted AVI file, aka "AVI Integer Overflow Vulnerability." |
| 9.3 | 2009-08-12 | CVE-2009-1545 | Unspecified vulnerability in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a malformed header in a crafted AVI file, aka "Malformed AVI Header Vulnerability." |
| 9 | 2009-08-12 | CVE-2009-1544 | Double free vulnerability in the Workstation service in Microsoft Windows allows remote authenticated users to gain privileges via a crafted RPC message to a Windows XP SP2 or SP3 or Server 2003 SP2 system, or cause a denial of service via a crafted RPC message to a Vista Gold, SP1, or SP2 or Server 2008 Gold or SP2 system, aka "Workstation Service Memory Corruption Vulnerability." |
| 9.3 | 2009-08-12 | CVE-2009-1133 | Heap-based buffer overflow in Microsoft Remote Desktop Connection (formerly Terminal Services Client) running RDP 5.0 through 6.1 on Windows, and Remote Desktop Connection Client for Mac 2.0, allows remote attackers to execute arbitrary code via unspecified parameters, aka "Remote Desktop Connection Heap Overflow Vulnerability." |
| 4.6 | 2009-08-03 | CVE-2009-2653 | ** DISPUTED ** The NtUserConsoleControl function in win32k.sys in Microsoft Windows XP SP2 and SP3, and Server 2003 before SP1, allows local administrators to bypass unspecified "security software" and gain privileges via a crafted call that triggers an overwrite of an arbitrary memory location. NOTE: the vendor disputes the significance of this report, stating that 'the Administrator to SYSTEM "escalation" is not a security boundary we defend.' |
| 9.3 | 2009-07-29 | CVE-2009-1919 | Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly handle attempts to access deleted objects in memory, which allows remote attackers to execute arbitrary code via an HTML document containing embedded style sheets that modify unspecified rule properties that cause the behavior element to be "improperly processed," aka "Uninitialized Memory Corruption Vulnerability." |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 32% (13) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 30% (12) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 10% (4) | CWE-264 | Permissions, Privileges, and Access Controls |
| 10% (4) | CWE-20 | Improper Input Validation |
| 5% (2) | CWE-399 | Resource Management Errors |
| 5% (2) | CWE-189 | Numeric Errors |
| 2% (1) | CWE-310 | Cryptographic Issues |
| 2% (1) | CWE-255 | Credentials Management |
| 2% (1) | CWE-200 | Information Exposure |
CAPEC : Common Attack Pattern Enumeration & Classification
| id | Name |
|---|---|
| CAPEC-3 | Using Leading 'Ghost' Character Sequences to Bypass Input Filters |
| CAPEC-7 | Blind SQL Injection |
| CAPEC-8 | Buffer Overflow in an API Call |
| CAPEC-9 | Buffer Overflow in Local Command-Line Utilities |
| CAPEC-10 | Buffer Overflow via Environment Variables |
| CAPEC-13 | Subverting Environment Variable Values |
| CAPEC-14 | Client-side Injection-induced Buffer Overflow |
| CAPEC-18 | Embedding Scripts in Nonscript Elements |
| CAPEC-22 | Exploiting Trust in Client (aka Make the Client Invisible) |
| CAPEC-24 | Filter Failure through Buffer Overflow |
| CAPEC-28 | Fuzzing |
| CAPEC-31 | Accessing/Intercepting/Modifying HTTP Cookies |
| CAPEC-32 | Embedding Scripts in HTTP Query Strings |
| CAPEC-42 | MIME Conversion |
| CAPEC-43 | Exploiting Multiple Input Interpretation Layers |
| CAPEC-45 | Buffer Overflow via Symbolic Links |
| CAPEC-46 | Overflow Variables and Tags |
| CAPEC-47 | Buffer Overflow via Parameter Expansion |
| CAPEC-52 | Embedding NULL Bytes |
| CAPEC-53 | Postfix, Null Terminate, and Backslash |
| CAPEC-63 | Simple Script Injection |
| CAPEC-64 | Using Slashes and URL Encoding Combined to Bypass Validation Logic |
| CAPEC-66 | SQL Injection |
| CAPEC-67 | String Format Overflow in syslog() |
| CAPEC-71 | Using Unicode Encoding to Bypass Validation Logic |
SAINT Exploits
| Description | Link |
|---|---|
| Visual Studio Active Template Library object type mismatch vulnerability | More info here |
| Windows Telnet credential reflection | More info here |
| Microsoft DirectShow Video Streaming ActiveX IMPEG2TuneRequest Overflow | More info here |
| Windows Media Encoder 9 wmex.dll ActiveX buffer overflow | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 64794 | Microsoft Multiple Products smtpsvc.dll DNS Implementation Predictable Transa... |
| 64793 | Microsoft Multiple Products smtpsvc.dll DNS Implementation ID Transaction Ver... |
| 63739 | Microsoft Windows SMTP / Exchange Server Malformed Command Sequence Remote In... |
| 63738 | Microsoft Windows SMTP / Exchange Server DNS Mail Exchanger (MX) Resource Rec... |
| 62257 | Microsoft Windows DirectShow AVI File Decompression Overflow |
| 61037 | Microsoft Windows Indeo Codec Crafted Media Content Arbitrary Code Execution ... |
| 61036 | Microsoft Windows Indeo Codec Crafted Media Content Arbitrary Code Execution ... |
| 60858 | Microsoft Windows Intel Indeo32 Codec (ir32_32.dll) IV32 FourCC Code Handling... |
| 60857 | Microsoft Windows Indeo Codec Unspecified Memory Corruption |
| 60856 | Microsoft Windows Intel Indeo41 Codec IV41 Stream Video Decompression Overflow |
| 60855 | Microsoft Windows Intel Indeo41 Codec IV41 movi Record Handling Overflow |
| 57804 | Microsoft JScript Scripting Engine Memory Corruption Arbitrary Code Execution |
| 57803 | Microsoft Windows Media MP3 File Handling Memory Corruption |
| 57802 | Microsoft Windows Media ASF Header Parsing Invalid Free Arbitrary Code Execution |
| 57798 | Microsoft Windows DHTML Editing Component ActiveX Arbitrary Code Execution |
| 56912 | Microsoft Windows Terminal Services Client ActiveX Unspecified Overflow |
| 56911 | Microsoft Remote Desktop Server (RDS) mstscax.dll Packet Parsing Remote Overflow |
| 56910 | Microsoft Visual Studio Active Template Library (ATL) Header Mismatch Remote ... |
| 56909 | Microsoft Windows AVI Media File Parsing Unspecified Overflow |
| 56908 | Microsoft Windows Malformed AVI Header Parsing Arbitrary Code Execution |
| 56904 | Microsoft Windows Telnet NTLM Credential Reflection Remote Access |
| 56902 | Microsoft Windows Workstation Service NetrGetJoinInformation Function Local M... |
| 56901 | Microsoft Windows Message Queuing Service (MSMQ) mqac.sys IOCTL Request Parsi... |
| 56780 | Microsoft Windows win32k.sys NtUserConsoleControl Function Memory Manipulatio... |
| 56695 | Microsoft IE HTML Embedded CSS Property Modification Memory Corruption |
OpenVAS Exploits
| id | Description |
|---|---|
| 2011-01-18 | Name : Microsoft Products GDI Plus Remote Code Execution Vulnerabilities (954593) File : nvt/gb_ms08-052.nasl |
| 2011-01-10 | Name : Microsoft Pragmatic General Multicast (PGM) Denial of Service Vulnerability ... File : nvt/gb_ms08-036.nasl |
| 2010-05-05 | Name : Microsoft Windows SMTP Server DNS spoofing vulnerability File : nvt/gb_ms_smtp_dns_spoofing_vulnerability.nasl |
| 2010-04-23 | Name : Microsoft Exchange and Windows SMTP Service Denial of Service Vulnerability (... File : nvt/secpod_ms10-024.nasl |
| 2010-04-22 | Name : Microsoft Windows SMTP Server MX Record Denial of Service Vulnerability File : nvt/gb_ms10_024.nasl |
| 2010-02-10 | Name : Microsoft DirectShow Remote Code Execution Vulnerability (977935) File : nvt/secpod_ms10-013.nasl |
| 2009-12-17 | Name : Microsoft Windows Indeo Codec Multiple Vulnerabilities File : nvt/gb_ms_indeo_codec_mult_vuln.nasl |
| 2009-09-10 | Name : Microsoft Windows Media Format Remote Code Execution Vulnerability (973812) File : nvt/secpod_ms09-047.nasl |
| 2009-09-10 | Name : Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability... File : nvt/secpod_ms09-046.nasl |
| 2009-09-10 | Name : Microsoft JScript Scripting Engine Remote Code Execution Vulnerability (971961) File : nvt/secpod_ms09-045.nasl |
| 2009-08-14 | Name : Vulnerabilities in Microsoft ATL Could Allow Remote Code Execution (973908) File : nvt/secpod_ms09-037.nasl |
| 2009-08-13 | Name : Microsoft Windows Message Queuing Privilege Escalation Vulnerability (971032) File : nvt/secpod_ms09-040.nasl |
| 2009-08-12 | Name : Microsoft Windows AVI Media File Parsing Vulnerabilities (971557) File : nvt/secpod_ms09-038.nasl |
| 2009-08-12 | Name : Vulnerability in Workstation Service Could Allow Elevation of Privilege (971657) File : nvt/secpod_ms09-041.nasl |
| 2009-08-12 | Name : Telnet NTLM Credential Reflection Authentication Bypass Vulnerability (960859) File : nvt/secpod_ms09-042.nasl |
| 2009-08-12 | Name : Microsoft Remote Desktop Connection Remote Code Execution Vulnerability (969706) File : nvt/secpod_ms09-044.nasl |
| 2009-08-11 | Name : Microsoft Windows Kernel win32k.sys Privilege Escalation Vulnerability File : nvt/gb_ms_win_kernel_win32k_sys_priv_esc_vuln.nasl |
| 2009-07-29 | Name : Cumulative Security Update for Internet Explorer (972260) File : nvt/secpod_ms09-034.nasl |
| 2009-07-15 | Name : Microsoft DirectShow Remote Code Execution Vulnerability (961373) File : nvt/secpod_ms09-028.nasl |
| 2009-07-09 | Name : Microsoft Video ActiveX Control 'msvidctl.dll' BOF Vulnerability File : nvt/gb_ms_video_actvx_bof_vuln_jul09.nasl |
| 2008-10-15 | Name : Windows Kernel Elevation of Privilege Vulnerability (954211) File : nvt/secpod_ms08-061_900051.nasl |
| 2008-09-10 | Name : Windows Media Encoder 9 Remote Code Execution Vulnerability (954156) File : nvt/secpod_ms08-053_900044.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2010-B-0029 | Multiple Vulnerabilities in Microsoft Exchange and Windows SMTP Service Severity: Category II - VMSKEY: V0023955 |
| 2010-A-0025 | Microsoft DirectShow Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0022679 |
| 2009-B-0069 | Multiple Vulnerabilities in Indeo Codec affecting Microsoft Windows Severity: Category II - VMSKEY: V0022163 |
| 2009-A-0074 | Microsoft JScript Scripting Engine Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0019914 |
| 2009-A-0075 | Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0019915 |
| 2009-A-0076 | Multiple Vulnerabilities in Microsoft Windows Media Format Severity: Category II - VMSKEY: V0019916 |
| 2009-B-0037 | Microsoft Telnet Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0019879 |
| 2009-B-0035 | Microsoft Windows Workstation Service Elevation of Privilege Vulnerability Severity: Category II - VMSKEY: V0019880 |
| 2009-A-0067 | Multiple Vulnerabilities in Microsoft Active Template Library Severity: Category II - VMSKEY: V0019882 |
| 2009-A-0071 | Multiple Vulnerabilities in Microsoft Remote Desktop Connection Severity: Category II - VMSKEY: V0019884 |
| 2008-T-0053 | WinZip gdiplus.dll Microsoft Module Unspecified Security Vulnerability Severity: Category II - VMSKEY: V0017532 |
| 2008-B-0057 | Microsoft Windows Media Encoder Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0017344 |
| 2008-T-0025 | Microsoft Pragmatic General Multicast (PGM) Denial of Service Vulnerabilities Severity: Category I - VMSKEY: V0016038 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2019-10-17 | Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt RuleID : 51557 - Type : OS-WINDOWS - Revision : 1 |
| 2019-10-17 | Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt RuleID : 51556 - Type : OS-WINDOWS - Revision : 1 |
| 2019-10-17 | Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt RuleID : 51555 - Type : OS-WINDOWS - Revision : 1 |
| 2019-09-05 | Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt RuleID : 50893 - Type : FILE-MULTIMEDIA - Revision : 1 |
| 2019-09-05 | Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt RuleID : 50892 - Type : FILE-MULTIMEDIA - Revision : 1 |
| 2017-10-10 | Microsoft DirectShow memory corruption attempt RuleID : 44306 - Type : OS-WINDOWS - Revision : 2 |
| 2017-10-10 | Microsoft DirectShow memory corruption attempt RuleID : 44305 - Type : OS-WINDOWS - Revision : 2 |
| 2017-08-23 | Microsoft Internet Explorer GDI VML gradient size heap overflow attempt RuleID : 43622 - Type : BROWSER-IE - Revision : 1 |
| 2017-07-25 | Microsoft Windows DirectX directshow wav file overflow attempt RuleID : 43270 - Type : FILE-MULTIMEDIA - Revision : 1 |
| 2017-07-25 | Microsoft Windows DirectX directshow wav file overflow attempt RuleID : 43269 - Type : FILE-MULTIMEDIA - Revision : 1 |
| 2014-01-10 | Microsoft Internet Explorer DHTML Editing ActiveX clsid access RuleID : 4148 - Type : BROWSER-PLUGINS - Revision : 23 |
| 2016-04-19 | DCERPC Direct detection of malicious DCE RPC request in suspicious pcap RuleID : 38264 - Type : OS-WINDOWS - Revision : 1 |
| 2016-03-14 | Microsoft Internet Explorer DHTML Editing ActiveX clsid access RuleID : 36783 - Type : BROWSER-PLUGINS - Revision : 3 |
| 2016-03-14 | Microsoft Internet Explorer DHTML Editing ActiveX clsid access RuleID : 36782 - Type : BROWSER-PLUGINS - Revision : 3 |
| 2014-11-16 | Apple QuickTime pict image poly structure memory corruption attempt RuleID : 31309 - Type : FILE-MULTIMEDIA - Revision : 5 |
| 2014-11-16 | Apple QuickTime pict image poly structure memory corruption attempt RuleID : 31308 - Type : FILE-MULTIMEDIA - Revision : 5 |
| 2014-02-21 | Apple QuickTime pict image poly structure memory corruption attempt RuleID : 29436 - Type : FILE-MULTIMEDIA - Revision : 3 |
| 2014-02-21 | Apple QuickTime pict image poly structure memory corruption attempt RuleID : 29435 - Type : FILE-MULTIMEDIA - Revision : 3 |
| 2014-01-10 | Microsoft Windows Media Encoder 9 ActiveX function call access RuleID : 27800 - Type : BROWSER-PLUGINS - Revision : 2 |
| 2014-01-10 | Apple QuickTime pict image poly structure memory corruption attempt RuleID : 26472 - Type : FILE-MULTIMEDIA - Revision : 5 |
| 2014-01-10 | Microsoft GDI EMF malformed file buffer overflow attempt RuleID : 25502 - Type : FILE-MULTIMEDIA - Revision : 4 |
| 2014-01-10 | Microsoft Windows Media encryption sample ID header RCE attempt RuleID : 23576 - Type : FILE-MULTIMEDIA - Revision : 5 |
| 2014-01-10 | Microsoft Windows Media encryption sample ID header RCE attempt RuleID : 23575 - Type : FILE-MULTIMEDIA - Revision : 5 |
| 2014-01-10 | Microsoft Windows Media pixel aspect ratio header RCE attempt RuleID : 23574 - Type : FILE-MULTIMEDIA - Revision : 5 |
| 2014-01-10 | Microsoft Windows Media content type header RCE attempt RuleID : 23573 - Type : FILE-MULTIMEDIA - Revision : 5 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2018-04-03 | Name: The remote mail server may be affected by multiple vulnerabilities. File: exchange_ms10-024.nasl - Type: ACT_GATHER_INFO |
| 2010-04-13 | Name: The remote mail server may be affected by multiple vulnerabilities. File: smtp_kb981832.nasl - Type: ACT_GATHER_INFO |
| 2010-04-13 | Name: The remote mail server may be affected by multiple vulnerabilities. File: smb_nt_ms10-024.nasl - Type: ACT_GATHER_INFO |
| 2010-02-09 | Name: It is possible to execute arbitrary code on the remote Windows host using Dir... File: smb_nt_ms10-013.nasl - Type: ACT_GATHER_INFO |
| 2009-12-09 | Name: The remote host is missing a security update that mitigates multiple vulnerab... File: smb_kb_955759.nasl - Type: ACT_GATHER_INFO |
| 2009-09-08 | Name: Arbitrary code can be executed on the remote host through opening a Windows M... File: smb_nt_ms09-047.nasl - Type: ACT_GATHER_INFO |
| 2009-09-08 | Name: Arbitrary code can be executed on the remote host through an ActiveX control. File: smb_nt_ms09-046.nasl - Type: ACT_GATHER_INFO |
| 2009-09-08 | Name: Arbitrary code can be executed on the remote host through the web or email cl... File: smb_nt_ms09-045.nasl - Type: ACT_GATHER_INFO |
| 2009-08-11 | Name: Arbitrary code can be executed on the remote host through Microsoft Active Te... File: smb_nt_ms09-037.nasl - Type: ACT_GATHER_INFO |
| 2009-08-11 | Name: It is possible to execute arbitrary code on the remote host. File: smb_nt_ms09-044.nasl - Type: ACT_GATHER_INFO |
| 2009-08-11 | Name: Arbitrary code can be executed on the remote host through the remote Telnet c... File: smb_nt_ms09-042.nasl - Type: ACT_GATHER_INFO |
| 2009-08-11 | Name: Users can elevate their privileges on the remote host. File: smb_nt_ms09-041.nasl - Type: ACT_GATHER_INFO |
| 2009-08-11 | Name: Users can elevate their privileges on the remote host. File: smb_nt_ms09-040.nasl - Type: ACT_GATHER_INFO |
| 2009-08-11 | Name: Arbitrary code can be executed on the remote host through Windows Media file ... File: smb_nt_ms09-038.nasl - Type: ACT_GATHER_INFO |
| 2009-08-11 | Name: Arbitrary code can be executed on the remote host through Microsoft Remote De... File: macosx_rdesktop.nasl - Type: ACT_GATHER_INFO |
| 2009-07-28 | Name: Arbitrary code can be executed on the remote host through a web browser. File: smb_nt_ms09-034.nasl - Type: ACT_GATHER_INFO |
| 2009-07-14 | Name: It is possible to execute arbitrary code on the remote Windows host using Dir... File: smb_nt_ms09-028.nasl - Type: ACT_GATHER_INFO |
| 2009-07-07 | Name: The remote Windows host is missing a security update containing ActiveX kill ... File: smb_kb_972890.nasl - Type: ACT_GATHER_INFO |
| 2008-10-15 | Name: A local user can elevate his privileges on the remote host. File: smb_nt_ms08-061.nasl - Type: ACT_GATHER_INFO |
| 2008-09-10 | Name: Arbitrary code can be executed on the remote host through Media Player. File: smb_nt_ms08-053.nasl - Type: ACT_GATHER_INFO |
| 2008-09-10 | Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r... File: smb_nt_ms08-052.nasl - Type: ACT_GATHER_INFO |
| 2008-06-10 | Name: An unauthenticated attacker can crash the remote host. File: smb_nt_ms08-036.nasl - Type: ACT_GATHER_INFO |
| 2007-11-06 | Name: The remote Mac OS X host contains an application that is affected by multiple... File: macosx_Quicktime73.nasl - Type: ACT_GATHER_INFO |
| 2007-11-06 | Name: The remote Windows host contains an application that is affected by multiple ... File: quicktime_73.nasl - Type: ACT_GATHER_INFO |
| 2006-06-13 | Name: It is possible to execute code on the remote host. File: smb_nt_ms06-030.nasl - Type: ACT_GATHER_INFO |
