This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 1999-11-01
Product Ie Last view 2012-03-09
Version 11 Type
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:* 119
cpe:2.3:a:microsoft:ie:6.0:sp2:*:*:*:*:*:* 49
cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1:*:*:*:*:*:* 43
cpe:2.3:a:microsoft:ie:6:windows_xp_sp2:*:*:*:*:*:* 20
cpe:2.3:a:microsoft:ie:5.0:*:windows_98:*:*:*:*:* 14
cpe:2.3:a:microsoft:ie:5.0:*:windows_95:*:*:*:*:* 14
cpe:2.3:a:microsoft:ie:6:sp1:windows_xpsp1:*:*:*:*:* 13
cpe:2.3:a:microsoft:ie:6:*:windows_xp_professional_64bit:*:*:*:*:* 13
cpe:2.3:a:microsoft:ie:5.0.1:*:windows_2000:*:*:*:*:* 12
cpe:2.3:a:microsoft:ie:5.0.1:*:windows_nt_4.0:*:*:*:*:* 12
cpe:2.3:a:microsoft:ie:7.0:*:vista:*:*:*:*:* 12
cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1_itanium:*:*:*:*:*:* 12
cpe:2.3:a:microsoft:ie:5:*:windows_nt_4.0:*:*:*:*:* 12
cpe:2.3:a:microsoft:ie:4.0:*:windows_nt:*:*:*:*:* 12
cpe:2.3:a:microsoft:ie:6:windows_2000_sp4:*:*:*:*:*:* 12
cpe:2.3:a:microsoft:ie:5.0.1:*:windows_98:*:*:*:*:* 12
cpe:2.3:a:microsoft:ie:5.0.1:*:windows_95:*:*:*:*:* 12
cpe:2.3:a:microsoft:ie:5.01:windows_2000_sp4:*:*:*:*:*:* 12
cpe:2.3:a:microsoft:ie:5.x:*:*:*:*:*:*:* 11
cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1_itanium_systems:*:*:*:*:*:* 11
cpe:2.3:a:microsoft:ie:4.0:*:windows_98:*:*:*:*:* 11
cpe:2.3:a:microsoft:ie:5.0:sp1:*:*:*:*:*:* 10
cpe:2.3:a:microsoft:ie:5.0:sp4:*:*:*:*:*:* 10
cpe:2.3:a:microsoft:ie:5.1:*:mac_os:*:*:*:*:* 10
cpe:2.3:a:microsoft:ie:6:sp1:windows_millennium:*:*:*:*:* 10
cpe:2.3:a:microsoft:ie:6:sp1:windows_98:*:*:*:*:* 10
cpe:2.3:a:microsoft:ie:4.0.1:*:windows_98:*:*:*:*:* 10
cpe:2.3:a:microsoft:ie:4.0.1:*:windows_nt:*:*:*:*:* 10
cpe:2.3:a:microsoft:ie:5.0:*:windows_2000:*:*:*:*:* 10
cpe:2.3:a:microsoft:ie:6:sp1:windows_98_se:*:*:*:*:* 10
cpe:2.3:a:microsoft:ie:4.x:*:*:*:*:*:*:* 9
cpe:2.3:a:microsoft:ie:4.0.1:*:windows_95:*:*:*:*:* 9
cpe:2.3:a:microsoft:ie:5.22:*:*:*:*:*:*:* 9
cpe:2.3:a:microsoft:ie:6:*:windows_2000:*:*:*:*:* 9
cpe:2.3:a:microsoft:ie:5.2.3:*:macintosh:*:*:*:*:* 9
cpe:2.3:a:microsoft:ie:4.1:*:windows_nt_4.0:*:*:*:*:* 9
cpe:2.3:a:microsoft:ie:4.1:*:windows_95:*:*:*:*:* 9
cpe:2.3:a:microsoft:ie:4.0:a_mac_os:*:*:*:*:*:* 8
cpe:2.3:a:microsoft:ie:4.5:*:macintosh:*:*:*:*:* 8
cpe:2.3:a:microsoft:ie:6:*:windows_server_2003:*:*:*:*:* 8
cpe:2.3:a:microsoft:ie:3.1:*:mac_os:*:*:*:*:* 8
cpe:2.3:a:microsoft:ie:5.0_ta3:*:*:*:*:*:*:* 8
cpe:2.3:a:microsoft:ie:4.1:*:windows_98:*:*:*:*:* 8
cpe:2.3:a:microsoft:ie:6:*:microsoft_windows_server_2003_sp1:*:*:*:*:* 8
cpe:2.3:a:microsoft:ie:6.0:*:windows_server_2003:*:*:*:*:* 8
cpe:2.3:a:microsoft:ie:3.0:*:mac_os:*:*:*:*:* 8
cpe:2.3:a:microsoft:ie:4.0:a:*:*:*:*:*:* 7
cpe:2.3:a:microsoft:ie:5.0:*:windows_nt_4.0:*:*:*:*:* 7
cpe:2.3:a:microsoft:ie:4.0:*:mac_os:*:*:*:*:* 7
cpe:2.3:a:microsoft:ie:5.0:*:macos:*:*:*:*:* 7

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
5.8 2012-03-09 CVE-2012-1545

Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, allows remote attackers to bypass Protected Mode or cause a denial of service (memory corruption) by leveraging access to a Low integrity process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012.

5 2011-12-07 CVE-2010-5071

The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method.

4.3 2011-12-07 CVE-2002-2435

The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264.

4.3 2011-06-03 CVE-2011-2383

Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: URL that redirects to a file: URL, as demonstrated by a Facebook game, related to a "cookiejacking" issue, aka "Drag and Drop Information Disclosure Vulnerability." NOTE: this vulnerability exists because of an incomplete fix in the Internet Explorer 9 release.

4.3 2011-06-03 CVE-2011-2382

Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file: URL, as demonstrated by a Facebook game, related to a "cookiejacking" issue.

4.3 2010-06-01 CVE-2010-2118

Microsoft Internet Explorer 6.0.2900.2180 and 8.0.7600.16385 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs.

5 2010-05-20 CVE-2010-1991

Microsoft Internet Explorer 6.0.2900.2180, 7, and 8.0.7600.16385 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements.

5 2009-11-16 CVE-2009-3943

Microsoft Internet Explorer 6 through 6.0.2900.2180 and 7 through 7.0.6000.16711 allows remote attackers to cause a denial of service (application hang) via a JavaScript loop that configures the home page by using the setHomePage method and a DHTML behavior property.

5 2009-09-18 CVE-2009-3267

Microsoft Internet Explorer 6 through 6.0.2900.2180, and 7.0.6000.16711, allows remote attackers to cause a denial of service (CPU consumption) via an automatically submitted form containing a KEYGEN element, a related issue to CVE-2009-1828.

5 2009-07-22 CVE-2009-2576

Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a long Unicode string argument to the write method, a related issue to CVE-2009-2479. NOTE: it was later reported that 7.0.6000.16473 and earlier are also affected.

4.3 2009-07-10 CVE-2009-2433

Stack-based buffer overflow in the AddFavorite method in Microsoft Internet Explorer allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a long URL in the first argument.

5.8 2009-06-15 CVE-2009-2069

Microsoft Internet Explorer before 8 displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, and then sending the browser a crafted 502 response page upon a subsequent request.

5.8 2009-06-15 CVE-2009-2057

Microsoft Internet Explorer before 8 uses the HTTP Host header to determine the context of a document provided in a (1) 4xx or (2) 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampering" attack.

9.3 2009-04-15 CVE-2009-0552

Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 on Windows XP SP2 and SP3, and 6 on Windows Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in memory that was (1) not properly initialized or (2) deleted, aka "Uninitialized Memory Corruption Vulnerability."

9.3 2008-05-18 CVE-2008-2281

Cross-zone scripting vulnerability in the Print Table of Links feature in Internet Explorer 6.0, 7.0, and 8.0b allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via an HTML document with a link containing JavaScript sequences, which are evaluated by a resource script when a user prints this document.

9.3 2008-04-08 CVE-2008-1085

Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 through SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream that triggers memory corruption, as demonstrated using an invalid MIME-type that does not have a registered handler.

9.3 2008-02-12 CVE-2008-0078

Unspecified vulnerability in an ActiveX control (dxtmsft.dll) in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via a crafted image, aka "Argument Handling Memory Corruption Vulnerability."

9.3 2008-02-12 CVE-2008-0076

Unspecified vulnerability in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via crafted HTML layout combinations, aka "HTML Rendering Memory Corruption Vulnerability."

6.8 2007-12-11 CVE-2007-5347

Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via "unexpected method calls to HTML objects," aka "DHTML Object Memory Corruption Vulnerability."

6.8 2007-12-11 CVE-2007-5344

Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via a crafted website using Javascript that creates, modifies, deletes, and accesses document objects using the tags property, which triggers heap corruption, related to uninitialized or deleted objects, a different issue than CVE-2007-3902 and CVE-2007-3903, and a variant of "Uninitialized Memory Corruption Vulnerability."

6.8 2007-12-11 CVE-2007-3903

Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via uninitialized or deleted objects used in repeated calls to the (1) cloneNode or (2) nodeValue JavaScript function, a different issue than CVE-2007-3902 and CVE-2007-5344, a variant of "Uninitialized Memory Corruption Vulnerability."

9.3 2007-12-11 CVE-2007-3902

Use-after-free vulnerability in the CRecalcProperty function in mshtml.dll in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code by calling the setExpression method and then modifying the outerHTML property of an HTML element, one variant of "Uninitialized Memory Corruption Vulnerability."

4.3 2007-09-12 CVE-2007-4848

Microsoft Internet Explorer 4.0 through 7 allows remote attackers to determine the existence of local files that have associated images via a res:// URI in the src property of a JavaScript Image object, as demonstrated by the URI for a bitmap image resource within a (1) .exe or (2) .dll file.

6.8 2007-08-14 CVE-2007-0943

Unspecified vulnerability in Internet Explorer 5.01 and 6 SP1 allows remote attackers to execute arbitrary code via crafted Cascading Style Sheets (CSS) strings that trigger memory corruption during parsing, related to use of out-of-bounds pointers.

7.8 2007-07-03 CVE-2007-3550

** DISPUTED ** Microsoft Internet Explorer 6.0 and 7.0 allows remote attackers to fill Zones with arbitrary domains using certain metacharacters such as wildcards via JavaScript, which results in a denial of service (website suppression and resource consumption), aka "Internet Explorer Zone Domain Specification Dos and Page Suppressing". NOTE: this issue has been disputed by a third party, who states that the zone settings cannot be manipulated.

CWE : Common Weakness Enumeration

%idName
22% (11) CWE-94 Failure to Control Generation of Code ('Code Injection')
16% (8) CWE-399 Resource Management Errors
16% (8) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
12% (6) CWE-20 Improper Input Validation
10% (5) CWE-264 Permissions, Privileges, and Access Controls
6% (3) CWE-200 Information Exposure
4% (2) CWE-362 Race Condition
4% (2) CWE-287 Improper Authentication
4% (2) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
2% (1) CWE-189 Numeric Errors

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-17 Accessing, Modifying or Executing Executable Files
CAPEC-30 Hijacking a Privileged Thread of Execution
CAPEC-35 Leverage Executable Code in Nonexecutable Files
CAPEC-41 Using Meta-characters in E-mail Headers to Inject Malicious Payloads
CAPEC-88 OS Command Injection
CAPEC-133 Try All Common Application Switches and Options

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:3573 Microsoft Data Access Components 2.1 Remote Data Services Buffer Overflow
oval:org.mitre.oval:def:294 Microsoft Data Access Components 2.6 Remote Data Services Buffer Overflow
oval:org.mitre.oval:def:2730 Microsoft Data Access Components 2.5 Remote Data Services Buffer Overflow
oval:org.mitre.oval:def:542 IE v5.5 Malformed PNG Image File Failure Vulnerability
oval:org.mitre.oval:def:393 IE v6.0 Malformed PNG Image File Failure Vulnerability
oval:org.mitre.oval:def:495 IE v5.5 Encoded Characters Information Disclosure Vulnerability
oval:org.mitre.oval:def:471 IE v5.01 Encoded Characters Information Disclosure Vulnerability
oval:org.mitre.oval:def:143 Microsoft IE Encoded Characters Information Disclosure
oval:org.mitre.oval:def:408 IE v5.5 Cross Domain Verification via Cached Methods Vulnerability
oval:org.mitre.oval:def:388 IE v6.0 Cross Domain Verification via Cached Methods Vulnerability
oval:org.mitre.oval:def:926 IE URLMON Buffer Overflow
oval:org.mitre.oval:def:963 IE File Upload Vulnerability
oval:org.mitre.oval:def:1094 IE plugin.ocx Heap Overflow
oval:org.mitre.oval:def:922 IE Slash Characters in Type Property Vulnerability
oval:org.mitre.oval:def:123 IE Improper Object Tag Handling
oval:org.mitre.oval:def:392 IE v6.0 (XP) ExecCommand Cross Domain Zone Restriction Bypass
oval:org.mitre.oval:def:349 IE v6.0,SP1 (Server 2003) ExecCommand Cross Domain Zone Restriction Bypass
oval:org.mitre.oval:def:344 IE v6.0,SP1 ExecCommand Cross Domain Zone Restriction Bypass
oval:org.mitre.oval:def:343 IE v5.5,SP2 ExecCommand Cross Domain Zone Restriction Bypass
oval:org.mitre.oval:def:342 IE v5.01,SP4 ExecCommand Cross Domain Zone Restriction Bypass
oval:org.mitre.oval:def:341 IE v5.01,SP3 ExecCommand Cross Domain Zone Restriction Bypass
oval:org.mitre.oval:def:335 IE v5.01,SP2 ExecCommand Cross Domain Zone Restriction Bypass
oval:org.mitre.oval:def:472 IE v6.0 (XP) Function Pointer Override Cross Domain Vulnerability
oval:org.mitre.oval:def:359 IE v6.0,SP1 (Server 2003) Function Pointer Override Cross Domain Vulnerability
oval:org.mitre.oval:def:357 IE v6.0,SP1 Function Pointer Override Cross Domain Vulnerability

SAINT Exploits

Description Link
Internet Explorer VML integer overflow More info here
Windows Task Scheduler buffer overflow More info here
Internet Explorer Javaprxy.dll heap overflow More info here
Internet Explorer createTextRange memory corruption More info here
Internet Explorer IFRAME buffer overflow More info here
Internet Explorer WebViewFolderIcon setSlice integer overflow More info here
Internet Explorer COM object instantiation vulnerability More info here
Internet Explorer DHTML object vulnerability More info here

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
77606 Microsoft IE JavaScript Implementation getComputedStyle Method Page Handling ...
72724 Microsoft IE Cookie Jacking Account Authentication Bypass
65110 Microsoft IE Invalid news / nntp URI IFRAME Element Handling Remote DoS
64786 Microsoft IE mailto: URL Multiple IFRAME Element Handling DoS
60401 Microsoft IE Crafted DHTML AnchorClick Attribute Handling Remote DoS
60198 Microsoft IE DHTML Property setHomePage Method JavaScript Loop Remote DoS
58397 Microsoft IE Auto Form Submission KEYGEN Element Remote DoS
56500 Common Controls Replacement Project (CCRP) FolderTreeview (FTV) ActiveX (ccrp...
56489 Microsoft IE Proxy Server CONNECT Response Cached Certificate Use MiTM HTTPS ...
56323 Microsoft IE Write Method Unicode String Argument Handling Remote DoS
55855 Microsoft IE AddFavorite Method URL Handling Remote DoS
55129 Microsoft IE HTTP Host Header Proxy Server CONNECT Response Document Context ...
53625 Microsoft IE Unitialized Object Memory Corruption Arbitrary Code Execution (2...
45814 Microsoft IE Arbitrary Website Zone Addition Domain Supression DoS
45437 Microsoft IE Location DOM Object Page Load Interruption Site/Certificate Spoo...
45259 Microsoft IE mshtml.dll Malformed IFRAME XML File / XSL Stylesheet Handling DoS
45248 Microsoft IE JavaScript onUnload Document Structure Modification DoS
45074 Microsoft IE Print Table of Links Cross-Zone Scripting
45000 Mozilla Firefox mailto: Scheme Handler Command Line Argument Injection
44205 Microsoft IE Data Stream Handling Memory Corruption
43521 Microsoft IE CSS :visited Attribute Browser History Disclosure
41467 Microsoft IE Image Processing Argument Validation Unspecified Memory Corruption
41465 Microsoft IE HTML Layout Rendering Unspecified Memory Corruption
41047 Microsoft IE mshtml Malformed HTML Tag DoS
39121 Microsoft IE DHTML Object Memory Corruption

ExploitDB Exploits

id Description
3652 MS Windows Animated Cursor (.ANI) Overflow Exploit (Hardware DEP)
3617 MS Windows Animated Cursor (.ANI) Stack Overflow Exploit

OpenVAS Exploits

id Description
2012-03-15 Name : Microsoft Internet Explorer Code Execution and DoS Vulnerabilities
File : nvt/gb_ms_ie_code_exec_n_dos_vuln.nasl
2011-12-09 Name : Microsoft Internet Explorer Multiple Information Disclosure Vulnerabilities
File : nvt/gb_ms_ie_mult_info_disc_vuln.nasl
2011-08-11 Name : Microsoft Internet Explorer Multiple Vulnerabilities (2559049)
File : nvt/secpod_ms11-057.nasl
2011-06-13 Name : Microsoft Internet Explorer Cookie Hijacking Vulnerability
File : nvt/gb_ms_ie9_cookie_hijacking_vuln.nasl
2011-06-13 Name : Microsoft Internet Explorer Cookie Hijacking Vulnerability
File : nvt/gb_ms_ie_cookie_hijacking_vuln.nasl
2011-01-14 Name : Microsoft Internet Explorer mshtml.dll Remote Memory Corruption Vulnerability...
File : nvt/gb_ms07-069.nasl
2011-01-13 Name : Microsoft Internet Explorer HTML Rendering Remote Memory Corruption Vulnerabi...
File : nvt/gb_ms08-010.nasl
2011-01-10 Name : Microsoft Internet Explorer Data Stream Handling Remote Code Execution Vulner...
File : nvt/gb_ms08-024.nasl
2010-07-08 Name : Cumulative Security Update for Internet Explorer (928090)
File : nvt/ms07-016.nasl
2010-07-08 Name : Cumulative Security Update for Internet Explorer (937143)
File : nvt/ms07-045.nasl
2010-07-08 Name : Cumulative Security Update for Internet Explorer (933566)
File : nvt/ms07-033.nasl
2010-07-08 Name : Cumulative Security Update for Internet Explorer (931768)
File : nvt/ms07-027.nasl
2010-07-08 Name : Microsoft Windows Vector Markup Language Vulnerabilities (929969)
File : nvt/ms07-004.nasl
2010-06-04 Name : Microsoft Internet Explorer 'IFRAME' Denial Of Service Vulnerability (June-10)
File : nvt/gb_ms_ie_iframe_dos_vuln_june10.nasl
2010-05-25 Name : Microsoft Internet Explorer 'IFRAME' Denial Of Service Vulnerability
File : nvt/secpod_ms_ie_iframe_dos_vuln.nasl
2009-11-20 Name : Microsoft Internet Denial Of Service Vulnerability - Nov09
File : nvt/secpod_ms_ie_dos_vuln_nov09.nasl
2009-09-22 Name : Internet Explorer 'KEYGEN' Element Denial Of Service Vulnerability
File : nvt/secpod_ms_ie_keygen_dos_vuln.nasl
2009-07-23 Name : Microsoft Internet Explorer Unicode String DoS Vulnerability
File : nvt/secpod_ms_ie_unicode_str_dos_vuln.nasl
2009-07-15 Name : Microsoft Internet Explorer Buffer Overflow Vulnerability - Jul09
File : nvt/gb_ms_ie_bof_vuln_jul09.nasl
2009-06-17 Name : Microsoft Internet Explorer Web Script Execution Vulnerabilites
File : nvt/secpod_ms_ie_web_script_exec_vuln_jun09.nasl
2009-04-15 Name : Microsoft Internet Explorer Remote Code Execution Vulnerability (963027)
File : nvt/secpod_ms09-014.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200507-14 (mozilla)
File : nvt/glsa_200507_14.nasl
2005-11-03 Name : Bofra Virus Detection
File : nvt/bofra_detect.nasl
2005-11-03 Name : IE 5.01 5.5 6.0 Cumulative patch (890923)
File : nvt/smb_nt_ms02-005.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2006-A-0042 Vulnerability in Windows Explorer
Severity: Category I - VMSKEY: V0012782

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 Microsoft Windows Vector Markup Language recolorinfo tag numcolors parameter ...
RuleID : 9849 - Type : OS-WINDOWS - Revision : 18
2014-01-10 Microsoft Windows Vector Markup Language recolorinfo tag numfills parameter b...
RuleID : 9848 - Type : OS-WINDOWS - Revision : 14
2014-01-10 TriEditDocument.TriEditDocument ActiveX clsid unicode access
RuleID : 9822 - Type : WEB-ACTIVEX - Revision : 5
2014-01-10 TriEditDocument.TriEditDocument ActiveX clsid access
RuleID : 9821 - Type : BROWSER-PLUGINS - Revision : 11
2014-01-10 Outlook Recipient Control ActiveX function call access
RuleID : 9670 - Type : BROWSER-PLUGINS - Revision : 9
2014-01-10 Outlook Recipient Control ActiveX clsid unicode access
RuleID : 9669 - Type : WEB-ACTIVEX - Revision : 6
2014-01-10 Outlook Recipient Control ActiveX clsid access
RuleID : 9668 - Type : BROWSER-PLUGINS - Revision : 11
2014-01-10 javaprxy.dll ActiveX clsid unicode access
RuleID : 9628 - Type : WEB-ACTIVEX - Revision : 7
2014-01-10 Microsoft Internet Explorer Swedish_Default Stemmer ActiveX clsid access
RuleID : 9478 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 Microsoft Internet Explorer DirectAnimation.DAArray.1 ActiveX function call a...
RuleID : 8845 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 DirectAnimation.DAArray.1 ActiveX CLSID unicode access
RuleID : 8844 - Type : WEB-ACTIVEX - Revision : 6
2014-01-10 Microsoft Internet Explorer DirectAnimation.DAArray.1 ActiveX clsid access
RuleID : 8843 - Type : BROWSER-PLUGINS - Revision : 16
2014-01-10 Microsoft Internet Explorer DirectAnimation.DABbox2.1 ActiveX function call a...
RuleID : 8842 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 DirectAnimation.DABbox2.1 ActiveX CLSID unicode access
RuleID : 8841 - Type : WEB-ACTIVEX - Revision : 6
2014-01-10 Microsoft Internet Explorer DirectAnimation.DABbox2.1 ActiveX clsid access
RuleID : 8840 - Type : BROWSER-PLUGINS - Revision : 16
2014-01-10 Microsoft Internet Explorer DirectAnimation.DABbox3.1 ActiveX function call a...
RuleID : 8839 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 DirectAnimation.DABbox3.1 ActiveX CLSID unicode access
RuleID : 8838 - Type : WEB-ACTIVEX - Revision : 6
2014-01-10 Microsoft Internet Explorer DirectAnimation.DABbox3.1 ActiveX clsid access
RuleID : 8837 - Type : BROWSER-PLUGINS - Revision : 16
2014-01-10 Microsoft Internet Explorer DirectAnimation.DABoolean.1 ActiveX function call...
RuleID : 8836 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 DirectAnimation.DABoolean.1 ActiveX CLSID unicode access
RuleID : 8835 - Type : WEB-ACTIVEX - Revision : 6
2014-01-10 Microsoft Internet Explorer DirectAnimation.DABoolean.1 ActiveX clsid access
RuleID : 8834 - Type : BROWSER-PLUGINS - Revision : 16
2014-01-10 Microsoft Internet Explorer DirectAnimation.DACamera.1 ActiveX function call ...
RuleID : 8833 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 DirectAnimation.DACamera.1 ActiveX CLSID unicode access
RuleID : 8832 - Type : WEB-ACTIVEX - Revision : 6
2014-01-10 Microsoft Internet Explorer DirectAnimation.DACamera.1 ActiveX clsid access
RuleID : 8831 - Type : BROWSER-PLUGINS - Revision : 16
2014-01-10 Microsoft Internet Explorer DirectAnimation.DAColor.1 ActiveX function call a...
RuleID : 8830 - Type : BROWSER-PLUGINS - Revision : 15

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2011-08-09 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms11-057.nasl - Type: ACT_GATHER_INFO
2009-04-15 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms09-014.nasl - Type: ACT_GATHER_INFO
2008-04-08 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms08-024.nasl - Type: ACT_GATHER_INFO
2008-02-12 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms08-010.nasl - Type: ACT_GATHER_INFO
2007-12-11 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms07-069.nasl - Type: ACT_GATHER_INFO
2007-11-10 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-535-1.nasl - Type: ACT_GATHER_INFO
2007-10-09 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms07-057.nasl - Type: ACT_GATHER_INFO
2007-08-14 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms07-045.nasl - Type: ACT_GATHER_INFO
2007-06-12 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms07-033.nasl - Type: ACT_GATHER_INFO
2007-05-08 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms07-027.nasl - Type: ACT_GATHER_INFO
2007-04-14 Name: The remote host contains a web browser that is susceptible to multiple issues.
File: opera_920.nasl - Type: ACT_GATHER_INFO
2007-04-03 Name: Arbitrary code can be executed on the remote host through the email client or...
File: smb_nt_ms07-017.nasl - Type: ACT_GATHER_INFO
2007-02-13 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms07-016.nasl - Type: ACT_GATHER_INFO
2007-01-09 Name: Arbitrary code can be executed on the remote host through the email client or...
File: smb_nt_ms07-004.nasl - Type: ACT_GATHER_INFO
2006-12-16 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2006-143.nasl - Type: ACT_GATHER_INFO
2006-12-12 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms06-072.nasl - Type: ACT_GATHER_INFO
2006-11-14 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms06-067.nasl - Type: ACT_GATHER_INFO
2006-10-10 Name: Arbitrary code can be executed on the remote host through the web or email cl...
File: smb_nt_ms06-057.nasl - Type: ACT_GATHER_INFO
2006-08-08 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms06-042.nasl - Type: ACT_GATHER_INFO
2006-08-08 Name: Arbitrary code can be executed on the remote host through the email client.
File: smb_nt_ms06-043.nasl - Type: ACT_GATHER_INFO
2006-08-08 Name: Arbitrary code can be executed on the remote host through the web or email cl...
File: smb_nt_ms06-044.nasl - Type: ACT_GATHER_INFO
2006-06-13 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms06-022.nasl - Type: ACT_GATHER_INFO
2006-06-13 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms06-021.nasl - Type: ACT_GATHER_INFO
2006-04-11 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms06-013.nasl - Type: ACT_GATHER_INFO
2005-12-13 Name: Arbitrary code can be executed on the remote host through the web client.
File: smb_nt_ms05-054.nasl - Type: ACT_GATHER_INFO