Summary
Detail | |||
---|---|---|---|
Vendor | Microsoft | First view | 1999-11-01 |
Product | Ie | Last view | 2012-03-09 |
Version | 8 | Type | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
5.8 | 2012-03-09 | CVE-2012-1545 | Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, allows remote attackers to bypass Protected Mode or cause a denial of service (memory corruption) by leveraging access to a Low integrity process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012. |
5 | 2011-12-07 | CVE-2010-5071 | The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method. |
4.3 | 2011-12-07 | CVE-2002-2435 | The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264. |
4.3 | 2011-06-03 | CVE-2011-2383 | Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: URL that redirects to a file: URL, as demonstrated by a Facebook game, related to a "cookiejacking" issue, aka "Drag and Drop Information Disclosure Vulnerability." NOTE: this vulnerability exists because of an incomplete fix in the Internet Explorer 9 release. |
4.3 | 2011-06-03 | CVE-2011-2382 | Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file: URL, as demonstrated by a Facebook game, related to a "cookiejacking" issue. |
4.3 | 2010-06-01 | CVE-2010-2118 | Microsoft Internet Explorer 6.0.2900.2180 and 8.0.7600.16385 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs. |
5 | 2010-05-20 | CVE-2010-1991 | Microsoft Internet Explorer 6.0.2900.2180, 7, and 8.0.7600.16385 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements. |
5 | 2009-07-22 | CVE-2009-2576 | Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a long Unicode string argument to the write method, a related issue to CVE-2009-2479. NOTE: it was later reported that 7.0.6000.16473 and earlier are also affected. |
4.3 | 2009-07-10 | CVE-2009-2433 | Stack-based buffer overflow in the AddFavorite method in Microsoft Internet Explorer allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a long URL in the first argument. |
5.8 | 2009-06-15 | CVE-2009-2069 | Microsoft Internet Explorer before 8 displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, and then sending the browser a crafted 502 response page upon a subsequent request. |
5.8 | 2009-06-15 | CVE-2009-2057 | Microsoft Internet Explorer before 8 uses the HTTP Host header to determine the context of a document provided in a (1) 4xx or (2) 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampering" attack. |
9.3 | 2009-04-15 | CVE-2009-0552 | Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 on Windows XP SP2 and SP3, and 6 on Windows Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in memory that was (1) not properly initialized or (2) deleted, aka "Uninitialized Memory Corruption Vulnerability." |
9.3 | 2008-05-18 | CVE-2008-2281 | Cross-zone scripting vulnerability in the Print Table of Links feature in Internet Explorer 6.0, 7.0, and 8.0b allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via an HTML document with a link containing JavaScript sequences, which are evaluated by a resource script when a user prints this document. |
9.3 | 2008-04-08 | CVE-2008-1085 | Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 through SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream that triggers memory corruption, as demonstrated using an invalid MIME-type that does not have a registered handler. |
9.3 | 2008-02-12 | CVE-2008-0078 | Unspecified vulnerability in an ActiveX control (dxtmsft.dll) in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via a crafted image, aka "Argument Handling Memory Corruption Vulnerability." |
9.3 | 2008-02-12 | CVE-2008-0076 | Unspecified vulnerability in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via crafted HTML layout combinations, aka "HTML Rendering Memory Corruption Vulnerability." |
6.8 | 2007-12-11 | CVE-2007-5347 | Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via "unexpected method calls to HTML objects," aka "DHTML Object Memory Corruption Vulnerability." |
6.8 | 2007-12-11 | CVE-2007-5344 | Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via a crafted website using Javascript that creates, modifies, deletes, and accesses document objects using the tags property, which triggers heap corruption, related to uninitialized or deleted objects, a different issue than CVE-2007-3902 and CVE-2007-3903, and a variant of "Uninitialized Memory Corruption Vulnerability." |
6.8 | 2007-12-11 | CVE-2007-3903 | Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via uninitialized or deleted objects used in repeated calls to the (1) cloneNode or (2) nodeValue JavaScript function, a different issue than CVE-2007-3902 and CVE-2007-5344, a variant of "Uninitialized Memory Corruption Vulnerability." |
9.3 | 2007-12-11 | CVE-2007-3902 | Use-after-free vulnerability in the CRecalcProperty function in mshtml.dll in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code by calling the setExpression method and then modifying the outerHTML property of an HTML element, one variant of "Uninitialized Memory Corruption Vulnerability." |
4.3 | 2007-09-12 | CVE-2007-4848 | Microsoft Internet Explorer 4.0 through 7 allows remote attackers to determine the existence of local files that have associated images via a res:// URI in the src property of a JavaScript Image object, as demonstrated by the URI for a bitmap image resource within a (1) .exe or (2) .dll file. |
6.8 | 2007-08-14 | CVE-2007-0943 | Unspecified vulnerability in Internet Explorer 5.01 and 6 SP1 allows remote attackers to execute arbitrary code via crafted Cascading Style Sheets (CSS) strings that trigger memory corruption during parsing, related to use of out-of-bounds pointers. |
7.8 | 2007-07-03 | CVE-2007-3550 | Microsoft Internet Explorer 6.0 and 7.0 allows remote attackers to fill Zones with arbitrary domains using certain metacharacters such as wildcards via JavaScript, which results in a denial of service (website suppression and resource consumption), aka "Internet Explorer Zone Domain Specification Dos and Page Suppressing". NOTE: this issue has been disputed by a third party, who states that the zone settings cannot be manipulated |
9.3 | 2007-05-08 | CVE-2007-0944 | Unspecified vulnerability in the CTableCol::OnPropertyChange method in Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; and 6 on Windows XP SP2, or Windows Server 2003 SP1 or SP2 allows remote attackers to execute arbitrary code by calling deleteCell on a named table row in a named table column, then accessing the column, which causes Internet Explorer to access previously deleted objects, aka the "Uninitialized Memory Corruption Vulnerability." |
9.3 | 2007-05-08 | CVE-2007-0942 | Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; and possibly 7 on Windows Vista does not properly "instantiate certain COM objects as ActiveX controls," which allows remote attackers to execute arbitrary code via a crafted COM object from chtskdic.dll. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
23% (11) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
15% (7) | CWE-399 | Resource Management Errors |
15% (7) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
13% (6) | CWE-20 | Improper Input Validation |
10% (5) | CWE-264 | Permissions, Privileges, and Access Controls |
6% (3) | CWE-200 | Information Exposure |
4% (2) | CWE-362 | Race Condition |
4% (2) | CWE-287 | Improper Authentication |
4% (2) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
2% (1) | CWE-189 | Numeric Errors |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-17 | Accessing, Modifying or Executing Executable Files |
CAPEC-30 | Hijacking a Privileged Thread of Execution |
CAPEC-35 | Leverage Executable Code in Nonexecutable Files |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:3573 | Microsoft Data Access Components 2.1 Remote Data Services Buffer Overflow |
oval:org.mitre.oval:def:294 | Microsoft Data Access Components 2.6 Remote Data Services Buffer Overflow |
oval:org.mitre.oval:def:2730 | Microsoft Data Access Components 2.5 Remote Data Services Buffer Overflow |
oval:org.mitre.oval:def:542 | IE v5.5 Malformed PNG Image File Failure Vulnerability |
oval:org.mitre.oval:def:393 | IE v6.0 Malformed PNG Image File Failure Vulnerability |
oval:org.mitre.oval:def:495 | IE v5.5 Encoded Characters Information Disclosure Vulnerability |
oval:org.mitre.oval:def:471 | IE v5.01 Encoded Characters Information Disclosure Vulnerability |
oval:org.mitre.oval:def:143 | Microsoft IE Encoded Characters Information Disclosure |
oval:org.mitre.oval:def:408 | IE v5.5 Cross Domain Verification via Cached Methods Vulnerability |
oval:org.mitre.oval:def:388 | IE v6.0 Cross Domain Verification via Cached Methods Vulnerability |
oval:org.mitre.oval:def:926 | IE URLMON Buffer Overflow |
oval:org.mitre.oval:def:963 | IE File Upload Vulnerability |
oval:org.mitre.oval:def:1094 | IE plugin.ocx Heap Overflow |
oval:org.mitre.oval:def:922 | IE Slash Characters in Type Property Vulnerability |
oval:org.mitre.oval:def:123 | IE Improper Object Tag Handling |
oval:org.mitre.oval:def:392 | IE v6.0 (XP) ExecCommand Cross Domain Zone Restriction Bypass |
oval:org.mitre.oval:def:349 | IE v6.0,SP1 (Server 2003) ExecCommand Cross Domain Zone Restriction Bypass |
oval:org.mitre.oval:def:344 | IE v6.0,SP1 ExecCommand Cross Domain Zone Restriction Bypass |
oval:org.mitre.oval:def:343 | IE v5.5,SP2 ExecCommand Cross Domain Zone Restriction Bypass |
oval:org.mitre.oval:def:342 | IE v5.01,SP4 ExecCommand Cross Domain Zone Restriction Bypass |
oval:org.mitre.oval:def:341 | IE v5.01,SP3 ExecCommand Cross Domain Zone Restriction Bypass |
oval:org.mitre.oval:def:335 | IE v5.01,SP2 ExecCommand Cross Domain Zone Restriction Bypass |
oval:org.mitre.oval:def:472 | IE v6.0 (XP) Function Pointer Override Cross Domain Vulnerability |
oval:org.mitre.oval:def:359 | IE v6.0,SP1 (Server 2003) Function Pointer Override Cross Domain Vulnerability |
oval:org.mitre.oval:def:357 | IE v6.0,SP1 Function Pointer Override Cross Domain Vulnerability |
SAINT Exploits
Description | Link |
---|---|
Internet Explorer VML integer overflow | More info here |
Windows Task Scheduler buffer overflow | More info here |
Internet Explorer Javaprxy.dll heap overflow | More info here |
Internet Explorer createTextRange memory corruption | More info here |
Internet Explorer IFRAME buffer overflow | More info here |
Internet Explorer WebViewFolderIcon setSlice integer overflow | More info here |
Internet Explorer COM object instantiation vulnerability | More info here |
Internet Explorer DHTML object vulnerability | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
77606 | Microsoft IE JavaScript Implementation getComputedStyle Method Page Handling ... |
72724 | Microsoft IE Cookie Jacking Account Authentication Bypass |
65110 | Microsoft IE Invalid news / nntp URI IFRAME Element Handling Remote DoS |
64786 | Microsoft IE mailto: URL Multiple IFRAME Element Handling DoS |
60401 | Microsoft IE Crafted DHTML AnchorClick Attribute Handling Remote DoS |
56500 | Common Controls Replacement Project (CCRP) FolderTreeview (FTV) ActiveX (ccrp... |
56489 | Microsoft IE Proxy Server CONNECT Response Cached Certificate Use MiTM HTTPS ... |
56323 | Microsoft IE Write Method Unicode String Argument Handling Remote DoS |
55855 | Microsoft IE AddFavorite Method URL Handling Remote DoS |
55129 | Microsoft IE HTTP Host Header Proxy Server CONNECT Response Document Context ... |
53625 | Microsoft IE Unitialized Object Memory Corruption Arbitrary Code Execution (2... |
45814 | Microsoft IE Arbitrary Website Zone Addition Domain Supression DoS |
45259 | Microsoft IE mshtml.dll Malformed IFRAME XML File / XSL Stylesheet Handling DoS |
45074 | Microsoft IE Print Table of Links Cross-Zone Scripting |
44205 | Microsoft IE Data Stream Handling Memory Corruption |
43521 | Microsoft IE CSS :visited Attribute Browser History Disclosure |
41467 | Microsoft IE Image Processing Argument Validation Unspecified Memory Corruption |
41465 | Microsoft IE HTML Layout Rendering Unspecified Memory Corruption |
41047 | Microsoft IE mshtml Malformed HTML Tag DoS |
39121 | Microsoft IE DHTML Object Memory Corruption |
39120 | Microsoft IE Element Tag Uninitialized Memory Corruption |
39119 | Microsoft IE Object cloneNode / nodeValue Function Uninitialized Memory Corru... |
39118 | Microsoft IE Object setExpression Function Memory Corruption |
37638 | Microsoft IE res:// URI Image Object Local File Enumeration |
37636 | Microsoft IE Crafted JavaScript for Loop Null Pointer DoS |
ExploitDB Exploits
id | Description |
---|---|
3652 | MS Windows Animated Cursor (.ANI) Overflow Exploit (Hardware DEP) |
3617 | MS Windows Animated Cursor (.ANI) Stack Overflow Exploit |
OpenVAS Exploits
id | Description |
---|---|
2012-03-15 | Name : Microsoft Internet Explorer Code Execution and DoS Vulnerabilities File : nvt/gb_ms_ie_code_exec_n_dos_vuln.nasl |
2011-12-09 | Name : Microsoft Internet Explorer Multiple Information Disclosure Vulnerabilities File : nvt/gb_ms_ie_mult_info_disc_vuln.nasl |
2011-08-11 | Name : Microsoft Internet Explorer Multiple Vulnerabilities (2559049) File : nvt/secpod_ms11-057.nasl |
2011-06-13 | Name : Microsoft Internet Explorer Cookie Hijacking Vulnerability File : nvt/gb_ms_ie9_cookie_hijacking_vuln.nasl |
2011-06-13 | Name : Microsoft Internet Explorer Cookie Hijacking Vulnerability File : nvt/gb_ms_ie_cookie_hijacking_vuln.nasl |
2011-01-14 | Name : Microsoft Internet Explorer mshtml.dll Remote Memory Corruption Vulnerability... File : nvt/gb_ms07-069.nasl |
2011-01-13 | Name : Microsoft Internet Explorer HTML Rendering Remote Memory Corruption Vulnerabi... File : nvt/gb_ms08-010.nasl |
2011-01-10 | Name : Microsoft Internet Explorer Data Stream Handling Remote Code Execution Vulner... File : nvt/gb_ms08-024.nasl |
2010-07-08 | Name : Microsoft Windows Vector Markup Language Vulnerabilities (929969) File : nvt/ms07-004.nasl |
2010-07-08 | Name : Cumulative Security Update for Internet Explorer (937143) File : nvt/ms07-045.nasl |
2010-07-08 | Name : Cumulative Security Update for Internet Explorer (933566) File : nvt/ms07-033.nasl |
2010-07-08 | Name : Cumulative Security Update for Internet Explorer (931768) File : nvt/ms07-027.nasl |
2010-07-08 | Name : Cumulative Security Update for Internet Explorer (928090) File : nvt/ms07-016.nasl |
2010-06-04 | Name : Microsoft Internet Explorer 'IFRAME' Denial Of Service Vulnerability (June-10) File : nvt/gb_ms_ie_iframe_dos_vuln_june10.nasl |
2010-05-25 | Name : Microsoft Internet Explorer 'IFRAME' Denial Of Service Vulnerability File : nvt/secpod_ms_ie_iframe_dos_vuln.nasl |
2009-07-23 | Name : Microsoft Internet Explorer Unicode String DoS Vulnerability File : nvt/secpod_ms_ie_unicode_str_dos_vuln.nasl |
2009-07-15 | Name : Microsoft Internet Explorer Buffer Overflow Vulnerability - Jul09 File : nvt/gb_ms_ie_bof_vuln_jul09.nasl |
2009-06-17 | Name : Microsoft Internet Explorer Web Script Execution Vulnerabilites File : nvt/secpod_ms_ie_web_script_exec_vuln_jun09.nasl |
2009-04-15 | Name : Microsoft Internet Explorer Remote Code Execution Vulnerability (963027) File : nvt/secpod_ms09-014.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200507-14 (mozilla) File : nvt/glsa_200507_14.nasl |
2005-11-03 | Name : Bofra Virus Detection File : nvt/bofra_detect.nasl |
2005-11-03 | Name : IE 5.01 5.5 6.0 Cumulative patch (890923) File : nvt/smb_nt_ms02-005.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2006-A-0042 | Vulnerability in Windows Explorer Severity: Category I - VMSKEY: V0012782 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft Windows Vector Markup Language recolorinfo tag numcolors parameter ... RuleID : 9849 - Type : OS-WINDOWS - Revision : 18 |
2014-01-10 | Microsoft Windows Vector Markup Language recolorinfo tag numfills parameter b... RuleID : 9848 - Type : OS-WINDOWS - Revision : 14 |
2014-01-10 | Outlook Recipient Control ActiveX function call access RuleID : 9670 - Type : BROWSER-PLUGINS - Revision : 9 |
2014-01-10 | Outlook Recipient Control ActiveX clsid unicode access RuleID : 9669 - Type : WEB-ACTIVEX - Revision : 6 |
2014-01-10 | Outlook Recipient Control ActiveX clsid access RuleID : 9668 - Type : BROWSER-PLUGINS - Revision : 11 |
2014-01-10 | javaprxy.dll ActiveX clsid unicode access RuleID : 9628 - Type : WEB-ACTIVEX - Revision : 7 |
2014-01-10 | Microsoft Internet Explorer Swedish_Default Stemmer ActiveX clsid access RuleID : 9478 - Type : BROWSER-PLUGINS - Revision : 15 |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAArray.1 ActiveX function call a... RuleID : 8845 - Type : BROWSER-PLUGINS - Revision : 15 |
2014-01-10 | DirectAnimation.DAArray.1 ActiveX CLSID unicode access RuleID : 8844 - Type : WEB-ACTIVEX - Revision : 6 |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAArray.1 ActiveX clsid access RuleID : 8843 - Type : BROWSER-PLUGINS - Revision : 16 |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DABbox2.1 ActiveX function call a... RuleID : 8842 - Type : BROWSER-PLUGINS - Revision : 15 |
2014-01-10 | DirectAnimation.DABbox2.1 ActiveX CLSID unicode access RuleID : 8841 - Type : WEB-ACTIVEX - Revision : 6 |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DABbox2.1 ActiveX clsid access RuleID : 8840 - Type : BROWSER-PLUGINS - Revision : 16 |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DABbox3.1 ActiveX function call a... RuleID : 8839 - Type : BROWSER-PLUGINS - Revision : 15 |
2014-01-10 | DirectAnimation.DABbox3.1 ActiveX CLSID unicode access RuleID : 8838 - Type : WEB-ACTIVEX - Revision : 6 |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DABbox3.1 ActiveX clsid access RuleID : 8837 - Type : BROWSER-PLUGINS - Revision : 16 |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DABoolean.1 ActiveX function call... RuleID : 8836 - Type : BROWSER-PLUGINS - Revision : 15 |
2014-01-10 | DirectAnimation.DABoolean.1 ActiveX CLSID unicode access RuleID : 8835 - Type : WEB-ACTIVEX - Revision : 6 |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DABoolean.1 ActiveX clsid access RuleID : 8834 - Type : BROWSER-PLUGINS - Revision : 16 |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DACamera.1 ActiveX function call ... RuleID : 8833 - Type : BROWSER-PLUGINS - Revision : 15 |
2014-01-10 | DirectAnimation.DACamera.1 ActiveX CLSID unicode access RuleID : 8832 - Type : WEB-ACTIVEX - Revision : 6 |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DACamera.1 ActiveX clsid access RuleID : 8831 - Type : BROWSER-PLUGINS - Revision : 16 |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAColor.1 ActiveX function call a... RuleID : 8830 - Type : BROWSER-PLUGINS - Revision : 15 |
2014-01-10 | DirectAnimation.DAColor.1 ActiveX CLSID unicode access RuleID : 8829 - Type : WEB-ACTIVEX - Revision : 6 |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAColor.1 ActiveX clsid access RuleID : 8828 - Type : BROWSER-PLUGINS - Revision : 16 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2011-08-09 | Name: Arbitrary code can be executed on the remote host through a web browser. File: smb_nt_ms11-057.nasl - Type: ACT_GATHER_INFO |
2009-04-15 | Name: Arbitrary code can be executed on the remote host through a web browser. File: smb_nt_ms09-014.nasl - Type: ACT_GATHER_INFO |
2008-04-08 | Name: Arbitrary code can be executed on the remote host through the web client. File: smb_nt_ms08-024.nasl - Type: ACT_GATHER_INFO |
2008-02-12 | Name: Arbitrary code can be executed on the remote host through the web client. File: smb_nt_ms08-010.nasl - Type: ACT_GATHER_INFO |
2007-12-11 | Name: Arbitrary code can be executed on the remote host through the web client. File: smb_nt_ms07-069.nasl - Type: ACT_GATHER_INFO |
2007-11-10 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-535-1.nasl - Type: ACT_GATHER_INFO |
2007-10-09 | Name: Arbitrary code can be executed on the remote host through the web client. File: smb_nt_ms07-057.nasl - Type: ACT_GATHER_INFO |
2007-08-14 | Name: Arbitrary code can be executed on the remote host through the web client. File: smb_nt_ms07-045.nasl - Type: ACT_GATHER_INFO |
2007-06-12 | Name: Arbitrary code can be executed on the remote host through the web client. File: smb_nt_ms07-033.nasl - Type: ACT_GATHER_INFO |
2007-05-08 | Name: Arbitrary code can be executed on the remote host through the web client. File: smb_nt_ms07-027.nasl - Type: ACT_GATHER_INFO |
2007-04-14 | Name: The remote host contains a web browser that is susceptible to multiple issues. File: opera_920.nasl - Type: ACT_GATHER_INFO |
2007-04-03 | Name: Arbitrary code can be executed on the remote host through the email client or... File: smb_nt_ms07-017.nasl - Type: ACT_GATHER_INFO |
2007-02-13 | Name: Arbitrary code can be executed on the remote host through the web client. File: smb_nt_ms07-016.nasl - Type: ACT_GATHER_INFO |
2007-01-09 | Name: Arbitrary code can be executed on the remote host through the email client or... File: smb_nt_ms07-004.nasl - Type: ACT_GATHER_INFO |
2006-12-16 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2006-143.nasl - Type: ACT_GATHER_INFO |
2006-12-12 | Name: Arbitrary code can be executed on the remote host through the web client. File: smb_nt_ms06-072.nasl - Type: ACT_GATHER_INFO |
2006-11-14 | Name: Arbitrary code can be executed on the remote host through the web client. File: smb_nt_ms06-067.nasl - Type: ACT_GATHER_INFO |
2006-10-10 | Name: Arbitrary code can be executed on the remote host through the web or email cl... File: smb_nt_ms06-057.nasl - Type: ACT_GATHER_INFO |
2006-08-08 | Name: Arbitrary code can be executed on the remote host through the web client. File: smb_nt_ms06-042.nasl - Type: ACT_GATHER_INFO |
2006-08-08 | Name: Arbitrary code can be executed on the remote host through the email client. File: smb_nt_ms06-043.nasl - Type: ACT_GATHER_INFO |
2006-08-08 | Name: Arbitrary code can be executed on the remote host through the web or email cl... File: smb_nt_ms06-044.nasl - Type: ACT_GATHER_INFO |
2006-06-13 | Name: Arbitrary code can be executed on the remote host through the web client. File: smb_nt_ms06-022.nasl - Type: ACT_GATHER_INFO |
2006-06-13 | Name: Arbitrary code can be executed on the remote host through the web client. File: smb_nt_ms06-021.nasl - Type: ACT_GATHER_INFO |
2006-04-11 | Name: Arbitrary code can be executed on the remote host through the web client. File: smb_nt_ms06-013.nasl - Type: ACT_GATHER_INFO |
2005-12-13 | Name: Arbitrary code can be executed on the remote host through the web client. File: smb_nt_ms05-054.nasl - Type: ACT_GATHER_INFO |