This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:microsoft:infopath:2003 |
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2004-09-28 |
| Product | Infopath | Last view | 2018-05-09 |
| Version | 2003 | Type | Application |
| Edition | |||
| Language | |||
| Update | |||
Activity : Overall
COMMON PLATFORM ENUMERATION : Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:/a:microsoft:infopath:2003 | 4 |
| cpe:/a:microsoft:infopath:2013:sp1 | 3 |
| cpe:/a:microsoft:infopath:2010:sp2 | 2 |
| cpe:/a:microsoft:infopath:2007:sp3 | 2 |
| cpe:/a:microsoft:infopath:2007 | 1 |
| CPE Name | Affected CVE |
|---|---|
| cpe:/a:microsoft:infopath:2007:sp2 | 1 |
| cpe:/a:microsoft:infopath:2010:sp1:x64 | 1 |
| cpe:/a:microsoft:infopath:2010:sp1:x86 | 1 |
| cpe:/a:microsoft:infopath:2010:sp1 | 1 |
Related : CVE
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 9.3 | 2018-05-09 | CVE-2018-8173 | Network | Medium | None Requ... | |
| 9.3 | 2016-03-09 | CVE-2016-0021 | Network | Medium | None Requ... | |
| 9.3 | 2015-11-11 | CVE-2015-2503 | Network | Medium | None Requ... | |
| 4.3 | 2013-04-09 | CVE-2013-1289 | Network | Medium | None Requ... | |
| 4.3 | 2012-10-09 | CVE-2012-2520 | Network | Medium | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 7.5 | 2008-07-07 | CVE-2008-3068 | Network | Low | None Requ... | |
| 9.3 | 2007-02-02 | CVE-2007-0671 | Network | Medium | None Requ... | |
| 9.3 | 2006-10-10 | CVE-2006-3877 | Network | Medium | None Requ... | |
| 9.3 | 2004-09-28 | CVE-2004-0200 | Network | Medium | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 33% (2) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 33% (2) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 16% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
| 16% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 47004 | Microsoft Crypto API S/MIME X.509 Certificate CRL Check Remote Information Di... |
| 31901 | Microsoft Office Unspecified String Handling Arbitrary Code Execution |
| 29448 | Microsoft PowerPoint Crafted File Unspecified Code Execution |
| 9951 | Microsoft Multiple Products GDIPlus.dll JPEG Processing Overflow |
OpenVAS Exploits
| id | Description |
|---|---|
| 2012-10-10 | Name : Microsoft Products HTML Sanitisation Component XSS Vulnerability (2741517) File : nvt/secpod_ms12-066.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2013-A-0083 | Microsoft Office HTML Sanitization Privilege Escalation Vulnerability Severity : Category II - VMSKEY : V0037613 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2016-04-07 | Microsoft Office Word ipdesign.dll ActiveX object access attempt RuleID : 38129 - Type : FILE-OFFICE - Revision : 2 |
| 2016-04-07 | Microsoft Office Word ipdesign.dll ActiveX object access attempt RuleID : 38128 - Type : FILE-OFFICE - Revision : 2 |
| 2016-04-07 | Microsoft Office Word ipdesign.dll ActiveX object access attempt RuleID : 38127 - Type : FILE-OFFICE - Revision : 2 |
| 2016-04-07 | Microsoft Office Word ipdesign.dll ActiveX object access attempt RuleID : 38126 - Type : FILE-OFFICE - Revision : 2 |
| 2016-03-14 | Microsoft Office Word CoCreateInstance elevation of privilege attempt RuleID : 36721 - Type : FILE-OFFICE - Revision : 3 |
| Date | Description |
|---|---|
| 2016-03-14 | Microsoft Office Word CoCreateInstance elevation of privilege attempt RuleID : 36720 - Type : FILE-OFFICE - Revision : 3 |
| 2014-08-27 | Microsoft Multiple Products JPEG parser heap overflow attempt RuleID : 31719-community - Type : FILE-IMAGE - Revision : 1 |
| 2014-11-16 | Microsoft Multiple Products JPEG parser heap overflow attempt RuleID : 31719 - Type : FILE-IMAGE - Revision : 1 |
| 2014-01-10 | JPEG parser multipacket heap overflow attempt RuleID : 27569 - Type : FILE-IMAGE - Revision : 3 |
| 2014-01-10 | JPEG parser multipacket heap overflow attempt RuleID : 2707-community - Type : FILE-IMAGE - Revision : 14 |
| 2014-01-10 | JPEG parser multipacket heap overflow attempt RuleID : 2707 - Type : FILE-IMAGE - Revision : 14 |
| 2014-01-10 | Microsoft Multiple Products JPEG parser heap overflow attempt RuleID : 2705-community - Type : FILE-IMAGE - Revision : 18 |
| 2014-01-10 | Microsoft Multiple Products JPEG parser heap overflow attempt RuleID : 2705 - Type : FILE-IMAGE - Revision : 18 |
| 2014-01-10 | Microsoft Internet Explorer expression clause in style tag cross site scripti... RuleID : 26354 - Type : BROWSER-IE - Revision : 5 |
| 2014-01-10 | Microsoft multiple product toStaticHTML XSS attempt RuleID : 23137 - Type : BROWSER-IE - Revision : 11 |
| 2014-01-10 | Microsoft multiple product toStaticHTML XSS attempt RuleID : 23136 - Type : BROWSER-IE - Revision : 11 |
| 2014-01-10 | Microsoft Office Drawing Record msofbtOPT Code Execution attempt RuleID : 17579 - Type : FILE-OFFICE - Revision : 16 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2016-03-08 | Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms16-029.nasl - Type : ACT_GATHER_INFO |
| 2015-11-10 | Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms15-116.nasl - Type : ACT_GATHER_INFO |
| 2013-04-10 | Name : The remote host is affected by a cross-site scripting vulnerability. File : smb_nt_ms13-035.nasl - Type : ACT_GATHER_INFO |
| 2012-10-10 | Name : The remote host is affected by a privilege escalation vulnerability. File : smb_nt_ms12-066.nasl - Type : ACT_GATHER_INFO |
| 2007-02-13 | Name : Arbitrary code can be executed on the remote host through Microsoft Office. File : smb_nt_ms07-015.nasl - Type : ACT_GATHER_INFO |
| id | Description |
|---|---|
| 2007-02-13 | Name : An application installed on the remote Mac OS X host is affected by multiple ... File : macosx_ms_office_feb2006.nasl - Type : ACT_GATHER_INFO |
| 2006-10-11 | Name : An application installed on the remote Mac OS X host is affected by multiple ... File : macosx_ms_office_oct2006.nasl - Type : ACT_GATHER_INFO |
| 2006-10-10 | Name : Arbitrary code can be executed on the remote host through Microsoft PowerPoint. File : smb_nt_ms06-058.nasl - Type : ACT_GATHER_INFO |
| 2004-09-28 | Name : The remote host may have been compromised File : radmin_port_10002.nasl - Type : ACT_GATHER_INFO |
| 2004-09-24 | Name : It is possible to log into the remote host without a password. File : smb_login_as_x.nasl - Type : ACT_GATHER_INFO |
| 2004-09-14 | Name : Arbitrary code can be executed on the remote host. File : smb_nt_ms04-028.nasl - Type : ACT_GATHER_INFO |
