This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:microsoft:infopath:2003
Detail
VendorMicrosoftFirst view 2004-09-28
ProductInfopathLast view2018-05-09
Version2003TypeApplication
Edition 
Language 
Update 

Activity : Overall

COMMON PLATFORM ENUMERATION : Repartition per Version

CPE NameAffected CVE
cpe:/a:microsoft:infopath:20034
cpe:/a:microsoft:infopath:2013:sp13
cpe:/a:microsoft:infopath:2010:sp22
cpe:/a:microsoft:infopath:2007:sp32
cpe:/a:microsoft:infopath:20071
Hide | Show 4 More...
CPE NameAffected CVE
cpe:/a:microsoft:infopath:2007:sp21
cpe:/a:microsoft:infopath:2010:sp1:x641
cpe:/a:microsoft:infopath:2010:sp1:x861
cpe:/a:microsoft:infopath:2010:sp11

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
9.32018-05-09CVE-2018-8173NetworkMediumNone Requ...
9.32016-03-09CVE-2016-0021NetworkMediumNone Requ...
9.32015-11-11CVE-2015-2503NetworkMediumNone Requ...
4.32013-04-09CVE-2013-1289NetworkMediumNone Requ...
4.32012-10-09CVE-2012-2520NetworkMediumNone Requ...
Hide | Show 4 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
7.52008-07-07CVE-2008-3068NetworkLowNone Requ...
9.32007-02-02CVE-2007-0671NetworkMediumNone Requ...
9.32006-10-10CVE-2006-3877NetworkMediumNone Requ...
9.32004-09-28CVE-2004-0200NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
33% (2)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
33% (2)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
16% (1)CWE-264Permissions, Privileges, and Access Controls
16% (1)CWE-94Failure to Control Generation of Code ('Code Injection')

Open Source Vulnerability Database (OSVDB)

idDescription
47004Microsoft Crypto API S/MIME X.509 Certificate CRL Check Remote Information Di...
31901Microsoft Office Unspecified String Handling Arbitrary Code Execution
29448Microsoft PowerPoint Crafted File Unspecified Code Execution
9951Microsoft Multiple Products GDIPlus.dll JPEG Processing Overflow

OpenVAS Exploits

idDescription
2012-10-10Name : Microsoft Products HTML Sanitisation Component XSS Vulnerability (2741517)
File : nvt/secpod_ms12-066.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2013-A-0083Microsoft Office HTML Sanitization Privilege Escalation Vulnerability
Severity : Category II - VMSKEY : V0037613

Snort® IPS/IDS

DateDescription
2016-04-07Microsoft Office Word ipdesign.dll ActiveX object access attempt
RuleID : 38129 - Type : FILE-OFFICE - Revision : 2
2016-04-07Microsoft Office Word ipdesign.dll ActiveX object access attempt
RuleID : 38128 - Type : FILE-OFFICE - Revision : 2
2016-04-07Microsoft Office Word ipdesign.dll ActiveX object access attempt
RuleID : 38127 - Type : FILE-OFFICE - Revision : 2
2016-04-07Microsoft Office Word ipdesign.dll ActiveX object access attempt
RuleID : 38126 - Type : FILE-OFFICE - Revision : 2
2016-03-14Microsoft Office Word CoCreateInstance elevation of privilege attempt
RuleID : 36721 - Type : FILE-OFFICE - Revision : 3
Hide | Show 12 More...
DateDescription
2016-03-14Microsoft Office Word CoCreateInstance elevation of privilege attempt
RuleID : 36720 - Type : FILE-OFFICE - Revision : 3
2014-08-27Microsoft Multiple Products JPEG parser heap overflow attempt
RuleID : 31719-community - Type : FILE-IMAGE - Revision : 1
2014-11-16Microsoft Multiple Products JPEG parser heap overflow attempt
RuleID : 31719 - Type : FILE-IMAGE - Revision : 1
2014-01-10JPEG parser multipacket heap overflow attempt
RuleID : 27569 - Type : FILE-IMAGE - Revision : 3
2014-01-10JPEG parser multipacket heap overflow attempt
RuleID : 2707-community - Type : FILE-IMAGE - Revision : 14
2014-01-10JPEG parser multipacket heap overflow attempt
RuleID : 2707 - Type : FILE-IMAGE - Revision : 14
2014-01-10Microsoft Multiple Products JPEG parser heap overflow attempt
RuleID : 2705-community - Type : FILE-IMAGE - Revision : 18
2014-01-10Microsoft Multiple Products JPEG parser heap overflow attempt
RuleID : 2705 - Type : FILE-IMAGE - Revision : 18
2014-01-10Microsoft Internet Explorer expression clause in style tag cross site scripti...
RuleID : 26354 - Type : BROWSER-IE - Revision : 5
2014-01-10Microsoft multiple product toStaticHTML XSS attempt
RuleID : 23137 - Type : BROWSER-IE - Revision : 11
2014-01-10Microsoft multiple product toStaticHTML XSS attempt
RuleID : 23136 - Type : BROWSER-IE - Revision : 11
2014-01-10Microsoft Office Drawing Record msofbtOPT Code Execution attempt
RuleID : 17579 - Type : FILE-OFFICE - Revision : 16

Nessus® Vulnerability Scanner

idDescription
2016-03-08Name : The remote Windows host is affected by multiple vulnerabilities.
File : smb_nt_ms16-029.nasl - Type : ACT_GATHER_INFO
2015-11-10Name : The remote Windows host is affected by multiple vulnerabilities.
File : smb_nt_ms15-116.nasl - Type : ACT_GATHER_INFO
2013-04-10Name : The remote host is affected by a cross-site scripting vulnerability.
File : smb_nt_ms13-035.nasl - Type : ACT_GATHER_INFO
2012-10-10Name : The remote host is affected by a privilege escalation vulnerability.
File : smb_nt_ms12-066.nasl - Type : ACT_GATHER_INFO
2007-02-13Name : Arbitrary code can be executed on the remote host through Microsoft Office.
File : smb_nt_ms07-015.nasl - Type : ACT_GATHER_INFO
Hide | Show 6 More...
idDescription
2007-02-13Name : An application installed on the remote Mac OS X host is affected by multiple ...
File : macosx_ms_office_feb2006.nasl - Type : ACT_GATHER_INFO
2006-10-11Name : An application installed on the remote Mac OS X host is affected by multiple ...
File : macosx_ms_office_oct2006.nasl - Type : ACT_GATHER_INFO
2006-10-10Name : Arbitrary code can be executed on the remote host through Microsoft PowerPoint.
File : smb_nt_ms06-058.nasl - Type : ACT_GATHER_INFO
2004-09-28Name : The remote host may have been compromised
File : radmin_port_10002.nasl - Type : ACT_GATHER_INFO
2004-09-24Name : It is possible to log into the remote host without a password.
File : smb_login_as_x.nasl - Type : ACT_GATHER_INFO
2004-09-14Name : Arbitrary code can be executed on the remote host.
File : smb_nt_ms04-028.nasl - Type : ACT_GATHER_INFO