Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2002-12-31 |
| Product | Windows 2003 Server | Last view | 2015-07-14 |
| Version | Type | ||
| Update | sp1 | ||
| Edition | x64 | ||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5 | 2015-07-14 | CVE-2015-2417 | OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via crafted input, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "OLE Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-2416. |
| 5 | 2015-07-14 | CVE-2015-2416 | OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via crafted input, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "OLE Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-2417. |
| 3.3 | 2015-07-14 | CVE-2015-2374 | The Netlogon service in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2 does not properly implement domain-controller communication, which allows remote attackers to discover credentials by leveraging certain PDC access and spoofing the BDC role in a PDC communication channel, aka "Elevation of Privilege Vulnerability in Netlogon." |
| 6.9 | 2015-07-14 | CVE-2015-2371 | The Windows Installer service in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a custom action script associated with a .msi package, aka "Windows Installer EoP Vulnerability." |
| 7.2 | 2015-07-14 | CVE-2015-2370 | The authentication implementation in the RPC subsystem in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not prevent DCE/RPC connection reflection, which allows local users to gain privileges via a crafted application, aka "Windows RPC Elevation of Privilege Vulnerability." |
| 6.9 | 2015-07-14 | CVE-2015-2369 | Untrusted search path vulnerability in Windows Media Device Manager in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rtf file, aka "DLL Planting Remote Code Execution Vulnerability." |
| 2.1 | 2015-07-14 | CVE-2015-2367 | win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from uninitialized kernel memory via a crafted application, aka "Win32k Information Disclosure Vulnerability." |
| 7.2 | 2015-07-14 | CVE-2015-2365 | win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." |
| 7.2 | 2015-07-14 | CVE-2015-2364 | The graphics component in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application that leverages an incorrect bitmap conversion, aka "Graphics Component EOP Vulnerability." |
| 7.2 | 2015-07-14 | CVE-2015-2363 | win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." |
| 7.2 | 2015-06-09 | CVE-2015-1768 | win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Win32k Memory Corruption Elevation of Privilege Vulnerability." |
| 7.8 | 2015-04-21 | CVE-2015-1701 | Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in April 2015, aka "Win32k Elevation of Privilege Vulnerability." |
| 7.2 | 2015-03-11 | CVE-2015-0075 | The kernel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "Impersonation Level Check Elevation of Privilege Vulnerability." |
| 4.3 | 2015-03-11 | CVE-2015-0005 | The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, aka "NETLOGON Spoofing Vulnerability." |
| 7.8 | 2013-11-27 | CVE-2013-5065 | NDProxy.sys in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in November 2013. |
| 7.2 | 2013-09-11 | CVE-2013-3866 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." |
| 7.2 | 2013-09-11 | CVE-2013-3865 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-1344, and CVE-2013-3864. |
| 7.2 | 2013-09-11 | CVE-2013-3864 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-1344, and CVE-2013-3865. |
| 7.2 | 2013-09-11 | CVE-2013-1344 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-3864, and CVE-2013-3865. |
| 7.2 | 2013-09-11 | CVE-2013-1343 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865. |
| 7.2 | 2013-09-11 | CVE-2013-1342 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1343, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865. |
| 7.2 | 2013-09-11 | CVE-2013-1341 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability." |
| 9.3 | 2012-12-11 | CVE-2012-2556 | The OpenType Font (OTF) driver in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows remote attackers to execute arbitrary code via a crafted OpenType font file, aka "OpenType Font Parsing Vulnerability." |
| 9.3 | 2012-07-10 | CVE-2012-0175 | The Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted name for a (1) file or (2) directory, aka "Command Injection Vulnerability." |
| 7.2 | 2012-06-12 | CVE-2012-1867 | Integer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted TrueType font file that triggers incorrect memory allocation, aka "Font Resource Refcount Integer Overflow Vulnerability." |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 21% (51) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 19% (46) | CWE-20 | Improper Input Validation |
| 18% (45) | CWE-399 | Resource Management Errors |
| 12% (30) | CWE-264 | Permissions, Privileges, and Access Controls |
| 10% (25) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 7% (17) | CWE-189 | Numeric Errors |
| 2% (7) | CWE-200 | Information Exposure |
| 2% (5) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 1% (4) | CWE-362 | Race Condition |
| 1% (3) | CWE-310 | Cryptographic Issues |
| 0% (2) | CWE-16 | Configuration |
| 0% (1) | CWE-667 | Insufficient Locking |
| 0% (1) | CWE-476 | NULL Pointer Dereference |
| 0% (1) | CWE-287 | Improper Authentication |
| 0% (1) | CWE-255 | Credentials Management |
| 0% (1) | CWE-254 | Security Features |
| 0% (1) | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('O... |
CAPEC : Common Attack Pattern Enumeration & Classification
| id | Name |
|---|---|
| CAPEC-2 | Inducing Account Lockout |
| CAPEC-3 | Using Leading 'Ghost' Character Sequences to Bypass Input Filters |
| CAPEC-7 | Blind SQL Injection |
| CAPEC-8 | Buffer Overflow in an API Call |
| CAPEC-9 | Buffer Overflow in Local Command-Line Utilities |
| CAPEC-10 | Buffer Overflow via Environment Variables |
| CAPEC-13 | Subverting Environment Variable Values |
| CAPEC-14 | Client-side Injection-induced Buffer Overflow |
| CAPEC-18 | Embedding Scripts in Nonscript Elements |
| CAPEC-22 | Exploiting Trust in Client (aka Make the Client Invisible) |
| CAPEC-24 | Filter Failure through Buffer Overflow |
| CAPEC-28 | Fuzzing |
| CAPEC-31 | Accessing/Intercepting/Modifying HTTP Cookies |
| CAPEC-32 | Embedding Scripts in HTTP Query Strings |
| CAPEC-42 | MIME Conversion |
| CAPEC-43 | Exploiting Multiple Input Interpretation Layers |
| CAPEC-45 | Buffer Overflow via Symbolic Links |
| CAPEC-46 | Overflow Variables and Tags |
| CAPEC-47 | Buffer Overflow via Parameter Expansion |
| CAPEC-52 | Embedding NULL Bytes |
| CAPEC-53 | Postfix, Null Terminate, and Backslash |
| CAPEC-63 | Simple Script Injection |
| CAPEC-64 | Using Slashes and URL Encoding Combined to Bypass Validation Logic |
| CAPEC-66 | SQL Injection |
| CAPEC-67 | String Format Overflow in syslog() |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:296 | Windows 2000 RPCSS DCOM Buffer Overflow (Blaster, Test 2) |
| oval:org.mitre.oval:def:2343 | Windows XP RPCSS DCOM Buffer Overflow (Blaster, Test 2) |
| oval:org.mitre.oval:def:194 | Windows NT RPCSS DCOM Buffer Overflow (Blaster, Test 2) |
| oval:org.mitre.oval:def:3966 | RPCSS DCOM Buffer Overflow (Server 2003) |
| oval:org.mitre.oval:def:2968 | RPCSS DCOM Buffer Overflow (XP) |
| oval:org.mitre.oval:def:2884 | RPCSS DCOM Buffer Overflow (XP, SP1) |
| oval:org.mitre.oval:def:127 | RPCSS DCOM Buffer Overflow (Windows 2000) |
| oval:org.mitre.oval:def:919 | Windows Server 2003 LSASS Buffer Overflow (Sasser Worm Vulnerability |
| oval:org.mitre.oval:def:898 | Windows XP LSASS Buffer Overflow (Sasser Worm Vulnerability) |
| oval:org.mitre.oval:def:883 | Windows 2000 LSASS Buffer Overflow (Sasser Worm Vulnerability) |
| oval:org.mitre.oval:def:340 | Windows 2000 ComboBox/ListBox GUI Widget User32.dll Buffer Overflow |
| oval:org.mitre.oval:def:201 | Windows XP ComboBox/ListBox GUI Widget User32.dll Buffer Overflow |
| oval:org.mitre.oval:def:198 | Automatic ActiveX Approval on Windows 2000 Low Memory |
| oval:org.mitre.oval:def:185 | Automatic ActiveX Approval on WinXP Low Memory |
| oval:org.mitre.oval:def:3483 | NetBT Name Service Information Access Vulnerability |
| oval:org.mitre.oval:def:4706 | Help and Support Center PCHealth System Buffer Overflow (Server 2003) |
| oval:org.mitre.oval:def:3889 | Help and Support Center PCHealth System Buffer Overflow (32-bit XP) |
| oval:org.mitre.oval:def:3685 | Help and Support Center PCHealth System Buffer Overflow (64-bit XP) |
| oval:org.mitre.oval:def:217 | Help and Support Center PCHealth System Buffer Overflow (Windows 2000) |
| oval:org.mitre.oval:def:4224 | Windows XP (32-bit) RPCSS DCOM Buffer Overflow (Blaster) |
| oval:org.mitre.oval:def:264 | Windows 2000 RPCSS DCOM Buffer Overflow (Blaster, Test 1) |
| oval:org.mitre.oval:def:20 | Suppressed OVAL20 |
| oval:org.mitre.oval:def:1813 | Windows XP (32-bit, SP1) RPCSS DCOM Buffer Overflow (Blaster) |
| oval:org.mitre.oval:def:1202 | Windows Server 2003 (64-bit) RPCSS DCOM Buffer Overflow (Blaster) |
| oval:org.mitre.oval:def:268 | Windows XP Messenger Service Buffer Overflow |
SAINT Exploits
| Description | Link |
|---|---|
| Internet Explorer iepeers.dll use-after-free vulnerability | More info here |
| Microsoft Jet Engine MDB file ColumnName buffer overflow | More info here |
| Windows Telephony API buffer overflow | More info here |
| Windows Metafile rendering buffer overflow | More info here |
| Windows LSASS buffer overflow | More info here |
| Windows Server Service buffer overflow | More info here |
| Windows RRAS memory corruption vulnerability | More info here |
| Windows Cursor and Icon handling vulnerability | More info here |
| Windows Telnet credential reflection | More info here |
| Windows compressed folders buffer overflow | More info here |
| Microsoft WordPad Word97 text converter buffer overflow | More info here |
| Windows WMF handling vulnerability | More info here |
| Windows GDI EMF filename buffer overflow | More info here |
| Microsoft DirectX DirectShow QuickTime movie parsing vulnerability | More info here |
| Microsoft DirectShow Video Streaming ActiveX IMPEG2TuneRequest Overflow | More info here |
| Windows Media Encoder 9 wmex.dll ActiveX buffer overflow | More info here |
| Windows Animated Cursor Header buffer overflow | More info here |
| Windows RPC DCOM interface buffer overflow | More info here |
| Microsoft SSL library PCT buffer overflow | More info here |
| Windows Help and Support Center -FromHCP URL whitelist bypass | More info here |
| Microsoft Windows Fax Cover Page Editor Double Free Memory Corruption Vulnerability | More info here |
| Microsoft WINS replication service pointer corruption | More info here |
| Windows NetDDE buffer overflow | More info here |
| Microsoft Remote Desktop Connection Insecure Library Injection | More info here |
| Windows DNS server RPC management interface buffer overflow | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 76231 | Microsoft Windows Active Accessibility Path Subversion Arbitrary DLL Injectio... |
| 76221 | Microsoft Windows win32k.sys Driver Use-after-free Driver Object Handling Arb... |
| 76220 | Microsoft Windows win32k.sys Driver .fon Font File Handling Overflow |
| 76218 | Microsoft Windows win32k.sys Driver NULL Dereference Unspecified Arbitrary Co... |
| 75444 | Microsoft Windows WINS Loopback Interface Crafted Packet Local Privilege Esca... |
| 75382 | Microsoft Windows Shell Extensions Path Subversion Arbitrary DLL Injection Co... |
| 74405 | Microsoft Windows Remote Desktop Protocol RDP Packet Parsing Remote DoS |
| 74402 | Microsoft Windows Remote Access Service NDISTAPI Driver User Input Validation... |
| 74401 | Microsoft Windows Client/Server Run-time Subsystem (CSRSS) Inter-Process Devi... |
| 74400 | Microsoft Windows DNS Service Non-Existent Domain Query Parsing Remote DoS |
| 73796 | Microsoft Windows CSRSS SrvSetConsoleLocalEUDC() Function NULL Page Data Writ... |
| 73795 | Microsoft Windows CSRSS SrvWriteConsoleOutputString() Function Local Overflow |
| 73794 | Microsoft Windows CSRSS SrvWriteConsoleOutput() Function Local Overflow |
| 73793 | Microsoft Windows CSRSS SrvSetConsoleNumberOfCommand() Function Kernel Memory... |
| 73792 | Microsoft Windows CSRSS AllocConsole() Function Multiple Console Object Orpha... |
| 73788 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... |
| 73787 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... |
| 73786 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... |
| 73785 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... |
| 73784 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... |
| 73783 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... |
| 73782 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... |
| 73781 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... |
| 73780 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... |
| 73778 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... |
ExploitDB Exploits
| id | Description |
|---|---|
| 30392 | Microsoft Windows ndproxy.sys - Local Privilege Escalation |
| 30014 | Windows NDPROXY Local SYSTEM Privilege Escalation |
| 25389 | Multiple Vendor ICMP Message Handling DoS |
| 25388 | Multiple Vendor ICMP Implementation Malformed Path MTU DoS |
| 25387 | Multiple Vendor ICMP Implementation Spoofed Source Quench Packet DoS |
| 18024 | MS11-077 Win32k Null Pointer De-reference Vulnerability POC |
| 17978 | MS11-077 .fon Kernel-Mode Buffer Overrun PoC |
| 17831 | MS WINS ECommEndDlg Input Validation Error |
| 17659 | MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow |
| 17544 | GDI+ CreateDashedPath Integer overflow in gdiplus.dll |
| 16590 | Internet Explorer DHTML Behaviors Use After Free |
| 15985 | MS10-073: Win32k Keyboard Layout Vulnerability |
| 15266 | Windows NTLM Weak Nonce Vulnerability |
| 14895 | MOAUB #5 - Microsoft MPEG Layer-3 Remote Command Execution Exploit |
| 14608 | Microsoft Windows CreateWindow Function Callback Vulnerability (MS10-048) |
| 12273 | Windows 7/2008R2 SMB Client Trans2 Stack Overflow 10-020 PoC |
| 11683 | Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta) |
| 3740 | MS Windows DNS DnssrvQuery Remote Stack Overflow Exploit |
| 3652 | MS Windows Animated Cursor (.ANI) Overflow Exploit (Hardware DEP) |
| 3617 | MS Windows Animated Cursor (.ANI) Stack Overflow Exploit |
| 3022 | MS Windows ASN.1 - Remote Exploit (MS04-007) |
| 1065 | MS Windows (SMB) Transaction Response Handling Exploit (MS05-011) |
| 1019 | MS Windows COM Structured Storage Local Exploit (MS05-012) |
| 948 | Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages DoS Exploit |
| 771 | MS Internet Explorer .ANI files handling Downloader Exploit (MS05-002) |
OpenVAS Exploits
| id | Description |
|---|---|
| 2012-12-12 | Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (... File : nvt/secpod_ms12-078.nasl |
| 2012-07-11 | Name : Microsoft Windows Shell Remote Code Execution Vulnerability (2691442) File : nvt/secpod_ms12-048.nasl |
| 2012-06-13 | Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2709162) File : nvt/secpod_ms12-041.nasl |
| 2012-03-06 | Name : Microsoft SMB Transaction Parsing Remote Code Execution Vulnerability File : nvt/secpod_ms11-020_remote.nasl |
| 2012-02-29 | Name : MicroSoft SMB Server Trans2 Request Remote Code Execution Vulnerability File : nvt/secpod_ms10-054_remote.nasl |
| 2011-12-30 | Name : MicroSoft Windows Server Service Remote Code Execution Vulnerability (921883) File : nvt/secpod_ms06-040_remote.nasl |
| 2011-11-21 | Name : Microsoft Windows Internet Protocol Validation Remote Code Execution Vulnerab... File : nvt/secpod_ms_windows_ip_validation_code_exec_vuln.nasl |
| 2011-10-12 | Name : Microsoft Active Accessibility Remote Code Execution Vulnerability (2623699) File : nvt/secpod_ms11-075.nasl |
| 2011-10-12 | Name : Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (2567053) File : nvt/secpod_ms11-077.nasl |
| 2011-09-14 | Name : Microsoft Windows WINS Local Privilege Escalation Vulnerability (2571621) File : nvt/secpod_ms11-070.nasl |
| 2011-09-14 | Name : Microsoft Windows Components Remote Code Execution Vulnerabilities (2570947) File : nvt/secpod_ms11-071.nasl |
| 2011-08-11 | Name : Microsoft Windows DNS Server Remote Code Execution Vulnerability (2562485) File : nvt/secpod_ms11-058.nasl |
| 2011-08-11 | Name : MS Windows Remote Access Service NDISTAPI Driver Privilege Elevation Vulnerab... File : nvt/secpod_ms11-062.nasl |
| 2011-08-11 | Name : Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulne... File : nvt/secpod_ms11-063.nasl |
| 2011-08-11 | Name : Microsoft Remote Desktop Protocol Denial of Service Vulnerability (2570222) File : nvt/secpod_ms11-065.nasl |
| 2011-07-13 | Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2555917) File : nvt/secpod_ms11-054.nasl |
| 2011-07-13 | Name : Microsoft Windows CSRSS Privilege Escalation Vulnerabilities (2507938) File : nvt/secpod_ms11-056.nasl |
| 2011-06-15 | Name : Windows MHTML Information Disclosure Vulnerability (2544893) File : nvt/secpod_ms11-037.nasl |
| 2011-06-15 | Name : Microsoft Windows OLE Automation Remote Code Execution Vulnerability (2476490) File : nvt/secpod_ms11-038.nasl |
| 2011-06-15 | Name : Microsoft Distributed File System Remote Code Execution Vulnerabilities (2535... File : nvt/secpod_ms11-042.nasl |
| 2011-06-15 | Name : Microsoft SMB Client Remote Code Execution Vulnerabilities (2536276) File : nvt/secpod_ms11-043.nasl |
| 2011-06-15 | Name : MS Windows Ancillary Function Driver Privilege Elevation Vulnerability File : nvt/secpod_ms11-046.nasl |
| 2011-06-15 | Name : Active Directory Certificate Services Web Enrollment Elevation of Privilege V... File : nvt/secpod_ms11-051.nasl |
| 2011-05-12 | Name : Debian Security Advisory DSA 2191-1 (proftpd-dfsg) File : nvt/deb_2191_1.nasl |
| 2011-04-13 | Name : Microsoft SMB Client Remote Code Execution Vulnerabilities (2511455) File : nvt/secpod_ms11-019.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-A-0167 | Multiple Vulnerabilities in Microsoft Windows (MS15-069) Severity: Category II - VMSKEY: V0061129 |
| 2015-A-0173 | Microsoft Windows Netlogon Privilege Escalation Vulnerability (MS15-071) Severity: Category II - VMSKEY: V0061111 |
| 2015-A-0168 | Microsoft Graphics Component Privilege Escalation Vulnerability (MS15-072) Severity: Category II - VMSKEY: V0061105 |
| 2015-A-0169 | Multiple Vulnerabilities in Microsoft OLE (MS15-075) Severity: Category II - VMSKEY: V0061103 |
| 2015-A-0162 | Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Driver (MS15-073) Severity: Category II - VMSKEY: V0061097 |
| 2015-A-0164 | Microsoft Windows Installer Privilege Escalation Vulnerability (MS15-074) Severity: Category II - VMSKEY: V0061095 |
| 2015-A-0165 | Microsoft Remote Procedure Call (RPC) Privilege Escalation Vulnerability (MS1... Severity: Category II - VMSKEY: V0061093 |
| 2015-A-0108 | Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Driver (MS15-051) Severity: Category II - VMSKEY: V0060653 |
| 2015-A-0048 | Multiple Vulnerabilities in Windows Kernel (MS15-025) Severity: Category II - VMSKEY: V0058995 |
| 2014-A-0004 | Microsoft Windows Kernel Privilege Escalation Vulnerability Severity: Category II - VMSKEY: V0043405 |
| 2012-A-0110 | Microsoft Windows Shell Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0033309 |
| 2012-A-0002 | Microsoft Windows Components Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0030932 |
| 2011-A-0138 | Microsoft Active Accessibility Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0030402 |
| 2011-A-0126 | Microsoft Windows WINS Server Privilege Escalation Vulnerability Severity: Category I - VMSKEY: V0030247 |
| 2011-A-0117 | Microsoft Windows Remote Access Service Elevation of Privilege Vulnerability Severity: Category I - VMSKEY: V0029767 |
| 2011-A-0115 | Microsoft Windows Client/Server Run-time Subsystem Elevation of Privilege Vul... Severity: Category I - VMSKEY: V0029760 |
| 2011-B-0065 | Microsoft MHTML Information Disclosure Vulnerability Severity: Category II - VMSKEY: V0028617 |
| 2011-A-0079 | Microsoft SMB Client Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0028592 |
| 2011-A-0087 | Microsoft Distributed File System Remote Code Execution Vulnerabilities Severity: Category I - VMSKEY: V0028593 |
| 2011-A-0081 | Microsoft Windows OLE Automation Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0028597 |
| 2011-B-0067 | Microsoft Windows Ancillary Function Driver Privilege Escalation Vulnerability Severity: Category II - VMSKEY: V0028611 |
| 2011-B-0068 | Microsoft Active Directory Certificate Services Web Enrollment Privilege Esca... Severity: Category II - VMSKEY: V0028615 |
| 2011-A-0050 | Microsoft SMB Server Remote Code Execution Vulnerability Severity: Category I - VMSKEY: V0026521 |
| 2011-A-0039 | Microsoft DNS Resolution Remote Code Execution Vulnerability Severity: Category I - VMSKEY: V0026514 |
| 2011-B-0045 | Microsoft Windows Fax Cover Page Editor Vulnerability Severity: Category II - VMSKEY: V0026509 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | SMB tapisrv ClientRequest andx object call LSetAppPriority overflow attempt RuleID : 9999 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | SMB-DS tapisrv ClientRequest little endian andx object call LSetAppPriority o... RuleID : 9998 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | SMB-DS tapisrv ClientRequest WriteAndX unicode little endian andx object call... RuleID : 9997 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | SMB-DS tapisrv ClientRequest WriteAndX unicode andx object call LSetAppPriori... RuleID : 9996 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | SMB-DS tapisrv ClientRequest WriteAndX little endian andx object call LSetApp... RuleID : 9995 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | SMB-DS tapisrv ClientRequest andx object call LSetAppPriority overflow attempt RuleID : 9994 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | SMB-DS tapisrv ClientRequest unicode little endian andx LSetAppPriority overf... RuleID : 9993 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | SMB tapisrv ClientRequest WriteAndX unicode little endian andx LSetAppPriorit... RuleID : 9992 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | SMB tapisrv ClientRequest unicode little endian andx LSetAppPriority overflow... RuleID : 9991 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | SMB tapisrv ClientRequest WriteAndX little endian andx LSetAppPriority overfl... RuleID : 9990 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | SMB tapisrv ClientRequest little endian andx LSetAppPriority overflow attempt RuleID : 9989 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | SMB-DS tapisrv ClientRequest WriteAndX andx LSetAppPriority overflow attempt RuleID : 9988 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | SMB-DS tapisrv ClientRequest unicode andx LSetAppPriority overflow attempt RuleID : 9987 - Type : NETBIOS - Revision : 4 |
| 2014-01-10 | SMB tapisrv ClientRequest unicode andx LSetAppPriority overflow attempt RuleID : 9986 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | SMB tapisrv ClientRequest WriteAndX andx LSetAppPriority overflow attempt RuleID : 9985 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | SMB tapisrv ClientRequest WriteAndX unicode andx LSetAppPriority overflow att... RuleID : 9984 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | SMB tapisrv ClientRequest andx LSetAppPriority overflow attempt RuleID : 9983 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | SMB-DS tapisrv ClientRequest little endian andx LSetAppPriority overflow attempt RuleID : 9982 - Type : NETBIOS - Revision : 4 |
| 2014-01-10 | SMB-DS tapisrv ClientRequest WriteAndX unicode little endian andx LSetAppPrio... RuleID : 9981 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | SMB-DS tapisrv ClientRequest WriteAndX unicode andx LSetAppPriority overflow ... RuleID : 9980 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | SMB-DS tapisrv ClientRequest WriteAndX little endian andx LSetAppPriority ove... RuleID : 9979 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | SMB v4 tapisrv ClientRequest unicode little endian andx LSetAppPriority overf... RuleID : 9978 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | SMB v4 tapisrv ClientRequest little endian andx LSetAppPriority overflow attempt RuleID : 9977 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | SMB-DS tapisrv ClientRequest andx LSetAppPriority overflow attempt RuleID : 9976 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | SMB-DS v4 tapisrv ClientRequest WriteAndX andx LSetAppPriority overflow attempt RuleID : 9975 - Type : NETBIOS - Revision : 5 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2018-04-03 | Name: The remote mail server may be affected by multiple vulnerabilities. File: exchange_ms10-024.nasl - Type: ACT_GATHER_INFO |
| 2018-04-03 | Name: The remote web server may allow remote code execution. File: iis_7_pci.nasl - Type: ACT_GATHER_INFO |
| 2017-05-08 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL23440942.nasl - Type: ACT_GATHER_INFO |
| 2016-04-14 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-3548.nasl - Type: ACT_GATHER_INFO |
| 2015-09-18 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL4583.nasl - Type: ACT_GATHER_INFO |
| 2015-07-14 | Name: The remote Windows host is affected by multiple remote code execution vulnera... File: smb_nt_ms15-069.nasl - Type: ACT_GATHER_INFO |
| 2015-07-14 | Name: The remote Windows host is affected by a privilege escalation vulnerability. File: smb_nt_ms15-071.nasl - Type: ACT_GATHER_INFO |
| 2015-07-14 | Name: The remote Windows host is affected by a privilege escalation vulnerability. File: smb_nt_ms15-072.nasl - Type: ACT_GATHER_INFO |
| 2015-07-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms15-073.nasl - Type: ACT_GATHER_INFO |
| 2015-07-14 | Name: The remote Windows host is affected by a privilege escalation vulnerability. File: smb_nt_ms15-074.nasl - Type: ACT_GATHER_INFO |
| 2015-07-14 | Name: The remote Windows host is affected by multiple elevation of privilege vulner... File: smb_nt_ms15-075.nasl - Type: ACT_GATHER_INFO |
| 2015-07-14 | Name: The remote Windows host is affected by a privilege escalation vulnerability. File: smb_nt_ms15-076.nasl - Type: ACT_GATHER_INFO |
| 2015-06-09 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms15-061.nasl - Type: ACT_GATHER_INFO |
| 2015-05-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms15-051.nasl - Type: ACT_GATHER_INFO |
| 2015-03-10 | Name: The remote Windows host is affected by multiple privilege escalation vulnerab... File: smb_nt_ms15-025.nasl - Type: ACT_GATHER_INFO |
| 2015-03-10 | Name: The remote Windows host is affected by a spoofing vulnerability. File: smb_nt_ms15-027.nasl - Type: ACT_GATHER_INFO |
| 2014-03-10 | Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r... File: smb_kb957488.nasl - Type: ACT_GATHER_INFO |
| 2014-03-05 | Name: The DNS server running on the remote host has multiple vulnerabilities. File: ms_dns_kb2562485.nasl - Type: ACT_GATHER_INFO |
| 2014-03-05 | Name: The DNS server running on the remote host is potentially affected by a remote... File: ms_dns_kb935966.nasl - Type: ACT_GATHER_INFO |
| 2014-03-05 | Name: The DNS server running on the remote host is vulnerable to DNS spoofing attacks. File: ms_dns_kb941672.nasl - Type: ACT_GATHER_INFO |
| 2014-01-14 | Name: The Windows kernel on the remote host is affected by a privilege escalation v... File: smb_nt_ms14-002.nasl - Type: ACT_GATHER_INFO |
| 2013-09-11 | Name: The Windows kernel on the remote host is affected by multiple vulnerabilities. File: smb_nt_ms13-076.nasl - Type: ACT_GATHER_INFO |
| 2012-12-11 | Name: The remote Windows host is affected by remote code execution vulnerabilities. File: smb_nt_ms12-078.nasl - Type: ACT_GATHER_INFO |
| 2012-07-11 | Name: The remote Windows host is affected by a remote code execution vulnerability. File: smb_nt_ms12-048.nasl - Type: ACT_GATHER_INFO |
| 2012-06-13 | Name: The remote Windows host is affected by multiple privilege escalation vulnerab... File: smb_nt_ms12-041.nasl - Type: ACT_GATHER_INFO |
