This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2002-12-31
Product Windows 2003 Server Last view 2015-07-14
Version Type
Update sp2  
Edition x64  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:* 215
cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:* 112
cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:* 68
cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:* 66
cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:* 59
cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:* 59
cpe:2.3:o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:* 58
cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:* 57
cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:* 57
cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:* 53
cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:* 45
cpe:2.3:o:microsoft:windows_2003_server:standard:sp1:*:*:*:*:*:* 26
cpe:2.3:o:microsoft:windows_2003_server:web:sp1:*:*:*:*:*:* 26
cpe:2.3:o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:* 23
cpe:2.3:o:microsoft:windows_2003_server:64-bit:*:*:*:*:*:*:* 23
cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:* 22
cpe:2.3:o:microsoft:windows_2003_server:standard_64-bit:*:*:*:*:*:*:* 21
cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:* 19
cpe:2.3:o:microsoft:windows_2003_server:enterprise:sp1:*:*:*:*:*:* 19
cpe:2.3:o:microsoft:windows_2003_server:r2:sp1:*:*:*:*:*:* 18
cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:* 15
cpe:2.3:o:microsoft:windows_2003_server:itanium:*:*:*:*:*:*:* 15
cpe:2.3:o:microsoft:windows_2003_server:datacenter_64-bit:sp1:*:*:*:*:*:* 15
cpe:2.3:o:microsoft:windows_2003_server:sp2:*:itanium:*:*:*:*:* 14
cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:sp1:*:*:*:*:*:* 14
cpe:2.3:o:microsoft:windows_2003_server:sp2:*:x64:*:*:*:*:* 13
cpe:2.3:o:microsoft:windows_2003_server:standard:sp1_beta_1:*:*:*:*:*:* 12
cpe:2.3:o:microsoft:windows_2003_server:web:sp1_beta_1:*:*:*:*:*:* 12
cpe:2.3:o:microsoft:windows_2003_server:-:sp2:x64:*:*:*:*:* 11
cpe:2.3:o:microsoft:windows_2003_server:*:*:x64:*:*:*:*:* 10
cpe:2.3:o:microsoft:windows_2003_server:standard:*:*:*:*:*:*:* 10
cpe:2.3:o:microsoft:windows_2003_server:enterprise:sp1_beta_1:*:*:*:*:*:* 10
cpe:2.3:o:microsoft:windows_2003_server:r2:sp2:*:*:*:*:*:* 10
cpe:2.3:o:microsoft:windows_2003_server:*:sp1:itanium:*:*:*:*:* 9
cpe:2.3:o:microsoft:windows_2003_server:datacenter_edition:*:*:*:*:*:*:* 9
cpe:2.3:o:microsoft:windows_2003_server:r2:sp1_beta_1:*:*:*:*:*:* 9
cpe:2.3:o:microsoft:windows_2003_server:gold:*:*:*:*:*:*:* 8
cpe:2.3:o:microsoft:windows_2003_server:sp1:*:enterprise:*:*:*:*:* 8
cpe:2.3:o:microsoft:windows_2003_server:enterprise_edition:sp1:*:*:*:*:*:* 8
cpe:2.3:o:microsoft:windows_2003_server:datacenter_edition:sp1:*:*:*:*:*:* 8
cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:sp1_beta_1:*:*:*:*:*:* 8
cpe:2.3:o:microsoft:windows_2003_server:datacenter_64-bit:sp1_beta_1:*:*:*:*:*:* 8
cpe:2.3:o:microsoft:windows_2003_server:-:sp2:*:*:*:*:*:* 7
cpe:2.3:o:microsoft:windows_2003_server:datacenter_edition_64-bit:*:*:*:*:*:*:* 7
cpe:2.3:o:microsoft:windows_2003_server:enterprise_edition_64-bit:*:*:*:*:*:*:* 7
cpe:2.3:o:microsoft:windows_2003_server:*:gold:itanium:*:*:*:*:* 6
cpe:2.3:o:microsoft:windows_2003_server:*:sp2:enterprise:*:*:*:*:* 6
cpe:2.3:o:microsoft:windows_2003_server:datacenter_edition_64-bit:sp1:*:*:*:*:*:* 6
cpe:2.3:o:microsoft:windows_2003_server:*:r2:x64:*:*:*:*:* 5
cpe:2.3:o:microsoft:windows_2003_server:*:gold:datacenter:*:*:*:*:* 5

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
5 2015-07-14 CVE-2015-2417

OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via crafted input, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "OLE Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-2416.

5 2015-07-14 CVE-2015-2416

OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via crafted input, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "OLE Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-2417.

7.2 2015-07-14 CVE-2015-2387

ATMFD.DLL in the Adobe Type Manager Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "ATMFD.DLL Memory Corruption Vulnerability."

3.3 2015-07-14 CVE-2015-2374

The Netlogon service in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2 does not properly implement domain-controller communication, which allows remote attackers to discover credentials by leveraging certain PDC access and spoofing the BDC role in a PDC communication channel, aka "Elevation of Privilege Vulnerability in Netlogon."

6.9 2015-07-14 CVE-2015-2371

The Windows Installer service in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a custom action script associated with a .msi package, aka "Windows Installer EoP Vulnerability."

7.2 2015-07-14 CVE-2015-2370

The authentication implementation in the RPC subsystem in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not prevent DCE/RPC connection reflection, which allows local users to gain privileges via a crafted application, aka "Windows RPC Elevation of Privilege Vulnerability."

6.9 2015-07-14 CVE-2015-2369

Untrusted search path vulnerability in Windows Media Device Manager in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rtf file, aka "DLL Planting Remote Code Execution Vulnerability."

2.1 2015-07-14 CVE-2015-2367

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from uninitialized kernel memory via a crafted application, aka "Win32k Information Disclosure Vulnerability."

7.2 2015-07-14 CVE-2015-2365

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."

7.2 2015-07-14 CVE-2015-2364

The graphics component in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application that leverages an incorrect bitmap conversion, aka "Graphics Component EOP Vulnerability."

7.2 2015-07-14 CVE-2015-2363

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."

7.2 2015-06-09 CVE-2015-1768

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Win32k Memory Corruption Elevation of Privilege Vulnerability."

7.2 2015-04-21 CVE-2015-1701

Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in April 2015, aka "Win32k Elevation of Privilege Vulnerability."

7.2 2015-03-11 CVE-2015-0075

The kernel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "Impersonation Level Check Elevation of Privilege Vulnerability."

4.3 2015-03-11 CVE-2015-0005

The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, aka "NETLOGON Spoofing Vulnerability."

7.2 2013-11-27 CVE-2013-5065

NDProxy.sys in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in November 2013.

7.2 2013-09-11 CVE-2013-3866

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."

7.2 2013-09-11 CVE-2013-3865

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-1344, and CVE-2013-3864.

7.2 2013-09-11 CVE-2013-3864

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-1344, and CVE-2013-3865.

7.2 2013-09-11 CVE-2013-1344

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-3864, and CVE-2013-3865.

7.2 2013-09-11 CVE-2013-1343

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865.

7.2 2013-09-11 CVE-2013-1342

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1343, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865.

7.2 2013-09-11 CVE-2013-1341

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability."

7.2 2013-07-31 CVE-2013-3697

Integer overflow in the NWFS.SYS kernel driver 4.91.5.8 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003 and the NCPL.SYS kernel driver in Novell Client 2 SP2 on Windows Vista and Windows Server 2008 and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 might allow local users to gain privileges via a crafted 0x1439EB IOCTL call.

9.3 2012-12-11 CVE-2012-2556

The OpenType Font (OTF) driver in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows remote attackers to execute arbitrary code via a crafted OpenType font file, aka "OpenType Font Parsing Vulnerability."

CWE : Common Weakness Enumeration

%idName
20% (52) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
19% (48) CWE-20 Improper Input Validation
18% (46) CWE-399 Resource Management Errors
13% (33) CWE-264 Permissions, Privileges, and Access Controls
10% (26) CWE-94 Failure to Control Generation of Code ('Code Injection')
7% (18) CWE-189 Numeric Errors
3% (8) CWE-200 Information Exposure
1% (5) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
1% (4) CWE-362 Race Condition
1% (3) CWE-310 Cryptographic Issues
1% (3) CWE-16 Configuration
0% (2) CWE-287 Improper Authentication
0% (1) CWE-352 Cross-Site Request Forgery (CSRF)
0% (1) CWE-255 Credentials Management
0% (1) CWE-254 Security Features
0% (1) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...

CAPEC : Common Attack Pattern Enumeration & Classification

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Name
CAPEC-2 Inducing Account Lockout
CAPEC-3 Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-7 Blind SQL Injection
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-13 Subverting Environment Variable Values
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-18 Embedding Scripts in Nonscript Elements
CAPEC-22 Exploiting Trust in Client (aka Make the Client Invisible)
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-27 Leveraging Race Conditions via Symbolic Links
CAPEC-28 Fuzzing
CAPEC-29 Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
CAPEC-31 Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-32 Embedding Scripts in HTTP Query Strings
CAPEC-41 Using Meta-characters in E-mail Headers to Inject Malicious Payloads
CAPEC-42 MIME Conversion
CAPEC-43 Exploiting Multiple Input Interpretation Layers
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-52 Embedding NULL Bytes
CAPEC-53 Postfix, Null Terminate, and Backslash
CAPEC-59 Session Credential Falsification through Prediction

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:296 Windows 2000 RPCSS DCOM Buffer Overflow (Blaster, Test 2)
oval:org.mitre.oval:def:2343 Windows XP RPCSS DCOM Buffer Overflow (Blaster, Test 2)
oval:org.mitre.oval:def:194 Windows NT RPCSS DCOM Buffer Overflow (Blaster, Test 2)
oval:org.mitre.oval:def:3966 RPCSS DCOM Buffer Overflow (Server 2003)
oval:org.mitre.oval:def:2968 RPCSS DCOM Buffer Overflow (XP)
oval:org.mitre.oval:def:2884 RPCSS DCOM Buffer Overflow (XP, SP1)
oval:org.mitre.oval:def:127 RPCSS DCOM Buffer Overflow (Windows 2000)
oval:org.mitre.oval:def:919 Windows Server 2003 LSASS Buffer Overflow (Sasser Worm Vulnerability
oval:org.mitre.oval:def:898 Windows XP LSASS Buffer Overflow (Sasser Worm Vulnerability)
oval:org.mitre.oval:def:883 Windows 2000 LSASS Buffer Overflow (Sasser Worm Vulnerability)
oval:org.mitre.oval:def:340 Windows 2000 ComboBox/ListBox GUI Widget User32.dll Buffer Overflow
oval:org.mitre.oval:def:201 Windows XP ComboBox/ListBox GUI Widget User32.dll Buffer Overflow
oval:org.mitre.oval:def:198 Automatic ActiveX Approval on Windows 2000 Low Memory
oval:org.mitre.oval:def:185 Automatic ActiveX Approval on WinXP Low Memory
oval:org.mitre.oval:def:3483 NetBT Name Service Information Access Vulnerability
oval:org.mitre.oval:def:4706 Help and Support Center PCHealth System Buffer Overflow (Server 2003)
oval:org.mitre.oval:def:3889 Help and Support Center PCHealth System Buffer Overflow (32-bit XP)
oval:org.mitre.oval:def:3685 Help and Support Center PCHealth System Buffer Overflow (64-bit XP)
oval:org.mitre.oval:def:217 Help and Support Center PCHealth System Buffer Overflow (Windows 2000)
oval:org.mitre.oval:def:4224 Windows XP (32-bit) RPCSS DCOM Buffer Overflow (Blaster)
oval:org.mitre.oval:def:264 Windows 2000 RPCSS DCOM Buffer Overflow (Blaster, Test 1)
oval:org.mitre.oval:def:20 Suppressed OVAL20
oval:org.mitre.oval:def:1813 Windows XP (32-bit, SP1) RPCSS DCOM Buffer Overflow (Blaster)
oval:org.mitre.oval:def:1202 Windows Server 2003 (64-bit) RPCSS DCOM Buffer Overflow (Blaster)
oval:org.mitre.oval:def:268 Windows XP Messenger Service Buffer Overflow

SAINT Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Description Link
Internet Explorer iepeers.dll use-after-free vulnerability More info here
Microsoft Jet Engine MDB file ColumnName buffer overflow More info here
Windows Telephony API buffer overflow More info here
Windows Metafile rendering buffer overflow More info here
Windows LSASS buffer overflow More info here
Windows Server Service buffer overflow More info here
Windows RRAS memory corruption vulnerability More info here
Windows Cursor and Icon handling vulnerability More info here
Windows Telnet credential reflection More info here
Windows compressed folders buffer overflow More info here
Microsoft WordPad Word97 text converter buffer overflow More info here
Windows WMF handling vulnerability More info here
Windows GDI EMF filename buffer overflow More info here
Microsoft DirectX DirectShow QuickTime movie parsing vulnerability More info here
Microsoft DirectShow Video Streaming ActiveX IMPEG2TuneRequest Overflow More info here
Windows Media Encoder 9 wmex.dll ActiveX buffer overflow More info here
Windows Animated Cursor Header buffer overflow More info here
Windows RPC DCOM interface buffer overflow More info here
Microsoft SSL library PCT buffer overflow More info here
Windows Help and Support Center -FromHCP URL whitelist bypass More info here
Microsoft Windows Fax Cover Page Editor Double Free Memory Corruption Vulnerability More info here
Microsoft WINS replication service pointer corruption More info here
Windows Shell LNK file CONTROL item command execution More info here
Windows NetDDE buffer overflow More info here
Microsoft Remote Desktop Connection Insecure Library Injection More info here

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
77901 Parallels Plesk Panel Control Panel Multiple Script HTTPOnly Flag Set-Cookie ...
76232 Microsoft Windows Ancillary Function Driver afd.sys Local Privilege Escalation
76231 Microsoft Windows Active Accessibility Path Subversion Arbitrary DLL Injectio...
76221 Microsoft Windows win32k.sys Driver Use-after-free Driver Object Handling Arb...
76220 Microsoft Windows win32k.sys Driver .fon Font File Handling Overflow
76218 Microsoft Windows win32k.sys Driver NULL Dereference Unspecified Arbitrary Co...
75444 Microsoft Windows WINS Loopback Interface Crafted Packet Local Privilege Esca...
75382 Microsoft Windows Shell Extensions Path Subversion Arbitrary DLL Injection Co...
74405 Microsoft Windows Remote Desktop Protocol RDP Packet Parsing Remote DoS
74402 Microsoft Windows Remote Access Service NDISTAPI Driver User Input Validation...
74401 Microsoft Windows Client/Server Run-time Subsystem (CSRSS) Inter-Process Devi...
74400 Microsoft Windows DNS Service Non-Existent Domain Query Parsing Remote DoS
73796 Microsoft Windows CSRSS SrvSetConsoleLocalEUDC() Function NULL Page Data Writ...
73795 Microsoft Windows CSRSS SrvWriteConsoleOutputString() Function Local Overflow
73794 Microsoft Windows CSRSS SrvWriteConsoleOutput() Function Local Overflow
73793 Microsoft Windows CSRSS SrvSetConsoleNumberOfCommand() Function Kernel Memory...
73792 Microsoft Windows CSRSS AllocConsole() Function Multiple Console Object Orpha...
73788 Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc...
73787 Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc...
73786 Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc...
73785 Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg...
73784 Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg...
73783 Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg...
73782 Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg...
73781 Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg...

ExploitDB Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
30392 Microsoft Windows ndproxy.sys - Local Privilege Escalation
30014 Windows NDPROXY Local SYSTEM Privilege Escalation
25389 Multiple Vendor ICMP Message Handling DoS
25388 Multiple Vendor ICMP Implementation Malformed Path MTU DoS
25387 Multiple Vendor ICMP Implementation Spoofed Source Quench Packet DoS
18176 MS11-080 Afd.sys Privilege Escalation Exploit
18024 MS11-077 Win32k Null Pointer De-reference Vulnerability POC
17978 MS11-077 .fon Kernel-Mode Buffer Overrun PoC
17831 MS WINS ECommEndDlg Input Validation Error
17659 MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow
17544 GDI+ CreateDashedPath Integer overflow in gdiplus.dll
16590 Internet Explorer DHTML Behaviors Use After Free
15985 MS10-073: Win32k Keyboard Layout Vulnerability
15266 Windows NTLM Weak Nonce Vulnerability
14895 MOAUB #5 - Microsoft MPEG Layer-3 Remote Command Execution Exploit
14608 Microsoft Windows CreateWindow Function Callback Vulnerability (MS10-048)
12273 Windows 7/2008R2 SMB Client Trans2 Stack Overflow 10-020 PoC
11683 Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta)
3740 MS Windows DNS DnssrvQuery Remote Stack Overflow Exploit
3652 MS Windows Animated Cursor (.ANI) Overflow Exploit (Hardware DEP)
3617 MS Windows Animated Cursor (.ANI) Stack Overflow Exploit
3022 MS Windows ASN.1 - Remote Exploit (MS04-007)
1065 MS Windows (SMB) Transaction Response Handling Exploit (MS05-011)
1019 MS Windows COM Structured Storage Local Exploit (MS05-012)
948 Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages DoS Exploit

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-12-12 Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (...
File : nvt/secpod_ms12-078.nasl
2012-07-11 Name : Microsoft Windows Shell Remote Code Execution Vulnerability (2691442)
File : nvt/secpod_ms12-048.nasl
2012-06-13 Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2709162)
File : nvt/secpod_ms12-041.nasl
2012-03-06 Name : Microsoft SMB Transaction Parsing Remote Code Execution Vulnerability
File : nvt/secpod_ms11-020_remote.nasl
2012-02-29 Name : MicroSoft SMB Server Trans2 Request Remote Code Execution Vulnerability
File : nvt/secpod_ms10-054_remote.nasl
2011-12-30 Name : MicroSoft Windows Server Service Remote Code Execution Vulnerability (921883)
File : nvt/secpod_ms06-040_remote.nasl
2011-11-21 Name : Microsoft Windows Internet Protocol Validation Remote Code Execution Vulnerab...
File : nvt/secpod_ms_windows_ip_validation_code_exec_vuln.nasl
2011-10-12 Name : Microsoft Active Accessibility Remote Code Execution Vulnerability (2623699)
File : nvt/secpod_ms11-075.nasl
2011-10-12 Name : Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (2567053)
File : nvt/secpod_ms11-077.nasl
2011-10-12 Name : MS Windows Ancillary Function Driver Privilege Elevation Vulnerability (2592799)
File : nvt/secpod_ms11-080.nasl
2011-09-14 Name : Microsoft Windows WINS Local Privilege Escalation Vulnerability (2571621)
File : nvt/secpod_ms11-070.nasl
2011-09-14 Name : Microsoft Windows Components Remote Code Execution Vulnerabilities (2570947)
File : nvt/secpod_ms11-071.nasl
2011-08-11 Name : Microsoft Windows DNS Server Remote Code Execution Vulnerability (2562485)
File : nvt/secpod_ms11-058.nasl
2011-08-11 Name : MS Windows Remote Access Service NDISTAPI Driver Privilege Elevation Vulnerab...
File : nvt/secpod_ms11-062.nasl
2011-08-11 Name : Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulne...
File : nvt/secpod_ms11-063.nasl
2011-08-11 Name : Microsoft Remote Desktop Protocol Denial of Service Vulnerability (2570222)
File : nvt/secpod_ms11-065.nasl
2011-07-13 Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2555917)
File : nvt/secpod_ms11-054.nasl
2011-07-13 Name : Microsoft Windows CSRSS Privilege Escalation Vulnerabilities (2507938)
File : nvt/secpod_ms11-056.nasl
2011-06-15 Name : Windows MHTML Information Disclosure Vulnerability (2544893)
File : nvt/secpod_ms11-037.nasl
2011-06-15 Name : Microsoft Windows OLE Automation Remote Code Execution Vulnerability (2476490)
File : nvt/secpod_ms11-038.nasl
2011-06-15 Name : Microsoft Distributed File System Remote Code Execution Vulnerabilities (2535...
File : nvt/secpod_ms11-042.nasl
2011-06-15 Name : Microsoft SMB Client Remote Code Execution Vulnerabilities (2536276)
File : nvt/secpod_ms11-043.nasl
2011-06-15 Name : MS Windows Ancillary Function Driver Privilege Elevation Vulnerability
File : nvt/secpod_ms11-046.nasl
2011-06-15 Name : Active Directory Certificate Services Web Enrollment Elevation of Privilege V...
File : nvt/secpod_ms11-051.nasl
2011-05-12 Name : Debian Security Advisory DSA 2191-1 (proftpd-dfsg)
File : nvt/deb_2191_1.nasl

Information Assurance Vulnerability Management (IAVM)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2015-A-0167 Multiple Vulnerabilities in Microsoft Windows (MS15-069)
Severity: Category II - VMSKEY: V0061129
2015-A-0173 Microsoft Windows Netlogon Privilege Escalation Vulnerability (MS15-071)
Severity: Category II - VMSKEY: V0061111
2015-A-0168 Microsoft Graphics Component Privilege Escalation Vulnerability (MS15-072)
Severity: Category II - VMSKEY: V0061105
2015-A-0169 Multiple Vulnerabilities in Microsoft OLE (MS15-075)
Severity: Category II - VMSKEY: V0061103
2015-A-0162 Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Driver (MS15-073)
Severity: Category II - VMSKEY: V0061097
2015-A-0164 Microsoft Windows Installer Privilege Escalation Vulnerability (MS15-074)
Severity: Category II - VMSKEY: V0061095
2015-A-0165 Microsoft Remote Procedure Call (RPC) Privilege Escalation Vulnerability (MS1...
Severity: Category II - VMSKEY: V0061093
2015-A-0108 Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Driver (MS15-051)
Severity: Category II - VMSKEY: V0060653
2015-A-0048 Multiple Vulnerabilities in Windows Kernel (MS15-025)
Severity: Category II - VMSKEY: V0058995
2014-A-0004 Microsoft Windows Kernel Privilege Escalation Vulnerability
Severity: Category II - VMSKEY: V0043405
2012-A-0110 Microsoft Windows Shell Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0033309
2012-A-0002 Microsoft Windows Components Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0030932
2011-A-0138 Microsoft Active Accessibility Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0030402
2011-A-0126 Microsoft Windows WINS Server Privilege Escalation Vulnerability
Severity: Category I - VMSKEY: V0030247
2011-A-0117 Microsoft Windows Remote Access Service Elevation of Privilege Vulnerability
Severity: Category I - VMSKEY: V0029767
2011-A-0115 Microsoft Windows Client/Server Run-time Subsystem Elevation of Privilege Vul...
Severity: Category I - VMSKEY: V0029760
2011-B-0065 Microsoft MHTML Information Disclosure Vulnerability
Severity: Category II - VMSKEY: V0028617
2011-A-0079 Microsoft SMB Client Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0028592
2011-A-0087 Microsoft Distributed File System Remote Code Execution Vulnerabilities
Severity: Category I - VMSKEY: V0028593
2011-A-0081 Microsoft Windows OLE Automation Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0028597
2011-B-0067 Microsoft Windows Ancillary Function Driver Privilege Escalation Vulnerability
Severity: Category II - VMSKEY: V0028611
2011-B-0068 Microsoft Active Directory Certificate Services Web Enrollment Privilege Esca...
Severity: Category II - VMSKEY: V0028615
2011-A-0050 Microsoft SMB Server Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0026521
2011-A-0039 Microsoft DNS Resolution Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0026514
2011-B-0045 Microsoft Windows Fax Cover Page Editor Vulnerability
Severity: Category II - VMSKEY: V0026509

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 SMB tapisrv ClientRequest andx object call LSetAppPriority overflow attempt
RuleID : 9999 - Type : NETBIOS - Revision : 5
2014-01-10 SMB-DS tapisrv ClientRequest little endian andx object call LSetAppPriority o...
RuleID : 9998 - Type : NETBIOS - Revision : 5
2014-01-10 SMB-DS tapisrv ClientRequest WriteAndX unicode little endian andx object call...
RuleID : 9997 - Type : NETBIOS - Revision : 5
2014-01-10 SMB-DS tapisrv ClientRequest WriteAndX unicode andx object call LSetAppPriori...
RuleID : 9996 - Type : NETBIOS - Revision : 5
2014-01-10 SMB-DS tapisrv ClientRequest WriteAndX little endian andx object call LSetApp...
RuleID : 9995 - Type : NETBIOS - Revision : 5
2014-01-10 SMB-DS tapisrv ClientRequest andx object call LSetAppPriority overflow attempt
RuleID : 9994 - Type : NETBIOS - Revision : 5
2014-01-10 SMB-DS tapisrv ClientRequest unicode little endian andx LSetAppPriority overf...
RuleID : 9993 - Type : NETBIOS - Revision : 5
2014-01-10 SMB tapisrv ClientRequest WriteAndX unicode little endian andx LSetAppPriorit...
RuleID : 9992 - Type : NETBIOS - Revision : 5
2014-01-10 SMB tapisrv ClientRequest unicode little endian andx LSetAppPriority overflow...
RuleID : 9991 - Type : NETBIOS - Revision : 5
2014-01-10 SMB tapisrv ClientRequest WriteAndX little endian andx LSetAppPriority overfl...
RuleID : 9990 - Type : NETBIOS - Revision : 5
2014-01-10 SMB tapisrv ClientRequest little endian andx LSetAppPriority overflow attempt
RuleID : 9989 - Type : NETBIOS - Revision : 5
2014-01-10 SMB-DS tapisrv ClientRequest WriteAndX andx LSetAppPriority overflow attempt
RuleID : 9988 - Type : NETBIOS - Revision : 5
2014-01-10 SMB-DS tapisrv ClientRequest unicode andx LSetAppPriority overflow attempt
RuleID : 9987 - Type : NETBIOS - Revision : 4
2014-01-10 SMB tapisrv ClientRequest unicode andx LSetAppPriority overflow attempt
RuleID : 9986 - Type : NETBIOS - Revision : 5
2014-01-10 SMB tapisrv ClientRequest WriteAndX andx LSetAppPriority overflow attempt
RuleID : 9985 - Type : NETBIOS - Revision : 5
2014-01-10 SMB tapisrv ClientRequest WriteAndX unicode andx LSetAppPriority overflow att...
RuleID : 9984 - Type : NETBIOS - Revision : 5
2014-01-10 SMB tapisrv ClientRequest andx LSetAppPriority overflow attempt
RuleID : 9983 - Type : NETBIOS - Revision : 5
2014-01-10 SMB-DS tapisrv ClientRequest little endian andx LSetAppPriority overflow attempt
RuleID : 9982 - Type : NETBIOS - Revision : 4
2014-01-10 SMB-DS tapisrv ClientRequest WriteAndX unicode little endian andx LSetAppPrio...
RuleID : 9981 - Type : NETBIOS - Revision : 5
2014-01-10 SMB-DS tapisrv ClientRequest WriteAndX unicode andx LSetAppPriority overflow ...
RuleID : 9980 - Type : NETBIOS - Revision : 5
2014-01-10 SMB-DS tapisrv ClientRequest WriteAndX little endian andx LSetAppPriority ove...
RuleID : 9979 - Type : NETBIOS - Revision : 5
2014-01-10 SMB v4 tapisrv ClientRequest unicode little endian andx LSetAppPriority overf...
RuleID : 9978 - Type : NETBIOS - Revision : 5
2014-01-10 SMB v4 tapisrv ClientRequest little endian andx LSetAppPriority overflow attempt
RuleID : 9977 - Type : NETBIOS - Revision : 5
2014-01-10 SMB-DS tapisrv ClientRequest andx LSetAppPriority overflow attempt
RuleID : 9976 - Type : NETBIOS - Revision : 5
2014-01-10 SMB-DS v4 tapisrv ClientRequest WriteAndX andx LSetAppPriority overflow attempt
RuleID : 9975 - Type : NETBIOS - Revision : 5

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2018-04-03 Name: The remote mail server may be affected by multiple vulnerabilities.
File: exchange_ms10-024.nasl - Type: ACT_GATHER_INFO
2018-04-03 Name: The remote web server may allow remote code execution.
File: iis_7_pci.nasl - Type: ACT_GATHER_INFO
2017-05-08 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL23440942.nasl - Type: ACT_GATHER_INFO
2016-04-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-3548.nasl - Type: ACT_GATHER_INFO
2015-09-18 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL4583.nasl - Type: ACT_GATHER_INFO
2015-07-14 Name: The remote Windows host is affected by multiple remote code execution vulnera...
File: smb_nt_ms15-069.nasl - Type: ACT_GATHER_INFO
2015-07-14 Name: The remote Windows host is affected by a privilege escalation vulnerability.
File: smb_nt_ms15-071.nasl - Type: ACT_GATHER_INFO
2015-07-14 Name: The remote Windows host is affected by a privilege escalation vulnerability.
File: smb_nt_ms15-072.nasl - Type: ACT_GATHER_INFO
2015-07-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms15-073.nasl - Type: ACT_GATHER_INFO
2015-07-14 Name: The remote Windows host is affected by a privilege escalation vulnerability.
File: smb_nt_ms15-074.nasl - Type: ACT_GATHER_INFO
2015-07-14 Name: The remote Windows host is affected by multiple elevation of privilege vulner...
File: smb_nt_ms15-075.nasl - Type: ACT_GATHER_INFO
2015-07-14 Name: The remote Windows host is affected by a privilege escalation vulnerability.
File: smb_nt_ms15-076.nasl - Type: ACT_GATHER_INFO
2015-07-14 Name: The Adobe Font driver on the remote host is affected by a privilege escalatio...
File: smb_nt_ms15-077.nasl - Type: ACT_GATHER_INFO
2015-06-09 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms15-061.nasl - Type: ACT_GATHER_INFO
2015-05-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms15-051.nasl - Type: ACT_GATHER_INFO
2015-03-10 Name: The remote Windows host is affected by multiple privilege escalation vulnerab...
File: smb_nt_ms15-025.nasl - Type: ACT_GATHER_INFO
2015-03-10 Name: The remote Windows host is affected by a spoofing vulnerability.
File: smb_nt_ms15-027.nasl - Type: ACT_GATHER_INFO
2014-10-10 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL10509.nasl - Type: ACT_GATHER_INFO
2014-03-10 Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r...
File: smb_kb957488.nasl - Type: ACT_GATHER_INFO
2014-03-05 Name: The DNS server running on the remote host has multiple vulnerabilities.
File: ms_dns_kb2562485.nasl - Type: ACT_GATHER_INFO
2014-03-05 Name: The DNS server running on the remote host is potentially affected by a remote...
File: ms_dns_kb935966.nasl - Type: ACT_GATHER_INFO
2014-03-05 Name: The DNS server running on the remote host is vulnerable to DNS spoofing attacks.
File: ms_dns_kb941672.nasl - Type: ACT_GATHER_INFO
2014-01-14 Name: The Windows kernel on the remote host is affected by a privilege escalation v...
File: smb_nt_ms14-002.nasl - Type: ACT_GATHER_INFO
2013-09-11 Name: The Windows kernel on the remote host is affected by multiple vulnerabilities.
File: smb_nt_ms13-076.nasl - Type: ACT_GATHER_INFO
2013-09-03 Name: The remote host has a client application installed that is affected by multip...
File: novell_client_priv_escalation2.nasl - Type: ACT_GATHER_INFO