This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 1995-01-01
Product Windows Nt Last view 2010-01-21
Version Type
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:* 128
cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:* 66
cpe:2.3:o:microsoft:windows_nt:*:*:*:*:*:*:*:* 64
cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:* 64
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:*:*:server:*:x86:* 63
cpe:2.3:o:microsoft:windows_nt:4.0:sp2:*:*:server:*:x86:* 60
cpe:2.3:o:microsoft:windows_nt:4.0:sp5:*:*:server:*:x86:* 59
cpe:2.3:o:microsoft:windows_nt:4.0:sp1:*:*:server:*:x86:* 59
cpe:2.3:o:microsoft:windows_nt:4.0:sp3:*:*:server:*:x86:* 59
cpe:2.3:o:microsoft:windows_nt:4.0:sp4:*:*:server:*:x86:* 59
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:*:*:server:*:x86:* 57
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:*:*:terminal_server:*:x86:* 57
cpe:2.3:o:microsoft:windows_nt:4.0:sp3:*:*:terminal_server:*:x86:* 56
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:*:*:workstation:*:x86:* 56
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:* 56
cpe:2.3:o:microsoft:windows_nt:4.0:sp2:*:*:terminal_server:*:x86:* 56
cpe:2.3:o:microsoft:windows_nt:4.0:sp5:*:*:terminal_server:*:x86:* 56
cpe:2.3:o:microsoft:windows_nt:4.0:sp4:*:*:terminal_server:*:x86:* 56
cpe:2.3:o:microsoft:windows_nt:4.0:sp1:*:*:terminal_server:*:x86:* 56
cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:*:*:*:*:* 54
cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:*:*:*:*:* 54
cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:*:*:*:* 54
cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:*:*:*:*:* 54
cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:*:*:*:*:* 54
cpe:2.3:o:microsoft:windows_nt:4.0:sp4:*:*:workstation:*:x86:* 53
cpe:2.3:o:microsoft:windows_nt:4.0:sp5:*:*:workstation:*:x86:* 53
cpe:2.3:o:microsoft:windows_nt:4.0:sp2:*:*:workstation:*:x86:* 53
cpe:2.3:o:microsoft:windows_nt:4.0:sp1:*:*:workstation:*:x86:* 53
cpe:2.3:o:microsoft:windows_nt:4.0:sp3:*:*:workstation:*:x86:* 53
cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:* 52
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:*:*:*:*:* 52
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:*:*:workstation:*:x86:* 51
cpe:2.3:o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:*:*:* 50
cpe:2.3:o:microsoft:windows_nt:4.0:sp2:*:*:*:*:*:* 41
cpe:2.3:o:microsoft:windows_nt:4.0:sp1:*:*:*:*:*:* 40
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:*:*:terminal_server:*:x86:* 37
cpe:2.3:o:microsoft:windows_nt:4.0:sp3:*:*:*:*:*:* 35
cpe:2.3:o:microsoft:windows_nt:4.0:sp4:*:*:*:*:*:* 35
cpe:2.3:o:microsoft:windows_nt:4.0:sp5:*:*:*:*:*:* 31
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:*:*:*:*:*:* 22
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:*:*:*:*:*:* 21
cpe:2.3:o:microsoft:windows_nt:3.5.1:*:*:*:*:*:*:* 18
cpe:2.3:o:microsoft:windows_nt:4.0:sp1:*:*:enterprise:*:x86:* 17
cpe:2.3:o:microsoft:windows_nt:3.5.1:sp2:*:*:*:*:*:* 14
cpe:2.3:o:microsoft:windows_nt:3.5.1:sp1:*:*:*:*:*:* 14
cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server_alpha:*:*:*:*:* 13
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:alpha:*:*:*:*:* 13
cpe:2.3:o:microsoft:windows_nt:3.5.1:sp5:*:*:*:*:*:* 13
cpe:2.3:o:microsoft:windows_nt:3.5.1:sp3:*:*:*:*:*:* 13
cpe:2.3:o:microsoft:windows_nt:4.0:sp5:alpha:*:*:*:*:* 12

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.2 2010-01-21 CVE-2010-0232

The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges by crafting a VDM_TIB data structure in the Thread Environment Block (TEB), and then calling the NtVdmControl function to start the Windows Virtual DOS Machine (aka NTVDM) subsystem, leading to improperly handled exceptions involving the #GP trap handler (nt!KiTrap0D), aka "Windows Kernel Exception Handler Vulnerability."

9.3 2008-11-25 CVE-2008-5232

Buffer overflow in the CallHTMLHelp method in the Microsoft Windows Media Services ActiveX control in nskey.dll 4.1.00.3917 in Windows Media Services on Microsoft Windows NT and 2000, and Avaya Media and Message Application servers, allows remote attackers to execute arbitrary code via a long argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

9.3 2007-11-19 CVE-2007-6026

Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944.

6.9 2007-04-11 CVE-2007-1973

Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0 allows local users to modify memory and gain privileges via the temporary \Device\PhysicalMemory section handle, a related issue to CVE-2007-1206.

6.8 2007-04-10 CVE-2007-1912

Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file.

9.3 2006-06-13 CVE-2006-2379

Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing.

5 2006-05-09 CVE-2006-1184

Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to cause a denial of service (crash) via a BuildContextW request with a large (1) UuidString or (2) GuidIn of a certain length, which causes an out-of-range memory access, aka the MSDTC Denial of Service Vulnerability. NOTE: this is a variant of CVE-2005-2119.

7.5 2006-05-09 CVE-2006-0034

Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or BuildContext opcode, which triggers a bug in the NdrAllocate function, aka the MSDTC Invalid Memory Access Vulnerability.

5.1 2006-04-03 CVE-2006-1591

Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe allows user-assisted attackers to execute arbitrary code via crafted embedded image data in a .hlp file.

7.8 2006-03-03 CVE-2006-0988

The default configuration of the DNS Server service on Windows Server 2003 and Windows 2000, and the Microsoft DNS Server service on Windows NT 4.0, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses.

9.3 2006-01-10 CVE-2006-0010

Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overflow during decompression.

5 2005-12-31 CVE-2005-4717

Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP SP2, and Windows Server 2003 SP1 allows remote attackers to cause a denial of service (client crash) via a certain combination of a malformed HTML file and a CSS file that triggers a null dereference, probably related to rendering of a DIV element that contains a malformed IMG tag, as demonstrated by IEcrash.htm and IEcrash.rar.

7.2 2005-12-13 CVE-2005-2827

The thread termination routine in the kernel for Windows NT 4.0 and 2000 (NTOSKRNL.EXE) allows local users to modify kernel memory and execution flow via steps in which a terminating thread causes Asynchronous Procedure Call (APC) entries to free the wrong data, aka the "Windows Kernel Vulnerability."

5 2005-07-11 CVE-2005-2150

Windows NT 4.0 and Windows 2000 before URP1 for Windows 2000 SP4 does not properly prevent NULL sessions from accessing certain alternate named pipes, which allows remote attackers to (1) list Windows services via svcctl or (2) read eventlogs via eventlog.

7.5 2005-06-13 CVE-2005-1935

Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to a realloc of a non-null pointer and causes the function to overwrite previously freed memory, as demonstrated using a SPNEGO token with a constructed bit string during HTTP authentication, and a different vulnerability than CVE-2003-0818. NOTE: the researcher has claimed that MS:MS04-007 fixes this issue.

5 2005-05-02 CVE-2005-1184

The TCP/IP stack in multiple operating systems allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the correct sequence number but the wrong Acknowledgement number, which generates a large number of "keep alive" packets. NOTE: some followups indicate that this issue could not be replicated.

10 2005-05-02 CVE-2005-0050

The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the length of messages, which leads to an "unchecked buffer" and allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, aka the "License Logging Service Vulnerability."

7.5 2005-05-02 CVE-2005-0045

The Server Message Block (SMB) implementation for Windows NT 4.0, 2000, XP, and Server 2003 does not properly validate certain SMB packets, which allows remote attackers to execute arbitrary code via Transaction responses containing (1) Trans or (2) Trans2 commands, aka the "Server Message Block Vulnerability," and as demonstrated using Trans2 FIND_FIRST2 responses with large file name length fields.

7.5 2005-04-27 CVE-2005-0416

The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow.

10 2005-01-10 CVE-2004-1080

The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability."

10 2005-01-10 CVE-2004-0901

Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Font Conversion Vulnerability," a different vulnerability than CVE-2004-0571.

10 2005-01-10 CVE-2004-0900

The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition does not properly validate the length of certain messages, which allows remote attackers to execute arbitrary code via a malformed DHCP message, aka the "DHCP Request Vulnerability."

5 2005-01-10 CVE-2004-0899

The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition, with DHCP logging enabled, does not properly validate the length of certain messages, which allows remote attackers to cause a denial of service (application crash) via a malformed DHCP message, aka "Logging Vulnerability."

7.2 2005-01-10 CVE-2004-0893

The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."

10 2005-01-10 CVE-2004-0571

Microsoft Word for Windows 6.0 Converter does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Table Conversion Vulnerability," a different vulnerability than CVE-2004-0901.

CWE : Common Weakness Enumeration

%idName
24% (12) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
16% (8) CWE-264 Permissions, Privileges, and Access Controls
14% (7) CWE-20 Improper Input Validation
4% (2) CWE-787 Out-of-bounds Write
4% (2) CWE-346 Origin Validation Error
4% (2) CWE-287 Improper Authentication
4% (2) CWE-255 Credentials Management
4% (2) CWE-16 Configuration
2% (1) CWE-772 Missing Release of Resource after Effective Lifetime
2% (1) CWE-732 Incorrect Permission Assignment for Critical Resource
2% (1) CWE-415 Double Free
2% (1) CWE-401 Failure to Release Memory Before Removing Last Reference ('Memory L...
2% (1) CWE-399 Resource Management Errors
2% (1) CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition
2% (1) CWE-295 Certificate Issues
2% (1) CWE-200 Information Exposure
2% (1) CWE-190 Integer Overflow or Wraparound
2% (1) CWE-94 Failure to Control Generation of Code ('Code Injection')
2% (1) CWE-59 Improper Link Resolution Before File Access ('Link Following')
2% (1) CWE-19 Data Handling
2% (1) CWE-17 Code

CAPEC : Common Attack Pattern Enumeration & Classification

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Name
CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-11 Cause Web Server Misclassification
CAPEC-13 Subverting Environment Variable Values
CAPEC-17 Accessing, Modifying or Executing Executable Files
CAPEC-21 Exploitation of Session Variables, Resource IDs and other Trusted Credentials
CAPEC-27 Leveraging Race Conditions via Symbolic Links
CAPEC-29 Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
CAPEC-31 Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-39 Manipulating Opaque Client-based Data Tokens
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-59 Session Credential Falsification through Prediction
CAPEC-60 Reusing Session IDs (aka Session Replay)
CAPEC-61 Session Fixation
CAPEC-62 Cross Site Request Forgery (aka Session Riding)
CAPEC-75 Manipulating Writeable Configuration Files
CAPEC-76 Manipulating Input to File System Calls
CAPEC-77 Manipulating User-Controlled Variables
CAPEC-89 Pharming
CAPEC-92 Forced Integer Overflow
CAPEC-111 JSON Hijacking (aka JavaScript Hijacking)
CAPEC-118 Data Leakage Attacks
CAPEC-119 Resource Depletion
CAPEC-122 Exploitation of Authorization

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:5579 A TCP SYN packet with target host's address as both source and destination ca...
oval:org.mitre.oval:def:5743 A TCP SYN packet with target host's address as both source and destination ca...
oval:org.mitre.oval:def:913 IIS ASP Source Code Access Vulnerability
oval:org.mitre.oval:def:1023 WinNT Broad Permissions for Remote Registry Access
oval:org.mitre.oval:def:952 NT4.0 SNMP Denial of Service
oval:org.mitre.oval:def:915 IIS4.0 Buffer Overflow
oval:org.mitre.oval:def:1021 NT4.0 Remote Registry Access Authentication Vulnerability
oval:org.mitre.oval:def:1079 MS CIFS Spoofed Browse Frame Request Vulnerability
oval:org.mitre.oval:def:500 Default Permissions on RAS Administration Key
oval:org.mitre.oval:def:139 Default Registry Permissions on SNMP Parameters
oval:org.mitre.oval:def:140 Default Registry Permissions on the MTS Package Admin Key
oval:org.mitre.oval:def:82 Microsoft RPC Denial of Service
oval:org.mitre.oval:def:334 Windows NNTP Memory Leak
oval:org.mitre.oval:def:253 SQL Server Format String Vulnerability
oval:org.mitre.oval:def:64 Windows 2000 Trusted Domain Loophole
oval:org.mitre.oval:def:159 Windows NT Trusted Domain Loophole
oval:org.mitre.oval:def:402 SNMP Request Handling Buffer Overflow
oval:org.mitre.oval:def:209 SNMP Agent Service Buffer Overflow
oval:org.mitre.oval:def:18 Windows NT Shell Buffer Overflow
oval:org.mitre.oval:def:147 Windows 2000 Shell Buffer Overflow
oval:org.mitre.oval:def:89 Windows 2000 MUP UNC Request Buffer Overflow
oval:org.mitre.oval:def:145 Windows NT MUP UNC Request Buffer Overflow
oval:org.mitre.oval:def:63 Windows 2000 Remote Access Service Phonebook Buffer Overflow
oval:org.mitre.oval:def:61 Windows NT Remote Access Service Phonebook Buffer Overflow
oval:org.mitre.oval:def:76 Windows 2000 Process Handle Duplication Privilege Escalation

SAINT Exploits

Description Link
Microsoft Jet Engine MDB file ColumnName buffer overflow More info here
Windows LSASS buffer overflow More info here
Windows Task Scheduler buffer overflow More info here
Windows Cursor and Icon handling vulnerability More info here
Windows password weakness More info here
Windows RPC DCOM interface buffer overflow More info here
Microsoft SSL library PCT buffer overflow More info here
Microsoft WINS replication service pointer corruption More info here
Windows NetDDE buffer overflow More info here

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
61854 Microsoft Windows #GP Trap Handler (nt!KiTrap0D) Local Privilege Escalation
60273 Microsoft Windows NT Virtual DOS Machine 16-bit Executable Permission Bypass ...
60145 Microsoft Windows NT cmd.exe CD Command Arbitrary Local Code Execution
59732 Microsoft Windows Screensaver Domain Account Lock Verification Local Brute Fo...
59515 Microsoft Windows csrss.exe Command Prompt Input Manipulation Forced Reboot DoS
59513 Microsoft Windows NT winnt/system32 Write Access Local DoS (NT4ALL)
59333 Microsoft Windows NT Winlogon Key Local Shutdown DoS
59325 Microsoft Windows NT Scheduler Drive Mapping Permission Weakness Local Privil...
59260 Microsoft Windows NT SNMP Agent Query Saturation Remote DoS
59250 Microsoft Windows NT Fragmented Packet Handling Remote DoS (ntfrag)
59249 Windows NT Unprivileged Local Share Manipulation
58090 NTMail VRFY Functionality Persistence
55332 Microsoft Windows PPTP Server (Raspptpe.sys) Malformed Control Packet Remote DoS
50533 Microsoft Windows Media Services nskey.dll ActiveX CallHTMLHelp Method Overflow
44880 Microsoft Windows msjet40.dll MDB File Handling Overflow
37637 Microsoft Windows Crafted HLP File Overflow
37635 Microsoft Windows Virtual DOS Machine (VDM) PhysicalMemory Race Condition Loc...
31645 Microsoft Windows DNS Recursive Query DoS
26433 Microsoft Windows TCP/IP Protocol Driver Source Routing Overflow
25336 Microsoft Windows Distributed Transaction Coordinator (DTC) BuildContextW Req...
25335 Microsoft Windows Distributed Transaction Coordinator (DTC) CRpcIoManagerServ...
24802 Microsoft Windows Help winhlp32.exe Embedded Image Processing Overflow
21598 Microsoft Windows 2000 NetBIOS Port Crafted TCP Packet
20886 Microsoft IE Unspecified Margin/Padding Null Pointer Dereference DoS
20188 Microsoft Windows Crafted SMB SMBnegprots Request DOS

ExploitDB Exploits

id Description
21746 MS Windows 2000/NT 4/XP Network Share Provider SMB Request Buffer Overflow (1)
20006 Windows NT 4.0 Remote Registry Request Dos Vulnerability (2)
11199 Windows NT - User Mode to Ring 0 Escalation Vulnerability
3022 MS Windows ASN.1 - Remote Exploit (MS04-007)
1065 MS Windows (SMB) Transaction Response Handling Exploit (MS05-011)
771 MS Internet Explorer .ANI files handling Downloader Exploit (MS05-002)
765 MS Internet Explorer .ANI files handling Universal Exploit (MS05-002)

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-07-25 Name : Microsoft Windows Media Services ISAPI Extension Code Execution Vulnerabilities
File : nvt/gb_ms_win_media_service_isapi_code_exec_vuln.nasl
2011-10-14 Name : Microsoft Windows SMB/NETBIOS NULL Session Authentication Bypass Vulnerability
File : nvt/gb_ms_windows_smb_share_passwd_null_sec_bypass_vuln.nasl
2011-08-12 Name : Finger Service Remote Information Disclosure Vulnerability
File : nvt/gb_finger_remote_info_disc_vuln.nasl
2011-04-11 Name : Microsoft Windows IPv4 Default Configuration Security Bypass Vulnerability
File : nvt/gb_ms_windows_nic_security_bypass_vuln.nasl
2010-07-08 Name : Microsoft Windows GDI Multiple Vulnerabilities (925902)
File : nvt/ms07-017.nasl
2010-04-26 Name : Windows NT NNTP Component Buffer Overflow
File : nvt/gb_ms04_036.nasl
2010-02-10 Name : Microsoft Windows Kernel Could Allow Elevation of Privilege (977165)
File : nvt/secpod_ms10-015.nasl
2010-01-22 Name : Microsoft Windows GP Trap Handler Privilege Escalation Vulnerability
File : nvt/gb_ms_kernel_prv_esc_vuln.nasl
2009-11-16 Name : Microsoft RPC Interface Buffer Overrun (KB824146)
File : nvt/msrpc_dcom2.nasl
2009-03-16 Name : Microsoft MS03-034 security check
File : nvt/remote-MS03-034.nasl
2009-03-15 Name : MS04-011 security check
File : nvt/remote-MS04-011.nasl
2009-02-04 Name : Detection of Dangerous ActiveX Control
File : nvt/secpod_dangerous_activex_ctrl.nasl
2008-11-27 Name : Microsoft Windows Media Services nskey.dll ActiveX BOF Vulnerability
File : nvt/gb_ms_win_media_services_actvx_bof_vuln.nasl
2008-09-03 Name : Windows Vulnerability in Microsoft Jet Database Engine
File : nvt/win_CVE-2007-6026.nasl
2008-01-17 Name : Debian Security Advisory DSA 333-1 (acm)
File : nvt/deb_333_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 149-2 (glibc)
File : nvt/deb_149_2.nasl
2008-01-17 Name : Debian Security Advisory DSA 149-1 (glibc)
File : nvt/deb_149_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 146-2 (dietlibc)
File : nvt/deb_146_2.nasl
2008-01-17 Name : Debian Security Advisory DSA 146-1 (dietlibc)
File : nvt/deb_146_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 143-1 (krb5)
File : nvt/deb_143_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 142-1 (openafs)
File : nvt/deb_142_1.nasl
2006-03-26 Name : Microsoft's SQL Version Query
File : nvt/mssql_version.nasl
2005-11-03 Name : Flaw in Microsoft VM Could Allow Code Execution (810030)
File : nvt/smb_nt_ms02-052.nasl
2005-11-03 Name : War FTP Daemon USER/PASS Overflow
File : nvt/DDI_warftpd_user_overflow.nasl
2005-11-03 Name : Unchecked Buffer in Windows Help(Q323255)
File : nvt/smb_nt_ms02-055.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2008-A-0030 Microsoft Jet Database Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0016013
2005-A-0001 Multiple Vulnerabilities in Microsoft Windows
Severity: Category I - VMSKEY: V0005996

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 JET VBA access
RuleID : 985-community - Type : SERVER-IIS - Revision : 22
2014-01-10 JET VBA access
RuleID : 985 - Type : SERVER-IIS - Revision : 22
2014-01-10 JET VBA access
RuleID : 984-community - Type : SERVER-IIS - Revision : 25
2014-01-10 JET VBA access
RuleID : 984 - Type : SERVER-IIS - Revision : 25
2014-01-10 DCERPC DIRECT ISystemActivator CoGetInstanceFromFile object call attempt
RuleID : 9759 - Type : NETBIOS - Revision : 7
2014-01-10 DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile little endian obje...
RuleID : 9758 - Type : NETBIOS - Revision : 7
2014-01-10 DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile little endian obje...
RuleID : 9757 - Type : NETBIOS - Revision : 7
2014-01-10 DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile object call attempt
RuleID : 9756 - Type : NETBIOS - Revision : 7
2014-01-10 DCERPC NCACN-HTTP ISystemActivator CoGetInstanceFromFile little endian object...
RuleID : 9755 - Type : NETBIOS - Revision : 7
2014-01-10 DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile object call attempt
RuleID : 9754 - Type : NETBIOS - Revision : 7
2014-01-10 DCERPC NCACN-HTTP ISystemActivator CoGetInstanceFromFile object call attempt
RuleID : 9753 - Type : NETBIOS - Revision : 7
2014-01-10 DCERPC DIRECT ISystemActivator CoGetInstanceFromFile little endian object cal...
RuleID : 9752 - Type : NETBIOS - Revision : 7
2014-01-10 DCERPC DIRECT ISystemActivator CoGetInstanceFromFile attempt
RuleID : 9751 - Type : NETBIOS - Revision : 7
2014-01-10 DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile little endian attempt
RuleID : 9750 - Type : NETBIOS - Revision : 7
2014-01-10 Alternate Data streams ASP file access attempt
RuleID : 975-community - Type : SERVER-IIS - Revision : 27
2014-01-10 Alternate Data streams ASP file access attempt
RuleID : 975 - Type : SERVER-IIS - Revision : 27
2014-01-10 DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile little endian attempt
RuleID : 9749 - Type : NETBIOS - Revision : 7
2014-01-10 DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile attempt
RuleID : 9748 - Type : NETBIOS - Revision : 7
2014-01-10 DCERPC NCACN-HTTP ISystemActivator CoGetInstanceFromFile little endian attempt
RuleID : 9747 - Type : NETBIOS - Revision : 7
2014-01-10 DCERPC DIRECT v4 ISystemActivator CoGetInstanceFromFile attempt
RuleID : 9746 - Type : NETBIOS - Revision : 7
2014-01-10 DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile attempt
RuleID : 9745 - Type : NETBIOS - Revision : 7
2014-01-10 DCERPC NCADG-IP-UDP v4 ISystemActivator CoGetInstanceFromFile little endian a...
RuleID : 9744 - Type : NETBIOS - Revision : 7
2014-01-10 DCERPC NCACN-HTTP v4 ISystemActivator CoGetInstanceFromFile little endian att...
RuleID : 9743 - Type : NETBIOS - Revision : 5
2014-01-10 DCERPC NCACN-IP-TCP v4 ISystemActivator CoGetInstanceFromFile little endian a...
RuleID : 9742 - Type : NETBIOS - Revision : 5
2014-01-10 DCERPC NCACN-IP-TCP v4 ISystemActivator CoGetInstanceFromFile attempt
RuleID : 9741 - Type : NETBIOS - Revision : 5

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2011-09-15 Name: It is possible to obtain the host SID for the remote host, without credentials.
File: smb_host2sid_null_session.nasl - Type: ACT_GATHER_INFO
2011-09-15 Name: Nessus was able to enumerate local users, without credentials.
File: smb_sid2localuser_null_session.nasl - Type: ACT_GATHER_INFO
2010-11-23 Name: The remote host has IP forwarding enabled.
File: ip_forwarding_enabled.nasl - Type: ACT_GATHER_INFO
2010-09-01 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20020212-snmp-msgshttp.nasl - Type: ACT_GATHER_INFO
2010-02-09 Name: The Windows kernel is affected by two vulnerabilities allowing a local attack...
File: smb_nt_ms10-015.nasl - Type: ACT_GATHER_INFO
2009-11-06 Name: It is possible to access a network share.
File: smb_accessible_shares_unpriv.nasl - Type: ACT_GATHER_INFO
2008-08-18 Name: The remote web server is vulnerable to a cross-site scripting attack.
File: siteserver_xss.nasl - Type: ACT_ATTACK
2008-05-13 Name: Arbitrary code can be executed on the remote host through the database engine.
File: smb_nt_ms08-028.nasl - Type: ACT_GATHER_INFO
2007-10-04 Name: It is possible to log into the remote host.
File: smb_blank_admin_password.nasl - Type: ACT_GATHER_INFO
2007-10-04 Name: It is possible to log into the remote host.
File: smb_guest_account.nasl - Type: ACT_GATHER_INFO
2007-10-04 Name: It is possible to log into the remote Windows host with a NULL session.
File: smb_null_session.nasl - Type: ACT_GATHER_INFO
2007-03-16 Name: Arbitrary code can be executed on the remote host.
File: smb_kb828741.nasl - Type: ACT_GATHER_INFO
2006-06-13 Name: It is possible to execute code on the remote host.
File: smb_nt_ms06-032.nasl - Type: ACT_GATHER_INFO
2006-05-10 Name: A vulnerability in MSDTC could allow remote code execution.
File: smb_kb913580.nasl - Type: ACT_GATHER_INFO
2006-05-09 Name: It is possible to crash the remote MSDTC service.
File: smb_nt_ms06-018.nasl - Type: ACT_GATHER_INFO
2006-01-10 Name: Arbitrary code can be executed on the remote host by sending a malformed file...
File: smb_nt_ms06-002.nasl - Type: ACT_GATHER_INFO
2006-01-03 Name: Arbitrary code can be executed on the remote host through the DHCP service.
File: smb_kb885249.nasl - Type: ACT_GATHER_INFO
2005-12-13 Name: A local user can elevate his privileges on the remote host.
File: smb_nt_ms05-055.nasl - Type: ACT_GATHER_INFO
2005-07-05 Name: The remote host allows null session event log reading.
File: smb_event_log_null_session.nasl - Type: ACT_GATHER_INFO
2005-06-29 Name: The remote host allows null session enumeration of running services.
File: smb_enum_services_null_session.nasl - Type: ACT_GATHER_INFO
2005-02-08 Name: Arbitrary code can be executed on the remote host.
File: smb_nt_ms05-010.nasl - Type: ACT_GATHER_INFO
2005-02-08 Name: Arbitrary code can be executed on the remote host.
File: smb_nt_ms05-011.nasl - Type: ACT_GATHER_INFO
2005-02-03 Name: Random portions of memory may be disclosed thru the NetBIOS name service.
File: smb_nt_ms03-034.nasl - Type: ACT_GATHER_INFO
2005-01-11 Name: Arbitrary code can be executed on the remote host through the web or email cl...
File: smb_nt_ms05-002.nasl - Type: ACT_GATHER_INFO
2004-12-15 Name: Arbitrary code can be executed on the remote host.
File: wins_replication_overflow.nasl - Type: ACT_GATHER_INFO