This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2003-11-17
Product Windows Server 2003 Last view 2020-02-20
Version Type
Update sp2  
Edition x86  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:* 345
cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:* 91
cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:* 31
cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:* 31
cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:* 27
cpe:2.3:o:microsoft:windows_server_2003:r2:sp2:*:*:*:*:*:* 11
cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:*:* 10
cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:*:* 8
cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:itanium:* 5
cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:x64:* 5
cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:* 5
cpe:2.3:o:microsoft:windows_server_2003:*:sp1:x64:*:*:*:*:* 5
cpe:2.3:o:microsoft:windows_server_2003:*:-:*:*:*:*:*:* 5
cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:itanium:* 4
cpe:2.3:o:microsoft:windows_server_2003:r2:-:*:*:-:*:-:* 4
cpe:2.3:o:microsoft:windows_server_2003:*:x64:*:*:*:*:*:* 2
cpe:2.3:o:microsoft:windows_server_2003:-:-:*:*:*:*:*:* 2
cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:x86:* 1
cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:itanium:* 1
cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:x64:* 1
cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:x64:* 1
cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:-:*:itanium:* 1
cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:x64:* 1
cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:x86:* 1
cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:x86:* 1
cpe:2.3:o:microsoft:windows_server_2003:web_edition_sp1:*:*:*:*:*:*:* 1
cpe:2.3:o:microsoft:windows_server_2003:standard_sp1:*:*:*:*:*:*:* 1
cpe:2.3:o:microsoft:windows_server_2003:enterprise_sp1:*:*:*:*:*:*:* 1
cpe:2.3:o:microsoft:windows_server_2003:datacenter_sp1:*:*:*:*:*:*:* 1
cpe:2.3:o:microsoft:windows_server_2003:sp1:*:*:*:*:*:itanium:* 1
cpe:2.3:o:microsoft:windows_server_2003:sp1:*:*:*:*:*:*:* 1
cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:itanium:* 1
cpe:2.3:o:microsoft:windows_server_2003:r2:*:*:*:*:*:x64:* 1
cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:web:*:*:* 1
cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:standard:*:x64:* 1
cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:datacenter:*:x64:* 1
cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:enterprise:*:x64:* 1

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.5 2020-02-20 CVE-2012-5364

The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.

7.5 2020-02-20 CVE-2012-5362

The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2010-4669.

8.1 2017-06-22 CVE-2017-0176

A buffer overflow in Smart Card authentication code in gpkcsp.dll in Microsoft Windows XP through SP3 and Server 2003 through SP2 allows a remote attacker to execute arbitrary code on the target computer, provided that the computer is joined in a Windows domain and has Remote Desktop Protocol connectivity (or Terminal Services) enabled.

7.8 2017-06-15 CVE-2017-8487

Windows OLE in Windows XP and Windows Server 2003 allows an attacker to execute code when a victim opens a specially crafted file or program aka "Windows olecnv32.dll Remote Code Execution Vulnerability."

7.8 2017-06-15 CVE-2017-8461

Windows RPC with Routing and Remote Access enabled in Windows XP and Windows Server 2003 allows an attacker to execute code on a targeted RPC server which has Routing and Remote Access enabled via a specially crafted application, aka "Windows RPC Remote Code Execution Vulnerability."

7.8 2015-07-14 CVE-2015-2387

ATMFD.DLL in the Adobe Type Manager Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "ATMFD.DLL Memory Corruption Vulnerability."

7.2 2015-06-09 CVE-2015-2360

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."

7.2 2015-06-09 CVE-2015-1768

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Win32k Memory Corruption Elevation of Privilege Vulnerability."

7.2 2015-06-09 CVE-2015-1727

Buffer overflow in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Win32k Pool Buffer Overflow Vulnerability."

7.2 2015-06-09 CVE-2015-1726

Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Microsoft Windows Kernel Brush Object Use After Free Vulnerability."

7.2 2015-06-09 CVE-2015-1725

Buffer overflow in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Win32k Buffer Overflow Vulnerability."

7.2 2015-06-09 CVE-2015-1724

Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Microsoft Windows Kernel Object Use After Free Vulnerability."

7.2 2015-06-09 CVE-2015-1723

Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Microsoft Windows Station Use After Free Vulnerability."

7.2 2015-06-09 CVE-2015-1722

Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Microsoft Windows Kernel Bitmap Handling Use After Free Vulnerability."

7.2 2015-06-09 CVE-2015-1721

The kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via a crafted application, aka "Win32k Null Pointer Dereference Vulnerability."

7.2 2015-06-09 CVE-2015-1720

Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Microsoft Windows Kernel Use After Free Vulnerability."

2.1 2015-06-09 CVE-2015-1719

The kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to obtain sensitive information from kernel memory via a crafted application, aka "Microsoft Windows Kernel Information Disclosure Vulnerability."

5 2015-05-13 CVE-2015-1716

Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly restrict Diffie-Hellman Ephemeral (DHE) key lengths, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, aka "Schannel Information Disclosure Vulnerability."

6.9 2015-05-13 CVE-2015-1702

The Service Control Manager (SCM) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "Service Control Manager Elevation of Privilege Vulnerability."

2.1 2015-05-13 CVE-2015-1680

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR protection mechanism via a crafted function call, aka "Microsoft Windows Kernel Memory Disclosure Vulnerability," a different vulnerability than CVE-2015-1676, CVE-2015-1677, CVE-2015-1678, and CVE-2015-1679.

2.1 2015-05-13 CVE-2015-1679

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR protection mechanism via a crafted function call, aka "Microsoft Windows Kernel Memory Disclosure Vulnerability," a different vulnerability than CVE-2015-1676, CVE-2015-1677, CVE-2015-1678, and CVE-2015-1680.

2.1 2015-05-13 CVE-2015-1678

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR protection mechanism via a crafted function call, aka "Microsoft Windows Kernel Memory Disclosure Vulnerability," a different vulnerability than CVE-2015-1676, CVE-2015-1677, CVE-2015-1679, and CVE-2015-1680.

2.1 2015-05-13 CVE-2015-1677

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR protection mechanism via a crafted function call, aka "Microsoft Windows Kernel Memory Disclosure Vulnerability," a different vulnerability than CVE-2015-1676, CVE-2015-1678, CVE-2015-1679, and CVE-2015-1680.

2.1 2015-05-13 CVE-2015-1676

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR protection mechanism via a crafted function call, aka "Microsoft Windows Kernel Memory Disclosure Vulnerability," a different vulnerability than CVE-2015-1677, CVE-2015-1678, CVE-2015-1679, and CVE-2015-1680.

9.3 2015-04-14 CVE-2015-1645

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to execute arbitrary code via a crafted Enhanced Metafile (EMF) image, aka "EMF Processing Remote Code Execution Vulnerability."

CWE : Common Weakness Enumeration

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
15% (66) CWE-20 Improper Input Validation
13% (57) CWE-399 Resource Management Errors
13% (56) CWE-94 Failure to Control Generation of Code ('Code Injection')
12% (51) CWE-264 Permissions, Privileges, and Access Controls
12% (51) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
8% (37) CWE-362 Race Condition
5% (23) CWE-200 Information Exposure
4% (19) CWE-189 Numeric Errors
1% (6) CWE-416 Use After Free
1% (5) CWE-476 NULL Pointer Dereference
0% (4) CWE-310 Cryptographic Issues
0% (4) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
0% (3) CWE-787 Out-of-bounds Write
0% (3) CWE-415 Double Free
0% (3) CWE-16 Configuration
0% (2) CWE-426 Untrusted Search Path
0% (2) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
0% (2) CWE-287 Improper Authentication
0% (2) CWE-255 Credentials Management
0% (2) CWE-190 Integer Overflow or Wraparound
0% (2) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
0% (2) CWE-88 Argument Injection or Modification
0% (2) CWE-19 Data Handling
0% (1) CWE-681 Incorrect Conversion between Numeric Types
0% (1) CWE-667 Insufficient Locking

CAPEC : Common Attack Pattern Enumeration & Classification

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Name
CAPEC-3 Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-7 Blind SQL Injection
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-13 Subverting Environment Variable Values
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-18 Embedding Scripts in Nonscript Elements
CAPEC-22 Exploiting Trust in Client (aka Make the Client Invisible)
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-26 Leveraging Race Conditions
CAPEC-27 Leveraging Race Conditions via Symbolic Links
CAPEC-28 Fuzzing
CAPEC-29 Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
CAPEC-31 Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-32 Embedding Scripts in HTTP Query Strings
CAPEC-41 Using Meta-characters in E-mail Headers to Inject Malicious Payloads
CAPEC-42 MIME Conversion
CAPEC-43 Exploiting Multiple Input Interpretation Layers
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-52 Embedding NULL Bytes
CAPEC-53 Postfix, Null Terminate, and Backslash
CAPEC-59 Session Credential Falsification through Prediction

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:900 Windows XP RPCSS DCOM Buffer Overflow (Blaster)
oval:org.mitre.oval:def:894 Server 2003 RPCSS DCOM Buffer Overflow
oval:org.mitre.oval:def:893 Windows 2000 RPCSS DCOM Buffer Overflow (Blaster, Test 3)
oval:org.mitre.oval:def:477 MS Exchange / OWA NTLM Authentication Vulnerability
oval:org.mitre.oval:def:904 Windows Server 2003 Help Center Command Insertion Vulnerability
oval:org.mitre.oval:def:1000 Windows XP Help Center Command Insertion Vulnerability
oval:org.mitre.oval:def:517 IE v6.0,SP1 (Server 2003) Malformed GIF Image Double-free Vulnerability
oval:org.mitre.oval:def:509 IE v5.01,SP4 Malformed GIF Image Double-free Vulnerability
oval:org.mitre.oval:def:236 IE v6.0,SP1 Malformed GIF Image Double-free Vulnerability
oval:org.mitre.oval:def:212 IE v5.01,SP3 Malformed GIF Image Double-free Vulnerability
oval:org.mitre.oval:def:2100 IE v5.5,SP2 Malformed GIF Image Double-free Vulnerability
oval:org.mitre.oval:def:206 IE v5.01,SP2 Malformed GIF Image Double-free Vulnerability
oval:org.mitre.oval:def:1793 IE v6.0 Malformed GIF Image Double-free Vulnerability
oval:org.mitre.oval:def:1997 Windows XP Negotiate Security Software Provider Denial of Service Vulnerability
oval:org.mitre.oval:def:1962 Windows Server 2003 Negotiate Security Software Provider Denial of Service Vu...
oval:org.mitre.oval:def:1808 Windows 2000 Negotiate Security Software Provider Denial of Service Vulnerabi...
oval:org.mitre.oval:def:5926 Windows 2000 NNTP Component Buffer Overflow
oval:org.mitre.oval:def:5070 Windows NT NNTP Component Buffer Overflow
oval:org.mitre.oval:def:5021 Vulnerability in NNTP Could Allow Remote Code Execution
oval:org.mitre.oval:def:4392 Windows Server 2003 NNTP Component Buffer Overflow
oval:org.mitre.oval:def:246 Network News Transfer Protocol Buffer Overflow
oval:org.mitre.oval:def:5509 Exchange Server 2003 Routing Engine Buffer Overflow
oval:org.mitre.oval:def:3460 Exchange Server 2003 (Windows Server 2003, 64-Bit Edition) Routing Engine Buf...
oval:org.mitre.oval:def:2300 Exchange Server 2003 (INTERIM) Routing Engine Buffer Overflow
oval:org.mitre.oval:def:848 Buffer Overflow in CDOSYS Message Processing (64-bit WinXP,SP1)

SAINT Exploits

Description Link
Internet Explorer iepeers.dll use-after-free vulnerability More info here
Visual Studio Active Template Library object type mismatch vulnerability More info here
Windows Server Service buffer overflow MS08-067 More info here
Windows OLE Automation Array command execution More info here
Microsoft OLE Object File Handling vulnerability More info here
Internet Explorer WinINet credential reflection vulnerability More info here
Windows Thumbnail View CreateSizedDIBSECTION buffer overflow More info here
Windows Media MIDI Invalid Channel More info here
Microsoft DirectX DirectShow QuickTime movie parsing vulnerability More info here
Windows Help and Support Center -FromHCP URL whitelist bypass More info here
Microsoft Office ClickOnce Unsafe Execution More info here
Windows Object Packager Insecure Execution More info here
Windows Shell LNK file CONTROL item command execution More info here
Microsoft Remote Desktop Connection Insecure Library Injection More info here
Windows Crafted Theme File Handling Vulnerability More info here
Windows Media Player plugin EMBED buffer overflow More info here

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
78212 Microsoft Windows Object Packager Path Subversion packager.exe Loading Remote...
78211 Microsoft Windows Line21 DirectShow Filter Media File Handling Remote Code Ex...
78210 Microsoft Windows Multimedia Library (winmm.dll) MIDI File Handling Remote Co...
78209 Microsoft Windows Ntdll.dll Structured Exception Handling Tables Loading Safe...
78207 Microsoft Windows Embedded ClickOnce Application Office File Handling Remote ...
78206 Microsoft Windows Client/Server Run-time Subsystem (CSRSS) Unicode Character ...
78057 Microsoft .NET Framework ASP.NET Hash Collision Web Form Post Parsing Remote DoS
78056 Microsoft .NET Framework Forms Authentication Sliding Expiry Cached Content P...
78055 Microsoft .NET Framework ASP.NET Username Parsing Authentication Bypass
78054 Microsoft .NET Framework Forms Authentication Return URL Handling Arbitrary S...
77908 Microsoft Windows win32k.sys Safari IFRAME Height Attribute Handling Remote M...
77667 Microsoft Windows Active Directory Query Parsing Remote Overflow
77666 Microsoft Windows Kernel Exception Handler Local Privilege Escalation
77665 Microsoft Time ActiveX (DATIME.DLL) Unspecified IE Web Page Handling Remote C...
77663 Microsoft Windows Object Linking and Embedding (OLE) Object File Handling Rem...
77662 Microsoft Windows CSRSS Device Event Message Parsing Local Privilege Escalation
76902 Microsoft Windows Active Directory LDAPS CRL Handling Weakness Authentication...
76843 Microsoft Windows Win32k TrueType Font Handling Privilege Escalation
76232 Microsoft Windows Ancillary Function Driver afd.sys Local Privilege Escalation
76231 Microsoft Windows Active Accessibility Path Subversion Arbitrary DLL Injectio...
76221 Microsoft Windows win32k.sys Driver Use-after-free Driver Object Handling Arb...
76220 Microsoft Windows win32k.sys Driver .fon Font File Handling Overflow
76218 Microsoft Windows win32k.sys Driver NULL Dereference Unspecified Arbitrary Co...
75444 Microsoft Windows WINS Loopback Interface Crafted Packet Local Privilege Esca...
75382 Microsoft Windows Shell Extensions Path Subversion Arbitrary DLL Injection Co...

ExploitDB Exploits

id Description
35230 Internet Explorer < 11 - OLE Automation Array Remote Code Execution (MSF)
35229 Internet Explorer <11 - OLE Automation Array Remote Code Execution
35101 Windows TrackPopupMenu Win32k NULL Pointer Dereference
33213 Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)
30397 Windows Kernel win32k.sys - Integer Overflow (MS13-101)
27050 DirectShow Arbitrary Memory Overwrite Vulnerability (MS13-056)
26554 Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation
19037 MS12-005 Microsoft Office ClickOnce Unsafe Object Package Handling Vulnerability
19002 Microsoft Windows OLE Object File Handling Remote Code Execution
18426 MS12-004 midiOutPlayNextPolyEvent Heap Overflow
18372 Microsoft Windows Assembly Execution Vulnerability MS12-005
18176 MS11-080 Afd.sys Privilege Escalation Exploit
18024 MS11-077 Win32k Null Pointer De-reference Vulnerability POC
17978 MS11-077 .fon Kernel-Mode Buffer Overrun PoC
17831 MS WINS ECommEndDlg Input Validation Error
17659 MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow
17544 GDI+ CreateDashedPath Integer overflow in gdiplus.dll
16590 Internet Explorer DHTML Behaviors Use After Free
15985 MS10-073: Win32k Keyboard Layout Vulnerability
15158 MOAUB #30 - Microsoft Unicode Scripts Processor Remote Code Execution
14895 MOAUB #5 - Microsoft MPEG Layer-3 Remote Command Execution Exploit
14608 Microsoft Windows CreateWindow Function Callback Vulnerability (MS10-048)
11683 Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta)
9893 Microsoft Internet Explorer 5,6,7 memory corruption PoC
5547 Novell eDirectory < 8.7.3 SP 10 / 8.8.2 - HTTP headers DoS Vulnerability

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-07-09 Name : Microsoft Remote Desktop Protocol Remote Code Execution Vulnerabilities (2671...
File : nvt/secpod_ms12-020_remote.nasl
2012-12-18 Name : Fedora Update for xen FEDORA-2012-19828
File : nvt/gb_fedora_2012_19828_xen_fc16.nasl
2012-12-14 Name : Fedora Update for xen FEDORA-2012-19717
File : nvt/gb_fedora_2012_19717_xen_fc17.nasl
2012-12-13 Name : SuSE Update for xen openSUSE-SU-2012:0886-1 (xen)
File : nvt/gb_suse_2012_0886_1.nasl
2012-12-12 Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (...
File : nvt/secpod_ms12-078.nasl
2012-12-12 Name : Microsoft Windows File Handling Component Remote Code Execution Vulnerability...
File : nvt/secpod_ms12-081.nasl
2012-11-23 Name : Fedora Update for xen FEDORA-2012-18242
File : nvt/gb_fedora_2012_18242_xen_fc17.nasl
2012-11-23 Name : Fedora Update for xen FEDORA-2012-18249
File : nvt/gb_fedora_2012_18249_xen_fc16.nasl
2012-11-15 Name : Fedora Update for xen FEDORA-2012-17204
File : nvt/gb_fedora_2012_17204_xen_fc17.nasl
2012-11-15 Name : Fedora Update for xen FEDORA-2012-17408
File : nvt/gb_fedora_2012_17408_xen_fc16.nasl
2012-11-14 Name : Microsoft Windows Shell Remote Code Execution Vulnerabilities (2727528)
File : nvt/secpod_ms12-072.nasl
2012-11-14 Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (...
File : nvt/secpod_ms12-075.nasl
2012-10-10 Name : Microsoft Windows Kernel Privilege Elevation Vulnerability (2724197)
File : nvt/secpod_ms12-068.nasl
2012-09-28 Name : Google Chrome Windows Kernel Memory Corruption Vulnerability
File : nvt/gb_google_chrome_mem_crptn_vuln_win.nasl
2012-09-22 Name : Fedora Update for xen FEDORA-2012-13434
File : nvt/gb_fedora_2012_13434_xen_fc17.nasl
2012-09-22 Name : Fedora Update for xen FEDORA-2012-13443
File : nvt/gb_fedora_2012_13443_xen_fc16.nasl
2012-08-30 Name : Fedora Update for xen FEDORA-2012-11182
File : nvt/gb_fedora_2012_11182_xen_fc17.nasl
2012-08-30 Name : Fedora Update for xen FEDORA-2012-11755
File : nvt/gb_fedora_2012_11755_xen_fc17.nasl
2012-08-30 Name : Fedora Update for xen FEDORA-2012-9386
File : nvt/gb_fedora_2012_9386_xen_fc17.nasl
2012-08-24 Name : Fedora Update for xen FEDORA-2012-11785
File : nvt/gb_fedora_2012_11785_xen_fc16.nasl
2012-08-15 Name : Microsoft Windows Networking Components Remote Code Execution Vulnerabilities...
File : nvt/secpod_ms12-054.nasl
2012-08-15 Name : Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerability (2731...
File : nvt/secpod_ms12-055.nasl
2012-08-10 Name : Debian Security Advisory DSA 2501-1 (xen)
File : nvt/deb_2501_1.nasl
2012-08-10 Name : Debian Security Advisory DSA 2508-1 (kfreebsd-8)
File : nvt/deb_2508_1.nasl
2012-08-10 Name : FreeBSD Ports: FreeBSD
File : nvt/freebsd_FreeBSD16.nasl

Information Assurance Vulnerability Management (IAVM)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2015-A-0107 Microsoft Service Control Manager Privilege Escalation Vulnerability (MS15-050)
Severity: Category II - VMSKEY: V0060651
2015-A-0108 Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Driver (MS15-051)
Severity: Category II - VMSKEY: V0060653
2015-A-0111 Microsoft SChannel Information Disclosure Vulnerability (MS15-055)
Severity: Category I - VMSKEY: V0060659
2015-A-0091 Multiple Vulnerabilities in Microsoft Windows (MS15-038)
Severity: Category II - VMSKEY: V0059897
2015-A-0048 Multiple Vulnerabilities in Windows Kernel (MS15-025)
Severity: Category II - VMSKEY: V0058995
2015-A-0053 Multiple Vulnerabilities in Microsoft Windows (MS15-020)
Severity: Category II - VMSKEY: V0059001
2015-B-0036 Microsoft Windows Information Disclosure Vulnerability (MS15-024)
Severity: Category II - VMSKEY: V0059021
2015-A-0033 Microsoft Group Policy Remote Code Execution (MS15-011)
Severity: Category I - VMSKEY: V0058743
2015-B-0017 Microsoft Group Policy Security Feature Bypass Vulnerability (MS15-014)
Severity: Category I - VMSKEY: V0058755
2015-B-0006 Microsoft Windows Telnet Buffer Overflow Vulnerability (MS15-002)
Severity: Category I - VMSKEY: V0058199
2015-B-0004 Microsoft Network Location Awareness Service Security Bypass Vulnerability (M...
Severity: Category II - VMSKEY: V0058201
2015-A-0006 Microsoft Windows Kernel-Mode Driver Privilege Escalation Vulnerability (MS15...
Severity: Category II - VMSKEY: V0058205
2015-A-0007 Microsoft Windows Network Policy Server Remote Denial of Service Vulnerabilit...
Severity: Category I - VMSKEY: V0058207
2015-A-0008 Microsoft Windows User Profile Service Privilege Escalation Vulnerability (MS...
Severity: Category II - VMSKEY: V0058209
2014-A-0180 Microsoft Windows Kerberos Privilege Escalation Vulnerability
Severity: Category I - VMSKEY: V0057571
2014-B-0147 Microsoft XML Core Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0057361
2014-A-0171 Multiple Vulnerabilities in Windows OLE
Severity: Category I - VMSKEY: V0057379
2014-A-0174 Microsoft TCP/IP Privilege Escalation Vulnerability
Severity: Category II - VMSKEY: V0057385
2014-A-0176 Microsoft Secure Channel Remote Code Execution Vulnerability (MS14-066)
Severity: Category I - VMSKEY: V0057389
2014-A-0179 Microsoft Input Method Editor (IME) Privilege Escalation Vulnerability
Severity: Category I - VMSKEY: V0057395
2014-A-0148 Microsoft FAT32 Disk Partition Driver Privilege Escalation Vulnerability
Severity: Category I - VMSKEY: V0055429
2014-A-0124 Multiple Vulnerabilities in Microsoft Kernel-Mode Drivers
Severity: Category II - VMSKEY: V0053797
2014-B-0093 Microsoft Ancillary Function Driver Privilege Escalation Vulnerability
Severity: Category II - VMSKEY: V0052955
2014-A-0080 Multiple Vulnerabilities in Microsoft Graphics Component
Severity: Category II - VMSKEY: V0052491
2014-A-0075 Microsoft Windows Shell Privilege Escalation Vulnerability
Severity: Category II - VMSKEY: V0050445

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2018-06-15 Microsoft Windows RTF file with embedded object package download attempt
RuleID : 8445-community - Type : FILE-OFFICE - Revision : 17
2014-01-10 Microsoft Windows RTF file with embedded object package download attempt
RuleID : 8445 - Type : FILE-OFFICE - Revision : 17
2014-01-10 Microsoft Windows Media Player Plugin for Non-IE browsers buffer overflow att...
RuleID : 5710 - Type : OS-WINDOWS - Revision : 17
2014-01-10 Microsoft Windows wmf file arbitrary code execution attempt
RuleID : 5318 - Type : FILE-MULTIMEDIA - Revision : 20
2020-01-14 Microsoft Windows Wordpad Converter sprmT record heap overflow attempt
RuleID : 52422 - Type : FILE-OFFICE - Revision : 1
2020-01-14 Microsoft Windows Wordpad Converter sprmT record heap overflow attempt
RuleID : 52421 - Type : FILE-OFFICE - Revision : 1
2020-01-03 Microsoft Windows MHTML XSS attempt
RuleID : 52335 - Type : OS-WINDOWS - Revision : 1
2019-10-17 Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt
RuleID : 51557 - Type : OS-WINDOWS - Revision : 1
2019-10-17 Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt
RuleID : 51556 - Type : OS-WINDOWS - Revision : 1
2019-10-17 Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt
RuleID : 51555 - Type : OS-WINDOWS - Revision : 1
2019-10-10 Microsoft Windows WordPad and Office text converter integer overflow attempt
RuleID : 51473 - Type : FILE-OFFICE - Revision : 1
2019-10-10 Microsoft Windows WordPad and Office text converter integer overflow attempt
RuleID : 51472 - Type : FILE-OFFICE - Revision : 1
2019-09-17 Microsoft Windows Object Packager ClickOnce object remote code execution attempt
RuleID : 51029 - Type : OS-WINDOWS - Revision : 1
2019-09-17 Microsoft Windows Object Packager ClickOnce object remote code execution attempt
RuleID : 51028 - Type : OS-WINDOWS - Revision : 1
2019-09-05 Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt
RuleID : 50893 - Type : FILE-MULTIMEDIA - Revision : 1
2019-09-05 Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt
RuleID : 50892 - Type : FILE-MULTIMEDIA - Revision : 1
2019-09-05 Microsoft OpenType font index remote code execution attempt
RuleID : 50889 - Type : FILE-OTHER - Revision : 1
2019-09-05 Microsoft OpenType font index remote code execution attempt
RuleID : 50888 - Type : FILE-OTHER - Revision : 1
2019-09-05 Microsoft Windows GDI EMF parsing arbitrary code execution attempt
RuleID : 50885 - Type : FILE-OTHER - Revision : 1
2019-09-05 Microsoft Windows GDI EMF parsing arbitrary code execution attempt
RuleID : 50884 - Type : FILE-OTHER - Revision : 1
2019-09-05 Microsoft Fax Cover Page Editor heap corruption attempt
RuleID : 50873 - Type : OS-WINDOWS - Revision : 1
2019-09-05 Microsoft Fax Cover Page Editor heap corruption attempt
RuleID : 50872 - Type : OS-WINDOWS - Revision : 1
2019-08-31 Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap obfuscated ...
RuleID : 50849 - Type : FILE-OTHER - Revision : 1
2019-08-31 Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap obfuscated ...
RuleID : 50848 - Type : FILE-OTHER - Revision : 1
2019-08-13 Microsoft Windows SChannel CertificateVerify buffer overflow attempt
RuleID : 50707 - Type : OS-WINDOWS - Revision : 1

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2018-04-03 Name: The remote mail server may be affected by multiple vulnerabilities.
File: exchange_ms10-024.nasl - Type: ACT_GATHER_INFO
2018-04-03 Name: The remote web server may allow remote code execution.
File: iis_7_pci.nasl - Type: ACT_GATHER_INFO
2017-06-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_jun_windows8.nasl - Type: ACT_GATHER_INFO
2017-06-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_june_xp_2003.nasl - Type: ACT_GATHER_INFO
2015-10-19 Name: The remote printer is affected by a security bypass vulnerability known as FR...
File: lexmark_printer_TE701.nasl - Type: ACT_GATHER_INFO
2015-07-14 Name: The Adobe Font driver on the remote host is affected by a privilege escalatio...
File: smb_nt_ms15-077.nasl - Type: ACT_GATHER_INFO
2015-06-09 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms15-061.nasl - Type: ACT_GATHER_INFO
2015-05-12 Name: The remote Windows host is affected by a privilege escalation vulnerability.
File: smb_nt_ms15-050.nasl - Type: ACT_GATHER_INFO
2015-05-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms15-051.nasl - Type: ACT_GATHER_INFO
2015-05-12 Name: The remote Windows host is affected by an information disclosure vulnerability.
File: smb_nt_ms15-055.nasl - Type: ACT_GATHER_INFO
2015-04-14 Name: The remote Windows host is affected by a remote code execution vulnerability.
File: smb_nt_ms15-035.nasl - Type: ACT_GATHER_INFO
2015-04-14 Name: The remote Windows host is affected by multiple privilege escalation vulnerab...
File: smb_nt_ms15-038.nasl - Type: ACT_GATHER_INFO
2015-03-10 Name: The remote Windows host is affected by multiple remote code execution vulnera...
File: smb_nt_ms15-020.nasl - Type: ACT_GATHER_INFO
2015-03-10 Name: The Adobe Font driver on the remote host is affected by multiple vulnerabilit...
File: smb_nt_ms15-021.nasl - Type: ACT_GATHER_INFO
2015-03-10 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms15-023.nasl - Type: ACT_GATHER_INFO
2015-03-10 Name: The remote Windows host is affected by an information disclosure vulnerability.
File: smb_nt_ms15-024.nasl - Type: ACT_GATHER_INFO
2015-03-10 Name: The remote Windows host is affected by multiple privilege escalation vulnerab...
File: smb_nt_ms15-025.nasl - Type: ACT_GATHER_INFO
2015-03-10 Name: The remote Windows host is affected by a security feature bypass vulnerability.
File: smb_nt_ms15-031.nasl - Type: ACT_GATHER_INFO
2015-03-05 Name: The remote Windows host is affected by a security feature bypass vulnerability.
File: smb_kb3046015.nasl - Type: ACT_GATHER_INFO
2015-02-10 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms15-010.nasl - Type: ACT_GATHER_INFO
2015-02-10 Name: The remote Windows host is affected by a remote code execution vulnerability.
File: smb_nt_ms15-011.nasl - Type: ACT_GATHER_INFO
2015-02-10 Name: The remote Windows host is affected by a security downgrade vulnerability.
File: smb_nt_ms15-014.nasl - Type: ACT_GATHER_INFO
2015-02-10 Name: The remote Windows host is affected by an information disclosure vulnerability.
File: smb_nt_ms15-016.nasl - Type: ACT_GATHER_INFO
2015-01-13 Name: The remote Windows host is affected by a remote code execution vulnerability.
File: smb_nt_ms15-002.nasl - Type: ACT_GATHER_INFO
2015-01-13 Name: The remote Windows host is affected by a privilege escalation vulnerability.
File: smb_nt_ms15-003.nasl - Type: ACT_GATHER_INFO