This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/o:microsoft:windows_xp
Detail
VendorMicrosoftFirst view 2002-12-31
ProductWindows XpLast view2018-04-26
VersionTypeOs
Edition 
Language 
Update 
 
CPE Productcpe:/o:microsoft:windows_xp

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
6.82018-04-26CVE-2017-14010NetworkMediumNone Requ...
9.32017-06-22CVE-2017-0176NetworkMediumNone Requ...
6.92015-02-06CVE-2015-1305LocalMediumNone Requ...
7.22014-12-22CVE-2014-7286LocalLowNone Requ...
7.22013-07-31CVE-2013-3956LocalLowNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
7.22013-07-31CVE-2013-3697LocalLowNone Requ...
5.42013-03-05CVE-2013-0931Adjacent ...MediumNone Requ...
4.42013-02-18CVE-2012-6533LocalMediumNone Requ...
92012-09-25CVE-2012-3324NetworkLowRequires ...
6.22012-08-25CVE-2010-5184LocalHighNone Requ...
6.22012-08-25CVE-2010-5183LocalHighNone Requ...
6.22012-08-25CVE-2010-5182LocalHighNone Requ...
6.22012-08-25CVE-2010-5181LocalHighNone Requ...
6.22012-08-25CVE-2010-5180LocalHighNone Requ...
6.22012-08-25CVE-2010-5179LocalHighNone Requ...
6.22012-08-25CVE-2010-5178LocalHighNone Requ...
6.22012-08-25CVE-2010-5177LocalHighNone Requ...
6.22012-08-25CVE-2010-5176LocalHighNone Requ...
6.22012-08-25CVE-2010-5175LocalHighNone Requ...
6.22012-08-25CVE-2010-5174LocalHighNone Requ...
6.22012-08-25CVE-2010-5173LocalHighNone Requ...
6.22012-08-25CVE-2010-5172LocalHighNone Requ...
6.22012-08-25CVE-2010-5171LocalHighNone Requ...
6.22012-08-25CVE-2010-5170LocalHighNone Requ...

CWE : Common Weakness Enumeration

%idName
41% (38)CWE-362Race Condition
10% (10)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
7% (7)CWE-399Resource Management Errors
7% (7)CWE-264Permissions, Privileges, and Access Controls
7% (7)CWE-20Improper Input Validation
Hide | Show 10 More...
%idName
5% (5)CWE-200Information Exposure
5% (5)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
4% (4)CWE-189Numeric Errors
2% (2)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...
1% (1)CWE-427Uncontrolled Search Path Element
1% (1)CWE-352Cross-Site Request Forgery (CSRF)
1% (1)CWE-284Access Control (Authorization) Issues
1% (1)CWE-134Uncontrolled Format String
1% (1)CWE-94Failure to Control Generation of Code ('Code Injection')
1% (1)CWE-16Configuration

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-1Accessing Functionality Not Properly Constrained by ACLs
CAPEC-17Accessing, Modifying or Executing Executable Files
CAPEC-60Reusing Session IDs (aka Session Replay)
CAPEC-61Session Fixation
CAPEC-62Cross Site Request Forgery (aka Session Riding)
Hide | Show 4 More...
idName
CAPEC-122Exploitation of Authorization
CAPEC-180Exploiting Incorrectly Configured Access Control Security Levels
CAPEC-232Exploitation of Privilege/Trust
CAPEC-234Hijacking a privileged process

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:20237DSA-1345-1 xulrunner
oval:org.mitre.oval:def:18825DSA-1344-1 iceweasel
oval:org.mitre.oval:def:18682DSA-1346-1 iceape
oval:org.mitre.oval:def:17637USN-503-1 -- mozilla-thunderbird vulnerabilities
oval:org.mitre.oval:def:5181Windows Active Directory Denial of Service Vulnerability
Hide | Show 17 More...
idName
oval:org.mitre.oval:def:7178Apple iTunes Crafted itpc: URL Buffer Overflow Vulnerability
oval:org.mitre.oval:def:12739DSA-2191-1 proftpd-dfsg -- several
oval:org.mitre.oval:def:12333DSN Overflow Vulnerability
oval:org.mitre.oval:def:7221Apple iTunes Webkit Unspecified Vulnerability
oval:org.mitre.oval:def:7427Apple iTunes MP4 File Processing Denial of Service Vulnerability
oval:org.mitre.oval:def:5974Apple QuickTime MPEG-2 Unspecified Vulnerability
oval:org.mitre.oval:def:11584Array index error in the insertItemBefore method in WebKit, as used in Apple ...
oval:org.mitre.oval:def:1715Navigation Cancel Page Spoofing Vulnerability
oval:org.mitre.oval:def:12335OLE Automation Underflow Vulnerability
oval:org.mitre.oval:def:24414Foxit Reader before 5.3 on Windows XP and Windows 7 allows remote attackers t...
oval:org.mitre.oval:def:100VML Buffer Overrun Vulnerability
oval:org.mitre.oval:def:7110Apple iTunes Install or Update Privilege Escalation Vulnerability
oval:org.mitre.oval:def:6988Apple iTunes Crafted itpc: URL Buffer Overflow Vulnerability
oval:org.mitre.oval:def:12162Driver Improper Interaction with Windows Kernel Vulnerability
oval:org.mitre.oval:def:12514Vulnerability in Microsoft Internet Explorer Could Allow GUI Corruption
oval:org.mitre.oval:def:4584Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege
oval:org.mitre.oval:def:12411ADO Record Memory Vulnerability

SAINT Exploits

DescriptionLink
Internet Explorer VML rect fill buffer overflowMore info here
Safari WebKit floating point number buffer overflowMore info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
75195Microsoft Windows GPU Support Functionality Unspecified Page Handling DoS
72959Microsoft Windows Object Linking and Embedding (OLE) Automation Remote Code E...
70444Microsoft Data Access Components (MDAC / WDAC) MSADO Record CacheSize Handlin...
70443Microsoft Data Access Components (MDAC / WDAC) ODBC API (odbc32.dll) SQLConne...
70392Microsoft IE DOM Implementation cross_fuzz GUI Display Weakness
Hide | Show 20 More...
idDescription
70390Microsoft Windows IPv6 Stack Neighbor Discovery Router Advertisement Message ...
69501Microsoft Windows win32k.sys Driver GreEnableEUDC() Function Local Overflow
66456Apple iTunes itpc: URI Handling Overflow
65829Snare Agent Multiple Unspecified CSRF
65656Apple iTunes WebKit on Windows Unspecified Issue (2010-1763)
65655Apple iTunes WebKit on Windows Unspecified Issue (2010-1769)
63473Microsoft IE XML Document Image Element SRC Attribute Unspecified Issue
63450Apple iTunes on Windows Installation Package Race Condition Local Privilege E...
63449Apple iTunes MP4 File Infinite Loop DoS
62660Microsoft Windows Unspecified API Argument Validation Local DoS
62510avast! Antivirus aavmker4.sys IOCTL Handling Memory Corruption
60225Microsoft Windows XP System Restore Directory ACL Weakness Local Privilege Es...
58188PHP on Windows popen Invalid Mode Handling DoS
57853Business Objects Crystal Reports Server on Windows Unspecified Infinite Loop DoS
57508Mozilla Firefox Malformed Protocol Handler Configuration document.location Pr...
56989Apple Safari window.blur Function Top Sites Feature Arbitrary Site Manipulation
56988Apple Safari WebKit Crafted Floating-point Numbers Remote Overflow
56986Apple Safari WebKit ENVED Ekenebt pluginspage Attribute Arbitrary file: URL I...
54700Microsoft GDI+ gdiplus.dll GpFont:etData Function Crafted EMF File Handling O...
54500Google Chrome WebKit SVGList Object Handling Memory Corruption

ExploitDB Exploits

idDescription
29813Microsoft Windows Vista ARP Table Entries Denial of Service Vulnerability
3926MS Windows Vista - Forged ARP packet Network Stack DoS Exploit

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-09-27Name : IBM DB2 UTL_FILE Module Directory Traversal Vulnerability (Windows)
File : nvt/gb_ibm_db2_utl_file_module_dir_trav_vuln_win.nasl
2012-09-07Name : Foxit Reader PDF File Handling Memory Corruption Vulnerability
File : nvt/gb_foxit_reader_pdf_mem_crptn_vuln.nasl
2012-06-21Name : PHP version smaller than 5.2.11
File : nvt/nopsec_php_5_2_11.nasl
2011-08-09Name : CentOS Update for kdegraphics CESA-2009:1130 centos5 i386
File : nvt/gb_CESA-2009_1130_kdegraphics_centos5_i386.nasl
2011-06-15Name : Microsoft Windows OLE Automation Remote Code Execution Vulnerability (2476490)
File : nvt/secpod_ms11-038.nasl
Hide | Show 20 More...
idDescription
2011-05-12Name : Debian Security Advisory DSA 2191-1 (proftpd-dfsg)
File : nvt/deb_2191_1.nasl
2011-02-09Name : Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Ex...
File : nvt/secpod_ms11-006.nasl
2011-02-09Name : Microsoft Windows Kernel Elevation of Privilege Vulnerability (2393802)
File : nvt/secpod_ms11-011.nasl
2011-02-01Name : Microsoft Internet Explorer Incorrect GUI Display Vulnerability
File : nvt/gb_ms_ie_incorrect_gui_display_vuln.nasl
2011-01-12Name : Microsoft Windows Data Access Components Remote Code Execution Vulnerabilitie...
File : nvt/secpod_ms11-002.nasl
2010-07-26Name : Apple iTunes 'itpc:' URI Buffer Overflow Vulnerability
File : nvt/gb_apple_itunes_bof_vuln_jul10.nasl
2010-07-08Name : Cumulative Security Update for Internet Explorer (933566)
File : nvt/ms07-033.nasl
2010-06-25Name : Apple iTunes Multiple Unspecified Vulnerabilities
File : nvt/secpod_apple_itunes_mult_unspecified_vuln.nasl
2010-05-12Name : Mac OS X Security Update 2009-001
File : nvt/macosx_secupd_2009-001.nasl
2010-05-12Name : Mac OS X 10.5.4 Update / Mac OS X Security Update 2008-004
File : nvt/macosx_upd_10_5_4_secupd_2008-004.nasl
2010-05-12Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002
File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl
2010-04-06Name : Apple iTunes Multiple Vulnerabilities - Apr10
File : nvt/gb_apple_itunes_mult_vuln_apr10.nasl
2010-04-06Name : Microsoft Internet Explorer Unspecified vulnerability
File : nvt/gb_ms_ie_unspecified_vuln.nasl
2010-03-02Name : Aast! Antivirus 'aavmker4.sys' Denial Of Service Vulnerability (Win)
File : nvt/gb_avast_av_dos_vuln_mar10_win.nasl
2010-01-29Name : Mandriva Update for kdelibs4 MDVSA-2010:027 (kdelibs4)
File : nvt/gb_mandriva_MDVSA_2010_027.nasl
2009-12-14Name : Mandriva Security Advisory MDVSA-2009:331 (kdegraphics)
File : nvt/mdksa_2009_331.nasl
2009-11-17Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-11-11Name : Ubuntu USN-857-1 (qt4-x11)
File : nvt/ubuntu_857_1.nasl
2009-10-10Name : SLES9: Security update for Mozilla
File : nvt/sles9p5018527.nasl
2009-09-29Name : PHP 'tsrm_win32.c' Denial Of Service Vulnerability (Win)
File : nvt/secpod_php_tsrm_win32_dos_vuln_win.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2013-B-0019RSA Authentication Agent Authentication Bypass Vulnerability
Severity : Category I - VMSKEY : V0037264
2011-A-0081Microsoft Windows OLE Automation Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0028597
2011-A-0022Multiple Vulnerabilities in Microsoft Windows Kernel
Severity : Category I - VMSKEY : V0026065
2011-A-0004Microsoft Data Access Components Remote Code Execution Vulnerabilities
Severity : Category II - VMSKEY : V0025887
2009-B-0003Apple QuickTime MPEG-2 Playback Component Vulnerability
Severity : Category II - VMSKEY : V0018230

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2014-01-10Microsoft Windows Media Player or Explorer Malformed MIDI File DOS attempt
RuleID : 9801 - Type : FILE-MULTIMEDIA - Revision : 17
2014-01-10Microsoft Windows Vector Markup Language fill method overflow attempt
RuleID : 8416 - Type : OS-WINDOWS - Revision : 20
2018-03-06Microsoft Windows Media Player or Explorer Malformed MIDI File DOS attempt
RuleID : 45586 - Type : FILE-MULTIMEDIA - Revision : 1
2017-04-19Microsoft Windows empty RDP cookie negotiation attempt
RuleID : 42255-community - Type : OS-WINDOWS - Revision : 4
2017-05-16Microsoft Windows empty RDP cookie negotiation attempt
RuleID : 42255 - Type : OS-WINDOWS - Revision : 4
Hide | Show 20 More...
DateDescription
2017-02-21Microsoft Windows RtlQueryRegistryValues buffer overflow attempt
RuleID : 41365 - Type : OS-WINDOWS - Revision : 2
2015-01-20Multiple product mailto uri handling code execution attempt
RuleID : 32871 - Type : OS-WINDOWS - Revision : 2
2014-12-16Microsoft Internet Explorer style sheet array memory corruption attempt
RuleID : 32532 - Type : BROWSER-IE - Revision : 3
2014-01-10Microsoft Windows HLP File Handling heap overflow attempt
RuleID : 27168 - Type : FILE-OTHER - Revision : 3
2014-01-10Microsoft Windows HLP File Handling heap overflow attempt
RuleID : 27167 - Type : FILE-OTHER - Revision : 3
2014-01-10Microsoft Windows HLP File Handling heap overflow attempt
RuleID : 27166 - Type : FILE-OTHER - Revision : 4
2014-01-10Microsoft Windows OLEAUT32.DLL malicious WMF file remote code execution attempt
RuleID : 21357 - Type : OS-WINDOWS - Revision : 6
2014-01-10Microsoft Internet Explorer VML buffer overflow attempt
RuleID : 19871 - Type : BROWSER-IE - Revision : 10
2014-01-10Microsoft Windows OLEAUT32.DLL malicious WMF file remote code execution attempt
RuleID : 19184 - Type : OS-WINDOWS - Revision : 13
2014-01-10Microsoft Vector Markup Language fill method overflow attempt
RuleID : 18309 - Type : OS-WINDOWS - Revision : 13
2014-01-10Apple Safari Webkit floating point buffer overflow attempt
RuleID : 18295 - Type : BROWSER-WEBKIT - Revision : 5
2014-01-10Apple Safari Webkit floating point buffer overflow attempt
RuleID : 18294 - Type : BROWSER-WEBKIT - Revision : 6
2014-01-10Microsoft Internet Explorer oversize recordset object cache size exploit attempt
RuleID : 18280 - Type : BROWSER-IE - Revision : 15
2014-01-10Microsoft Data Access Components library attempt
RuleID : 18276 - Type : FILE-OTHER - Revision : 10
2014-01-10Multiple product mailto uri handling code execution attempt
RuleID : 18173 - Type : OS-WINDOWS - Revision : 7
2014-01-10Multiple product mailto uri handling code execution attempt
RuleID : 18172 - Type : OS-WINDOWS - Revision : 8
2014-01-10Multiple product mailto uri handling code execution attempt
RuleID : 18171 - Type : OS-WINDOWS - Revision : 8
2014-01-10Microsoft Windows HLP File Handling heap overflow attempt
RuleID : 17374 - Type : FILE-OTHER - Revision : 7
2014-01-10Microsoft Windows GDIplus integer overflow attempt
RuleID : 16679 - Type : OS-WINDOWS - Revision : 5
2014-01-10Microsoft Internet Explorer style sheet array memory corruption attempt
RuleID : 16659 - Type : BROWSER-IE - Revision : 17

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2017-06-14Name : The remote Windows host is affected by multiple vulnerabilities.
File : smb_nt_ms17_june_xp_2003.nasl - Type : ACT_GATHER_INFO
2015-03-03Name : The remote host has an application that is affected by a buffer overflow vuln...
File : symantec_ds_aclient_6_9.nasl - Type : ACT_GATHER_INFO
2015-02-09Name : The remote host is affected by a privilege escalation vulnerability.
File : mcafee_dlpe_SB10097.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_libwebkit-110104.nasl - Type : ACT_GATHER_INFO
2013-09-03Name : The remote host has a client application installed that is affected by multip...
File : novell_client_priv_escalation2.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2013-08-21Name : The remote host contains a media decoding application that contains a remote ...
File : quicktime_mpeg2_760920.nasl - Type : ACT_GATHER_INFO
2013-08-15Name : The remote Windows host has an authentication application installed that is a...
File : rsa_authentication_agent_7_1_2.nasl - Type : ACT_GATHER_INFO
2013-03-09Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-823-1.nasl - Type : ACT_GATHER_INFO
2013-02-22Name : The remote host has an application installed that is affected by multiple pri...
File : pgp_desktop_10_3_0_8741.nasl - Type : ACT_GATHER_INFO
2012-09-28Name : The remote database server is affected by multiple vulnerabilities.
File : db2_101fp1.nasl - Type : ACT_GATHER_INFO
2012-09-12Name : A PDF viewer installed on the remote host is affected by a remote code execut...
File : foxit_reader_5_3.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090625_kdegraphics_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2011-06-15Name : The remote Windows host is affected by a remote code execution vulnerability.
File : smb_nt_ms11-038.nasl - Type : ACT_GATHER_INFO
2011-05-05Name : The remote openSUSE host is missing a security update.
File : suse_11_2_libwebkit-110111.nasl - Type : ACT_GATHER_INFO
2011-05-05Name : The remote openSUSE host is missing a security update.
File : suse_11_1_kdegraphics3-101104.nasl - Type : ACT_GATHER_INFO
2011-03-15Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2191.nasl - Type : ACT_GATHER_INFO
2011-02-08Name : The Windows kernel is affected by several vulnerabilities that could allow es...
File : smb_nt_ms11-011.nasl - Type : ACT_GATHER_INFO
2011-01-11Name : Arbitrary code can be executed on the remote host through Microsoft Data Acce...
File : smb_nt_ms11-002.nasl - Type : ACT_GATHER_INFO
2010-12-10Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kdegraphics3-7235.nasl - Type : ACT_GATHER_INFO
2010-07-30Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-027.nasl - Type : ACT_GATHER_INFO
2010-07-20Name : The remote host contains an application that is affected by a buffer overflow...
File : itunes_9_2_1.nasl - Type : ACT_GATHER_INFO
2010-07-20Name : The remote host contains an application that is affected by a buffer overflow...
File : itunes_9_2_1_banner.nasl - Type : ACT_GATHER_INFO
2010-07-20Name : The remote host contains an application that is affected by a buffer overflow...
File : macosx_itunes_9_2_1.nasl - Type : ACT_GATHER_INFO
2010-06-17Name : The remote host contains an application that is affected by multiple vulnerab...
File : itunes_9_2.nasl - Type : ACT_GATHER_INFO
2010-06-17Name : The remote host contains a multimedia application that has multiple vulnerabi...
File : itunes_9_2_banner.nasl - Type : ACT_GATHER_INFO