Summary
Detail | |||
---|---|---|---|
Vendor | Microsoft | First view | 2000-04-14 |
Product | Windows Xp | Last view | 2020-02-20 |
Version | Type | ||
Update | |||
Edition | x86 | ||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.5 | 2020-02-20 | CVE-2012-5364 | The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries. |
7.5 | 2020-02-20 | CVE-2012-5362 | The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2010-4669. |
7.5 | 2019-12-10 | CVE-2019-1489 | An information disclosure vulnerability exists when the Windows Remote Desktop Protocol (RDP) fails to properly handle objects in memory, aka 'Remote Desktop Protocol Information Disclosure Vulnerability'. |
8.1 | 2017-06-22 | CVE-2017-0176 | A buffer overflow in Smart Card authentication code in gpkcsp.dll in Microsoft Windows XP through SP3 and Server 2003 through SP2 allows a remote attacker to execute arbitrary code on the target computer, provided that the computer is joined in a Windows domain and has Remote Desktop Protocol connectivity (or Terminal Services) enabled. |
7.8 | 2017-06-15 | CVE-2017-8487 | Windows OLE in Windows XP and Windows Server 2003 allows an attacker to execute code when a victim opens a specially crafted file or program aka "Windows olecnv32.dll Remote Code Execution Vulnerability." |
7.8 | 2017-06-15 | CVE-2017-8461 | Windows RPC with Routing and Remote Access enabled in Windows XP and Windows Server 2003 allows an attacker to execute code on a targeted RPC server which has Routing and Remote Access enabled via a specially crafted application, aka "Windows RPC Remote Code Execution Vulnerability." |
7.2 | 2014-07-26 | CVE-2014-4971 | Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the MQAC.sys driver in the MQ Access Control subsystem and (2) the BthPan.sys driver in the Bluetooth Personal Area Networking subsystem. |
6.9 | 2014-04-08 | CVE-2014-0315 | Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a Trojan horse cmd.exe file in the current working directory, as demonstrated by a directory that contains a .bat or .cmd file, aka "Windows File Handling Vulnerability." |
6.6 | 2014-03-12 | CVE-2014-0323 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (system hang) via a crafted application, aka "Win32k Information Disclosure Vulnerability." |
5.4 | 2014-03-12 | CVE-2014-0317 | The Security Account Manager Remote (SAMR) protocol implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2 does not properly determine the user-lockout state, which makes it easier for remote attackers to bypass the account lockout policy and obtain access via a brute-force attack, aka "SAMR Security Feature Bypass Vulnerability." |
9.3 | 2014-03-12 | CVE-2014-0301 | Double free vulnerability in qedit.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via a crafted JPEG image, aka "DirectShow Memory Corruption Vulnerability." |
7.2 | 2014-03-12 | CVE-2014-0300 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." |
7.1 | 2014-02-11 | CVE-2014-0266 | The XMLHTTP ActiveX controls in XML Core Services 3.0 in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to bypass the Same Origin Policy via a web page that is visited in Internet Explorer, aka "MSXML Information Disclosure Vulnerability." |
6.9 | 2013-12-10 | CVE-2013-5058 | Integer overflow in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows local users to gain privileges via a crafted application, aka "Win32k Integer Overflow Vulnerability." |
9.3 | 2013-12-10 | CVE-2013-5056 | Use-after-free vulnerability in the Scripting Runtime Object Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site that is visited with Internet Explorer, aka "Use-After-Free Vulnerability in Microsoft Scripting Runtime Object Library." |
7.2 | 2013-12-10 | CVE-2013-3899 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate addresses, which allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption Vulnerability." |
6.9 | 2013-12-10 | CVE-2013-3878 | Stack-based buffer overflow in the LRPC client in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges by operating an LRPC server that sends a crafted LPC port message, aka "LRPC Client Buffer Overrun Vulnerability." |
7.8 | 2013-11-27 | CVE-2013-5065 | NDProxy.sys in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in November 2013. |
7.1 | 2013-11-17 | CVE-2013-3876 | DirectAccess in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly verify server X.509 certificates, which allows man-in-the-middle attackers to spoof servers and read encrypted domain credentials via a crafted certificate. |
9.3 | 2013-11-12 | CVE-2013-3940 | Integer overflow in the Graphics Device Interface (GDI) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image in a Windows Write (.wri) document, which is not properly handled in WordPad, aka "Graphics Device Interface Integer Overflow Vulnerability." |
9.3 | 2013-11-12 | CVE-2013-3918 | The InformationCardSigninHelper Class ActiveX control in icardie.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted web page that is accessed by Internet Explorer, as exploited in the wild in November 2013, aka "InformationCardSigninHelper Vulnerability." |
4.9 | 2013-11-12 | CVE-2013-3887 | The Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows local users to obtain sensitive information from kernel memory by leveraging improper copy operations, aka "Ancillary Function Driver Information Disclosure Vulnerability." |
5 | 2013-11-12 | CVE-2013-3869 | Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to cause a denial of service (daemon hang) via a web-service request containing a crafted X.509 certificate that is not properly handled during validation, aka "Digital Signatures Vulnerability." |
9.3 | 2013-10-09 | CVE-2013-3894 | The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted CMAP table in a TrueType font (TTF) file, aka "TrueType Font CMAP Table Vulnerability." |
7.2 | 2013-10-09 | CVE-2013-3879 | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Use After Free Vulnerability." |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
17% (85) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
16% (76) | CWE-20 | Improper Input Validation |
14% (67) | CWE-399 | Resource Management Errors |
14% (67) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
11% (56) | CWE-264 | Permissions, Privileges, and Access Controls |
8% (40) | CWE-362 | Race Condition |
6% (29) | CWE-189 | Numeric Errors |
2% (11) | CWE-200 | Information Exposure |
0% (4) | CWE-310 | Cryptographic Issues |
0% (4) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
0% (3) | CWE-287 | Improper Authentication |
0% (3) | CWE-190 | Integer Overflow or Wraparound |
0% (2) | CWE-476 | NULL Pointer Dereference |
0% (2) | CWE-415 | Double Free |
0% (2) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
0% (2) | CWE-255 | Credentials Management |
0% (2) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
0% (2) | CWE-88 | Argument Injection or Modification |
0% (2) | CWE-16 | Configuration |
0% (1) | CWE-787 | Out-of-bounds Write |
0% (1) | CWE-732 | Incorrect Permission Assignment for Critical Resource |
0% (1) | CWE-681 | Incorrect Conversion between Numeric Types |
0% (1) | CWE-669 | Incorrect Resource Transfer Between Spheres |
0% (1) | CWE-667 | Insufficient Locking |
0% (1) | CWE-426 | Untrusted Search Path |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-1 | Accessing Functionality Not Properly Constrained by ACLs |
CAPEC-2 | Inducing Account Lockout |
CAPEC-3 | Using Leading 'Ghost' Character Sequences to Bypass Input Filters |
CAPEC-7 | Blind SQL Injection |
CAPEC-8 | Buffer Overflow in an API Call |
CAPEC-9 | Buffer Overflow in Local Command-Line Utilities |
CAPEC-10 | Buffer Overflow via Environment Variables |
CAPEC-13 | Subverting Environment Variable Values |
CAPEC-14 | Client-side Injection-induced Buffer Overflow |
CAPEC-17 | Accessing, Modifying or Executing Executable Files |
CAPEC-18 | Embedding Scripts in Nonscript Elements |
CAPEC-21 | Exploitation of Session Variables, Resource IDs and other Trusted Credentials |
CAPEC-22 | Exploiting Trust in Client (aka Make the Client Invisible) |
CAPEC-24 | Filter Failure through Buffer Overflow |
CAPEC-27 | Leveraging Race Conditions via Symbolic Links |
CAPEC-28 | Fuzzing |
CAPEC-29 | Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions |
CAPEC-31 | Accessing/Intercepting/Modifying HTTP Cookies |
CAPEC-32 | Embedding Scripts in HTTP Query Strings |
CAPEC-41 | Using Meta-characters in E-mail Headers to Inject Malicious Payloads |
CAPEC-42 | MIME Conversion |
CAPEC-43 | Exploiting Multiple Input Interpretation Layers |
CAPEC-45 | Buffer Overflow via Symbolic Links |
CAPEC-46 | Overflow Variables and Tags |
CAPEC-47 | Buffer Overflow via Parameter Expansion |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:253 | SQL Server Format String Vulnerability |
oval:org.mitre.oval:def:402 | SNMP Request Handling Buffer Overflow |
oval:org.mitre.oval:def:209 | SNMP Agent Service Buffer Overflow |
oval:org.mitre.oval:def:30 | Microsoft SMTP Malformed BDAT Request Denial of Service |
oval:org.mitre.oval:def:89 | Windows 2000 MUP UNC Request Buffer Overflow |
oval:org.mitre.oval:def:145 | Windows NT MUP UNC Request Buffer Overflow |
oval:org.mitre.oval:def:63 | Windows 2000 Remote Access Service Phonebook Buffer Overflow |
oval:org.mitre.oval:def:61 | Windows NT Remote Access Service Phonebook Buffer Overflow |
oval:org.mitre.oval:def:9 | Solaris 8 RPC xdr_array Buffer Overflow |
oval:org.mitre.oval:def:4728 | SunRPC xdr_array Function Integer Overflow |
oval:org.mitre.oval:def:42 | Solaris 7 RPC xdr_array Buffer Overflow |
oval:org.mitre.oval:def:374 | HTML Help ActiveX Control Buffer Overflow |
oval:org.mitre.oval:def:403 | Code Execution via Compiled HTML Help File |
oval:org.mitre.oval:def:190 | ActiveX Certificate Enrollment Unauthorized Remote Certificate Deletion |
oval:org.mitre.oval:def:189 | Network Share Provider Buffer Overflow |
oval:org.mitre.oval:def:2671 | Windows 2000 Certificate Validation Identity Spoofing Vulnerability (Test 2) |
oval:org.mitre.oval:def:1332 | Windows 2000 Certificate Validation Identity Spoofing Vulnerability (Test 1) |
oval:org.mitre.oval:def:1056 | Microsoft Certificate Validation Flaw Identity Spoofing Vulnerability |
oval:org.mitre.oval:def:199 | Weak Encryption in RDP Protocol |
oval:org.mitre.oval:def:277 | SMB Session Digital Signature Sidestep |
oval:org.mitre.oval:def:582 | MSJava Applet CODEBASE File Access Vulnerability |
oval:org.mitre.oval:def:59 | Microsoft Windows RPC Denial of Service |
oval:org.mitre.oval:def:10736 | The Internet Group Management Protocol (IGMP) allows local users to cause a d... |
oval:org.mitre.oval:def:103 | Windows RPC Locator Service Buffer Overflow |
oval:org.mitre.oval:def:795 | DEPRECATED: Windows Script Engine Heap Overflow (Test 3) |
SAINT Exploits
Description | Link |
---|---|
Internet Explorer iepeers.dll use-after-free vulnerability | More info here |
Microsoft Jet Engine MDB file ColumnName buffer overflow | More info here |
Microsoft Message Queuing buffer overflow | More info here |
Visual Studio Active Template Library object type mismatch vulnerability | More info here |
Windows Telephony API buffer overflow | More info here |
Windows Metafile rendering buffer overflow | More info here |
Windows Server Service buffer overflow MS08-067 | More info here |
Windows LSASS buffer overflow | More info here |
Windows Server Service buffer overflow | More info here |
Windows RRAS memory corruption vulnerability | More info here |
Microsoft Windows Movie Maker IsValidWMToolsStream buffer overflow | More info here |
Windows Task Scheduler buffer overflow | More info here |
Windows Cursor and Icon handling vulnerability | More info here |
Microsoft OLE Object File Handling vulnerability | More info here |
Microsoft Windows Media Player DVR-MS File Code Execution | More info here |
Windows Plug and Play buffer overflow | More info here |
Windows Telnet credential reflection | More info here |
Windows compressed folders buffer overflow | More info here |
Internet Explorer WinINet credential reflection vulnerability | More info here |
Microsoft WordPad Word97 text converter buffer overflow | More info here |
Windows Thumbnail View CreateSizedDIBSECTION buffer overflow | More info here |
Internet Explorer Tabular Data Control DataURL memory corruption | More info here |
Windows WMF handling vulnerability | More info here |
Windows GDI EMF filename buffer overflow | More info here |
Windows Media MIDI Invalid Channel | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
78212 | Microsoft Windows Object Packager Path Subversion packager.exe Loading Remote... |
78211 | Microsoft Windows Line21 DirectShow Filter Media File Handling Remote Code Ex... |
78210 | Microsoft Windows Multimedia Library (winmm.dll) MIDI File Handling Remote Co... |
78209 | Microsoft Windows Ntdll.dll Structured Exception Handling Tables Loading Safe... |
78207 | Microsoft Windows Embedded ClickOnce Application Office File Handling Remote ... |
78206 | Microsoft Windows Client/Server Run-time Subsystem (CSRSS) Unicode Character ... |
78057 | Microsoft .NET Framework ASP.NET Hash Collision Web Form Post Parsing Remote DoS |
78056 | Microsoft .NET Framework Forms Authentication Sliding Expiry Cached Content P... |
78055 | Microsoft .NET Framework ASP.NET Username Parsing Authentication Bypass |
78054 | Microsoft .NET Framework Forms Authentication Return URL Handling Arbitrary S... |
77908 | Microsoft Windows win32k.sys Safari IFRAME Height Attribute Handling Remote M... |
77667 | Microsoft Windows Active Directory Query Parsing Remote Overflow |
77666 | Microsoft Windows Kernel Exception Handler Local Privilege Escalation |
77665 | Microsoft Time ActiveX (DATIME.DLL) Unspecified IE Web Page Handling Remote C... |
77663 | Microsoft Windows Object Linking and Embedding (OLE) Object File Handling Rem... |
77662 | Microsoft Windows CSRSS Device Event Message Parsing Local Privilege Escalation |
77660 | Microsoft Windows Media Player / Center DVR-MS File Handling Remote Memory Co... |
76902 | Microsoft Windows Active Directory LDAPS CRL Handling Weakness Authentication... |
76843 | Microsoft Windows Win32k TrueType Font Handling Privilege Escalation |
76232 | Microsoft Windows Ancillary Function Driver afd.sys Local Privilege Escalation |
76231 | Microsoft Windows Active Accessibility Path Subversion Arbitrary DLL Injectio... |
76221 | Microsoft Windows win32k.sys Driver Use-after-free Driver Object Handling Arb... |
76220 | Microsoft Windows win32k.sys Driver .fon Font File Handling Overflow |
76218 | Microsoft Windows win32k.sys Driver NULL Dereference Unspecified Arbitrary Co... |
75382 | Microsoft Windows Shell Extensions Path Subversion Arbitrary DLL Injection Co... |
ExploitDB Exploits
id | Description |
---|---|
34131 | Microsoft XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation |
34112 | Microsoft XP SP3 MQAC.sys - Arbitrary Write Privilege Escalation |
33213 | Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei) |
30397 | Windows Kernel win32k.sys - Integer Overflow (MS13-101) |
30392 | Microsoft Windows ndproxy.sys - Local Privilege Escalation |
30014 | Windows NDPROXY Local SYSTEM Privilege Escalation |
29813 | Microsoft Windows Vista ARP Table Entries Denial of Service Vulnerability |
27050 | DirectShow Arbitrary Memory Overwrite Vulnerability (MS13-056) |
26554 | Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation |
25389 | Multiple Vendor ICMP Message Handling DoS |
25388 | Multiple Vendor ICMP Implementation Malformed Path MTU DoS |
25387 | Multiple Vendor ICMP Implementation Spoofed Source Quench Packet DoS |
21746 | MS Windows 2000/NT 4/XP Network Share Provider SMB Request Buffer Overflow (1) |
19037 | MS12-005 Microsoft Office ClickOnce Unsafe Object Package Handling Vulnerability |
19002 | Microsoft Windows OLE Object File Handling Remote Code Execution |
18426 | MS12-004 midiOutPlayNextPolyEvent Heap Overflow |
18372 | Microsoft Windows Assembly Execution Vulnerability MS12-005 |
18176 | MS11-080 Afd.sys Privilege Escalation Exploit |
18024 | MS11-077 Win32k Null Pointer De-reference Vulnerability POC |
17978 | MS11-077 .fon Kernel-Mode Buffer Overrun PoC |
17659 | MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow |
17544 | GDI+ CreateDashedPath Integer overflow in gdiplus.dll |
16590 | Internet Explorer DHTML Behaviors Use After Free |
16262 | MS11-011(CVE-2011-0045): MS Windows XP WmiTraceMessageVa Integer Truncation V... |
15985 | MS10-073: Win32k Keyboard Layout Vulnerability |
OpenVAS Exploits
id | Description |
---|---|
2013-07-09 | Name : Microsoft Remote Desktop Protocol Remote Code Execution Vulnerabilities (2671... File : nvt/secpod_ms12-020_remote.nasl |
2012-12-18 | Name : Fedora Update for xen FEDORA-2012-19828 File : nvt/gb_fedora_2012_19828_xen_fc16.nasl |
2012-12-14 | Name : Fedora Update for xen FEDORA-2012-19717 File : nvt/gb_fedora_2012_19717_xen_fc17.nasl |
2012-12-13 | Name : SuSE Update for xen openSUSE-SU-2012:0886-1 (xen) File : nvt/gb_suse_2012_0886_1.nasl |
2012-12-12 | Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (... File : nvt/secpod_ms12-078.nasl |
2012-12-12 | Name : Microsoft Windows File Handling Component Remote Code Execution Vulnerability... File : nvt/secpod_ms12-081.nasl |
2012-11-23 | Name : Fedora Update for xen FEDORA-2012-18242 File : nvt/gb_fedora_2012_18242_xen_fc17.nasl |
2012-11-23 | Name : Fedora Update for xen FEDORA-2012-18249 File : nvt/gb_fedora_2012_18249_xen_fc16.nasl |
2012-11-15 | Name : Fedora Update for xen FEDORA-2012-17204 File : nvt/gb_fedora_2012_17204_xen_fc17.nasl |
2012-11-15 | Name : Fedora Update for xen FEDORA-2012-17408 File : nvt/gb_fedora_2012_17408_xen_fc16.nasl |
2012-11-14 | Name : Microsoft Windows Shell Remote Code Execution Vulnerabilities (2727528) File : nvt/secpod_ms12-072.nasl |
2012-11-14 | Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (... File : nvt/secpod_ms12-075.nasl |
2012-10-10 | Name : Microsoft Windows Kernel Privilege Elevation Vulnerability (2724197) File : nvt/secpod_ms12-068.nasl |
2012-09-28 | Name : Google Chrome Windows Kernel Memory Corruption Vulnerability File : nvt/gb_google_chrome_mem_crptn_vuln_win.nasl |
2012-09-22 | Name : Fedora Update for xen FEDORA-2012-13434 File : nvt/gb_fedora_2012_13434_xen_fc17.nasl |
2012-09-22 | Name : Fedora Update for xen FEDORA-2012-13443 File : nvt/gb_fedora_2012_13443_xen_fc16.nasl |
2012-08-30 | Name : Fedora Update for xen FEDORA-2012-11182 File : nvt/gb_fedora_2012_11182_xen_fc17.nasl |
2012-08-30 | Name : Fedora Update for xen FEDORA-2012-11755 File : nvt/gb_fedora_2012_11755_xen_fc17.nasl |
2012-08-30 | Name : Fedora Update for xen FEDORA-2012-9386 File : nvt/gb_fedora_2012_9386_xen_fc17.nasl |
2012-08-24 | Name : Fedora Update for xen FEDORA-2012-11785 File : nvt/gb_fedora_2012_11785_xen_fc16.nasl |
2012-08-15 | Name : Microsoft Remote Desktop Protocol Remote Code Execution Vulnerability (2723135) File : nvt/secpod_ms12-053.nasl |
2012-08-15 | Name : Microsoft Windows Networking Components Remote Code Execution Vulnerabilities... File : nvt/secpod_ms12-054.nasl |
2012-08-15 | Name : Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerability (2731... File : nvt/secpod_ms12-055.nasl |
2012-08-10 | Name : Debian Security Advisory DSA 2501-1 (xen) File : nvt/deb_2501_1.nasl |
2012-08-10 | Name : Debian Security Advisory DSA 2508-1 (kfreebsd-8) File : nvt/deb_2508_1.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2014-A-0150 | Microsoft Message Queuing Service Privilege Escalation Vulnerability Severity: Category II - VMSKEY: V0055433 |
2014-B-0040 | Microsoft Windows Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0048685 |
2014-B-0028 | Microsoft Security Account Manager Remote (SAMR) Security Bypass Vulnerability Severity: Category II - VMSKEY: V0046171 |
2014-A-0038 | Microsoft DirectShow Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0046179 |
2014-A-0041 | Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Driver Severity: Category I - VMSKEY: V0046299 |
2014-B-0015 | Microsoft XML Core Information Disclosure Vulnerability Severity: Category I - VMSKEY: V0044037 |
2014-A-0004 | Microsoft Windows Kernel Privilege Escalation Vulnerability Severity: Category II - VMSKEY: V0043405 |
2013-A-0228 | Microsoft Windows Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0042580 |
2013-A-0232 | Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Drivers Severity: Category I - VMSKEY: V0042582 |
2013-A-0226 | Microsoft LRPC Client Privilege Escalation Vulnerability Severity: Category II - VMSKEY: V0042591 |
2013-A-0213 | Cumulative Security Update of Microsoft ActiveX Kill Bits Severity: Category II - VMSKEY: V0042293 |
2013-A-0214 | Microsoft GDI Memory Corruption Vulnerability Severity: Category II - VMSKEY: V0042294 |
2013-B-0127 | Microsoft Windows Ancillary Function Driver Information Disclosure Vulnerability Severity: Category II - VMSKEY: V0042302 |
2013-B-0128 | MIcrosoft Windows Digital Signature Denial of Service Vulnerability Severity: Category I - VMSKEY: V0042304 |
2013-A-0187 | Multiple Vulnerabilities in Microsoft .NET Framework Severity: Category I - VMSKEY: V0040753 |
2013-A-0189 | Microsoft Windows Common Control Library Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0040760 |
2013-A-0190 | Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Drivers Severity: Category I - VMSKEY: V0040763 |
2013-A-0176 | Microsoft Windows Object Linking and Embedding (OLE) Remote Code Execution Vu... Severity: Category II - VMSKEY: V0040290 |
2013-B-0104 | Microsoft Windows Theme File Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0040299 |
2013-A-0163 | Microsoft Windows Remote Procedure Call (RPC) Elevation of Privilege Vulnerab... Severity: Category I - VMSKEY: V0040034 |
2013-A-0164 | Microsoft Windows Unicode Scripts Processor Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0040037 |
2013-B-0088 | Multiple Privilege Escalation Vulnerabilities in Microsoft Windows Kernel Severity: Category I - VMSKEY: V0040045 |
2013-A-0135 | Microsoft GDI+ Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0039199 |
2013-A-0134 | Microsoft DirectShow Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0039200 |
2013-B-0071 | Multiple Vulnerabilities in Microsoft .NET Framework and Silverlight Severity: Category II - VMSKEY: V0039211 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | SMB tapisrv ClientRequest andx object call LSetAppPriority overflow attempt RuleID : 9999 - Type : NETBIOS - Revision : 5 |
2014-01-10 | SMB-DS tapisrv ClientRequest little endian andx object call LSetAppPriority o... RuleID : 9998 - Type : NETBIOS - Revision : 5 |
2014-01-10 | SMB-DS tapisrv ClientRequest WriteAndX unicode little endian andx object call... RuleID : 9997 - Type : NETBIOS - Revision : 5 |
2014-01-10 | SMB-DS tapisrv ClientRequest WriteAndX unicode andx object call LSetAppPriori... RuleID : 9996 - Type : NETBIOS - Revision : 5 |
2014-01-10 | SMB-DS tapisrv ClientRequest WriteAndX little endian andx object call LSetApp... RuleID : 9995 - Type : NETBIOS - Revision : 5 |
2014-01-10 | SMB-DS tapisrv ClientRequest andx object call LSetAppPriority overflow attempt RuleID : 9994 - Type : NETBIOS - Revision : 5 |
2014-01-10 | SMB-DS tapisrv ClientRequest unicode little endian andx LSetAppPriority overf... RuleID : 9993 - Type : NETBIOS - Revision : 5 |
2014-01-10 | SMB tapisrv ClientRequest WriteAndX unicode little endian andx LSetAppPriorit... RuleID : 9992 - Type : NETBIOS - Revision : 5 |
2014-01-10 | SMB tapisrv ClientRequest unicode little endian andx LSetAppPriority overflow... RuleID : 9991 - Type : NETBIOS - Revision : 5 |
2014-01-10 | SMB tapisrv ClientRequest WriteAndX little endian andx LSetAppPriority overfl... RuleID : 9990 - Type : NETBIOS - Revision : 5 |
2014-01-10 | SMB tapisrv ClientRequest little endian andx LSetAppPriority overflow attempt RuleID : 9989 - Type : NETBIOS - Revision : 5 |
2014-01-10 | SMB-DS tapisrv ClientRequest WriteAndX andx LSetAppPriority overflow attempt RuleID : 9988 - Type : NETBIOS - Revision : 5 |
2014-01-10 | SMB-DS tapisrv ClientRequest unicode andx LSetAppPriority overflow attempt RuleID : 9987 - Type : NETBIOS - Revision : 4 |
2014-01-10 | SMB tapisrv ClientRequest unicode andx LSetAppPriority overflow attempt RuleID : 9986 - Type : NETBIOS - Revision : 5 |
2014-01-10 | SMB tapisrv ClientRequest WriteAndX andx LSetAppPriority overflow attempt RuleID : 9985 - Type : NETBIOS - Revision : 5 |
2014-01-10 | SMB tapisrv ClientRequest WriteAndX unicode andx LSetAppPriority overflow att... RuleID : 9984 - Type : NETBIOS - Revision : 5 |
2014-01-10 | SMB tapisrv ClientRequest andx LSetAppPriority overflow attempt RuleID : 9983 - Type : NETBIOS - Revision : 5 |
2014-01-10 | SMB-DS tapisrv ClientRequest little endian andx LSetAppPriority overflow attempt RuleID : 9982 - Type : NETBIOS - Revision : 4 |
2014-01-10 | SMB-DS tapisrv ClientRequest WriteAndX unicode little endian andx LSetAppPrio... RuleID : 9981 - Type : NETBIOS - Revision : 5 |
2014-01-10 | SMB-DS tapisrv ClientRequest WriteAndX unicode andx LSetAppPriority overflow ... RuleID : 9980 - Type : NETBIOS - Revision : 5 |
2014-01-10 | SMB-DS tapisrv ClientRequest WriteAndX little endian andx LSetAppPriority ove... RuleID : 9979 - Type : NETBIOS - Revision : 5 |
2014-01-10 | SMB v4 tapisrv ClientRequest unicode little endian andx LSetAppPriority overf... RuleID : 9978 - Type : NETBIOS - Revision : 5 |
2014-01-10 | SMB v4 tapisrv ClientRequest little endian andx LSetAppPriority overflow attempt RuleID : 9977 - Type : NETBIOS - Revision : 5 |
2014-01-10 | SMB-DS tapisrv ClientRequest andx LSetAppPriority overflow attempt RuleID : 9976 - Type : NETBIOS - Revision : 5 |
2014-01-10 | SMB-DS v4 tapisrv ClientRequest WriteAndX andx LSetAppPriority overflow attempt RuleID : 9975 - Type : NETBIOS - Revision : 5 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2018-04-03 | Name: The remote mail server may be affected by multiple vulnerabilities. File: exchange_ms10-024.nasl - Type: ACT_GATHER_INFO |
2018-04-03 | Name: The remote web server may allow remote code execution. File: iis_7_pci.nasl - Type: ACT_GATHER_INFO |
2017-06-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_jun_windows8.nasl - Type: ACT_GATHER_INFO |
2017-06-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_june_xp_2003.nasl - Type: ACT_GATHER_INFO |
2017-05-08 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL23440942.nasl - Type: ACT_GATHER_INFO |
2015-09-18 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL4583.nasl - Type: ACT_GATHER_INFO |
2014-11-26 | Name: The remote OracleVM host is missing one or more security updates. File: oraclevm_OVMSA-2012-0020.nasl - Type: ACT_GATHER_INFO |
2014-11-26 | Name: The remote OracleVM host is missing one or more security updates. File: oraclevm_OVMSA-2012-0021.nasl - Type: ACT_GATHER_INFO |
2014-11-26 | Name: The remote OracleVM host is missing one or more security updates. File: oraclevm_OVMSA-2012-0022.nasl - Type: ACT_GATHER_INFO |
2014-10-15 | Name: The remote Windows host is affected by a privilege escalation vulnerability. File: smb_nt_ms14-062.nasl - Type: ACT_GATHER_INFO |
2014-10-10 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL10509.nasl - Type: ACT_GATHER_INFO |
2014-07-26 | Name: The remote Solaris system is missing a security patch from CPU oct2012. File: solaris_oct2012_SRU10_5.nasl - Type: ACT_GATHER_INFO |
2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2012-403.nasl - Type: ACT_GATHER_INFO |
2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2012-404.nasl - Type: ACT_GATHER_INFO |
2014-04-08 | Name: The remote Windows host is potentially affected by a remote code execution vu... File: smb_nt_ms14-019.nasl - Type: ACT_GATHER_INFO |
2014-03-11 | Name: The remote Windows host is potentially affected by a remote code execution vu... File: smb_nt_ms14-013.nasl - Type: ACT_GATHER_INFO |
2014-03-11 | Name: The Windows kernel drivers on the remote host are affected by multiple vulner... File: smb_nt_ms14-015.nasl - Type: ACT_GATHER_INFO |
2014-03-11 | Name: The remote Windows host is affected by a security feature bypass vulnerability. File: smb_nt_ms14-016.nasl - Type: ACT_GATHER_INFO |
2014-03-10 | Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r... File: smb_kb957488.nasl - Type: ACT_GATHER_INFO |
2014-03-05 | Name: The DNS server running on the remote host is vulnerable to DNS spoofing attacks. File: ms_dns_kb951746.nasl - Type: ACT_GATHER_INFO |
2014-02-12 | Name: The remote host is affected by an information disclosure vulnerability. File: smb_nt_ms14-005.nasl - Type: ACT_GATHER_INFO |
2014-01-14 | Name: The Windows kernel on the remote host is affected by a privilege escalation v... File: smb_nt_ms14-002.nasl - Type: ACT_GATHER_INFO |
2013-12-11 | Name: The remote host is affected by a remote code execution vulnerability. File: smb_nt_ms13-099.nasl - Type: ACT_GATHER_INFO |
2013-12-11 | Name: The Windows kernel drivers on the remote host are affected by multiple vulner... File: smb_nt_ms13-101.nasl - Type: ACT_GATHER_INFO |
2013-12-11 | Name: A client on the host is vulnerable to a privilege escalation vulnerability. File: smb_nt_ms13-102.nasl - Type: ACT_GATHER_INFO |