Executive Summary
Summary | |
---|---|
Title | Microsoft Updates for Multiple Vulnerabilities |
Informations | |||
---|---|---|---|
Name | TA08-043C | First vendor Publication | 2008-02-12 |
Vendor | US-CERT | Last vendor Modification | 2008-02-12 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Internet Explorer, Office, Visual Basic and Internet Information Services (IIS). Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code, gain elevated privileges, or crash a vulnerable system. I. Description Microsoft has released updates to address vulnerabilities that affect Microsoft Windows, Internet Explorer, Office, Visual Basic and Internet Information Services (IIS) as part of the Microsoft Security Bulletin Summary for February 2008. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code. For more information, see the US-CERT Vulnerability Notes Database. II. Impact A remote, unauthenticated attacker could execute arbitrary code, gain elevated privileges, or cause a denial of service. III. Solution Apply updates from Microsoft Microsoft has provided updates for these vulnerabilities in the February 2008 security bulletins. The security bulletins describe any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. |
Original Source
Url : http://www.us-cert.gov/cas/techalerts/TA08-043C.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
31 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
19 % | CWE-399 | Resource Management Errors |
19 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
19 % | CWE-20 | Improper Input Validation |
6 % | CWE-416 | Use After Free |
6 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:4547 | |||
Oval ID: | oval:org.mitre.oval:def:4547 | ||
Title: | Word Memory Corruption Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, and 2003 SP2 allows remote attackers to execute arbitrary code via a crafted .pub file, aka "Publisher Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0104 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Publisher 2000 Microsoft Publisher 2002 Microsoft Publisher 2003 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:4904 | |||
Oval ID: | oval:org.mitre.oval:def:4904 | ||
Title: | Argument Handling Memory Corruption Vulnerability | ||
Description: | Unspecified vulnerability in an ActiveX control (dxtmsft.dll) in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via a crafted image, aka "Argument Handling Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0078 | Version: | 11 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5009 | |||
Oval ID: | oval:org.mitre.oval:def:5009 | ||
Title: | Microsoft Works File Converter Index Table Vulnerability | ||
Description: | Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section header index table information, aka "Microsoft Works File Converter Index Table Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0105 | Version: | 2 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Office 2003 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5073 | |||
Oval ID: | oval:org.mitre.oval:def:5073 | ||
Title: | Word Memory Corruption Vulnerability | ||
Description: | Word in Microsoft Office 2000 SP3, XP SP3, Office 2003 SP2, and Office Word Viewer 2003 allows remote attackers to execute arbitrary code via crafted fields within the File Information Block (FIB) of a Word file, which triggers length calculation errors and memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0109 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Word 2000 Microsoft Word 2002 Microsoft Word 2003 Microsoft Word Viewer 2003 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5181 | |||
Oval ID: | oval:org.mitre.oval:def:5181 | ||
Title: | Windows Active Directory Denial of Service Vulnerability | ||
Description: | Unspecified vulnerability in Active Directory on Microsoft Windows 2000 and Windows Server 2003, and Active Directory Application Mode (ADAM) on XP and Server 2003, allows remote attackers to cause a denial of service (hang and restart) via a crafted LDAP request. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0088 | Version: | 10 |
Platform(s): | Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows Server 2003 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5202 | |||
Oval ID: | oval:org.mitre.oval:def:5202 | ||
Title: | Microsoft Works File Converter Field Length Vulnerability | ||
Description: | Stack-based buffer overflow in wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted field lengths, aka "Microsoft Works File Converter Field Length Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0108 | Version: | 2 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Office 2003 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5240 | |||
Oval ID: | oval:org.mitre.oval:def:5240 | ||
Title: | Windows Kernel TCP/IP Vulnerability | ||
Description: | Unspecified vulnerability in the TCP/IP support in Microsoft Windows Vista allows remote DHCP servers to cause a denial of service (hang and restart) via a crafted DHCP packet. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0084 | Version: | 4 |
Platform(s): | Microsoft Windows Vista | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5305 | |||
Oval ID: | oval:org.mitre.oval:def:5305 | ||
Title: | Publisher Invalid Memory Reference Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, and 2003 SP2 allows remote attackers to execute arbitrary code via a crafted .pub file, related to invalid "memory values," aka "Publisher Invalid Memory Reference Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0102 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Publisher 2000 Microsoft Publisher 2002 Microsoft Publisher 2003 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5308 | |||
Oval ID: | oval:org.mitre.oval:def:5308 | ||
Title: | Internet Information Services Remote Code Execution Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 through 6.0 allows remote attackers to execute arbitrary code via crafted inputs to ASP pages. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0075 | Version: | 5 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Information Server (IIS) 5.1 Microsoft Internet Information Server (IIS) 6.0 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5309 | |||
Oval ID: | oval:org.mitre.oval:def:5309 | ||
Title: | Microsoft Works File Converter Input Validation Vulnerability | ||
Description: | wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section length headers, aka "Microsoft Works File Converter Input Validation Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-0216 | Version: | 2 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Office 2003 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5381 | |||
Oval ID: | oval:org.mitre.oval:def:5381 | ||
Title: | Mini-Redirector Heap Overflow Vulnerability | ||
Description: | Heap-based buffer overflow in the WebDAV Mini-Redirector in Microsoft Windows XP SP2, Server 2003 SP1 and SP2, and Vista allows remote attackers to execute arbitrary code via a crafted WebDAV response. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0080 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5388 | |||
Oval ID: | oval:org.mitre.oval:def:5388 | ||
Title: | OLE Heap Overrun Vulnerability | ||
Description: | Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, Office 2004 for Mac, and Visual basic 6.0 SP6 allows remote attackers to execute arbitrary code via a crafted script request. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-0065 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Microsoft Visual Basic 6.0 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5389 | |||
Oval ID: | oval:org.mitre.oval:def:5389 | ||
Title: | Internet Information Services Local Privilege Elevation Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows local users to gain privileges via unknown vectors related to file change notifications in the TPRoot, NNTPFile\Root, or WWWRoot folders. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0074 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Internet Information Server (IIS) 5.0 Microsoft Internet Information Server (IIS) 5.1 Microsoft Internet Information Server (IIS) 6.0 Microsoft Internet Information Server (IIS) 7.0 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5396 | |||
Oval ID: | oval:org.mitre.oval:def:5396 | ||
Title: | Property Memory Corruption Vulnerability | ||
Description: | Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, as demonstrated using the by property of an animateMotion SVG element, aka "Property Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0077 | Version: | 11 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5407 | |||
Oval ID: | oval:org.mitre.oval:def:5407 | ||
Title: | Microsoft Office Execution Jump Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Office document that contains a malformed object, related to a "memory handling error," aka "Microsoft Office Execution Jump Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0103 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Office 2000 Microsoft Office XP |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5481 | |||
Oval ID: | oval:org.mitre.oval:def:5481 | ||
Title: | ActiveX Object Memory Corruption Vulnerability | ||
Description: | Stack-based buffer overflow in certain ActiveX controls in (1) FPOLE.OCX 6.0.8450.0 and (2) Foxtlib.ocx, as used in the Microsoft Visual FoxPro 6.0 fpole 1.0 Type Library; and Internet Explorer 5.01, 6 SP1 and SP2, and 7; allows remote attackers to execute arbitrary code via a long first argument to the FoxDoCmd function. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-4790 | Version: | 11 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5487 | |||
Oval ID: | oval:org.mitre.oval:def:5487 | ||
Title: | HTML Rendering Memory Corruption Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via crafted HTML layout combinations, aka "HTML Rendering Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0076 | Version: | 11 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Microsoft Works File Converter index table vulnerability | More info here |
Microsoft Works File Converter field length buffer overflow | More info here |
OpenVAS Exploits
Date | Description |
---|---|
2011-01-13 | Name : Microsoft Windows TCP/IP Denial of Service Vulnerability (946456) File : nvt/gb_ms08-004.nasl |
2011-01-13 | Name : Microsoft Internet Information Services Privilege Elevation Vulnerability (94... File : nvt/gb_ms08-005.nasl |
2011-01-13 | Name : Vulnerability in OLE Automation Could Allow Remote Code Execution (947890) File : nvt/gb_ms08-008.nasl |
2011-01-13 | Name : Microsoft Internet Explorer HTML Rendering Remote Memory Corruption Vulnerabi... File : nvt/gb_ms08-010.nasl |
2008-06-17 | Name : Mini-Redirector Heap Overflow Vulnerability File : nvt/win_CVE-2008-0080.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
41491 | Microsoft Windows Vista Crafted DHCP Response DoS |
41468 | Microsoft FoxPro ActiveX Web Page Parsing Unspecified Memory Corruption |
41467 | Microsoft IE Image Processing Argument Validation Unspecified Memory Corruption |
41466 | Microsoft IE animateMotion.by SVG Element by Property Memory Corruption |
41465 | Microsoft IE HTML Layout Rendering Unspecified Memory Corruption |
41464 | Microsoft Word Document Handling Unspecified Memory Corruption |
41463 | Microsoft Windows OLE Automation Unspecified Memory Corruption Remote Code Ex... |
41462 | Microsoft Office Malformed Object Parsing Memory Corruption |
41461 | Microsoft Active Directory / ADAM Malformed LDAP Request Remote DoS |
41460 | Microsoft WebDAV Mini-Redirector Response Handling Arbitrary Code Execution |
41459 | Microsoft Works File Converter .wps File Multiple Field Handling Arbitrary Co... |
41458 | Microsoft Works File Converter .wps File Header Index Table Handling Arbitrar... |
41457 | Microsoft Works File Converter .wps Format Header Handling Arbitrary Code Exe... |
41456 | Microsoft IIS File Change Handling Local Privilege Escalation |
41447 | Microsoft Office Publisher Memory Index Validation .pub File Handling Arbitra... |
41446 | Microsoft Office Publisher .pub File Handling Arbitrary Code Execution |
41445 | Microsoft IIS ASP Web Page Input Unspecified Arbitrary Code Execution |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2008-02-14 | IAVM : 2008-B-0015 - Microsoft Windows Vista TCP/IP Remote Denial Of Service Vulnerability Severity : Category II - VMSKEY : V0015737 |
2008-02-14 | IAVM : 2008-A-0005 - Microsoft Windows WebDAV Mini-Redirector Remote Code Execution Vulnerability Severity : Category I - VMSKEY : V0015742 |
2008-02-14 | IAVM : 2008-A-0006 - Microsoft Windows OLE Automation Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0015744 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Multiple Operating Systems invalid DHCP option attempt RuleID : 7196 - Revision : 13 - Type : OS-OTHER |
2017-03-01 | Microsoft Works file converter field length invalid chunk size buffer overflo... RuleID : 41453 - Revision : 1 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Visual FoxPro ActiveX clsid access RuleID : 36792 - Revision : 2 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Works file converter file section header index table stack overflow... RuleID : 17304 - Revision : 11 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Active Directory LDAP query handling denial of service RuleID : 16433 - Revision : 3 - Type : EXPLOIT |
2014-01-10 | Microsoft Internet Explorer HTML+TIME animatemotion property memory corruptio... RuleID : 16382 - Revision : 11 - Type : BROWSER-IE |
2014-01-10 | Microsoft Active Directory LDAP query DoS attempt RuleID : 16202 - Revision : 2 - Type : WEB-MISC |
2014-01-10 | Microsoft Internet Explorer isindex buffer overflow attempt RuleID : 16063 - Revision : 12 - Type : BROWSER-IE |
2014-01-10 | Microsoft IIS ASP handling buffer overflow attempt RuleID : 15974 - Revision : 7 - Type : SERVER-IIS |
2014-01-10 | Microsoft IIS HTMLEncode Unicode string buffer overflow RuleID : 13922 - Revision : 11 - Type : SERVER-IIS |
2014-01-10 | Microsoft IIS HTMLEncode Unicode string buffer overflow RuleID : 13476 - Revision : 10 - Type : SERVER-IIS |
2014-01-10 | Microsoft Active Directory LDAP denial of service attempt RuleID : 13475 - Revision : 13 - Type : OS-WINDOWS |
2014-01-10 | Microsoft WebDAV MiniRedir remote code execution attempt RuleID : 13474 - Revision : 11 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Works file converter field length invalid chunk size buffer overflo... RuleID : 13472 - Revision : 16 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Publisher invalid pathname overwrite attempt RuleID : 13471 - Revision : 14 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Publisher memory corruption attempt RuleID : 13470 - Revision : 21 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Word ole stream memory corruption attempt RuleID : 13469 - Revision : 13 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Works file converter file section length headers memory corruption ... RuleID : 13466 - Revision : 18 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Forms 2.0 ActiveX function call unicode access RuleID : 13460 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Windows Forms 2.0 ActiveX function call access RuleID : 13459 - Revision : 10 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Forms 2.0 ActiveX clsid unicode access RuleID : 13458 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Windows Forms 2.0 ActiveX clsid access RuleID : 13457 - Revision : 13 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DXLUTBuilder ActiveX function call unicode access RuleID : 13456 - Revision : 13 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer DXLUTBuilder ActiveX function call access RuleID : 13455 - Revision : 15 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer DXLUTBuilder ActiveX clsid unicode access RuleID : 13454 - Revision : 13 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer DXLUTBuilder ActiveX clsid access RuleID : 13453 - Revision : 12 - Type : BROWSER-IE |
2014-01-10 | Microsoft Visual FoxPro foxtlib ActiveX clsid unicode access RuleID : 13452 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Windows Visual FoxPro foxtlib ActiveX clsid access RuleID : 13451 - Revision : 10 - Type : BROWSER-PLUGINS |
2014-01-10 | invalid dhcp offer denial of service attempt RuleID : 13450 - Revision : 7 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Visual FoxPro ActiveX function call unicode access RuleID : 12420 - Revision : 7 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Visual FoxPro ActiveX function call access RuleID : 12419 - Revision : 11 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Visual FoxPro ActiveX clsid unicode access RuleID : 12418 - Revision : 7 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Visual FoxPro ActiveX clsid access RuleID : 12417 - Revision : 15 - Type : BROWSER-PLUGINS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-10-20 | Name : An application installed on the remote Mac OS X host is affected by multiple ... File : macosx_ms_office_feb2008.nasl - Type : ACT_GATHER_INFO |
2008-06-09 | Name : Arbitrary code can be executed on the remote host through Microsoft Office. File : smb_nt_ms08-011.nasl - Type : ACT_GATHER_INFO |
2008-02-12 | Name : It is possible to crash Active Directory on the remote host. File : smb_nt_ms08-003.nasl - Type : ACT_GATHER_INFO |
2008-02-12 | Name : It is possible to execute code on the remote host. File : smb_nt_ms08-004.nasl - Type : ACT_GATHER_INFO |
2008-02-12 | Name : A local user can elevate his privileges on the remote host. File : smb_nt_ms08-005.nasl - Type : ACT_GATHER_INFO |
2008-02-12 | Name : It is possible to use the remote web server to exploit arbitrary code on the ... File : smb_nt_ms08-006.nasl - Type : ACT_GATHER_INFO |
2008-02-12 | Name : It is possible to execute arbitrary code on the remote host. File : smb_nt_ms08-007.nasl - Type : ACT_GATHER_INFO |
2008-02-12 | Name : Arbitrary code can be executed on the remote host through the web or email cl... File : smb_nt_ms08-008.nasl - Type : ACT_GATHER_INFO |
2008-02-12 | Name : Arbitrary code can be executed on the remote host through Microsoft Word. File : smb_nt_ms08-009.nasl - Type : ACT_GATHER_INFO |
2008-02-12 | Name : Arbitrary code can be executed on the remote host through the web client. File : smb_nt_ms08-010.nasl - Type : ACT_GATHER_INFO |
2008-02-12 | Name : Arbitrary code can be executed on the remote host through Microsoft Publisher. File : smb_nt_ms08-012.nasl - Type : ACT_GATHER_INFO |
2008-02-12 | Name : Arbitrary code can be executed on the remote host through Office. File : smb_nt_ms08-013.nasl - Type : ACT_GATHER_INFO |