Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Microsoft Updates for Multiple Vulnerabilities
Informations
Name TA09-223A First vendor Publication 2009-08-11
Vendor US-CERT Last vendor Modification 2009-08-11
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Windows Server, Office Web Components and Remote Desktop Connection for Mac.

I. Description

Microsoft has released multiple security bulletins for critical vulnerabilities in Windows, Windows Server, Office Web Components, and Remote Desktop Connection for Mac. These bulletins are described in the Microsoft Security Bulletin Summary for August
2009.

Microsoft Security Bulletin MS09-037 includes updates for Microsoft components to address vulnerabilities in the Active Template Library (ATL). Vulnerabilities present in the ATL can cause vulnerabilities in the resulting ActiveX controls and COM components. Any ActiveX control or COM component that was created with a vulnerable version of the ATL may be vulnerable, including ones distributed by third-party developers.

Developers should update the ATL as described in the previously released Microsoft Security Bulletin MS09-035 in order to stop creating vulnerable controls. To address vulnerabilities in existing controls, recompile the controls using the updated ATL.
Further discussion about the ATL vulnerabilities can be found in the Microsoft Security Advisory 973882.

II. Impact

An attacker may be able to execute arbitrary code, in some cases without user interaction.

III. Solution

Apply updates from Microsoft Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for August 2009. The security bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS).

Original Source

Url : http://www.us-cert.gov/cas/techalerts/TA09-223A.html

CWE : Common Weakness Enumeration

% Id Name
32 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
26 % CWE-94 Failure to Control Generation of Code ('Code Injection')
11 % CWE-399 Resource Management Errors
11 % CWE-264 Permissions, Privileges, and Access Controls
11 % CWE-189 Numeric Errors (CWE/SANS Top 25)
5 % CWE-255 Credentials Management
5 % CWE-20 Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:5412
 
Oval ID: oval:org.mitre.oval:def:5412
Title: Malformed AVI Header Vulnerability
Description: Unspecified vulnerability in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a malformed header in a crafted AVI file, aka "Malformed AVI Header Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-1545
Version: 1
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5645
 
Oval ID: oval:org.mitre.oval:def:5645
Title: Office Web Components Heap Corruption Vulnerability
Description: Heap-based buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Acceleration (ISA) Server 2004 SP3 and 2006 SP1, and Office Small Business Accounting 2006 allows remote attackers to execute arbitrary code via unspecified parameters to unknown methods, aka "Office Web Components Heap Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2496
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Product(s): Microsoft Office XP Web Components
Microsoft Office 2003 Web Components
Microsoft Office XP
Microsoft Office 2003
Microsoft Office 2007
Microsoft Internet Security and Acceleration Server 2004
Microsoft Internet Security and Acceleration Server 2006
Microsoft Office Small Business Accounting 2006
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5693
 
Oval ID: oval:org.mitre.oval:def:5693
Title: Remote Desktop Connection Heap Overflow Vulnerability
Description: Heap-based buffer overflow in Microsoft Remote Desktop Connection (formerly Terminal Services Client) running RDP 5.0 through 6.1 on Windows, and Remote Desktop Connection Client for Mac 2.0, allows remote attackers to execute arbitrary code via unspecified parameters, aka "Remote Desktop Connection Heap Overflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-1133
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5708
 
Oval ID: oval:org.mitre.oval:def:5708
Title: ATL Object Type Mismatch Vulnerability
Description: The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via vectors related to erroneous free operations after reading a variant from a stream and deleting this variant, aka "ATL Object Type Mismatch Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2494
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Outlook Express
Windows Media Player
Windows ATL Component
DHTML Editing Component ActiveX Control
HtmlInput Object ActiveX Control
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5809
 
Oval ID: oval:org.mitre.oval:def:5809
Title: Office Web Components HTML Script Vulnerability
Description: The Microsoft Office Web Components Spreadsheet ActiveX control (aka OWC10 or OWC11), as distributed in Office XP SP3 and Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Acceleration (ISA) Server 2004 SP3 and 2006 Gold and SP1, and Office Small Business Accounting 2006, when used in Internet Explorer, allows remote attackers to execute arbitrary code via a crafted call to the msDataSourceObject method, as exploited in the wild in July and August 2009, aka "Office Web Components HTML Script Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-1136
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Product(s): Microsoft Office XP Web Components
Microsoft Office 2003 Web Components
Microsoft Office XP
Microsoft Office 2003
Microsoft Office 2007
Microsoft Internet Security and Acceleration Server 2004
Microsoft Internet Security and Acceleration Server 2006
Microsoft Office Small Business Accounting 2006
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5850
 
Oval ID: oval:org.mitre.oval:def:5850
Title: ATL Header Memcopy Vulnerability
Description: Unspecified vulnerability in the Load method in the IPersistStreamInit interface in the Active Template Library (ATL), as used in the Microsoft Video ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via unknown vectors that trigger memory corruption, aka "ATL Header Memcopy Vulnerability," a different vulnerability than CVE-2008-0015.
Family: windows Class: vulnerability
Reference(s): CVE-2008-0020
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Outlook Express
Windows Media Player
Windows ATL Component
DHTML Editing Component ActiveX Control
HtmlInput Object ActiveX Control
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5930
 
Oval ID: oval:org.mitre.oval:def:5930
Title: AVI Integer Overflow Vulnerability
Description: Integer overflow in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows allows remote attackers to execute arbitrary code on a Windows 2000 SP4 system via a crafted AVI file, or cause a denial of service on a Windows XP SP2 or SP3, Server 2003 SP2, Vista Gold, SP1, or SP2, or Server 2008 Gold or SP2 system via a crafted AVI file, aka "AVI Integer Overflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-1546
Version: 1
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6109
 
Oval ID: oval:org.mitre.oval:def:6109
Title: MSMQ Null Pointer Vulnerability
Description: The Message Queuing (aka MSMQ) service for Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP2, and Vista Gold does not properly validate unspecified IOCTL request data from user mode before passing this data to kernel mode, which allows local users to gain privileges via a crafted request, aka "MSMQ Null Pointer Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-1922
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6245
 
Oval ID: oval:org.mitre.oval:def:6245
Title: ATL COM Initialization Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2493
Version: 8
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Outlook Express
Windows Media Player
Windows ATL Component
DHTML Editing Component ActiveX Control
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6286
 
Oval ID: oval:org.mitre.oval:def:6286
Title: Workstation Service Memory Corruption Vulnerability
Description: Double free vulnerability in the Workstation service in Microsoft Windows allows remote authenticated users to gain privileges via a crafted RPC message to a Windows XP SP2 or SP3 or Server 2003 SP2 system, or cause a denial of service via a crafted RPC message to a Vista Gold, SP1, or SP2 or Server 2008 Gold or SP2 system, aka "Workstation Service Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-1544
Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6289
 
Oval ID: oval:org.mitre.oval:def:6289
Title: ATL Uninitialized Object Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-0901
Version: 8
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Outlook Express
Windows Media Player
Windows ATL Component
DHTML Editing Component ActiveX Control
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6302
 
Oval ID: oval:org.mitre.oval:def:6302
Title: Telnet Credential Reflection Vulnerability
Description: The Telnet service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote Telnet servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, aka "Telnet Credential Reflection Vulnerability," a related issue to CVE-2000-0834.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1930
Version: 1
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6304
 
Oval ID: oval:org.mitre.oval:def:6304
Title: ATL COM Initialization Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2493
Version: 13
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Visual Studio .NET 2003
Microsoft Visual Studio 2005
Microsoft Visual Studio 2008
Microsoft Visual C++ 2005 Redistributable Package
Microsoft Visual C++ 2008 Redistributable Package
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6311
 
Oval ID: oval:org.mitre.oval:def:6311
Title: ATL Uninitialized Object Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-0901
Version: 13
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Visual Studio .NET 2003
Microsoft Visual Studio 2005
Microsoft Visual Studio 2008
Microsoft Visual C++ 2005 Redistributable Package
Microsoft Visual C++ 2008 Redistributable Package
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6326
 
Oval ID: oval:org.mitre.oval:def:6326
Title: Office Web Components Buffer Overflow Vulnerability
Description: Buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2000 Web Components SP3, Office XP Web Components SP3, BizTalk Server 2002, and Visual Studio .NET 2003 SP1 allows remote attackers to execute arbitrary code via crafted property values, aka "Office Web Components Buffer Overflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-1534
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Product(s): Microsoft Office 2000 Web Components
Microsoft Office XP Web Components
Microsoft Office XP
Microsoft Visual Studio .NET 2003
Microsoft BizTalk Server 2004
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6329
 
Oval ID: oval:org.mitre.oval:def:6329
Title: Remote Desktop Connection ActiveX Control Heap Overflow Vulnerability
Description: Heap-based buffer overflow in the Microsoft Terminal Services Client ActiveX control running RDP 6.1 on Windows XP SP2, Vista SP1 or SP2, or Server 2008 Gold or SP2; or 5.2 or 6.1 on Windows XP SP3; allows remote attackers to execute arbitrary code via unspecified parameters to unknown methods, aka "Remote Desktop Connection ActiveX Control Heap Overflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-1929
Version: 2
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6333
 
Oval ID: oval:org.mitre.oval:def:6333
Title: Microsoft Video ActiveX Control Vulnerability
Description: Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka "Microsoft Video ActiveX Control Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-0015
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6337
 
Oval ID: oval:org.mitre.oval:def:6337
Title: Office Web Components Memory Allocation Vulnerability
Description: The Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Acceleration (ISA) Server 2004 SP3 and 2006 SP1, and Office Small Business Accounting 2006 does not properly allocate memory, which allows remote attackers to execute arbitrary code via unspecified vectors that trigger "system state" corruption, aka "Office Web Components Memory Allocation Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-0562
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Product(s): Microsoft Office 2000 Web Components
Microsoft Office XP Web Components
Microsoft Office 2003 Web Components
Microsoft Office XP
Microsoft Office 2003
Microsoft Office 2007
Microsoft Internet Security and Acceleration Server 2004
Microsoft Internet Security and Acceleration Server 2006
Microsoft Visual Studio .NET 2003
Microsoft BizTalk Server 2004
Microsoft Office Small Business Accounting 2006
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6354
 
Oval ID: oval:org.mitre.oval:def:6354
Title: WINS Integer Overflow Vulnerability
Description: Integer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP4 allows remote WINS replication partners to execute arbitrary code via crafted data structures in a packet, aka "WINS Integer Overflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-1924
Version: 1
Platform(s): Microsoft Windows 2000
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6363
 
Oval ID: oval:org.mitre.oval:def:6363
Title: Microsoft Video ActiveX Control Vulnerability
Description: Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka "Microsoft Video ActiveX Control Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-0015
Version: 8
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Outlook Express
Windows Media Player
Windows ATL Component
DHTML Editing Component ActiveX Control
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6373
 
Oval ID: oval:org.mitre.oval:def:6373
Title: ATL Uninitialized Object Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-0901
Version: 2
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Product(s): Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Outlook 2007
Microsoft Visio Viewer 2002
Microsoft Office Visio Viewer 2003
Microsoft Office Visio Viewer 2007
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6393
 
Oval ID: oval:org.mitre.oval:def:6393
Title: Remote Unauthenticated Denial of Service in ASP.NET Vulnerability
Description: ASP.NET in Microsoft .NET Framework 2.0 SP1 and SP2 and 3.5 Gold and SP1, when ASP 2.0 is used in integrated mode on IIS 7.0, does not properly manage request scheduling, which allows remote attackers to cause a denial of service (daemon outage) via a series of crafted HTTP requests, aka "Remote Unauthenticated Denial of Service in ASP.NET Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-1536
Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft .NET Framework
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6410
 
Oval ID: oval:org.mitre.oval:def:6410
Title: WINS Heap Overflow Vulnerability
Description: Heap-based buffer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP4 and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted WINS replication packet that triggers an incorrect buffer-length calculation, aka "WINS Heap Overflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-1923
Version: 1
Platform(s): Microsoft Windows 2000
Microsoft Windows Server 2003
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6421
 
Oval ID: oval:org.mitre.oval:def:6421
Title: ATL COM Initialization Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2493
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6473
 
Oval ID: oval:org.mitre.oval:def:6473
Title: ATL COM Initialization Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2493
Version: 2
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Product(s): Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Outlook 2007
Microsoft Visio Viewer 2002
Microsoft Office Visio Viewer 2003
Microsoft Office Visio Viewer 2007
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6621
 
Oval ID: oval:org.mitre.oval:def:6621
Title: ATL COM Initialization Vulnerability (CVE-2009-2493)
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2493
Version: 1
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Product(s): Microsoft Internet Explorer
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6716
 
Oval ID: oval:org.mitre.oval:def:6716
Title: ATL COM Initialization Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-2493
Version: 37
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s): Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Outlook 2007
Microsoft Visio Viewer 2002
Microsoft Office Visio Viewer 2003
Microsoft Office Visio Viewer 2007
Microsoft Internet Explorer 5
Microsoft Internet Explorer 6
Microsoft Visual Studio .NET 2003
Microsoft Visual Studio 2005
Microsoft Visual Studio 2008
Microsoft Visual C++ 2005 Redistributable Package
Microsoft Visual C++ 2008 Redistributable Package
Microsoft Outlook Express 5.5
Microsoft Outlook Express 6.0
Windows Media Player 9
Windows Media Player 10
Windows Media Player 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7436
 
Oval ID: oval:org.mitre.oval:def:7436
Title: Microsoft Video ActiveX Control Vulnerability
Description: Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka "Microsoft Video ActiveX Control Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-0015
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Outlook Express
Windows Media Player
Windows ATL Component
DHTML Editing Component ActiveX Control
HtmlInput Object ActiveX Control
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7581
 
Oval ID: oval:org.mitre.oval:def:7581
Title: ATL Uninitialized Object Vulnerability
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-0901
Version: 35
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Outlook 2007
Microsoft Visio Viewer 2002
Microsoft Office Visio Viewer 2003
Microsoft Office Visio Viewer 2007
Microsoft Visual Studio .NET 2003
Microsoft Visual Studio 2005
Microsoft Visual Studio 2008
Microsoft Visual C++ 2005 Redistributable Package
Microsoft Visual C++ 2008 Redistributable Package
Microsoft Outlook Express 5.5
Microsoft Outlook Express 6.0
Windows Media Player 9
Windows Media Player 10
Windows Media Player 11
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 4
Application 1
Application 4
Application 7
Application 4
Application 4
Application 1
Application 6
Application 5
Application 1
Os 2
Os 7
Os 1
Os 1
Os 11
Os 8
Os 8

SAINT Exploits

Description Link
Visual Studio Active Template Library object type mismatch vulnerability More info here
Windows Telnet credential reflection More info here
Microsoft Office Web Components OWC.Spreadsheet Evaluate method vulnerability More info here
Microsoft DirectShow Video Streaming ActiveX IMPEG2TuneRequest Overflow More info here
Microsoft Office Web Components OWC.Spreadsheet.9 HTMLURL property overflow More info here
Microsoft Office Web Components DataSourceControl ActiveX Control memory allocation More info here
Visual Studio Active Template Library uninitialized object More info here
Microsoft Office Web Components OWC.Spreadsheet BorderAround vulnerability More info here

OpenVAS Exploits

Date Description
2010-12-13 Name : Microsoft Windows ASP.NET Denial of Service Vulnerability(970957)
File : nvt/gb_ms09-036.nasl
2010-03-16 Name : FreeBSD Ports: openoffice.org
File : nvt/freebsd_openoffice.org.nasl
2009-12-04 Name : MS Internet Explorer 'Style' Object Remote Code Execution Vulnerability
File : nvt/gb_ms_ie_style_object_remote_code_exec_vuln.nasl
2009-11-11 Name : SLES11: Security update for IBM Java 1.6.0
File : nvt/sles11_java-1_6_0-ibm1.nasl
2009-10-14 Name : Microsoft Windows ATL COM Initialization Code Execution Vulnerability (973525)
File : nvt/secpod_ms09-055.nasl
2009-10-14 Name : MS ATL ActiveX Controls for MS Office Could Allow Remote Code Execution (973965)
File : nvt/secpod_ms09-060.nasl
2009-08-14 Name : Vulnerabilities in Microsoft ATL Could Allow Remote Code Execution (973908)
File : nvt/secpod_ms09-037.nasl
2009-08-13 Name : Microsoft Windows WINS Remote Code Execution Vulnerability (969883)
File : nvt/secpod_ms09-039.nasl
2009-08-13 Name : Microsoft Windows Message Queuing Privilege Escalation Vulnerability (971032)
File : nvt/secpod_ms09-040.nasl
2009-08-12 Name : Microsoft Windows AVI Media File Parsing Vulnerabilities (971557)
File : nvt/secpod_ms09-038.nasl
2009-08-12 Name : Vulnerability in Workstation Service Could Allow Elevation of Privilege (971657)
File : nvt/secpod_ms09-041.nasl
2009-08-12 Name : Telnet NTLM Credential Reflection Authentication Bypass Vulnerability (960859)
File : nvt/secpod_ms09-042.nasl
2009-08-12 Name : Microsoft Remote Desktop Connection Remote Code Execution Vulnerability (969706)
File : nvt/secpod_ms09-044.nasl
2009-08-03 Name : Microsoft Visual Studio ATL Remote Code Execution Vulnerability (969706)
File : nvt/secpod_ms09-035.nasl
2009-07-18 Name : Microsoft Office Web Components ActiveX Control Code Execution Vulnerability
File : nvt/gb_ms_office_web_compnts_actvx_code_exec_vuln.nasl
2009-07-09 Name : Microsoft Video ActiveX Control 'msvidctl.dll' BOF Vulnerability
File : nvt/gb_ms_video_actvx_bof_vuln_jul09.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
56916 Microsoft Office Web Components HTMLURL Parameter ActiveX Spreadsheet Object ...

Office Web Components is prone to an overflow condition. The ActiveX control fails to properly sanitize user-supplied input via the HTMLURL parameter resulting in a buffer overflow. With a specially crafted website, a context-dependent attacker can potentially cause arbitrary code execution.
56915 Microsoft Office Web Components OWC10.Spreadsheet ActiveX BorderAround() Meth...

A heap based buffer overflow exists in Microsoft Office Web Components. With a specially crafted web page, an attacker can cause code execution resulting in a loss of confidentiality and/or availability.
56914 Microsoft Office Web Components OWC10 ActiveX Loading/Unloading Memory Alloca...

56912 Microsoft Windows Terminal Services Client ActiveX Unspecified Overflow

56911 Microsoft Remote Desktop Server (RDS) mstscax.dll Packet Parsing Remote Overflow

56910 Microsoft Visual Studio Active Template Library (ATL) Header Mismatch Remote ...

56909 Microsoft Windows AVI Media File Parsing Unspecified Overflow

56908 Microsoft Windows Malformed AVI Header Parsing Arbitrary Code Execution

56905 Microsoft .NET Framework Request Scheduling Crafted HTTP Request Remote DoS

.NET Framework contains a flaw that may allow a remote denial of service. The issue is triggered by the way ASP.NET scheduling is managed , and will result in loss of availability for the IIS service.
56904 Microsoft Windows Telnet NTLM Credential Reflection Remote Access

56902 Microsoft Windows Workstation Service NetrGetJoinInformation Function Local M...

56901 Microsoft Windows Message Queuing Service (MSMQ) mqac.sys IOCTL Request Parsi...

56900 Microsoft Windows Internet Name Service (WINS) Network Packet Handling Remote...

56899 Microsoft Windows Internet Name Service (WINS) Push Request Handling Remote O...

56698 Microsoft Visual Studio Active Template Library (ATL) Data Stream Object Inst...

56696 Microsoft Visual Studio Active Template Library (ATL) Headers VariantClear Co...

56272 Microsoft Video ActiveX (msvidctl.dll) Unspecified Remote Arbitrary Code Exec...

55806 Microsoft Office Web Components OWC10.Spreadsheet ActiveX msDataSourceObject(...

A memory corruption flaw exists in Office Web Components. The OWC10.Spreadsheet ActiveX control fails to validate calls to the msDataSourceObject method resulting in memory corruption. With a specially crafted website, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.
55651 Microsoft DirectShow Video Streaming ActiveX (msvidctl.dll) IMPEG2TuneRequest...

A buffer overflow exists in Windows. The DirectShow ActiveX control fails to validate data passed to the IMPEG2TuneRequest interface resulting in a stack overflow. With a specially crafted website, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

Information Assurance Vulnerability Management (IAVM)

Date Description
2009-10-15 IAVM : 2009-A-0097 - Multiple Vulnerabilities in Microsoft Active Template Library
Severity : Category II - VMSKEY : V0021756
2009-08-13 IAVM : 2009-A-0069 - Multiple Vulnerabilities in Microsoft Office Web Components
Severity : Category II - VMSKEY : V0019877
2009-08-13 IAVM : 2009-B-0036 - Microsoft ASP.NET Denial of Service Vulnerability
Severity : Category I - VMSKEY : V0019878
2009-08-13 IAVM : 2009-B-0037 - Microsoft Telnet Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0019879
2009-08-13 IAVM : 2009-B-0035 - Microsoft Windows Workstation Service Elevation of Privilege Vulnerability
Severity : Category II - VMSKEY : V0019880
2009-08-13 IAVM : 2009-A-0067 - Multiple Vulnerabilities in Microsoft Active Template Library
Severity : Category II - VMSKEY : V0019882
2009-08-13 IAVM : 2009-A-0071 - Multiple Vulnerabilities in Microsoft Remote Desktop Connection
Severity : Category II - VMSKEY : V0019884
2009-07-30 IAVM : 2009-B-0033 - Multiple Vulnerabilities in Visual Studio Active Template Library
Severity : Category II - VMSKEY : V0019798

Snort® IPS/IDS

Date Description
2014-01-10 Microsoft Office Data Source Control 10.0 ActiveX clsid unicode access
RuleID : 7877 - Revision : 10 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Office Data Source Control 10.0 ActiveX clsid access
RuleID : 7876 - Revision : 18 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Office Spreadsheet 10.0 ActiveX clsid unicode access
RuleID : 7873 - Revision : 9 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Office Spreadsheet 10.0 ActiveX clsid access
RuleID : 7872 - Revision : 17 - Type : BROWSER-PLUGINS
2021-01-26 Microsoft ASP.NET bad request denial of service attempt
RuleID : 56804 - Revision : 1 - Type : SERVER-IIS
2017-08-31 Microsoft ASP.NET bad request denial of service attempt
RuleID : 43808 - Revision : 1 - Type : SERVER-IIS
2017-08-31 Microsoft ASP.NET bad request denial of service attempt
RuleID : 43807 - Revision : 1 - Type : SERVER-IIS
2017-07-25 Microsoft Windows DirectX directshow wav file overflow attempt
RuleID : 43270 - Revision : 1 - Type : FILE-MULTIMEDIA
2017-07-25 Microsoft Windows DirectX directshow wav file overflow attempt
RuleID : 43269 - Revision : 1 - Type : FILE-MULTIMEDIA
2016-04-19 DCERPC Direct detection of malicious DCE RPC request in suspicious pcap
RuleID : 38264 - Revision : 1 - Type : OS-WINDOWS
2014-11-16 Microsoft Office Spreadsheet 10.0 ActiveX clsid access
RuleID : 31759 - Revision : 2 - Type : BROWSER-PLUGINS
2014-11-16 Microsoft Office Spreadsheet 10.0 ActiveX function call access
RuleID : 31758 - Revision : 2 - Type : BROWSER-PLUGINS
2014-11-16 Microsoft Office Web Components 11 Spreadsheet ActiveX function call access
RuleID : 31757 - Revision : 2 - Type : BROWSER-PLUGINS
2014-11-16 Microsoft Office Web Components 11 Spreadsheet ActiveX clsid access
RuleID : 31756 - Revision : 2 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Windows AVIFile truncated media file processing memory corruption a...
RuleID : 23569 - Revision : 5 - Type : FILE-MULTIMEDIA
2014-01-10 Microsoft Windows AVIFile media file processing memory corruption attempt
RuleID : 23568 - Revision : 5 - Type : FILE-MULTIMEDIA
2014-01-10 Microsoft Windows AVI Header insufficient data corruption attempt
RuleID : 23567 - Revision : 5 - Type : FILE-MULTIMEDIA
2014-01-10 Microsoft Windows Media Player DirectShow MPEG-2 memory corruption attempt
RuleID : 20744 - Revision : 7 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows Remote Desktop Client ActiveX clsid access
RuleID : 20175 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Windows AVI Header insufficient data corruption attempt
RuleID : 19320 - Revision : 13 - Type : FILE-MULTIMEDIA
2014-01-10 possible SMB replay attempt - overlapping encryption keys detected
RuleID : 17723 - Revision : 12 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows WINS replication inform2 request memory corruption attempt
RuleID : 17721 - Revision : 10 - Type : OS-WINDOWS
2015-05-28 Microsoft Windows AVI file chunk length integer overflow attempt
RuleID : 17694 - Revision : 5 - Type : WEB-CLIENT
2014-01-10 Possible Microsoft telnet NTLM reflection attempt
RuleID : 17627 - Revision : 3 - Type : POLICY
2014-01-10 Microsoft Office Web Components Spreadsheet ActiveX buffer overflow attempt
RuleID : 16786 - Revision : 11 - Type : FILE-OFFICE
2014-01-10 Microsoft DirectShow 3 ActiveX exploit via JavaScript
RuleID : 16602 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Windows AVIFile truncated media file processing memory corruption a...
RuleID : 16342 - Revision : 17 - Type : FILE-MULTIMEDIA
2014-01-10 Microsoft Excel Add-in for SQL Analysis Services 4 ActiveX clsid unicode access
RuleID : 16166 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Office Excel Add-in for SQL Analysis Services 4 ActiveX clsid access
RuleID : 16165 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Excel Add-in for SQL Analysis Services 3 ActiveX clsid unicode access
RuleID : 16164 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Office Excel Add-in for SQL Analysis Services 3 ActiveX clsid access
RuleID : 16163 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Excel Add-in for SQL Analysis Services 2 ActiveX clsid unicode access
RuleID : 16162 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Office Excel Add-in for SQL Analysis Services 2 ActiveX clsid access
RuleID : 16161 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Excel Add-in for SQL Analysis Services 1 ActiveX clsid unicode access
RuleID : 16160 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Office Excel Add-in for SQL Analysis Services 1 ActiveX clsid access
RuleID : 16159 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 6 ActiveX function call unicode access
RuleID : 15905 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 6 ActiveX function call access
RuleID : 15904 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Remote Desktop Client ActiveX function call unicode access
RuleID : 15864 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Windows Remote Desktop Client ActiveX function call access
RuleID : 15863 - Revision : 16 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Remote Desktop Client ActiveX clsid unicode access
RuleID : 15862 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Windows Remote Desktop Client ActiveX clsid access
RuleID : 15861 - Revision : 16 - Type : BROWSER-PLUGINS
2014-01-10 DCERPC NCACN-IP-TCP wkssvc NetrGetJoinInformation attempt
RuleID : 15860 - Revision : 13 - Type : OS-WINDOWS
2014-01-10 Microsoft Office Web Components Spreadsheet ActiveX clsid unicode access
RuleID : 15859 - Revision : 5 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Office Web Components Spreadsheet ActiveX clsid access
RuleID : 15858 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Windows AVI file chunk length integer overflow attempt
RuleID : 15857 - Revision : 8 - Type : FILE-MULTIMEDIA
2014-01-10 Microsoft Office Spreadsheet 10.0 ActiveX function call unicode access
RuleID : 15856 - Revision : 5 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Office Spreadsheet 10.0 ActiveX function call access
RuleID : 15855 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Windows AVIFile media file processing memory corruption attempt
RuleID : 15854 - Revision : 18 - Type : FILE-MULTIMEDIA
2014-01-10 Microsoft Office Web Components Datasource ActiveX clsid unicode access
RuleID : 15853 - Revision : 5 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Office Web Components Datasource ActiveX clsid access
RuleID : 15852 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft ASP.NET bad request denial of service attempt
RuleID : 15851 - Revision : 11 - Type : SERVER-IIS
2014-01-10 Remote Desktop orderType remote code execution attempt
RuleID : 15850 - Revision : 13 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows WINS replication inform2 request memory corruption attempt
RuleID : 15849 - Revision : 7 - Type : OS-WINDOWS
2014-01-10 WINS replication request memory corruption attempt
RuleID : 15848 - Revision : 7 - Type : OS-WINDOWS
2014-01-10 Telnet-based NTLM replay attack attempt
RuleID : 15847 - Revision : 14 - Type : OS-WINDOWS
2014-01-10 Microsoft Office Web Components 11 Spreadsheet ActiveX function call unicode ...
RuleID : 15692 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Office Web Components 11 Spreadsheet ActiveX function call access
RuleID : 15691 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Office Web Components 11 Spreadsheet ActiveX clsid unicode access
RuleID : 15690 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Office Web Components 11 Spreadsheet ActiveX clsid access
RuleID : 15689 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Office Web Components 10 Spreadsheet ActiveX function call unicode ...
RuleID : 15688 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Office Web Components 10 Spreadsheet ActiveX function call access
RuleID : 15687 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Office Web Components 10 Spreadsheet ActiveX clsid unicode access
RuleID : 15686 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Office Web Components 10 Spreadsheet ActiveX clsid access
RuleID : 15685 - Revision : 14 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft DirectShow ActiveX exploit via JavaScript - unicode encoding
RuleID : 15679 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft DirectShow ActiveX exploit via JavaScript
RuleID : 15678 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 9 ActiveX clsid unicode access
RuleID : 15677 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 9 ActiveX clsid access
RuleID : 15676 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 8 ActiveX clsid unicode access
RuleID : 15675 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 8 ActiveX clsid access
RuleID : 15674 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 7 ActiveX clsid unicode access
RuleID : 15673 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 7 ActiveX clsid access
RuleID : 15672 - Revision : 15 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 6 ActiveX function call
RuleID : 15671 - Revision : 15 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 6 ActiveX clsid access
RuleID : 15670 - Revision : 18 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 5 ActiveX clsid unicode access
RuleID : 15669 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 5 ActiveX clsid access
RuleID : 15668 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 45 ActiveX clsid unicode access
RuleID : 15667 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 45 ActiveX clsid access
RuleID : 15666 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 44 ActiveX clsid unicode access
RuleID : 15665 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 44 ActiveX clsid access
RuleID : 15664 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 43 ActiveX clsid unicode access
RuleID : 15663 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 43 ActiveX clsid access
RuleID : 15662 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 42 ActiveX clsid unicode access
RuleID : 15661 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 42 ActiveX clsid access
RuleID : 15660 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 41 ActiveX clsid unicode access
RuleID : 15659 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 41 ActiveX clsid access
RuleID : 15658 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 40 ActiveX clsid unicode access
RuleID : 15657 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 40 ActiveX clsid access
RuleID : 15656 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 4 ActiveX clsid unicode access
RuleID : 15655 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 4 ActiveX clsid access
RuleID : 15654 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 39 ActiveX clsid unicode access
RuleID : 15653 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 39 ActiveX clsid access
RuleID : 15652 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 38 ActiveX clsid unicode access
RuleID : 15651 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 38 ActiveX clsid access
RuleID : 15650 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 37 ActiveX clsid unicode access
RuleID : 15649 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 37 ActiveX clsid access
RuleID : 15648 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 36 ActiveX clsid unicode access
RuleID : 15647 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 36 ActiveX clsid access
RuleID : 15646 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 35 ActiveX clsid unicode access
RuleID : 15645 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 35 ActiveX clsid access
RuleID : 15644 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 34 ActiveX clsid unicode access
RuleID : 15643 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 34 ActiveX clsid access
RuleID : 15642 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 33 ActiveX clsid unicode access
RuleID : 15641 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 33 ActiveX clsid access
RuleID : 15640 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 32 ActiveX clsid unicode access
RuleID : 15639 - Revision : 10 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 32 ActiveX clsid access
RuleID : 15638 - Revision : 18 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 31 ActiveX clsid unicode access
RuleID : 15637 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 31 ActiveX clsid access
RuleID : 15636 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 30 ActiveX clsid unicode access
RuleID : 15635 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 30 ActiveX clsid access
RuleID : 15634 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 3 ActiveX clsid unicode access
RuleID : 15633 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 3 ActiveX clsid access
RuleID : 15632 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 29 ActiveX clsid unicode access
RuleID : 15631 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 29 ActiveX clsid access
RuleID : 15630 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 28 ActiveX clsid unicode access
RuleID : 15629 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 28 ActiveX clsid access
RuleID : 15628 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 27 ActiveX clsid unicode access
RuleID : 15627 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 27 ActiveX clsid access
RuleID : 15626 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 26 ActiveX clsid unicode access
RuleID : 15625 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 26 ActiveX clsid access
RuleID : 15624 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 25 ActiveX clsid unicode access
RuleID : 15623 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 25 ActiveX clsid access
RuleID : 15622 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 24 ActiveX clsid unicode access
RuleID : 15621 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 24 ActiveX clsid access
RuleID : 15620 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 23 ActiveX clsid unicode access
RuleID : 15619 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 23 ActiveX clsid access
RuleID : 15618 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 22 ActiveX clsid unicode access
RuleID : 15617 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 22 ActiveX clsid access
RuleID : 15616 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 21 ActiveX clsid unicode access
RuleID : 15615 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 21 ActiveX clsid access
RuleID : 15614 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 20 ActiveX clsid unicode access
RuleID : 15613 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 20 ActiveX clsid access
RuleID : 15612 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 2 ActiveX clsid unicode access
RuleID : 15611 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 2 ActiveX clsid access
RuleID : 15610 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 19 ActiveX clsid unicode access
RuleID : 15609 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 19 ActiveX clsid access
RuleID : 15608 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 18 ActiveX clsid unicode access
RuleID : 15607 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 18 ActiveX clsid access
RuleID : 15606 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 17 ActiveX clsid unicode access
RuleID : 15605 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 17 ActiveX clsid access
RuleID : 15604 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 16 ActiveX clsid unicode access
RuleID : 15603 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 16 ActiveX clsid access
RuleID : 15602 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 15 ActiveX clsid unicode access
RuleID : 15601 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 15 ActiveX clsid access
RuleID : 15600 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 14 ActiveX clsid unicode access
RuleID : 15599 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 14 ActiveX clsid access
RuleID : 15598 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 13 ActiveX clsid unicode access
RuleID : 15597 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 13 ActiveX clsid access
RuleID : 15596 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 12 ActiveX clsid unicode access
RuleID : 15595 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 12 ActiveX clsid access
RuleID : 15594 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 11 ActiveX clsid unicode access
RuleID : 15593 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 11 ActiveX clsid access
RuleID : 15592 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 10 ActiveX clsid unicode access
RuleID : 15591 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 10 ActiveX clsid access
RuleID : 15590 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Video 1 ActiveX clsid unicode access
RuleID : 15589 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Video 1 ActiveX clsid access
RuleID : 15588 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 SMB replay attempt via NTLMSSP - overlapping encryption keys detected
RuleID : 15453 - Revision : 16 - Type : OS-WINDOWS
2014-01-10 Web-based NTLM replay attack attempt
RuleID : 15124 - Revision : 17 - Type : OS-WINDOWS
2014-01-10 possible SMB replay attempt - overlapping encryption keys detected
RuleID : 15009 - Revision : 22 - Type : OS-WINDOWS

Nessus® Vulnerability Scanner

Date Description
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_flash-player-6386.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_java-1_5_0-ibm-6741.nasl - Type : ACT_GATHER_INFO
2010-03-01 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_c97d7a37223311df96dd001b2134ef46.nasl - Type : ACT_GATHER_INFO
2010-02-12 Name : The remote Windows host has a program affected by multiple buffer overflows.
File : openoffice_32.nasl - Type : ACT_GATHER_INFO
2010-01-08 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_java-1_5_0-ibm-6740.nasl - Type : ACT_GATHER_INFO
2009-12-27 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12564.nasl - Type : ACT_GATHER_INFO
2009-12-08 Name : Arbitrary code can be executed on the remote host through a web browser.
File : smb_nt_ms09-072.nasl - Type : ACT_GATHER_INFO
2009-11-05 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_6_0-ibm-091102.nasl - Type : ACT_GATHER_INFO
2009-10-14 Name : Arbitrary code can be executed on the remote host through Microsoft Office Ac...
File : smb_nt_ms09-060.nasl - Type : ACT_GATHER_INFO
2009-10-13 Name : The remote Windows host has multiple ActiveX controls that are affected by mu...
File : smb_nt_ms09-055.nasl - Type : ACT_GATHER_INFO
2009-10-06 Name : The remote openSUSE host is missing a security update.
File : suse_flash-player-6387.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_flash-player-090731.nasl - Type : ACT_GATHER_INFO
2009-08-12 Name : Arbitrary code can be executed on the remote host through the WINS service
File : wins_replication_overflow2.nasl - Type : ACT_GATHER_INFO
2009-08-12 Name : Arbitrary code can be executed on the remote host through the WINS service.
File : smb_nt_ms09-039.nasl - Type : ACT_GATHER_INFO
2009-08-11 Name : Arbitrary code can be executed on the remote host through the remote Telnet c...
File : smb_nt_ms09-042.nasl - Type : ACT_GATHER_INFO
2009-08-11 Name : Arbitrary code can be executed on the remote host through Microsoft Office We...
File : smb_nt_ms09-043.nasl - Type : ACT_GATHER_INFO
2009-08-11 Name : It is possible to execute arbitrary code on the remote host.
File : smb_nt_ms09-044.nasl - Type : ACT_GATHER_INFO
2009-08-11 Name : Users can elevate their privileges on the remote host.
File : smb_nt_ms09-040.nasl - Type : ACT_GATHER_INFO
2009-08-11 Name : Arbitrary code can be executed on the remote host through Windows Media file ...
File : smb_nt_ms09-038.nasl - Type : ACT_GATHER_INFO
2009-08-11 Name : Arbitrary code can be executed on the remote host through Microsoft Active Te...
File : smb_nt_ms09-037.nasl - Type : ACT_GATHER_INFO
2009-08-11 Name : Users can elevate their privileges on the remote host.
File : smb_nt_ms09-041.nasl - Type : ACT_GATHER_INFO
2009-08-11 Name : Arbitrary code can be executed on the remote host through Microsoft Remote De...
File : macosx_rdesktop.nasl - Type : ACT_GATHER_INFO
2009-08-11 Name : The remote .Net Framework is susceptible to a denial of service attack.
File : smb_nt_ms09-036.nasl - Type : ACT_GATHER_INFO
2009-08-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_flash-player-090731.nasl - Type : ACT_GATHER_INFO
2009-08-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_flash-player-090731.nasl - Type : ACT_GATHER_INFO
2009-07-30 Name : Arbitrary code can be executed on the remote host through Microsoft Active Te...
File : smb_nt_ms09-035.nasl - Type : ACT_GATHER_INFO
2009-07-30 Name : The remote Windows host contains a browser plugin that is affected by multipl...
File : flash_player_apsb09_10.nasl - Type : ACT_GATHER_INFO
2009-07-29 Name : The remote Windows host contains an Internet Explorer plugin which uses a vul...
File : shockwave_player_apsb09_11.nasl - Type : ACT_GATHER_INFO
2009-07-14 Name : The remote Windows host contains an ActiveX control that could allow remote c...
File : smb_kb_973472.nasl - Type : ACT_GATHER_INFO
2009-07-07 Name : The remote Windows host is missing a security update containing ActiveX kill ...
File : smb_kb_972890.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2013-05-11 00:53:44
  • Multiple Updates