Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Microsoft Updates for Multiple Vulnerabilities
Informations
Name TA10-159B First vendor Publication 2010-06-08
Vendor US-CERT Last vendor Modification 2010-06-08
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Office, Microsoft SharePoint Services, and Microsoft .NET Framework.

I. Description

The Microsoft Security Bulletin Summary for June 2010 describes vulnerabilities in Microsoft Windows, Internet Explorer, Office, SharePoint Services, and .NET Framework. Microsoft has released updates to address the vulnerabilities.

II. Impact

A remote, unauthenticated attacker could execute arbitrary code or cause a vulnerable application to crash.

III. Solution

Apply updates

Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for June 2010. The security bulletin describes any known issues related to the updates.
Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS).

Original Source

Url : http://www.us-cert.gov/cas/techalerts/TA10-159B.html

CWE : Common Weakness Enumeration

% Id Name
75 % CWE-94 Failure to Control Generation of Code ('Code Injection')
9 % CWE-20 Improper Input Validation
6 % CWE-264 Permissions, Privileges, and Access Controls
6 % CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)
3 % CWE-89 Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection') (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10186
 
Oval ID: oval:org.mitre.oval:def:10186
Title: The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.
Description: The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.
Family: unix Class: vulnerability
Reference(s): CVE-2009-0217
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12534
 
Oval ID: oval:org.mitre.oval:def:12534
Title: Microsoft Internet Explorer 8 Developer Tools Vulnerability
Description: Multiple unspecified vulnerabilities in the Microsoft Internet Explorer 8 Developer Tools ActiveX control in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow remote attackers to execute arbitrary code via unknown vectors that "corrupt the system state," aka "Microsoft Internet Explorer 8 Developer Tools Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-0811
Version: 10
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13798
 
Oval ID: oval:org.mitre.oval:def:13798
Title: DSA-1849-1 xml-security-c -- design flaw
Description: It was discovered that the W3C XML Signature recommendation contains a protocol-level vulnerability related to HMAC output truncation. This update implements the proposed workaround in the C++ version of the Apache implementation of this standard, xml-security-c, by preventing truncation to output strings shorter than 80 bits or half of the original HMAC output, whichever is greater. For the old stable distribution, this problem has been fixed in version 1.2.1-3+etch1. For the stable distribution, this problem has been fixed in version 1.4.0-3+lenny2. For the unstable distribution, this problem has been fixed in version 1.4.0-4. We recommend that you upgrade your xml-security-c packages.
Family: unix Class: patch
Reference(s): DSA-1849-1
CVE-2009-0217
Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 4.0
Product(s): xml-security-c
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22980
 
Oval ID: oval:org.mitre.oval:def:22980
Title: ELSA-2009:1428: xmlsec1 security update (Moderate)
Description: The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.
Family: unix Class: patch
Reference(s): ELSA-2009:1428-01
CVE-2009-0217
Version: 6
Platform(s): Oracle Linux 5
Product(s): xmlsec1
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29320
 
Oval ID: oval:org.mitre.oval:def:29320
Title: RHSA-2009:1428 -- xmlsec1 security update (Moderate)
Description: Updated xmlsec1 packages that fix one security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The XML Security Library is a C library based on libxml2 and OpenSSL. It implements the XML Signature Syntax and Processing and XML Encryption Syntax and Processing standards. HMAC is used for message authentication using cryptographic hash functions. The HMAC algorithm allows the hash output to be truncated (as documented in RFC 2104).
Family: unix Class: patch
Reference(s): RHSA-2009:1428
CESA-2009:1428-CentOS 5
CVE-2009-0217
Version: 3
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 4
CentOS Linux 5
Product(s): xmlsec1
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6630
 
Oval ID: oval:org.mitre.oval:def:6630
Title: Excel Memory Corruption Vulnerability
Description: Unspecified vulnerability in Microsoft Office Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel file with a malformed RTD (0x813) record that triggers heap corruption, aka "Excel Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0823 and CVE-2010-1249.
Family: windows Class: vulnerability
Reference(s): CVE-2010-1247
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6634
 
Oval ID: oval:org.mitre.oval:def:6634
Title: Excel Memory Corruption Vulnerability
Description: Buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed ExternName (0x23) record, aka "Excel Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0823 and CVE-2010-1247.
Family: windows Class: vulnerability
Reference(s): CVE-2010-1249
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6641
 
Oval ID: oval:org.mitre.oval:def:6641
Title: MJPEG Media Decompression Vulnerability
Description: Unspecified vulnerability in Quartz.dll for DirectShow on Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1, and Server 2008 allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "MJPEG Media Decompression Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-1880
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Quartz.dll (DirectShow)
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6677
 
Oval ID: oval:org.mitre.oval:def:6677
Title: toStaticHTML Information Disclosure Vulnerability
Description: Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPath 2003 SP3, 2007 SP1, and 2007 SP2; Office SharePoint Server 2007 SP1 and SP2; SharePoint Services 3.0 SP1 and SP2; and Internet Explorer 8 allows remote attackers to inject arbitrary web script or HTML via vectors related to sanitization.
Family: windows Class: vulnerability
Reference(s): CVE-2010-1257
Version: 19
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s): Microsoft Internet Explorer 8
Microsoft Office InfoPath 2003
Microsoft Office InfoPath 2007
Microsoft Office SharePoint Server 2007
Microsoft Windows SharePoint Services 3.0
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6686
 
Oval ID: oval:org.mitre.oval:def:6686
Title: HTML Element Memory Corruption Vulnerability
Description: The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-1260
Version: 9
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s): Microsoft Internet Explorer 8
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6761
 
Oval ID: oval:org.mitre.oval:def:6761
Title: Excel Record Stack Corruption Vulnerability
Description: Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Excel Record Stack Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-1251
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6768
 
Oval ID: oval:org.mitre.oval:def:6768
Title: Excel Record Memory Corruption Vulnerability
Description: Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed WOPT (0x80B) record, aka "Excel Record Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0821 and CVE-2010-1245.
Family: windows Class: vulnerability
Reference(s): CVE-2010-0824
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6771
 
Oval ID: oval:org.mitre.oval:def:6771
Title: Excel Record Parsing Memory Corruption Vulnerability
Description: Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 SP3, 2007 SP1 and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via an Excel file with a crafted SxView record, related to improper validation of unspecified structures, aka "Excel Record Parsing Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0824 and CVE-2010-1245.
Family: windows Class: vulnerability
Reference(s): CVE-2010-0821
Version: 12
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Microsoft Excel 2003
Microsoft Excel 2007
Microsoft Office Excel Viewer
Microsoft Office Compatibility Pack
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6839
 
Oval ID: oval:org.mitre.oval:def:6839
Title: Excel RTD Memory Corruption Vulnerability
Description: Stack-based buffer overflow in Microsoft Office Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel file with a malformed RTD (0x813) record, aka "Excel RTD Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-1246
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6842
 
Oval ID: oval:org.mitre.oval:def:6842
Title: Excel ADO Object Vulnerability
Description: Microsoft Office Excel 2002 SP3, 2007 SP1, and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via an Excel file with crafted DBQueryExt records that allow a function call to a "user-controlled pointer," aka "Excel ADO Object Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-1253
Version: 10
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Microsoft Excel 2007
Microsoft Office Compatibility Pack
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6877
 
Oval ID: oval:org.mitre.oval:def:6877
Title: Excel Record Memory Corruption Vulnerability
Description: Unspecified vulnerability in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed SxView (0xB0) record, aka "Excel Record Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0824 and CVE-2010-0821.
Family: windows Class: vulnerability
Reference(s): CVE-2010-1245
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6948
 
Oval ID: oval:org.mitre.oval:def:6948
Title: Win32k Window Creation Vulnerability
Description: The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 "do not properly validate all callback parameters when creating a new window," which allows local users to execute arbitrary code, aka "Win32k Window Creation Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-0485
Version: 9
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7072
 
Oval ID: oval:org.mitre.oval:def:7072
Title: OpenType CFF Font Driver Memory Corruption Vulnerability
Description: Unspecified vulnerability in the Windows OpenType Compact Font Format (CFF) driver in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users to execute arbitrary code via unknown vectors related to improper validation when copying data from user mode to kernel mode, aka "OpenType CFF Font Driver Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-0819
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7124
 
Oval ID: oval:org.mitre.oval:def:7124
Title: Uninitialized Memory Corruption Vulnerability (CVE-2010-1261)
Description: The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-1261
Version: 9
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s): Microsoft Internet Explorer 8
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7145
 
Oval ID: oval:org.mitre.oval:def:7145
Title: Cross-Domain Information Disclosure Vulnerability (CVE-2010-0255)
Description: Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prevent rendering of non-HTML local files as HTML documents, which allows remote attackers to bypass intended access restrictions and read arbitrary files via vectors involving JavaScript exploit code that constructs a reference to a file://127.0.0.1 URL, aka the dynamic OBJECT tag vulnerability, as demonstrated by obtaining the data from an index.dat file, a variant of CVE-2009-1140 and related to CVE-2008-1448.
Family: windows Class: vulnerability
Reference(s): CVE-2010-0255
Version: 11
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s): Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7149
 
Oval ID: oval:org.mitre.oval:def:7149
Title: IIS Authentication Memory Corruption Vulnerability
Description: Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when Extended Protection for Authentication is enabled, allows remote authenticated users to execute arbitrary code via unknown vectors related to "token checking" that trigger memory corruption, aka "IIS Authentication Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-1256
Version: 11
Platform(s): Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s): Microsoft Internet Information Server (IIS) 6.0
Microsoft Internet Information Server (IIS) 7.0
Microsoft Internet Information Server (IIS) 7.5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7158
 
Oval ID: oval:org.mitre.oval:def:7158
Title: XML Signature HMAC Truncation Authentication Bypass Vulnerability
Description: The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.
Family: windows Class: vulnerability
Reference(s): CVE-2009-0217
Version: 11
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s): Microsoft .NET Framework
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7223
 
Oval ID: oval:org.mitre.oval:def:7223
Title: Excel HFPicture Memory Corruption Vulnerability
Description: Buffer overflow in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed HFPicture (0x866) record, aka "Excel HFPicture Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-1248
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7240
 
Oval ID: oval:org.mitre.oval:def:7240
Title: Excel Memory Corruption Vulnerability
Description: Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 SP3, 2007 SP1 and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Excel Memory Corruption Vulnerability," a different vulnerability than CVE-2010-1247 and CVE-2010-1249.
Family: windows Class: vulnerability
Reference(s): CVE-2010-0823
Version: 12
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Microsoft Excel 2003
Microsoft Excel 2007
Microsoft Office Excel Viewer
Microsoft Office Compatibility Pack
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7241
 
Oval ID: oval:org.mitre.oval:def:7241
Title: Sharepoint Help Page Denial of Service Vulnerability
Description: Unspecified vulnerability in Microsoft Windows SharePoint Services 3.0 SP1 and SP2 allows remote attackers to cause a denial of service (hang) via crafted requests to the Help page that cause repeated restarts of the application pool, aka "Sharepoint Help Page Denial of Service Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-1264
Version: 7
Platform(s): Microsoft Windows Server 2003
Product(s): Microsoft Windows SharePoint Services 3.0
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7265
 
Oval ID: oval:org.mitre.oval:def:7265
Title: Excel Object Stack Overflow Vulnerability
Description: Stack-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a crafted OBJ (0x5D) record, aka "Excel Object Stack Overflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-0822
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7283
 
Oval ID: oval:org.mitre.oval:def:7283
Title: Win32k TrueType Font Parsing Vulnerability
Description: The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 allows local users to execute arbitrary code via vectors related to "glyph outline information" and TrueType fonts, aka "Win32k TrueType Font Parsing Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-1255
Version: 9
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7286
 
Oval ID: oval:org.mitre.oval:def:7286
Title: COM Validation Vulnerability
Description: Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; Microsoft Office XP SP3; Office 2003 SP3; and Office System 2007 SP1 and SP2 do not properly validate COM objects during instantiation, which allows remote attackers to execute arbitrary code via a crafted file, aka "COM Validation Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-1263
Version: 26
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s): Microsoft Office XP
Microsoft Excel 2003
Microsoft PowerPoint 2003
Microsoft Publisher 2003
Microsoft Visio 2003
Microsoft Word 2003
Microsoft Excel 2007
Microsoft PowerPoint 2007
Microsoft Publisher 2007
Microsoft Visio 2007
Microsoft Word 2007
Microsoft Wordpad
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7324
 
Oval ID: oval:org.mitre.oval:def:7324
Title: Uninitialized Memory Corruption Vulnerability (CVE-2010-1259)
Description: Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-1259
Version: 11
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7369
 
Oval ID: oval:org.mitre.oval:def:7369
Title: Excel String Variable Vulnerability
Description: Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Excel String Variable Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-1252
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7406
 
Oval ID: oval:org.mitre.oval:def:7406
Title: Memory Corruption Vulnerability (CVE-2010-1262)
Description: Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, related to the CStyleSheet object and a free of the root container, aka "Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-1262
Version: 11
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7468
 
Oval ID: oval:org.mitre.oval:def:7468
Title: Help.aspx XSS Vulnerability
Description: Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in Microsoft SharePoint Server 2007 12.0.0.6421 and possibly earlier, and SharePoint Services 3.0 SP1 and SP2, versions, allows remote attackers to inject arbitrary web script or HTML via the cid0 parameter.
Family: windows Class: vulnerability
Reference(s): CVE-2010-0817
Version: 7
Platform(s): Microsoft Windows Server 2003
Product(s): Microsoft Windows SharePoint Services 3.0
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7492
 
Oval ID: oval:org.mitre.oval:def:7492
Title: DEPRECATED: Microsoft Internet Explorer 8 Developer Tools Vulnerability
Description: Multiple unspecified vulnerabilities in the Microsoft Internet Explorer 8 Developer Tools ActiveX control in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow remote attackers to execute arbitrary code via unknown vectors that "corrupt the system state," aka "Microsoft Internet Explorer 8 Developer Tools Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-0811
Version: 8
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7517
 
Oval ID: oval:org.mitre.oval:def:7517
Title: Media Decompression Vulnerability
Description: Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media Format Runtime 9, 9.5, and 11; Media Encoder 9; and the Asycfilt.dll COM component allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "Media Decompression Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-1879
Version: 15
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s): Windows Media Format Runtime 9.0
Windows Media Format Runtime 9.5
Windows Media Format Runtime 11
Quartz.dll (DirectShow)
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7593
 
Oval ID: oval:org.mitre.oval:def:7593
Title: Excel EDG Memory Corruption Vulnerability
Description: Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with malformed (1) EDG (0x88) and (2) Publisher (0x89) records, aka "Excel EDG Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-1250
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7609
 
Oval ID: oval:org.mitre.oval:def:7609
Title: Win32k Improper Data Validation Vulnerability
Description: The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 "do not properly validate changes in certain kernel objects," which allows local users to execute arbitrary code via vectors related to Device Contexts (DC) and the GetDCEx function, aka "Win32k Improper Data Validation Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-0484
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7932
 
Oval ID: oval:org.mitre.oval:def:7932
Title: DSA-1849 xml-security-c -- design flaw
Description: It was discovered that the W3C XML Signature recommendation contains a protocol-level vulnerability related to HMAC output truncation. This update implements the proposed workaround in the C++ version of the Apache implementation of this standard, xml-security-c, by preventing truncation to output strings shorter than 80 bits or half of the original HMAC output, whichever is greater.
Family: unix Class: patch
Reference(s): DSA-1849
CVE-2009-0217
Version: 3
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 4.0
Product(s): xml-security-c
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8424
 
Oval ID: oval:org.mitre.oval:def:8424
Title: Microsoft Data Analyzer ActiveX Control Vulnerability
Description: The Microsoft Data Analyzer ActiveX control (aka the Office Excel ActiveX control for Data Analysis) in max3activex.dll in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to execute arbitrary code via a crafted web page that corrupts the "system state," aka "Microsoft Data Analyzer ActiveX Control Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-0252
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8717
 
Oval ID: oval:org.mitre.oval:def:8717
Title: HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
Description: The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.
Family: unix Class: vulnerability
Reference(s): CVE-2009-0217
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 70
Application 4
Application 4
Application 5
Application 1
Application 6
Application 2
Application 2
Application 3
Application 1
Application 5
Application 4
Application 2
Application 4
Application 8
Application 3
Application 6
Application 6
Application 1
Os 1
Os 3
Os 1
Os 8
Os 6
Os 3

SAINT Exploits

Description Link
Microsoft Excel DBQueryExt record parsing vulnerability More info here
Microsoft Office Excel Malformed Obj Record Stack Buffer Overflow More info here
Microsoft Office Excel RTD Topic String Buffer Overflow More info here

ExploitDB Exploits

id Description
2011-11-22 MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow
2010-09-29 MOAUB #29 - Microsoft Excel SxView Record Parsing Heap Memory Corruption
2010-09-24 MOAUB #24 - Microsoft Excel OBJ Record Stack Overflow
2010-09-21 MOAUB #21 - Microsoft Excel WOPT Record Parsing Heap Memory Corruption
2010-09-16 MOAUB #16 - Microsoft Excel HFPicture Record Parsing Remote Code Execution Vu...
2010-09-10 MOAUB #10 - Excel RTD Memory Corruption
2010-08-10 Microsoft Windows CreateWindow Function Callback Vulnerability (MS10-048)
2010-07-14 Microsoft Excel 0x5D record Stack Overflow Vulnerability

OpenVAS Exploits

Date Description
2012-08-10 Name : Gentoo Security Advisory GLSA 201206-13 (mono mono-debugger)
File : nvt/glsa_201206_13.nasl
2011-09-14 Name : Microsoft SharePoint Server 2007 '_layouts/help.aspx' Cross Site Scripting Vu...
File : nvt/gb_sharepoint_39776.nasl
2011-08-09 Name : CentOS Update for xmlsec1 CESA-2009:1428 centos5 i386
File : nvt/gb_CESA-2009_1428_xmlsec1_centos5_i386.nasl
2011-08-09 Name : CentOS Update for xmlsec1 CESA-2009:1428 centos4 i386
File : nvt/gb_CESA-2009_1428_xmlsec1_centos4_i386.nasl
2011-08-09 Name : CentOS Update for java CESA-2009:1201 centos5 i386
File : nvt/gb_CESA-2009_1201_java_centos5_i386.nasl
2011-04-13 Name : Microsoft IE Developer Tools WMITools and Windows Messenger ActiveX Control V...
File : nvt/secpod_ms11-027.nasl
2010-10-13 Name : Microsoft Windows Shell and WordPad COM Validation Vulnerability (2405882)
File : nvt/secpod_ms10-083.nasl
2010-06-09 Name : Microsoft Data Analyzer and IE Developer Tools ActiveX Control Vulnerability ...
File : nvt/secpod_ms10-034.nasl
2010-06-09 Name : Microsoft Media Decompression Remote Code Execution Vulnerability (979902)
File : nvt/secpod_ms10-033.nasl
2010-06-09 Name : Microsoft Windows Kernel Mode Drivers Privilege Escalation Vulnerabilities (9...
File : nvt/secpod_ms10-032.nasl
2010-06-09 Name : Microsoft Internet Explorer Multiple Vulnerabilities (982381)
File : nvt/secpod_ms10-035.nasl
2010-06-09 Name : Microsoft Office COM Validation Remote Code Execution Vulnerability (983235)
File : nvt/secpod_ms10-036.nasl
2010-06-09 Name : Microsoft Windows OpenType Compact Font Format Driver Privilege Escalation Vu...
File : nvt/secpod_ms10-037.nasl
2010-06-09 Name : Microsoft .NET Framework XML HMAC Truncation Vulnerability (981343)
File : nvt/secpod_ms10-041.nasl
2010-06-09 Name : Microsoft IIS Authentication Remote Code Execution Vulnerability (982666)
File : nvt/secpod_ms10-040.nasl
2010-06-09 Name : Microsoft SharePoint Privilege Elevation Vulnerabilities (2028554)
File : nvt/secpod_ms10-039.nasl
2010-06-09 Name : Microsoft Office Excel Remote Code Execution Vulnerabilities (2027452)
File : nvt/secpod_ms10-038.nasl
2010-05-28 Name : Java for Mac OS X 10.5 Update 5
File : nvt/macosx_java_for_10_5_upd_5.nasl
2010-05-04 Name : Microsoft SharePoint '_layouts/help.aspx' Cross Site Scripting Vulnerability
File : nvt/secpod_ms_sharepoint_layouts_xss_vuln.nasl
2010-03-22 Name : SuSE Update for OpenOffice_org SUSE-SA:2010:017
File : nvt/gb_suse_2010_017.nasl
2010-03-16 Name : FreeBSD Ports: openoffice.org
File : nvt/freebsd_openoffice.org.nasl
2010-03-02 Name : Ubuntu Update for openoffice.org vulnerabilities USN-903-1
File : nvt/gb_ubuntu_USN_903_1.nasl
2010-02-10 Name : Microsoft Data Analyzer ActiveX Control Vulnerability (978262)
File : nvt/secpod_ms10-008.nasl
2010-02-08 Name : Microsoft Internet Explorer Information Disclosure Vulnerability (980088)
File : nvt/gb_ms_ie_npl_info_disc_vuln.nasl
2009-12-30 Name : RedHat Security Advisory RHSA-2009:1694
File : nvt/RHSA_2009_1694.nasl
2009-12-10 Name : Mandriva Security Advisory MDVSA-2009:318 (xmlsec1)
File : nvt/mdksa_2009_318.nasl
2009-12-10 Name : Mandriva Security Advisory MDVSA-2009:322 (mono)
File : nvt/mdksa_2009_322.nasl
2009-11-11 Name : SLES11: Security update for IBM Java 1.6.0
File : nvt/sles11_java-1_6_0-ibm1.nasl
2009-10-19 Name : Mandrake Security Advisory MDVSA-2009:267 (xmlsec1)
File : nvt/mdksa_2009_267.nasl
2009-10-19 Name : Mandrake Security Advisory MDVSA-2009:269 (mono)
File : nvt/mdksa_2009_269.nasl
2009-10-19 Name : Mandrake Security Advisory MDVSA-2009:268 (mono)
File : nvt/mdksa_2009_268.nasl
2009-09-15 Name : CentOS Security Advisory CESA-2009:1428 (xmlsec1)
File : nvt/ovcesa2009_1428.nasl
2009-09-09 Name : RedHat Security Advisory RHSA-2009:1428
File : nvt/RHSA_2009_1428.nasl
2009-09-02 Name : Ubuntu USN-826-1 (mono)
File : nvt/ubuntu_826_1.nasl
2009-09-02 Name : Mandrake Security Advisory MDVSA-2009:209 (java-1.6.0-openjdk)
File : nvt/mdksa_2009_209.nasl
2009-08-17 Name : CentOS Security Advisory CESA-2009:1201 (java-1.6.0-openjdk)
File : nvt/ovcesa2009_1201.nasl
2009-08-17 Name : FreeBSD Ports: mono
File : nvt/freebsd_mono0.nasl
2009-08-17 Name : Fedora Core 11 FEDORA-2009-8473 (xmlsec1)
File : nvt/fcore_2009_8473.nasl
2009-08-17 Name : Fedora Core 10 FEDORA-2009-8456 (xmlsec1)
File : nvt/fcore_2009_8456.nasl
2009-08-17 Name : Fedora Core 10 FEDORA-2009-8337 (java-1.6.0-openjdk)
File : nvt/fcore_2009_8337.nasl
2009-08-17 Name : Fedora Core 11 FEDORA-2009-8329 (java-1.6.0-openjdk)
File : nvt/fcore_2009_8329.nasl
2009-08-17 Name : Fedora Core 11 FEDORA-2009-8157 (xml-security-c)
File : nvt/fcore_2009_8157.nasl
2009-08-17 Name : Fedora Core 10 FEDORA-2009-8121 (xml-security-c)
File : nvt/fcore_2009_8121.nasl
2009-08-17 Name : Debian Security Advisory DSA 1849-1 (xml-security-c)
File : nvt/deb_1849_1.nasl
2009-08-17 Name : RedHat Security Advisory RHSA-2009:1201
File : nvt/RHSA_2009_1201.nasl
2009-08-17 Name : Ubuntu USN-814-1 (openjdk-6)
File : nvt/ubuntu_814_1.nasl
2009-08-17 Name : RedHat Security Advisory RHSA-2009:1200
File : nvt/RHSA_2009_1200.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
65239 Microsoft Office Excel String Variable Handling Unspecified Code Execution

A memory corruption flaw exists in Microsoft Office Excel. The program uses an uninitialized variable as a size argument when copying data during certain record type parsing, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code.
65238 Microsoft Office Excel Malformed RTD Handling Memory Corruption

A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when parsing malformed RTD (0x813) records, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code.
65237 Microsoft Office Excel Malformed RTD Record Handling Memory Corruption

A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when handling malformed RTD records, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code.
65236 Microsoft Office Excel Malformed OBJ Record Handling Overflow

Microsoft Office Excel is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted Excel file containing a crafted malformed OBJ record, a context-dependent attacker can potentially execute arbitrary code.
65235 Microsoft Office Excel Malformed HFPicture Handling Memory Corruption

A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when handling malformed HFPicture records, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code.
65234 Microsoft Office Excel on Mac OS X Open XML Permission Weakness

Microsoft Office Excel on Mac OS X contains a flaw related to Microsoft Open XML File Format Converter's failure to securely set ACLs for the /Applications folder. This may allow a local attacker to access and replace the executable with a Trojan horse and execute arbitrary code.
65233 Microsoft Office Excel Unspecified Memory Corruption (2010-0823)

A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when parsing chart sheet substreams, resulting in memory corruption. With a specially crafted file, a context-dependent attacker can execute arbitrary code.
65232 Microsoft Office Excel Malformed ExternName Record Handling Memory Corruption

A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when handling malformed ExternName records, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code.
65231 Microsoft Office Excel Malformed WOPT Record Handling Memory Corruption

A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when handling malformed WOPT records, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code.
65230 Microsoft Office Excel EDG / Publisher Record Handling Memory Corruption

A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when handling malformed EDG and Publisher records, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code.
65229 Microsoft Office Excel SxView Record Handling Memory Corruption

A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when parsing malformed SxView records, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code.
65228 Microsoft Office Excel ADO Object DBQueryExt Record Handling Arbitrary Code E...

Microsoft Office Excel contains a flaw related to the parsing of DBQueryExt records in Excel spreadsheet files. The issue is triggered when the program fails to check when parsing certain structure fields, allowing a user-controlled pointer to be called. This may allow a context-dependent attacker to use a crafted Excel file to execute arbitrary code.
65227 Microsoft Office Excel SXVIEW Record Parsing Memory Corruption

A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when parsing SXVIEW records, resulting in memory corruption. With a specially crafted Excel spreadsheet file, a context-dependent attacker can execute arbitrary code.
65226 Microsoft Office Excel Unspecified Record Handling Stack Corruption Arbitrary...

A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when handling a certain unspecified record type, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code.
65225 Microsoft Windows Kernel-Mode Driver Window Creation Local Privilege Escalation

Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the kernel-mode drivers in win32k.sys fail to properly validate callback parameters when creating new windows, allowing a local attacker to gain elevated privileges.
65224 Microsoft Windows Kernel-Mode Driver Win32k.sys GetDCEx() Function Device Con...

Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the kernel-mode drivers in win32k.sys suffer from memory corruption while handling 'GetDCEx()' function device contexts, allowing a local attacker to gain elevated privileges.
65223 Microsoft Windows Kernel-Mode Driver TrueType Font Parsing Local Privilege Es...

Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a boundary error occurs in win32k.sys when providing TrueType glyph outlines, allowing a local attacker to gain elevated privileges via a buffer overflow caused by content containing a crafted TrueType font.
65222 Microsoft Windows MJPEG Media Decompression Unspecified Remote Code Execution

Microsoft Windows contains a flaw that may allow a context-dependent attacker to execute arbitrary code with a MJPEG video file containing crafted compression data. No further details have been provided.
65221 Microsoft Windows Media Decompression Unspecified Remote Code Execution

Microsoft Windows contains a flaw that may allow a context-dependent attacker to execute arbitrary code with a media file containing crafted compression data. No further details have been provided.
65220 Microsoft SharePoint Crafted Request Help Page Invocation Remote DoS

Microsoft SharePoint contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker uses crafted requests to the Help page (help.aspx) via the 'tid' parameter to cause the application pool to repeatedly restart, which will result in a loss of availability.
65219 Microsoft Windows / Office COM Object Instantiation Validation Remote Code Ex...

Microsoft Windows and Office fail to properly validate COM objects during instantiation. This may allow a context-dependent attacker to use a crafted file to execute arbitrary code.
65218 Microsoft IE 8 Developer Tools ActiveX Remote Code Execution

Microsoft Internet Explorer 8 contains an unspecified flaw related to the Internet Explorer Developer Tools ActiveX Control, iedvtool.dll, that may allow a context-dependent attacker to execute arbitrary code via a crafted web page that causes system state corruption. No further details have been provided.
65217 Microsoft Windows OpenType Compact Font Format (CFF) Driver Privilege Escalation

Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a boundary error occurs in the Windows OpenType Compact Font Format (CFF) driver, allowing a local attacker to overwrite kernel memory when getting a glyph outline and gain elevated privileges.
65216 Microsoft IIS Extended Protection for Authentication Memory Corruption

A memory corruption flaw exists in Microsoft IIS. The program fails to sanitize user-supplied input when handling authentication tokens, resulting in memory corruption. With a specially crafted authentication packet, a remote authenticated attacker can execute arbitrary code.
65215 Microsoft IE Uninitialized Object Handling Memory Corruption (2010-1259)

A memory corruption flaw exists in Microsoft Internet Explorer. The program fails to sanitize user-supplied input when accessing an improperly initialized or deleted object, resulting in memory corruption. With a specially crafted page, a context-dependent attacker can execute arbitrary code.
65214 Microsoft IE Uninitialized Object Handling Memory Corruption (2010-1261)

A memory corruption flaw exists in Microsoft Internet Explorer. The IE8 Developer Toolbar fails to sanitize user-supplied input when accessing an improperly initialized or deleted object, resulting in memory corruption. With a specially crafted page, a context-dependent attacker can execute arbitrary code.
65213 Microsoft IE HTML Element Handling Memory Corruption

A memory corruption flaw exists in Microsoft Internet Explorer. The IE8 Developer Toolbar fails to sanitize user-supplied input when accessing an improperly initialized or deleted object, resulting in memory corruption. With a specially crafted page, a context-dependent attacker can execute arbitrary code.
65212 Microsoft IE CStyleSheet Object Handling Memory Corruption

A memory corruption flaw exists in Microsoft Internet Explorer. The program fails to sanitize user-supplied input when a use-after-free error occurs due to an invalid pointer being utilized during use of CStyleSheets, resulting in memory corruption. With a specially crafted page containing a CStyleSheet, a context-dependent attacker can execute arbitrary code.
65211 Microsoft IE / Sharepoint toStaticHTML Information Disclosure

Microsoft Internet Explorer and Sharepoint contain a flaw that may lead to an unspecified unauthorized information disclosure. This issue is triggered when the 'toStaticHTML()' method fails to properly sanitise HTML code. This may allow a remote attacker to conduct cross-site scripting attacks.
64170 Microsoft SharePoint Server _layouts/help.aspx cid0 Parameter XSS

63142 RepairShop2 index.php Prod Parameter SQL Injection

RepairShop2 contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'Prod' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
62246 Microsoft Data Analyzer ActiveX Web Page Handling Unspecified Arbitrary Code ...

62156 Microsoft IE Dynamic OBJECT Tag Cross-domain Arbitrary File Access

56243 W3C XML Signature Syntax and Processing (XMLDsig) HMACOutputLength Signature ...

55907 Oracle BEA WebLogic Server Web Services Package HMACOutputLength Signature Sp...

55895 Oracle Application Server Security Developer Tools HMACOutputLength Signature...

Information Assurance Vulnerability Management (IAVM)

Date Description
2010-10-14 IAVM : 2010-A-0134 - Microsoft Windows COM Validation Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0025530
2010-06-10 IAVM : 2010-B-0045 - Microsoft Internet Information Services Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0024366
2010-06-10 IAVM : 2010-B-0046 - Microsoft .NET Framework Data Tampering Vulnerability
Severity : Category II - VMSKEY : V0024367
2010-06-10 IAVM : 2010-A-0078 - Multiple Vulnerabilities in Microsoft Windows
Severity : Category II - VMSKEY : V0024371
2010-06-10 IAVM : 2010-A-0079 - Multiple Vulnerabilities in Microsoft Office SharePoint
Severity : Category II - VMSKEY : V0024377

Snort® IPS/IDS

Date Description
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX clsid access
RuleID : 53118 - Revision : 1 - Type : BROWSER-PLUGINS
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt
RuleID : 53117 - Revision : 1 - Type : BROWSER-PLUGINS
2020-03-19 Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt
RuleID : 53116 - Revision : 1 - Type : BROWSER-PLUGINS
2019-10-01 Microsoft Office Excel DBQueryExt record memory corruption attempt
RuleID : 51326 - Revision : 1 - Type : FILE-OFFICE
2019-09-24 Microsoft Office Excel SxView heap overflow attempt
RuleID : 51172 - Revision : 1 - Type : FILE-OFFICE
2019-09-24 Microsoft Office Excel SxView heap overflow attempt
RuleID : 51171 - Revision : 1 - Type : FILE-OFFICE
2019-09-24 Microsoft Office Excel SxView heap overflow attempt
RuleID : 51170 - Revision : 1 - Type : FILE-OFFICE
2019-09-24 Microsoft Office Excel SxView heap overflow attempt
RuleID : 51169 - Revision : 1 - Type : FILE-OFFICE
2019-09-24 Microsoft Office Excel SxView heap overflow attempt
RuleID : 51168 - Revision : 1 - Type : FILE-OFFICE
2019-09-24 Microsoft Office Excel SxView heap overflow attempt
RuleID : 51167 - Revision : 1 - Type : FILE-OFFICE
2019-09-24 Microsoft Office Excel SxView heap overflow attempt
RuleID : 51166 - Revision : 1 - Type : FILE-OFFICE
2019-09-24 Microsoft Office Excel SxView heap overflow attempt
RuleID : 51165 - Revision : 1 - Type : FILE-OFFICE
2019-09-17 Microsoft Office Excel RealTimeData record heap memory corruption attempt
RuleID : 51079 - Revision : 1 - Type : FILE-OFFICE
2019-09-17 Microsoft Office Excel RealTimeData record heap memory corruption attempt
RuleID : 51078 - Revision : 1 - Type : FILE-OFFICE
2019-09-17 Microsoft Office Excel RealTimeData record heap memory corruption attempt
RuleID : 51077 - Revision : 1 - Type : FILE-OFFICE
2019-09-17 Microsoft Office Excel RealTimeData record heap memory corruption attempt
RuleID : 51076 - Revision : 1 - Type : FILE-OFFICE
2019-09-17 Microsoft Office Excel Chart Sheet Substream memory corruption attempt
RuleID : 51062 - Revision : 2 - Type : FILE-OFFICE
2019-09-17 Microsoft Office Excel Chart Sheet Substream memory corruption attempt
RuleID : 51061 - Revision : 2 - Type : FILE-OFFICE
2019-09-17 Microsoft Office Excel Chart Sheet Substream memory corruption attempt
RuleID : 51060 - Revision : 1 - Type : FILE-OFFICE
2019-09-17 Microsoft Office Excel Chart Sheet Substream memory corruption attempt
RuleID : 51059 - Revision : 1 - Type : FILE-OFFICE
2018-03-13 Microsoft Office Excel SxView record memory pointer corruption attempt
RuleID : 45620 - Revision : 1 - Type : FILE-OFFICE
2018-03-13 Microsoft Office Excel SxView record memory pointer corruption attempt
RuleID : 45619 - Revision : 2 - Type : FILE-OFFICE
2017-07-27 Microsoft Windows Media Player JPG header record mismatch memory corruption a...
RuleID : 43336 - Revision : 1 - Type : FILE-MULTIMEDIA
2017-07-27 Microsoft Windows Media Player JPG header record mismatch memory corruption a...
RuleID : 43335 - Revision : 1 - Type : FILE-MULTIMEDIA
2016-03-14 Microsoft Office Excel RTD buffer overflow attempt
RuleID : 37294 - Revision : 2 - Type : FILE-OFFICE
2016-03-14 Microsoft Office Excel RTD buffer overflow attempt
RuleID : 37293 - Revision : 2 - Type : FILE-OFFICE
2016-03-14 Microsoft Office Excel WOpt record memory corruption attempt
RuleID : 36857 - Revision : 1 - Type : FILE-OFFICE
2015-01-20 Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access
RuleID : 32843 - Revision : 3 - Type : BROWSER-PLUGINS
2015-01-20 Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access
RuleID : 32842 - Revision : 4 - Type : BROWSER-PLUGINS
2015-01-20 Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access
RuleID : 32840 - Revision : 4 - Type : BROWSER-PLUGINS
2014-12-16 Microsoft Internet Explorer style sheet array memory corruption attempt
RuleID : 32532 - Revision : 3 - Type : BROWSER-IE
2014-01-10 Microsoft Office Excel Publisher record heap buffer overflow attempt
RuleID : 24657 - Revision : 7 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel WOpt record memory corruption attempt
RuleID : 23554 - Revision : 5 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel WOpt record memory corruption attempt
RuleID : 23553 - Revision : 4 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel SxView record memory pointer corruption attempt
RuleID : 23552 - Revision : 5 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel SxView record memory pointer corruption attempt
RuleID : 23551 - Revision : 4 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel RealTimeData record stack buffer overflow attempt
RuleID : 23550 - Revision : 6 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel RTD buffer overflow attempt
RuleID : 23549 - Revision : 5 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel RTD buffer overflow attempt
RuleID : 23548 - Revision : 5 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro ...
RuleID : 23547 - Revision : 5 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel OBJ record stack buffer overflow attempt - with linkFmla
RuleID : 23546 - Revision : 5 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro
RuleID : 23545 - Revision : 5 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel OBJ record stack buffer overflow attempt
RuleID : 23544 - Revision : 7 - Type : FILE-OFFICE
2014-01-10 Apache XML HMAC truncation authentication bypass attempt
RuleID : 21337 - Revision : 4 - Type : SERVER-APACHE
2014-01-10 Microsoft Office Excel RealTimeData record parsing memory corruption
RuleID : 19412 - Revision : 13 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel Chart Sheet Substream memory corruption attempt
RuleID : 19294 - Revision : 14 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel WOpt record memory corruption attempt
RuleID : 19259 - Revision : 15 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel SxView record memory pointer corruption attempt
RuleID : 19258 - Revision : 15 - Type : FILE-OFFICE
2014-01-10 Microsoft Windows DirectX quartz.dll MJPEG content processing memory corrupti...
RuleID : 19146 - Revision : 16 - Type : FILE-MULTIMEDIA
2014-01-10 Microsoft Windows Media Player JPG header record mismatch memory corruption a...
RuleID : 19143 - Revision : 16 - Type : FILE-MULTIMEDIA
2014-01-10 Microsoft Office Excel RTD buffer overflow attempt
RuleID : 19132 - Revision : 15 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel RTD buffer overflow attempt
RuleID : 19131 - Revision : 14 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel ADO Object Parsing Code Execution
RuleID : 18772 - Revision : 14 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel ADO Object Parsing Code Execution
RuleID : 18771 - Revision : 14 - Type : FILE-OFFICE
2014-01-10 Microsoft Internet Explorer oversize recordset object cache size exploit attempt
RuleID : 18280 - Revision : 15 - Type : BROWSER-IE
2014-01-10 Microsoft Excel SxView heap overflow attempt
RuleID : 16662 - Revision : 11 - Type : FILE-OFFICE
2014-01-10 Microsoft Windows DirectX quartz.dll MJPEG content processing memory corrupti...
RuleID : 16661 - Revision : 20 - Type : FILE-MULTIMEDIA
2014-01-10 Microsoft Office SharePoint Server 2007 help.aspx denial of service attempt
RuleID : 16660 - Revision : 16 - Type : SERVER-WEBAPP
2014-01-10 Microsoft Internet Explorer style sheet array memory corruption attempt
RuleID : 16659 - Revision : 17 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer 8 cross-site scripting attempt
RuleID : 16658 - Revision : 7 - Type : BROWSER-IE
2014-01-10 Microsoft Office Excel DBQueryExt record memory corruption attempt
RuleID : 16657 - Revision : 17 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel BIFF5 ExternSheet record stack overflow attempt
RuleID : 16656 - Revision : 18 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel Lbl record stack overflow attempt
RuleID : 16655 - Revision : 16 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel Publisher record heap buffer overflow attempt
RuleID : 16654 - Revision : 20 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel ExternName record stack buffer overflow attempt - 4
RuleID : 16653 - Revision : 17 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel ExternName record stack buffer overflow attempt - 3
RuleID : 16652 - Revision : 17 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel ExternName record stack buffer overflow attempt - 2
RuleID : 16651 - Revision : 17 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel ExternName record stack buffer overflow attempt - 1
RuleID : 16650 - Revision : 17 - Type : FILE-OFFICE
2014-01-10 Microsoft Excel HFPicture record stack buffer overflow attempt
RuleID : 16649 - Revision : 10 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel RealTimeData record heap memory corruption attempt - 1
RuleID : 16648 - Revision : 15 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel RealTimeData record heap memory corruption attempt - 2
RuleID : 16647 - Revision : 17 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel RTD buffer overflow attempt
RuleID : 16646 - Revision : 18 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel SxView record memory pointer corruption attempt
RuleID : 16645 - Revision : 15 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel WOpt record memory corruption attempt
RuleID : 16644 - Revision : 15 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel Chart Sheet Substream memory corruption attempt
RuleID : 16643 - Revision : 15 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro ...
RuleID : 16641 - Revision : 15 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel OBJ record stack buffer overflow attempt - with linkFmla
RuleID : 16640 - Revision : 15 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro
RuleID : 16639 - Revision : 15 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel OBJ record stack buffer overflow attempt
RuleID : 16638 - Revision : 17 - Type : FILE-OFFICE
2014-01-10 Microsoft Internet Explorer security zone restriction bypass attempt
RuleID : 16637 - Revision : 12 - Type : BROWSER-IE
2014-01-10 Microsoft Windows .NET framework XMLDsig data tampering attempt
RuleID : 16636 - Revision : 14 - Type : OS-WINDOWS
2014-01-10 Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access
RuleID : 16635 - Revision : 13 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Office SharePoint XSS attempt
RuleID : 16560 - Revision : 17 - Type : SERVER-WEBAPP
2014-01-10 Microsoft Internet Explorer 7/8 execute local file in Internet zone redirect ...
RuleID : 16423 - Revision : 14 - Type : BROWSER-IE
2014-01-10 Microsoft Data Analyzer 3.5 ActiveX clsid unicode access
RuleID : 16420 - Revision : 5 - Type : WEB-ACTIVEX
2014-01-10 Microsoft Windows Data Analyzer 3.5 ActiveX clsid access
RuleID : 16419 - Revision : 15 - Type : BROWSER-PLUGINS

Nessus® Vulnerability Scanner

Date Description
2018-04-03 Name : The remote web server may allow remote code execution.
File : iis_7_pci.nasl - Type : ACT_GATHER_INFO
2014-09-01 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201408-19.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1201.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1428.nasl - Type : ACT_GATHER_INFO
2013-02-22 Name : The remote Unix host contains a runtime environment that is affected by multi...
File : sun_java_jre_263408_unix.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1637.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1636.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1649.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1650.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090806_java_1_6_0_openjdk_on_SL5_3.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090824_java__jdk_1_6_0__on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090908_xmlsec1_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-06-22 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201206-13.nasl - Type : ACT_GATHER_INFO
2012-01-24 Name : The remote web server may be affected by multiple vulnerabilities.
File : oracle_application_server_pci.nasl - Type : ACT_GATHER_INFO
2011-04-13 Name : The remote Windows host is missing an update that disables selected ActiveX c...
File : smb_nt_ms11-027.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_OpenOffice_org-6883.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_OpenOffice_org-6884.nasl - Type : ACT_GATHER_INFO
2011-01-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_OpenOffice_org-100225.nasl - Type : ACT_GATHER_INFO
2010-10-20 Name : An application installed on the remote Mac OS X host is affected by multiple ...
File : macosx_ms10-038.nasl - Type : ACT_GATHER_INFO
2010-10-13 Name : The remote windows host is affected by a remote code execution vulnerability.
File : smb_nt_ms10-083.nasl - Type : ACT_GATHER_INFO
2010-07-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-269.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : An application running on the remote web server has a denial of service vulne...
File : sharepoint_help_dos.nasl - Type : ACT_DENIAL
2010-07-01 Name : An application running on the remote web server has a cross-site scripting vu...
File : sharepoint_help_xss.nasl - Type : ACT_ATTACK
2010-06-09 Name : Opening a specially crafted media file can result in arbitrary code execution.
File : smb_nt_ms10-033.nasl - Type : ACT_GATHER_INFO
2010-06-09 Name : The remote Windows host is missing an update that disables selected ActiveX c...
File : smb_nt_ms10-034.nasl - Type : ACT_GATHER_INFO
2010-06-09 Name : Arbitrary code can be executed on the remote host through a web browser.
File : smb_nt_ms10-035.nasl - Type : ACT_GATHER_INFO
2010-06-09 Name : Arbitrary code can be executed on the remote host through opening a Microsoft...
File : smb_nt_ms10-036.nasl - Type : ACT_GATHER_INFO
2010-06-09 Name : The remote Windows host contains a font driver that is affected by a privileg...
File : smb_nt_ms10-037.nasl - Type : ACT_GATHER_INFO
2010-06-09 Name : Arbitrary code can be executed on the remote host through Microsoft Office Ex...
File : smb_nt_ms10-038.nasl - Type : ACT_GATHER_INFO
2010-06-09 Name : The remote host has multiple vulnerabilities.
File : smb_nt_ms10-039.nasl - Type : ACT_GATHER_INFO
2010-06-09 Name : The remote web server may allow remote code execution.
File : smb_nt_ms10-040.nasl - Type : ACT_GATHER_INFO
2010-06-09 Name : It is possible to tamper with signed XML content without being detected on th...
File : smb_nt_ms10-041.nasl - Type : ACT_GATHER_INFO
2010-06-09 Name : The Windows kernel is affected by several vulnerabilities that could allow es...
File : smb_nt_ms10-032.nasl - Type : ACT_GATHER_INFO
2010-03-17 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_OpenOffice_org-100211.nasl - Type : ACT_GATHER_INFO
2010-03-17 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_OpenOffice_org-base-drivers-postgresql-100211.nasl - Type : ACT_GATHER_INFO
2010-03-17 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_OpenOffice_org-base-drivers-postgresql-100216.nasl - Type : ACT_GATHER_INFO
2010-03-16 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_OpenOffice_org-100226.nasl - Type : ACT_GATHER_INFO
2010-03-01 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_c97d7a37223311df96dd001b2134ef46.nasl - Type : ACT_GATHER_INFO
2010-02-25 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-903-1.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1849.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1995.nasl - Type : ACT_GATHER_INFO
2010-02-12 Name : The remote Windows host has a program affected by multiple buffer overflows.
File : openoffice_32.nasl - Type : ACT_GATHER_INFO
2010-02-09 Name : The remote Windows host is missing an update that disables selected ActiveX c...
File : smb_nt_ms10-008.nasl - Type : ACT_GATHER_INFO
2010-01-15 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0043.nasl - Type : ACT_GATHER_INFO
2010-01-13 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_6_0-ibm-100105.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1201.nasl - Type : ACT_GATHER_INFO
2009-12-27 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1694.nasl - Type : ACT_GATHER_INFO
2009-12-08 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-322.nasl - Type : ACT_GATHER_INFO
2009-12-07 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-318.nasl - Type : ACT_GATHER_INFO
2009-11-05 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_6_0-ibm-091102.nasl - Type : ACT_GATHER_INFO
2009-10-13 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-268.nasl - Type : ACT_GATHER_INFO
2009-10-12 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-267.nasl - Type : ACT_GATHER_INFO
2009-09-09 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1428.nasl - Type : ACT_GATHER_INFO
2009-09-09 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1428.nasl - Type : ACT_GATHER_INFO
2009-09-03 Name : The remote host has a version of Java that is affected by multiple vulnerabil...
File : macosx_java_10_5_update5.nasl - Type : ACT_GATHER_INFO
2009-08-31 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_java-1_6_0-openjdk-090827.nasl - Type : ACT_GATHER_INFO
2009-08-31 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_java-1_6_0-openjdk-090826.nasl - Type : ACT_GATHER_INFO
2009-08-27 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-826-1.nasl - Type : ACT_GATHER_INFO
2009-08-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1200.nasl - Type : ACT_GATHER_INFO
2009-08-24 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-209.nasl - Type : ACT_GATHER_INFO
2009-08-12 Name : The remote Fedora host is missing a security update.
File : fedora_2009-8473.nasl - Type : ACT_GATHER_INFO
2009-08-12 Name : The remote Fedora host is missing a security update.
File : fedora_2009-8456.nasl - Type : ACT_GATHER_INFO
2009-08-11 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-814-1.nasl - Type : ACT_GATHER_INFO
2009-08-10 Name : The remote Fedora host is missing a security update.
File : fedora_2009-8337.nasl - Type : ACT_GATHER_INFO
2009-08-07 Name : The remote Fedora host is missing a security update.
File : fedora_2009-8329.nasl - Type : ACT_GATHER_INFO
2009-08-07 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1201.nasl - Type : ACT_GATHER_INFO
2009-08-05 Name : The remote Windows host contains a runtime environment that is affected by mu...
File : sun_java_jre_263408.nasl - Type : ACT_GATHER_INFO
2009-08-01 Name : The remote Fedora host is missing a security update.
File : fedora_2009-8121.nasl - Type : ACT_GATHER_INFO
2009-08-01 Name : The remote Fedora host is missing a security update.
File : fedora_2009-8157.nasl - Type : ACT_GATHER_INFO
2009-07-30 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_708c65a57c5811dea9940030843d3802.nasl - Type : ACT_GATHER_INFO
2009-06-03 Name : The remote host is missing Sun Security Patch number 141709-03
File : solaris10_141709.nasl - Type : ACT_GATHER_INFO
2009-06-03 Name : The remote host is missing Sun Security Patch number 141710-03
File : solaris10_x86_141710.nasl - Type : ACT_GATHER_INFO
2009-06-03 Name : The remote host is missing Sun Security Patch number 141709-03
File : solaris9_141709.nasl - Type : ACT_GATHER_INFO
2009-06-03 Name : The remote host is missing Sun Security Patch number 141710-03
File : solaris9_x86_141710.nasl - Type : ACT_GATHER_INFO
2009-01-19 Name : The remote host is missing Sun Security Patch number 128640-30
File : solaris9_128640.nasl - Type : ACT_GATHER_INFO
2009-01-19 Name : The remote host is missing Sun Security Patch number 128641-30
File : solaris9_x86_128641.nasl - Type : ACT_GATHER_INFO
2009-01-19 Name : The remote host is missing Sun Security Patch number 128641-30
File : solaris10_x86_128641.nasl - Type : ACT_GATHER_INFO
2009-01-19 Name : The remote host is missing Sun Security Patch number 128640-30
File : solaris10_128640.nasl - Type : ACT_GATHER_INFO
2007-10-12 Name : The remote host is missing Sun Security Patch number 125136-97
File : solaris9_125136.nasl - Type : ACT_GATHER_INFO
2007-10-12 Name : The remote host is missing Sun Security Patch number 125136-97
File : solaris8_125136.nasl - Type : ACT_GATHER_INFO
2007-10-12 Name : The remote host is missing Sun Security Patch number 125136-97
File : solaris10_125136.nasl - Type : ACT_GATHER_INFO