Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Summary | |
|---|---|
| Title | Microsoft Updates for Multiple Vulnerabilities |
| Informations | |||
|---|---|---|---|
| Name | TA10-159B | First vendor Publication | 2010-06-08 |
| Vendor | US-CERT | Last vendor Modification | 2010-06-08 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 9.3 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Microsoft has released updates to address vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Office, Microsoft SharePoint Services, and Microsoft .NET Framework. I. Description The Microsoft Security Bulletin Summary for June 2010 describes vulnerabilities in Microsoft Windows, Internet Explorer, Office, SharePoint Services, and .NET Framework. Microsoft has released updates to address the vulnerabilities. II. Impact A remote, unauthenticated attacker could execute arbitrary code or cause a vulnerable application to crash. III. Solution Apply updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for June 2010. The security bulletin describes any known issues related to the updates. |
Original Source
| Url : http://www.us-cert.gov/cas/techalerts/TA10-159B.html |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 75 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 9 % | CWE-20 | Improper Input Validation |
| 6 % | CWE-264 | Permissions, Privileges, and Access Controls |
| 6 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
| 3 % | CWE-89 | Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection') (CWE/SANS Top 25) |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:10186 | |||
| Oval ID: | oval:org.mitre.oval:def:10186 | ||
| Title: | The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits. | ||
| Description: | The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-0217 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:13798 | |||
| Oval ID: | oval:org.mitre.oval:def:13798 | ||
| Title: | DSA-1849-1 xml-security-c -- design flaw | ||
| Description: | It was discovered that the W3C XML Signature recommendation contains a protocol-level vulnerability related to HMAC output truncation. This update implements the proposed workaround in the C++ version of the Apache implementation of this standard, xml-security-c, by preventing truncation to output strings shorter than 80 bits or half of the original HMAC output, whichever is greater. For the old stable distribution, this problem has been fixed in version 1.2.1-3+etch1. For the stable distribution, this problem has been fixed in version 1.4.0-3+lenny2. For the unstable distribution, this problem has been fixed in version 1.4.0-4. We recommend that you upgrade your xml-security-c packages. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1849-1 CVE-2009-0217 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | xml-security-c |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22980 | |||
| Oval ID: | oval:org.mitre.oval:def:22980 | ||
| Title: | ELSA-2009:1428: xmlsec1 security update (Moderate) | ||
| Description: | The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2009:1428-01 CVE-2009-0217 | Version: | 6 |
| Platform(s): | Oracle Linux 5 | Product(s): | xmlsec1 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:29320 | |||
| Oval ID: | oval:org.mitre.oval:def:29320 | ||
| Title: | RHSA-2009:1428 -- xmlsec1 security update (Moderate) | ||
| Description: | Updated xmlsec1 packages that fix one security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The XML Security Library is a C library based on libxml2 and OpenSSL. It implements the XML Signature Syntax and Processing and XML Encryption Syntax and Processing standards. HMAC is used for message authentication using cryptographic hash functions. The HMAC algorithm allows the hash output to be truncated (as documented in RFC 2104). | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2009:1428 CESA-2009:1428-CentOS 5 CVE-2009-0217 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 4 CentOS Linux 5 | Product(s): | xmlsec1 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:6630 | |||
| Oval ID: | oval:org.mitre.oval:def:6630 | ||
| Title: | Excel Memory Corruption Vulnerability | ||
| Description: | Unspecified vulnerability in Microsoft Office Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel file with a malformed RTD (0x813) record that triggers heap corruption, aka "Excel Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0823 and CVE-2010-1249. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1247 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:6634 | |||
| Oval ID: | oval:org.mitre.oval:def:6634 | ||
| Title: | Excel Memory Corruption Vulnerability | ||
| Description: | Buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed ExternName (0x23) record, aka "Excel Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0823 and CVE-2010-1247. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1249 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:6641 | |||
| Oval ID: | oval:org.mitre.oval:def:6641 | ||
| Title: | MJPEG Media Decompression Vulnerability | ||
| Description: | Unspecified vulnerability in Quartz.dll for DirectShow on Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1, and Server 2008 allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "MJPEG Media Decompression Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1880 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | Quartz.dll (DirectShow) |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:6677 | |||
| Oval ID: | oval:org.mitre.oval:def:6677 | ||
| Title: | toStaticHTML Information Disclosure Vulnerability | ||
| Description: | Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPath 2003 SP3, 2007 SP1, and 2007 SP2; Office SharePoint Server 2007 SP1 and SP2; SharePoint Services 3.0 SP1 and SP2; and Internet Explorer 8 allows remote attackers to inject arbitrary web script or HTML via vectors related to sanitization. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1257 | Version: | 19 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 8 Microsoft Office InfoPath 2003 Microsoft Office InfoPath 2007 Microsoft Office SharePoint Server 2007 Microsoft Windows SharePoint Services 3.0 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:6686 | |||
| Oval ID: | oval:org.mitre.oval:def:6686 | ||
| Title: | HTML Element Memory Corruption Vulnerability | ||
| Description: | The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1260 | Version: | 9 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 8 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:6761 | |||
| Oval ID: | oval:org.mitre.oval:def:6761 | ||
| Title: | Excel Record Stack Corruption Vulnerability | ||
| Description: | Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Excel Record Stack Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1251 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:6768 | |||
| Oval ID: | oval:org.mitre.oval:def:6768 | ||
| Title: | Excel Record Memory Corruption Vulnerability | ||
| Description: | Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed WOPT (0x80B) record, aka "Excel Record Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0821 and CVE-2010-1245. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0824 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:6771 | |||
| Oval ID: | oval:org.mitre.oval:def:6771 | ||
| Title: | Excel Record Parsing Memory Corruption Vulnerability | ||
| Description: | Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 SP3, 2007 SP1 and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via an Excel file with a crafted SxView record, related to improper validation of unspecified structures, aka "Excel Record Parsing Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0824 and CVE-2010-1245. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0821 | Version: | 12 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 Microsoft Excel 2003 Microsoft Excel 2007 Microsoft Office Excel Viewer Microsoft Office Compatibility Pack |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:6839 | |||
| Oval ID: | oval:org.mitre.oval:def:6839 | ||
| Title: | Excel RTD Memory Corruption Vulnerability | ||
| Description: | Stack-based buffer overflow in Microsoft Office Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel file with a malformed RTD (0x813) record, aka "Excel RTD Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1246 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:6842 | |||
| Oval ID: | oval:org.mitre.oval:def:6842 | ||
| Title: | Excel ADO Object Vulnerability | ||
| Description: | Microsoft Office Excel 2002 SP3, 2007 SP1, and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via an Excel file with crafted DBQueryExt records that allow a function call to a "user-controlled pointer," aka "Excel ADO Object Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1253 | Version: | 10 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 Microsoft Excel 2007 Microsoft Office Compatibility Pack |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:6877 | |||
| Oval ID: | oval:org.mitre.oval:def:6877 | ||
| Title: | Excel Record Memory Corruption Vulnerability | ||
| Description: | Unspecified vulnerability in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed SxView (0xB0) record, aka "Excel Record Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0824 and CVE-2010-0821. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1245 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:6948 | |||
| Oval ID: | oval:org.mitre.oval:def:6948 | ||
| Title: | Win32k Window Creation Vulnerability | ||
| Description: | The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 "do not properly validate all callback parameters when creating a new window," which allows local users to execute arbitrary code, aka "Win32k Window Creation Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0485 | Version: | 9 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7072 | |||
| Oval ID: | oval:org.mitre.oval:def:7072 | ||
| Title: | OpenType CFF Font Driver Memory Corruption Vulnerability | ||
| Description: | Unspecified vulnerability in the Windows OpenType Compact Font Format (CFF) driver in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users to execute arbitrary code via unknown vectors related to improper validation when copying data from user mode to kernel mode, aka "OpenType CFF Font Driver Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0819 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7124 | |||
| Oval ID: | oval:org.mitre.oval:def:7124 | ||
| Title: | Uninitialized Memory Corruption Vulnerability (CVE-2010-1261) | ||
| Description: | The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1261 | Version: | 9 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 8 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7145 | |||
| Oval ID: | oval:org.mitre.oval:def:7145 | ||
| Title: | Cross-Domain Information Disclosure Vulnerability (CVE-2010-0255) | ||
| Description: | Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prevent rendering of non-HTML local files as HTML documents, which allows remote attackers to bypass intended access restrictions and read arbitrary files via vectors involving JavaScript exploit code that constructs a reference to a file://127.0.0.1 URL, aka the dynamic OBJECT tag vulnerability, as demonstrated by obtaining the data from an index.dat file, a variant of CVE-2009-1140 and related to CVE-2008-1448. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0255 | Version: | 11 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7149 | |||
| Oval ID: | oval:org.mitre.oval:def:7149 | ||
| Title: | IIS Authentication Memory Corruption Vulnerability | ||
| Description: | Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when Extended Protection for Authentication is enabled, allows remote authenticated users to execute arbitrary code via unknown vectors related to "token checking" that trigger memory corruption, aka "IIS Authentication Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1256 | Version: | 11 |
| Platform(s): | Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | Microsoft Internet Information Server (IIS) 6.0 Microsoft Internet Information Server (IIS) 7.0 Microsoft Internet Information Server (IIS) 7.5 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7158 | |||
| Oval ID: | oval:org.mitre.oval:def:7158 | ||
| Title: | XML Signature HMAC Truncation Authentication Bypass Vulnerability | ||
| Description: | The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2009-0217 | Version: | 11 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | Microsoft .NET Framework |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7223 | |||
| Oval ID: | oval:org.mitre.oval:def:7223 | ||
| Title: | Excel HFPicture Memory Corruption Vulnerability | ||
| Description: | Buffer overflow in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed HFPicture (0x866) record, aka "Excel HFPicture Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1248 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7240 | |||
| Oval ID: | oval:org.mitre.oval:def:7240 | ||
| Title: | Excel Memory Corruption Vulnerability | ||
| Description: | Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 SP3, 2007 SP1 and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Excel Memory Corruption Vulnerability," a different vulnerability than CVE-2010-1247 and CVE-2010-1249. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0823 | Version: | 12 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 Microsoft Excel 2003 Microsoft Excel 2007 Microsoft Office Excel Viewer Microsoft Office Compatibility Pack |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7241 | |||
| Oval ID: | oval:org.mitre.oval:def:7241 | ||
| Title: | Sharepoint Help Page Denial of Service Vulnerability | ||
| Description: | Unspecified vulnerability in Microsoft Windows SharePoint Services 3.0 SP1 and SP2 allows remote attackers to cause a denial of service (hang) via crafted requests to the Help page that cause repeated restarts of the application pool, aka "Sharepoint Help Page Denial of Service Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1264 | Version: | 7 |
| Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Windows SharePoint Services 3.0 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7265 | |||
| Oval ID: | oval:org.mitre.oval:def:7265 | ||
| Title: | Excel Object Stack Overflow Vulnerability | ||
| Description: | Stack-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a crafted OBJ (0x5D) record, aka "Excel Object Stack Overflow Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0822 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7283 | |||
| Oval ID: | oval:org.mitre.oval:def:7283 | ||
| Title: | Win32k TrueType Font Parsing Vulnerability | ||
| Description: | The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 allows local users to execute arbitrary code via vectors related to "glyph outline information" and TrueType fonts, aka "Win32k TrueType Font Parsing Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1255 | Version: | 9 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7286 | |||
| Oval ID: | oval:org.mitre.oval:def:7286 | ||
| Title: | COM Validation Vulnerability | ||
| Description: | Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; Microsoft Office XP SP3; Office 2003 SP3; and Office System 2007 SP1 and SP2 do not properly validate COM objects during instantiation, which allows remote attackers to execute arbitrary code via a crafted file, aka "COM Validation Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1263 | Version: | 26 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Office XP Microsoft Excel 2003 Microsoft PowerPoint 2003 Microsoft Publisher 2003 Microsoft Visio 2003 Microsoft Word 2003 Microsoft Excel 2007 Microsoft PowerPoint 2007 Microsoft Publisher 2007 Microsoft Visio 2007 Microsoft Word 2007 Microsoft Wordpad |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7324 | |||
| Oval ID: | oval:org.mitre.oval:def:7324 | ||
| Title: | Uninitialized Memory Corruption Vulnerability (CVE-2010-1259) | ||
| Description: | Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1259 | Version: | 11 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7369 | |||
| Oval ID: | oval:org.mitre.oval:def:7369 | ||
| Title: | Excel String Variable Vulnerability | ||
| Description: | Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Excel String Variable Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1252 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7406 | |||
| Oval ID: | oval:org.mitre.oval:def:7406 | ||
| Title: | Memory Corruption Vulnerability (CVE-2010-1262) | ||
| Description: | Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, related to the CStyleSheet object and a free of the root container, aka "Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1262 | Version: | 11 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7468 | |||
| Oval ID: | oval:org.mitre.oval:def:7468 | ||
| Title: | Help.aspx XSS Vulnerability | ||
| Description: | Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in Microsoft SharePoint Server 2007 12.0.0.6421 and possibly earlier, and SharePoint Services 3.0 SP1 and SP2, versions, allows remote attackers to inject arbitrary web script or HTML via the cid0 parameter. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0817 | Version: | 7 |
| Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Windows SharePoint Services 3.0 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7517 | |||
| Oval ID: | oval:org.mitre.oval:def:7517 | ||
| Title: | Media Decompression Vulnerability | ||
| Description: | Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media Format Runtime 9, 9.5, and 11; Media Encoder 9; and the Asycfilt.dll COM component allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "Media Decompression Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1879 | Version: | 15 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Windows Media Format Runtime 9.0 Windows Media Format Runtime 9.5 Windows Media Format Runtime 11 Quartz.dll (DirectShow) |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7593 | |||
| Oval ID: | oval:org.mitre.oval:def:7593 | ||
| Title: | Excel EDG Memory Corruption Vulnerability | ||
| Description: | Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with malformed (1) EDG (0x88) and (2) Publisher (0x89) records, aka "Excel EDG Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1250 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7609 | |||
| Oval ID: | oval:org.mitre.oval:def:7609 | ||
| Title: | Win32k Improper Data Validation Vulnerability | ||
| Description: | The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 "do not properly validate changes in certain kernel objects," which allows local users to execute arbitrary code via vectors related to Device Contexts (DC) and the GetDCEx function, aka "Win32k Improper Data Validation Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0484 | Version: | 7 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7932 | |||
| Oval ID: | oval:org.mitre.oval:def:7932 | ||
| Title: | DSA-1849 xml-security-c -- design flaw | ||
| Description: | It was discovered that the W3C XML Signature recommendation contains a protocol-level vulnerability related to HMAC output truncation. This update implements the proposed workaround in the C++ version of the Apache implementation of this standard, xml-security-c, by preventing truncation to output strings shorter than 80 bits or half of the original HMAC output, whichever is greater. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1849 CVE-2009-0217 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | xml-security-c |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
SAINT Exploits
| Description | Link |
|---|---|
| Microsoft Excel DBQueryExt record parsing vulnerability | More info here |
| Microsoft Office Excel Malformed Obj Record Stack Buffer Overflow | More info here |
| Microsoft Office Excel RTD Topic String Buffer Overflow | More info here |
ExploitDB Exploits
| id | Description |
|---|---|
| 2011-11-22 | MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow |
| 2010-09-29 | MOAUB #29 - Microsoft Excel SxView Record Parsing Heap Memory Corruption |
| 2010-09-24 | MOAUB #24 - Microsoft Excel OBJ Record Stack Overflow |
| 2010-09-21 | MOAUB #21 - Microsoft Excel WOPT Record Parsing Heap Memory Corruption |
| 2010-09-16 | MOAUB #16 - Microsoft Excel HFPicture Record Parsing Remote Code Execution Vu... |
| 2010-09-10 | MOAUB #10 - Excel RTD Memory Corruption |
| 2010-08-10 | Microsoft Windows CreateWindow Function Callback Vulnerability (MS10-048) |
| 2010-07-14 | Microsoft Excel 0x5D record Stack Overflow Vulnerability |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2012-08-10 | Name : Gentoo Security Advisory GLSA 201206-13 (mono mono-debugger) File : nvt/glsa_201206_13.nasl |
| 2011-09-14 | Name : Microsoft SharePoint Server 2007 '_layouts/help.aspx' Cross Site Scripting Vu... File : nvt/gb_sharepoint_39776.nasl |
| 2011-08-09 | Name : CentOS Update for xmlsec1 CESA-2009:1428 centos5 i386 File : nvt/gb_CESA-2009_1428_xmlsec1_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for xmlsec1 CESA-2009:1428 centos4 i386 File : nvt/gb_CESA-2009_1428_xmlsec1_centos4_i386.nasl |
| 2011-08-09 | Name : CentOS Update for java CESA-2009:1201 centos5 i386 File : nvt/gb_CESA-2009_1201_java_centos5_i386.nasl |
| 2011-04-13 | Name : Microsoft IE Developer Tools WMITools and Windows Messenger ActiveX Control V... File : nvt/secpod_ms11-027.nasl |
| 2010-10-13 | Name : Microsoft Windows Shell and WordPad COM Validation Vulnerability (2405882) File : nvt/secpod_ms10-083.nasl |
| 2010-06-09 | Name : Microsoft Data Analyzer and IE Developer Tools ActiveX Control Vulnerability ... File : nvt/secpod_ms10-034.nasl |
| 2010-06-09 | Name : Microsoft Media Decompression Remote Code Execution Vulnerability (979902) File : nvt/secpod_ms10-033.nasl |
| 2010-06-09 | Name : Microsoft Windows Kernel Mode Drivers Privilege Escalation Vulnerabilities (9... File : nvt/secpod_ms10-032.nasl |
| 2010-06-09 | Name : Microsoft Internet Explorer Multiple Vulnerabilities (982381) File : nvt/secpod_ms10-035.nasl |
| 2010-06-09 | Name : Microsoft Office COM Validation Remote Code Execution Vulnerability (983235) File : nvt/secpod_ms10-036.nasl |
| 2010-06-09 | Name : Microsoft Windows OpenType Compact Font Format Driver Privilege Escalation Vu... File : nvt/secpod_ms10-037.nasl |
| 2010-06-09 | Name : Microsoft .NET Framework XML HMAC Truncation Vulnerability (981343) File : nvt/secpod_ms10-041.nasl |
| 2010-06-09 | Name : Microsoft IIS Authentication Remote Code Execution Vulnerability (982666) File : nvt/secpod_ms10-040.nasl |
| 2010-06-09 | Name : Microsoft SharePoint Privilege Elevation Vulnerabilities (2028554) File : nvt/secpod_ms10-039.nasl |
| 2010-06-09 | Name : Microsoft Office Excel Remote Code Execution Vulnerabilities (2027452) File : nvt/secpod_ms10-038.nasl |
| 2010-05-28 | Name : Java for Mac OS X 10.5 Update 5 File : nvt/macosx_java_for_10_5_upd_5.nasl |
| 2010-05-04 | Name : Microsoft SharePoint '_layouts/help.aspx' Cross Site Scripting Vulnerability File : nvt/secpod_ms_sharepoint_layouts_xss_vuln.nasl |
| 2010-03-22 | Name : SuSE Update for OpenOffice_org SUSE-SA:2010:017 File : nvt/gb_suse_2010_017.nasl |
| 2010-03-16 | Name : FreeBSD Ports: openoffice.org File : nvt/freebsd_openoffice.org.nasl |
| 2010-03-02 | Name : Ubuntu Update for openoffice.org vulnerabilities USN-903-1 File : nvt/gb_ubuntu_USN_903_1.nasl |
| 2010-02-10 | Name : Microsoft Data Analyzer ActiveX Control Vulnerability (978262) File : nvt/secpod_ms10-008.nasl |
| 2010-02-08 | Name : Microsoft Internet Explorer Information Disclosure Vulnerability (980088) File : nvt/gb_ms_ie_npl_info_disc_vuln.nasl |
| 2009-12-30 | Name : RedHat Security Advisory RHSA-2009:1694 File : nvt/RHSA_2009_1694.nasl |
| 2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:318 (xmlsec1) File : nvt/mdksa_2009_318.nasl |
| 2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:322 (mono) File : nvt/mdksa_2009_322.nasl |
| 2009-11-11 | Name : SLES11: Security update for IBM Java 1.6.0 File : nvt/sles11_java-1_6_0-ibm1.nasl |
| 2009-10-19 | Name : Mandrake Security Advisory MDVSA-2009:267 (xmlsec1) File : nvt/mdksa_2009_267.nasl |
| 2009-10-19 | Name : Mandrake Security Advisory MDVSA-2009:269 (mono) File : nvt/mdksa_2009_269.nasl |
| 2009-10-19 | Name : Mandrake Security Advisory MDVSA-2009:268 (mono) File : nvt/mdksa_2009_268.nasl |
| 2009-09-15 | Name : CentOS Security Advisory CESA-2009:1428 (xmlsec1) File : nvt/ovcesa2009_1428.nasl |
| 2009-09-09 | Name : RedHat Security Advisory RHSA-2009:1428 File : nvt/RHSA_2009_1428.nasl |
| 2009-09-02 | Name : Ubuntu USN-826-1 (mono) File : nvt/ubuntu_826_1.nasl |
| 2009-09-02 | Name : Mandrake Security Advisory MDVSA-2009:209 (java-1.6.0-openjdk) File : nvt/mdksa_2009_209.nasl |
| 2009-08-17 | Name : CentOS Security Advisory CESA-2009:1201 (java-1.6.0-openjdk) File : nvt/ovcesa2009_1201.nasl |
| 2009-08-17 | Name : FreeBSD Ports: mono File : nvt/freebsd_mono0.nasl |
| 2009-08-17 | Name : Fedora Core 11 FEDORA-2009-8473 (xmlsec1) File : nvt/fcore_2009_8473.nasl |
| 2009-08-17 | Name : Fedora Core 10 FEDORA-2009-8456 (xmlsec1) File : nvt/fcore_2009_8456.nasl |
| 2009-08-17 | Name : Fedora Core 10 FEDORA-2009-8337 (java-1.6.0-openjdk) File : nvt/fcore_2009_8337.nasl |
| 2009-08-17 | Name : Fedora Core 11 FEDORA-2009-8329 (java-1.6.0-openjdk) File : nvt/fcore_2009_8329.nasl |
| 2009-08-17 | Name : Fedora Core 11 FEDORA-2009-8157 (xml-security-c) File : nvt/fcore_2009_8157.nasl |
| 2009-08-17 | Name : Fedora Core 10 FEDORA-2009-8121 (xml-security-c) File : nvt/fcore_2009_8121.nasl |
| 2009-08-17 | Name : Debian Security Advisory DSA 1849-1 (xml-security-c) File : nvt/deb_1849_1.nasl |
| 2009-08-17 | Name : RedHat Security Advisory RHSA-2009:1201 File : nvt/RHSA_2009_1201.nasl |
| 2009-08-17 | Name : Ubuntu USN-814-1 (openjdk-6) File : nvt/ubuntu_814_1.nasl |
| 2009-08-17 | Name : RedHat Security Advisory RHSA-2009:1200 File : nvt/RHSA_2009_1200.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 65239 | Microsoft Office Excel String Variable Handling Unspecified Code Execution A memory corruption flaw exists in Microsoft Office Excel. The program uses an uninitialized variable as a size argument when copying data during certain record type parsing, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code. |
| 65238 | Microsoft Office Excel Malformed RTD Handling Memory Corruption A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when parsing malformed RTD (0x813) records, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code. |
| 65237 | Microsoft Office Excel Malformed RTD Record Handling Memory Corruption A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when handling malformed RTD records, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code. |
| 65236 | Microsoft Office Excel Malformed OBJ Record Handling Overflow Microsoft Office Excel is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted Excel file containing a crafted malformed OBJ record, a context-dependent attacker can potentially execute arbitrary code. |
| 65235 | Microsoft Office Excel Malformed HFPicture Handling Memory Corruption A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when handling malformed HFPicture records, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code. |
| 65234 | Microsoft Office Excel on Mac OS X Open XML Permission Weakness Microsoft Office Excel on Mac OS X contains a flaw related to Microsoft Open XML File Format Converter's failure to securely set ACLs for the /Applications folder. This may allow a local attacker to access and replace the executable with a Trojan horse and execute arbitrary code. |
| 65233 | Microsoft Office Excel Unspecified Memory Corruption (2010-0823) A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when parsing chart sheet substreams, resulting in memory corruption. With a specially crafted file, a context-dependent attacker can execute arbitrary code. |
| 65232 | Microsoft Office Excel Malformed ExternName Record Handling Memory Corruption A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when handling malformed ExternName records, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code. |
| 65231 | Microsoft Office Excel Malformed WOPT Record Handling Memory Corruption A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when handling malformed WOPT records, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code. |
| 65230 | Microsoft Office Excel EDG / Publisher Record Handling Memory Corruption A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when handling malformed EDG and Publisher records, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code. |
| 65229 | Microsoft Office Excel SxView Record Handling Memory Corruption A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when parsing malformed SxView records, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code. |
| 65228 | Microsoft Office Excel ADO Object DBQueryExt Record Handling Arbitrary Code E... Microsoft Office Excel contains a flaw related to the parsing of DBQueryExt records in Excel spreadsheet files. The issue is triggered when the program fails to check when parsing certain structure fields, allowing a user-controlled pointer to be called. This may allow a context-dependent attacker to use a crafted Excel file to execute arbitrary code. |
| 65227 | Microsoft Office Excel SXVIEW Record Parsing Memory Corruption A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when parsing SXVIEW records, resulting in memory corruption. With a specially crafted Excel spreadsheet file, a context-dependent attacker can execute arbitrary code. |
| 65226 | Microsoft Office Excel Unspecified Record Handling Stack Corruption Arbitrary... A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when handling a certain unspecified record type, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code. |
| 65225 | Microsoft Windows Kernel-Mode Driver Window Creation Local Privilege Escalation Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the kernel-mode drivers in win32k.sys fail to properly validate callback parameters when creating new windows, allowing a local attacker to gain elevated privileges. |
| 65224 | Microsoft Windows Kernel-Mode Driver Win32k.sys GetDCEx() Function Device Con... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the kernel-mode drivers in win32k.sys suffer from memory corruption while handling 'GetDCEx()' function device contexts, allowing a local attacker to gain elevated privileges. |
| 65223 | Microsoft Windows Kernel-Mode Driver TrueType Font Parsing Local Privilege Es... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a boundary error occurs in win32k.sys when providing TrueType glyph outlines, allowing a local attacker to gain elevated privileges via a buffer overflow caused by content containing a crafted TrueType font. |
| 65222 | Microsoft Windows MJPEG Media Decompression Unspecified Remote Code Execution Microsoft Windows contains a flaw that may allow a context-dependent attacker to execute arbitrary code with a MJPEG video file containing crafted compression data. No further details have been provided. |
| 65221 | Microsoft Windows Media Decompression Unspecified Remote Code Execution Microsoft Windows contains a flaw that may allow a context-dependent attacker to execute arbitrary code with a media file containing crafted compression data. No further details have been provided. |
| 65220 | Microsoft SharePoint Crafted Request Help Page Invocation Remote DoS Microsoft SharePoint contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker uses crafted requests to the Help page (help.aspx) via the 'tid' parameter to cause the application pool to repeatedly restart, which will result in a loss of availability. |
| 65219 | Microsoft Windows / Office COM Object Instantiation Validation Remote Code Ex... Microsoft Windows and Office fail to properly validate COM objects during instantiation. This may allow a context-dependent attacker to use a crafted file to execute arbitrary code. |
| 65218 | Microsoft IE 8 Developer Tools ActiveX Remote Code Execution Microsoft Internet Explorer 8 contains an unspecified flaw related to the Internet Explorer Developer Tools ActiveX Control, iedvtool.dll, that may allow a context-dependent attacker to execute arbitrary code via a crafted web page that causes system state corruption. No further details have been provided. |
| 65217 | Microsoft Windows OpenType Compact Font Format (CFF) Driver Privilege Escalation Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a boundary error occurs in the Windows OpenType Compact Font Format (CFF) driver, allowing a local attacker to overwrite kernel memory when getting a glyph outline and gain elevated privileges. |
| 65216 | Microsoft IIS Extended Protection for Authentication Memory Corruption A memory corruption flaw exists in Microsoft IIS. The program fails to sanitize user-supplied input when handling authentication tokens, resulting in memory corruption. With a specially crafted authentication packet, a remote authenticated attacker can execute arbitrary code. |
| 65215 | Microsoft IE Uninitialized Object Handling Memory Corruption (2010-1259) A memory corruption flaw exists in Microsoft Internet Explorer. The program fails to sanitize user-supplied input when accessing an improperly initialized or deleted object, resulting in memory corruption. With a specially crafted page, a context-dependent attacker can execute arbitrary code. |
| 65214 | Microsoft IE Uninitialized Object Handling Memory Corruption (2010-1261) A memory corruption flaw exists in Microsoft Internet Explorer. The IE8 Developer Toolbar fails to sanitize user-supplied input when accessing an improperly initialized or deleted object, resulting in memory corruption. With a specially crafted page, a context-dependent attacker can execute arbitrary code. |
| 65213 | Microsoft IE HTML Element Handling Memory Corruption A memory corruption flaw exists in Microsoft Internet Explorer. The IE8 Developer Toolbar fails to sanitize user-supplied input when accessing an improperly initialized or deleted object, resulting in memory corruption. With a specially crafted page, a context-dependent attacker can execute arbitrary code. |
| 65212 | Microsoft IE CStyleSheet Object Handling Memory Corruption A memory corruption flaw exists in Microsoft Internet Explorer. The program fails to sanitize user-supplied input when a use-after-free error occurs due to an invalid pointer being utilized during use of CStyleSheets, resulting in memory corruption. With a specially crafted page containing a CStyleSheet, a context-dependent attacker can execute arbitrary code. |
| 65211 | Microsoft IE / Sharepoint toStaticHTML Information Disclosure Microsoft Internet Explorer and Sharepoint contain a flaw that may lead to an unspecified unauthorized information disclosure. This issue is triggered when the 'toStaticHTML()' method fails to properly sanitise HTML code. This may allow a remote attacker to conduct cross-site scripting attacks. |
| 64170 | Microsoft SharePoint Server _layouts/help.aspx cid0 Parameter XSS |
| 63142 | RepairShop2 index.php Prod Parameter SQL Injection RepairShop2 contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'Prod' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data. |
| 62246 | Microsoft Data Analyzer ActiveX Web Page Handling Unspecified Arbitrary Code ... |
| 62156 | Microsoft IE Dynamic OBJECT Tag Cross-domain Arbitrary File Access |
| 56243 | W3C XML Signature Syntax and Processing (XMLDsig) HMACOutputLength Signature ... |
| 55907 | Oracle BEA WebLogic Server Web Services Package HMACOutputLength Signature Sp... |
| 55895 | Oracle Application Server Security Developer Tools HMACOutputLength Signature... |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2010-10-14 | IAVM : 2010-A-0134 - Microsoft Windows COM Validation Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0025530 |
| 2010-06-10 | IAVM : 2010-B-0045 - Microsoft Internet Information Services Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0024366 |
| 2010-06-10 | IAVM : 2010-B-0046 - Microsoft .NET Framework Data Tampering Vulnerability Severity : Category II - VMSKEY : V0024367 |
| 2010-06-10 | IAVM : 2010-A-0078 - Multiple Vulnerabilities in Microsoft Windows Severity : Category II - VMSKEY : V0024371 |
| 2010-06-10 | IAVM : 2010-A-0079 - Multiple Vulnerabilities in Microsoft Office SharePoint Severity : Category II - VMSKEY : V0024377 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2020-03-19 | Microsoft Windows Data Analyzer 3.5 ActiveX clsid access RuleID : 53118 - Revision : 1 - Type : BROWSER-PLUGINS |
| 2020-03-19 | Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt RuleID : 53117 - Revision : 1 - Type : BROWSER-PLUGINS |
| 2020-03-19 | Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt RuleID : 53116 - Revision : 1 - Type : BROWSER-PLUGINS |
| 2019-10-01 | Microsoft Office Excel DBQueryExt record memory corruption attempt RuleID : 51326 - Revision : 1 - Type : FILE-OFFICE |
| 2019-09-24 | Microsoft Office Excel SxView heap overflow attempt RuleID : 51172 - Revision : 1 - Type : FILE-OFFICE |
| 2019-09-24 | Microsoft Office Excel SxView heap overflow attempt RuleID : 51171 - Revision : 1 - Type : FILE-OFFICE |
| 2019-09-24 | Microsoft Office Excel SxView heap overflow attempt RuleID : 51170 - Revision : 1 - Type : FILE-OFFICE |
| 2019-09-24 | Microsoft Office Excel SxView heap overflow attempt RuleID : 51169 - Revision : 1 - Type : FILE-OFFICE |
| 2019-09-24 | Microsoft Office Excel SxView heap overflow attempt RuleID : 51168 - Revision : 1 - Type : FILE-OFFICE |
| 2019-09-24 | Microsoft Office Excel SxView heap overflow attempt RuleID : 51167 - Revision : 1 - Type : FILE-OFFICE |
| 2019-09-24 | Microsoft Office Excel SxView heap overflow attempt RuleID : 51166 - Revision : 1 - Type : FILE-OFFICE |
| 2019-09-24 | Microsoft Office Excel SxView heap overflow attempt RuleID : 51165 - Revision : 1 - Type : FILE-OFFICE |
| 2019-09-17 | Microsoft Office Excel RealTimeData record heap memory corruption attempt RuleID : 51079 - Revision : 1 - Type : FILE-OFFICE |
| 2019-09-17 | Microsoft Office Excel RealTimeData record heap memory corruption attempt RuleID : 51078 - Revision : 1 - Type : FILE-OFFICE |
| 2019-09-17 | Microsoft Office Excel RealTimeData record heap memory corruption attempt RuleID : 51077 - Revision : 1 - Type : FILE-OFFICE |
| 2019-09-17 | Microsoft Office Excel RealTimeData record heap memory corruption attempt RuleID : 51076 - Revision : 1 - Type : FILE-OFFICE |
| 2019-09-17 | Microsoft Office Excel Chart Sheet Substream memory corruption attempt RuleID : 51062 - Revision : 2 - Type : FILE-OFFICE |
| 2019-09-17 | Microsoft Office Excel Chart Sheet Substream memory corruption attempt RuleID : 51061 - Revision : 2 - Type : FILE-OFFICE |
| 2019-09-17 | Microsoft Office Excel Chart Sheet Substream memory corruption attempt RuleID : 51060 - Revision : 1 - Type : FILE-OFFICE |
| 2019-09-17 | Microsoft Office Excel Chart Sheet Substream memory corruption attempt RuleID : 51059 - Revision : 1 - Type : FILE-OFFICE |
| 2018-03-13 | Microsoft Office Excel SxView record memory pointer corruption attempt RuleID : 45620 - Revision : 1 - Type : FILE-OFFICE |
| 2018-03-13 | Microsoft Office Excel SxView record memory pointer corruption attempt RuleID : 45619 - Revision : 2 - Type : FILE-OFFICE |
| 2017-07-27 | Microsoft Windows Media Player JPG header record mismatch memory corruption a... RuleID : 43336 - Revision : 1 - Type : FILE-MULTIMEDIA |
| 2017-07-27 | Microsoft Windows Media Player JPG header record mismatch memory corruption a... RuleID : 43335 - Revision : 1 - Type : FILE-MULTIMEDIA |
| 2016-03-14 | Microsoft Office Excel RTD buffer overflow attempt RuleID : 37294 - Revision : 2 - Type : FILE-OFFICE |
| 2016-03-14 | Microsoft Office Excel RTD buffer overflow attempt RuleID : 37293 - Revision : 2 - Type : FILE-OFFICE |
| 2016-03-14 | Microsoft Office Excel WOpt record memory corruption attempt RuleID : 36857 - Revision : 1 - Type : FILE-OFFICE |
| 2015-01-20 | Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access RuleID : 32843 - Revision : 3 - Type : BROWSER-PLUGINS |
| 2015-01-20 | Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access RuleID : 32842 - Revision : 4 - Type : BROWSER-PLUGINS |
| 2015-01-20 | Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access RuleID : 32840 - Revision : 4 - Type : BROWSER-PLUGINS |
| 2014-12-16 | Microsoft Internet Explorer style sheet array memory corruption attempt RuleID : 32532 - Revision : 3 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Office Excel Publisher record heap buffer overflow attempt RuleID : 24657 - Revision : 7 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel WOpt record memory corruption attempt RuleID : 23554 - Revision : 5 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel WOpt record memory corruption attempt RuleID : 23553 - Revision : 4 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel SxView record memory pointer corruption attempt RuleID : 23552 - Revision : 5 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel SxView record memory pointer corruption attempt RuleID : 23551 - Revision : 4 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel RealTimeData record stack buffer overflow attempt RuleID : 23550 - Revision : 6 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel RTD buffer overflow attempt RuleID : 23549 - Revision : 5 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel RTD buffer overflow attempt RuleID : 23548 - Revision : 5 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro ... RuleID : 23547 - Revision : 5 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel OBJ record stack buffer overflow attempt - with linkFmla RuleID : 23546 - Revision : 5 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro RuleID : 23545 - Revision : 5 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel OBJ record stack buffer overflow attempt RuleID : 23544 - Revision : 7 - Type : FILE-OFFICE |
| 2014-01-10 | Apache XML HMAC truncation authentication bypass attempt RuleID : 21337 - Revision : 4 - Type : SERVER-APACHE |
| 2014-01-10 | Microsoft Office Excel RealTimeData record parsing memory corruption RuleID : 19412 - Revision : 13 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel Chart Sheet Substream memory corruption attempt RuleID : 19294 - Revision : 14 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel WOpt record memory corruption attempt RuleID : 19259 - Revision : 15 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel SxView record memory pointer corruption attempt RuleID : 19258 - Revision : 15 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Windows DirectX quartz.dll MJPEG content processing memory corrupti... RuleID : 19146 - Revision : 16 - Type : FILE-MULTIMEDIA |
| 2014-01-10 | Microsoft Windows Media Player JPG header record mismatch memory corruption a... RuleID : 19143 - Revision : 16 - Type : FILE-MULTIMEDIA |
| 2014-01-10 | Microsoft Office Excel RTD buffer overflow attempt RuleID : 19132 - Revision : 15 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel RTD buffer overflow attempt RuleID : 19131 - Revision : 14 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel ADO Object Parsing Code Execution RuleID : 18772 - Revision : 14 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel ADO Object Parsing Code Execution RuleID : 18771 - Revision : 14 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Internet Explorer oversize recordset object cache size exploit attempt RuleID : 18280 - Revision : 15 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Excel SxView heap overflow attempt RuleID : 16662 - Revision : 11 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Windows DirectX quartz.dll MJPEG content processing memory corrupti... RuleID : 16661 - Revision : 20 - Type : FILE-MULTIMEDIA |
| 2014-01-10 | Microsoft Office SharePoint Server 2007 help.aspx denial of service attempt RuleID : 16660 - Revision : 16 - Type : SERVER-WEBAPP |
| 2014-01-10 | Microsoft Internet Explorer style sheet array memory corruption attempt RuleID : 16659 - Revision : 17 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer 8 cross-site scripting attempt RuleID : 16658 - Revision : 7 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Office Excel DBQueryExt record memory corruption attempt RuleID : 16657 - Revision : 17 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel BIFF5 ExternSheet record stack overflow attempt RuleID : 16656 - Revision : 18 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel Lbl record stack overflow attempt RuleID : 16655 - Revision : 16 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel Publisher record heap buffer overflow attempt RuleID : 16654 - Revision : 20 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel ExternName record stack buffer overflow attempt - 4 RuleID : 16653 - Revision : 17 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel ExternName record stack buffer overflow attempt - 3 RuleID : 16652 - Revision : 17 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel ExternName record stack buffer overflow attempt - 2 RuleID : 16651 - Revision : 17 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel ExternName record stack buffer overflow attempt - 1 RuleID : 16650 - Revision : 17 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Excel HFPicture record stack buffer overflow attempt RuleID : 16649 - Revision : 10 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel RealTimeData record heap memory corruption attempt - 1 RuleID : 16648 - Revision : 15 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel RealTimeData record heap memory corruption attempt - 2 RuleID : 16647 - Revision : 17 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel RTD buffer overflow attempt RuleID : 16646 - Revision : 18 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel SxView record memory pointer corruption attempt RuleID : 16645 - Revision : 15 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel WOpt record memory corruption attempt RuleID : 16644 - Revision : 15 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel Chart Sheet Substream memory corruption attempt RuleID : 16643 - Revision : 15 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro ... RuleID : 16641 - Revision : 15 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel OBJ record stack buffer overflow attempt - with linkFmla RuleID : 16640 - Revision : 15 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro RuleID : 16639 - Revision : 15 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel OBJ record stack buffer overflow attempt RuleID : 16638 - Revision : 17 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Internet Explorer security zone restriction bypass attempt RuleID : 16637 - Revision : 12 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Windows .NET framework XMLDsig data tampering attempt RuleID : 16636 - Revision : 14 - Type : OS-WINDOWS |
| 2014-01-10 | Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access RuleID : 16635 - Revision : 13 - Type : BROWSER-PLUGINS |
| 2014-01-10 | Microsoft Office SharePoint XSS attempt RuleID : 16560 - Revision : 17 - Type : SERVER-WEBAPP |
| 2014-01-10 | Microsoft Internet Explorer 7/8 execute local file in Internet zone redirect ... RuleID : 16423 - Revision : 14 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Data Analyzer 3.5 ActiveX clsid unicode access RuleID : 16420 - Revision : 5 - Type : WEB-ACTIVEX |
| 2014-01-10 | Microsoft Windows Data Analyzer 3.5 ActiveX clsid access RuleID : 16419 - Revision : 15 - Type : BROWSER-PLUGINS |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2018-04-03 | Name : The remote web server may allow remote code execution. File : iis_7_pci.nasl - Type : ACT_GATHER_INFO |
| 2014-09-01 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201408-19.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1201.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1428.nasl - Type : ACT_GATHER_INFO |
| 2013-02-22 | Name : The remote Unix host contains a runtime environment that is affected by multi... File : sun_java_jre_263408_unix.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1637.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1636.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1649.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1650.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090806_java_1_6_0_openjdk_on_SL5_3.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090824_java__jdk_1_6_0__on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090908_xmlsec1_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-06-22 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201206-13.nasl - Type : ACT_GATHER_INFO |
| 2012-01-24 | Name : The remote web server may be affected by multiple vulnerabilities. File : oracle_application_server_pci.nasl - Type : ACT_GATHER_INFO |
| 2011-04-13 | Name : The remote Windows host is missing an update that disables selected ActiveX c... File : smb_nt_ms11-027.nasl - Type : ACT_GATHER_INFO |
| 2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_OpenOffice_org-6883.nasl - Type : ACT_GATHER_INFO |
| 2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_OpenOffice_org-6884.nasl - Type : ACT_GATHER_INFO |
| 2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_OpenOffice_org-100225.nasl - Type : ACT_GATHER_INFO |
| 2010-10-20 | Name : An application installed on the remote Mac OS X host is affected by multiple ... File : macosx_ms10-038.nasl - Type : ACT_GATHER_INFO |
| 2010-10-13 | Name : The remote windows host is affected by a remote code execution vulnerability. File : smb_nt_ms10-083.nasl - Type : ACT_GATHER_INFO |
| 2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-269.nasl - Type : ACT_GATHER_INFO |
| 2010-07-01 | Name : An application running on the remote web server has a denial of service vulne... File : sharepoint_help_dos.nasl - Type : ACT_DENIAL |
| 2010-07-01 | Name : An application running on the remote web server has a cross-site scripting vu... File : sharepoint_help_xss.nasl - Type : ACT_ATTACK |
| 2010-06-09 | Name : Opening a specially crafted media file can result in arbitrary code execution. File : smb_nt_ms10-033.nasl - Type : ACT_GATHER_INFO |
| 2010-06-09 | Name : The remote Windows host is missing an update that disables selected ActiveX c... File : smb_nt_ms10-034.nasl - Type : ACT_GATHER_INFO |
| 2010-06-09 | Name : Arbitrary code can be executed on the remote host through a web browser. File : smb_nt_ms10-035.nasl - Type : ACT_GATHER_INFO |
| 2010-06-09 | Name : Arbitrary code can be executed on the remote host through opening a Microsoft... File : smb_nt_ms10-036.nasl - Type : ACT_GATHER_INFO |
| 2010-06-09 | Name : The remote Windows host contains a font driver that is affected by a privileg... File : smb_nt_ms10-037.nasl - Type : ACT_GATHER_INFO |
| 2010-06-09 | Name : Arbitrary code can be executed on the remote host through Microsoft Office Ex... File : smb_nt_ms10-038.nasl - Type : ACT_GATHER_INFO |
| 2010-06-09 | Name : The remote host has multiple vulnerabilities. File : smb_nt_ms10-039.nasl - Type : ACT_GATHER_INFO |
| 2010-06-09 | Name : The remote web server may allow remote code execution. File : smb_nt_ms10-040.nasl - Type : ACT_GATHER_INFO |
| 2010-06-09 | Name : It is possible to tamper with signed XML content without being detected on th... File : smb_nt_ms10-041.nasl - Type : ACT_GATHER_INFO |
| 2010-06-09 | Name : The Windows kernel is affected by several vulnerabilities that could allow es... File : smb_nt_ms10-032.nasl - Type : ACT_GATHER_INFO |
| 2010-03-17 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_OpenOffice_org-100211.nasl - Type : ACT_GATHER_INFO |
| 2010-03-17 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_OpenOffice_org-base-drivers-postgresql-100211.nasl - Type : ACT_GATHER_INFO |
| 2010-03-17 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_OpenOffice_org-base-drivers-postgresql-100216.nasl - Type : ACT_GATHER_INFO |
| 2010-03-16 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_OpenOffice_org-100226.nasl - Type : ACT_GATHER_INFO |
| 2010-03-01 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_c97d7a37223311df96dd001b2134ef46.nasl - Type : ACT_GATHER_INFO |
| 2010-02-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-903-1.nasl - Type : ACT_GATHER_INFO |
| 2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1849.nasl - Type : ACT_GATHER_INFO |
| 2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1995.nasl - Type : ACT_GATHER_INFO |
| 2010-02-12 | Name : The remote Windows host has a program affected by multiple buffer overflows. File : openoffice_32.nasl - Type : ACT_GATHER_INFO |
| 2010-02-09 | Name : The remote Windows host is missing an update that disables selected ActiveX c... File : smb_nt_ms10-008.nasl - Type : ACT_GATHER_INFO |
| 2010-01-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0043.nasl - Type : ACT_GATHER_INFO |
| 2010-01-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-100105.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1201.nasl - Type : ACT_GATHER_INFO |
| 2009-12-27 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1694.nasl - Type : ACT_GATHER_INFO |
| 2009-12-08 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-322.nasl - Type : ACT_GATHER_INFO |
| 2009-12-07 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-318.nasl - Type : ACT_GATHER_INFO |
| 2009-11-05 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-091102.nasl - Type : ACT_GATHER_INFO |
| 2009-10-13 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-268.nasl - Type : ACT_GATHER_INFO |
| 2009-10-12 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-267.nasl - Type : ACT_GATHER_INFO |
| 2009-09-09 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1428.nasl - Type : ACT_GATHER_INFO |
| 2009-09-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1428.nasl - Type : ACT_GATHER_INFO |
| 2009-09-03 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_5_update5.nasl - Type : ACT_GATHER_INFO |
| 2009-08-31 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_java-1_6_0-openjdk-090827.nasl - Type : ACT_GATHER_INFO |
| 2009-08-31 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_java-1_6_0-openjdk-090826.nasl - Type : ACT_GATHER_INFO |
| 2009-08-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-826-1.nasl - Type : ACT_GATHER_INFO |
| 2009-08-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1200.nasl - Type : ACT_GATHER_INFO |
| 2009-08-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-209.nasl - Type : ACT_GATHER_INFO |
| 2009-08-12 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8473.nasl - Type : ACT_GATHER_INFO |
| 2009-08-12 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8456.nasl - Type : ACT_GATHER_INFO |
| 2009-08-11 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-814-1.nasl - Type : ACT_GATHER_INFO |
| 2009-08-10 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8337.nasl - Type : ACT_GATHER_INFO |
| 2009-08-07 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8329.nasl - Type : ACT_GATHER_INFO |
| 2009-08-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1201.nasl - Type : ACT_GATHER_INFO |
| 2009-08-05 | Name : The remote Windows host contains a runtime environment that is affected by mu... File : sun_java_jre_263408.nasl - Type : ACT_GATHER_INFO |
| 2009-08-01 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8121.nasl - Type : ACT_GATHER_INFO |
| 2009-08-01 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8157.nasl - Type : ACT_GATHER_INFO |
| 2009-07-30 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_708c65a57c5811dea9940030843d3802.nasl - Type : ACT_GATHER_INFO |
| 2009-06-03 | Name : The remote host is missing Sun Security Patch number 141709-03 File : solaris10_141709.nasl - Type : ACT_GATHER_INFO |
| 2009-06-03 | Name : The remote host is missing Sun Security Patch number 141710-03 File : solaris10_x86_141710.nasl - Type : ACT_GATHER_INFO |
| 2009-06-03 | Name : The remote host is missing Sun Security Patch number 141709-03 File : solaris9_141709.nasl - Type : ACT_GATHER_INFO |
| 2009-06-03 | Name : The remote host is missing Sun Security Patch number 141710-03 File : solaris9_x86_141710.nasl - Type : ACT_GATHER_INFO |
| 2009-01-19 | Name : The remote host is missing Sun Security Patch number 128640-30 File : solaris9_128640.nasl - Type : ACT_GATHER_INFO |
| 2009-01-19 | Name : The remote host is missing Sun Security Patch number 128641-30 File : solaris9_x86_128641.nasl - Type : ACT_GATHER_INFO |
| 2009-01-19 | Name : The remote host is missing Sun Security Patch number 128641-30 File : solaris10_x86_128641.nasl - Type : ACT_GATHER_INFO |
| 2009-01-19 | Name : The remote host is missing Sun Security Patch number 128640-30 File : solaris10_128640.nasl - Type : ACT_GATHER_INFO |
| 2007-10-12 | Name : The remote host is missing Sun Security Patch number 125136-97 File : solaris9_125136.nasl - Type : ACT_GATHER_INFO |
| 2007-10-12 | Name : The remote host is missing Sun Security Patch number 125136-97 File : solaris8_125136.nasl - Type : ACT_GATHER_INFO |
| 2007-10-12 | Name : The remote host is missing Sun Security Patch number 125136-97 File : solaris10_125136.nasl - Type : ACT_GATHER_INFO |
