Executive Summary
Summary | |
---|---|
Title | Microsoft Updates for Multiple Vulnerabilities |
Informations | |||
---|---|---|---|
Name | TA10-285A | First vendor Publication | 2010-10-12 |
Vendor | US-CERT | Last vendor Modification | 2010-10-12 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
There are multiple vulnerabilities in Microsoft Windows, Microsoft Office, and Internet Explorer. Microsoft has released updates to address these vulnerabilities. I. Description The Microsoft Security Bulletin Summary for October 2010 describes multiple vulnerabilities in Microsoft Windows, Microsoft Office, and Internet Explorer. Microsoft has released updates to address the vulnerabilities. II. Impact A remote, unauthenticated attacker could execute arbitrary code or cause a vulnerable system or application to crash. III. Solution Apply updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for October 2010. That bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). |
Original Source
Url : http://www.us-cert.gov/cas/techalerts/TA10-285A.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
34 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
30 % | CWE-20 | Improper Input Validation |
7 % | CWE-399 | Resource Management Errors |
7 % | CWE-264 | Permissions, Privileges, and Access Controls |
7 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
5 % | CWE-200 | Information Exposure |
5 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
5 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
2 % | CWE-416 | Use After Free |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12085 | |||
Oval ID: | oval:org.mitre.oval:def:12085 | ||
Title: | Win32k Window Class Vulnerability | ||
Description: | The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly manage a window class, which allows local users to gain privileges by creating a window, then using (1) the SetWindowLongPtr function to modify the popup menu structure, or (2) the SwitchWndProc function with a switch window information pointer, which is not re-initialized when a WM_NCCREATE message is processed, aka "Win32k Window Class Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2744 | Version: | 10 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12215 | |||
Oval ID: | oval:org.mitre.oval:def:12215 | ||
Title: | Win32k Reference Count Vulnerability | ||
Description: | Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2 and Server 2008 Gold and SP2 allows local users to gain privileges or cause a denial of service (system crash) by using a large number of calls to the NtUserCheckAccessForIntegrityLevel function to trigger a failure in the LockProcessByClientId function, leading to deletion of an in-use process object, aka "Win32k Reference Count Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2549 | Version: | 7 |
Platform(s): | Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6653 | |||
Oval ID: | oval:org.mitre.oval:def:6653 | ||
Title: | Windows Media Player Memory Corruption Vulnerability | ||
Description: | Microsoft Windows Media Player (WMP) 9 through 12 does not properly deallocate objects during a browser reload action, which allows user-assisted remote attackers to execute arbitrary code via crafted media content referenced in an HTML document, aka "Windows Media Player Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2745 | Version: | 13 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Windows Media Player |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6684 | |||
Oval ID: | oval:org.mitre.oval:def:6684 | ||
Title: | RTSP Use After Free Vulnerability | ||
Description: | Use-after-free vulnerability in the Media Player Network Sharing Service in Microsoft Windows Vista SP1 and SP2 and Windows 7 allows remote attackers to execute arbitrary code via a crafted Real Time Streaming Protocol (RTSP) packet, aka "RTSP Use After Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3225 | Version: | 3 |
Platform(s): | Microsoft Windows Vista Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6695 | |||
Oval ID: | oval:org.mitre.oval:def:6695 | ||
Title: | Word Pointer Vulnerability | ||
Description: | Double free vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via a Word document with crafted List Format Override (LFO) records, aka "Word Pointer Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3217 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Word 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6727 | |||
Oval ID: | oval:org.mitre.oval:def:6727 | ||
Title: | Merge Cell Record Pointer Vulnerability | ||
Description: | Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Merge Cell Record Pointer Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3237 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6737 | |||
Oval ID: | oval:org.mitre.oval:def:6737 | ||
Title: | Lotus 1-2-3 Workbook Parsing Vulnerability | ||
Description: | Microsoft Excel 2002 SP3 and 2003 SP3 does not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted .wk3 (aka Lotus 1-2-3 workbook) file, aka "Lotus 1-2-3 Workbook Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3233 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 Microsoft Excel 2003 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6738 | |||
Oval ID: | oval:org.mitre.oval:def:6738 | ||
Title: | Out-of-Bounds Memory Write in Parsing Vulnerability | ||
Description: | Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate binary file-format information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Out-of-Bounds Memory Write in Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3241 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6742 | |||
Oval ID: | oval:org.mitre.oval:def:6742 | ||
Title: | OpenType Font Validation Vulnerability | ||
Description: | The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 performs an incorrect integer calculation during font processing, which allows local users to gain privileges via a crafted application, aka "OpenType Font Validation Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2741 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6792 | |||
Oval ID: | oval:org.mitre.oval:def:6792 | ||
Title: | Word Parsing Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft Word 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3220 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Word 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6806 | |||
Oval ID: | oval:org.mitre.oval:def:6806 | ||
Title: | TLSv1 Denial of Service Vulnerability | ||
Description: | The Secure Channel (aka SChannel) security package in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when IIS 7.x is used, does not properly process client certificates during SSL and TLS handshakes, which allows remote attackers to cause a denial of service (LSASS outage and reboot) via a crafted packet, aka "TLSv1 Denial of Service Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3229 | Version: | 5 |
Platform(s): | Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6824 | |||
Oval ID: | oval:org.mitre.oval:def:6824 | ||
Title: | .NET Framework x64 JIT Compiler Vulnerability | ||
Description: | The JIT compiler in Microsoft .NET Framework 4.0 on 64-bit platforms does not properly perform optimizations, which allows remote attackers to execute arbitrary code via a crafted .NET application that triggers memory corruption, aka ".NET Framework x64 JIT Compiler Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3228 | Version: | 10 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft .NET Framework |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6832 | |||
Oval ID: | oval:org.mitre.oval:def:6832 | ||
Title: | Uninitialized Memory Corruption Vulnerability (CVE-2010-3331) | ||
Description: | Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory in certain circumstances involving use of Microsoft Word to read Word documents, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3331 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6872 | |||
Oval ID: | oval:org.mitre.oval:def:6872 | ||
Title: | Negative Future Function Vulnerability | ||
Description: | Microsoft Excel 2002 SP3 and 2003 SP3, and Office 2004 for Mac, does not properly validate binary file-format information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Negative Future Function Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3238 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 Microsoft Excel 2003 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6881 | |||
Oval ID: | oval:org.mitre.oval:def:6881 | ||
Title: | Embedded OpenType Font Integer Overflow Vulnerability | ||
Description: | Integer overflow in the Embedded OpenType (EOT) Font Engine in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to execute arbitrary code via a crafted table in an embedded font, aka "Embedded OpenType Font Integer Overflow Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1883 | Version: | 5 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6902 | |||
Oval ID: | oval:org.mitre.oval:def:6902 | ||
Title: | Ghost Record Type Parsing Vulnerability | ||
Description: | Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Ghost Record Type Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3242 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6928 | |||
Oval ID: | oval:org.mitre.oval:def:6928 | ||
Title: | Cross-Domain Information Disclosure Vulnerability | ||
Description: | Microsoft Internet Explorer 6 through 8 does not properly restrict script access to content from a different (1) domain or (2) zone, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Cross-Domain Information Disclosure Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3330 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6974 | |||
Oval ID: | oval:org.mitre.oval:def:6974 | ||
Title: | Word Return Value Vulnerability | ||
Description: | Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle unspecified return values during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word Return Value Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3215 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Word 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7010 | |||
Oval ID: | oval:org.mitre.oval:def:7010 | ||
Title: | Word Heap Overflow Vulnerability | ||
Description: | Heap-based buffer overflow in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via malformed records in a Word document, aka "Word Heap Overflow Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3218 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Word 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7019 | |||
Oval ID: | oval:org.mitre.oval:def:7019 | ||
Title: | Word Index Parsing Vulnerability | ||
Description: | Array index vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Index Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3219 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Word 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7028 | |||
Oval ID: | oval:org.mitre.oval:def:7028 | ||
Title: | Formula Biff Record Vulnerability | ||
Description: | Microsoft Excel 2002 SP3 does not properly validate formula information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Formula Biff Record Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3235 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7032 | |||
Oval ID: | oval:org.mitre.oval:def:7032 | ||
Title: | Word Parsing Vulnerability | ||
Description: | Microsoft Word 2002 SP3 and 2003 SP3, Office 2004 for Mac, and Word Viewer do not properly handle a malformed record during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3221 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Word 2002 Microsoft Word 2003 Microsoft Office Word Viewer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7042 | |||
Oval ID: | oval:org.mitre.oval:def:7042 | ||
Title: | Excel Record Parsing Integer Overflow Vulnerability | ||
Description: | Integer overflow in Microsoft Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel document with crafted record information, aka "Excel Record Parsing Integer Overflow Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3230 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7059 | |||
Oval ID: | oval:org.mitre.oval:def:7059 | ||
Title: | Uninitialized Memory Corruption Vulnerability (CVE-2010-3328) | ||
Description: | Use-after-free vulnerability in the CAttrArray::PrivateFind function in mshtml.dll in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code by setting an unspecified property of a stylesheet object, aka "Uninitialized Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3328 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7121 | |||
Oval ID: | oval:org.mitre.oval:def:7121 | ||
Title: | Word Uninitialized Pointer Vulnerability | ||
Description: | Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle an uninitialized pointer during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word Uninitialized Pointer Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2747 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Word 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7175 | |||
Oval ID: | oval:org.mitre.oval:def:7175 | ||
Title: | LPC Message Buffer Overrun Vulnerability | ||
Description: | Stack-based buffer overflow in the Remote Procedure Call Subsystem (RPCSS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted LPC message that requests an LRPC connection from an LPC server to a client, aka "LPC Message Buffer Overrun Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3222 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7196 | |||
Oval ID: | oval:org.mitre.oval:def:7196 | ||
Title: | Real Time Data Array Record Vulnerability | ||
Description: | Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Real Time Data Array Record Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3240 | Version: | 12 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 Microsoft Excel 2007 Microsoft Office Excel Viewer Microsoft Office Compatibility Pack |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7207 | |||
Oval ID: | oval:org.mitre.oval:def:7207 | ||
Title: | Uninitialized Memory Corruption Vulnerability | ||
Description: | Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3326 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer 6 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7209 | |||
Oval ID: | oval:org.mitre.oval:def:7209 | ||
Title: | Out Of Bounds Array Vulnerability | ||
Description: | Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Out Of Bounds Array Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3236 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 Microsoft Excel 2003 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7258 | |||
Oval ID: | oval:org.mitre.oval:def:7258 | ||
Title: | OpenType Font Parsing Vulnerability | ||
Description: | The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly perform memory allocation during font parsing, which allows local users to gain privileges via a crafted application, aka "OpenType Font Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2740 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7272 | |||
Oval ID: | oval:org.mitre.oval:def:7272 | ||
Title: | Comctl32 Heap Overflow Vulnerability | ||
Description: | Heap-based buffer overflow in Comctl32.dll (aka the common control library) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when a third-party SVG viewer is used, allows remote attackers to execute arbitrary code via a crafted HTML document that triggers unspecified messages from this viewer, aka "Comctl32 Heap Overflow Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2746 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7275 | |||
Oval ID: | oval:org.mitre.oval:def:7275 | ||
Title: | HTML Sanitization Vulnerability | ||
Description: | Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "HTML Sanitization Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3243 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Office SharePoint Server 2007 Microsoft Windows SharePoint Services 3.0 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7286 | |||
Oval ID: | oval:org.mitre.oval:def:7286 | ||
Title: | COM Validation Vulnerability | ||
Description: | Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; Microsoft Office XP SP3; Office 2003 SP3; and Office System 2007 SP1 and SP2 do not properly validate COM objects during instantiation, which allows remote attackers to execute arbitrary code via a crafted file, aka "COM Validation Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1263 | Version: | 26 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Office XP Microsoft Excel 2003 Microsoft PowerPoint 2003 Microsoft Publisher 2003 Microsoft Visio 2003 Microsoft Word 2003 Microsoft Excel 2007 Microsoft PowerPoint 2007 Microsoft Publisher 2007 Microsoft Visio 2007 Microsoft Word 2007 Microsoft Wordpad |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7297 | |||
Oval ID: | oval:org.mitre.oval:def:7297 | ||
Title: | HTML Sanitization Vulnerability (CVE-2010-3324) | ||
Description: | The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, allows remote attackers to bypass the cross-site scripting (XSS) protection mechanism and conduct XSS attacks via a crafted use of the Cascading Style Sheets (CSS) @import rule, aka "HTML Sanitization Vulnerability," a different vulnerability than CVE-2010-1257. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3324 | Version: | 13 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 8 Microsoft Windows SharePoint Services 3.0 Microsoft Office SharePoint Server 2007 Microsoft Office SharePoint Foundation 2010 Microsoft Groove Server 2010 Microsoft Office Web Apps |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7322 | |||
Oval ID: | oval:org.mitre.oval:def:7322 | ||
Title: | Word Stack Overflow Vulnerability | ||
Description: | Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; Word Viewer; Office Web Apps; and Word Web App allows remote attackers to execute arbitrary code via a crafted Word document, aka "Word Stack Overflow Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3214 | Version: | 13 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Word 2002 Microsoft Word 2003 Microsoft Word 2007 Microsoft Word 2010 Microsoft Office Word Viewer Microsoft Office Compatibility Pack |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7375 | |||
Oval ID: | oval:org.mitre.oval:def:7375 | ||
Title: | Word Boundary Check Vulnerability | ||
Description: | Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly check an unspecified boundary during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word Boundary Check Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2748 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Word 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7410 | |||
Oval ID: | oval:org.mitre.oval:def:7410 | ||
Title: | CSS Special Character Information Disclosure Vulnerability | ||
Description: | Microsoft Internet Explorer 6 through 8 does not properly handle unspecified special characters in Cascading Style Sheets (CSS) documents, which allows remote attackers to obtain sensitive information from a different (1) domain or (2) zone via a crafted web site, aka "CSS Special Character Information Disclosure Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3325 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7475 | |||
Oval ID: | oval:org.mitre.oval:def:7475 | ||
Title: | Excel Record Parsing Memory Corruption Vulnerability | ||
Description: | Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Excel Record Parsing Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3231 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7482 | |||
Oval ID: | oval:org.mitre.oval:def:7482 | ||
Title: | Uninitialized Memory Corruption Vulnerability (CVE-2010-3329) | ||
Description: | mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code via a crafted Microsoft Office document that causes the HtmlDlgHelper class destructor to access uninitialized memory, aka "Uninitialized Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3329 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7514 | |||
Oval ID: | oval:org.mitre.oval:def:7514 | ||
Title: | Win32k Keyboard Layout Vulnerability | ||
Description: | The kernel-mode drivers in Microsoft Windows XP SP3 do not properly perform indexing of a function-pointer table during the loading of keyboard layouts from disk, which allows local users to gain privileges via a crafted application, as demonstrated in the wild in July 2010 by the Stuxnet worm, aka "Win32k Keyboard Layout Vulnerability." NOTE: this might be a duplicate of CVE-2010-3888 or CVE-2010-3889. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2743 | Version: | 10 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7529 | |||
Oval ID: | oval:org.mitre.oval:def:7529 | ||
Title: | Word Bookmarks Vulnerability | ||
Description: | Microsoft Word 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a crafted Word document containing bookmarks that trigger use of an invalid pointer and memory corruption, aka "Word Bookmarks Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3216 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Word 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7555 | |||
Oval ID: | oval:org.mitre.oval:def:7555 | ||
Title: | Formula Substream Memory Corruption Vulnerability | ||
Description: | Microsoft Excel 2002 SP3 does not properly validate formula information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Formula Substream Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3234 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7575 | |||
Oval ID: | oval:org.mitre.oval:def:7575 | ||
Title: | Excel File Format Parsing Vulnerability | ||
Description: | Microsoft Excel 2003 SP3 and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Excel File Format Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3232 | Version: | 12 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2003 Microsoft Excel 2007 Microsoft Office Excel Viewer Microsoft Office Compatibility Pack |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7582 | |||
Oval ID: | oval:org.mitre.oval:def:7582 | ||
Title: | Word Index Vulnerability | ||
Description: | Array index error in Microsoft Word 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Index Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2750 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Word 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7616 | |||
Oval ID: | oval:org.mitre.oval:def:7616 | ||
Title: | Extra Out of Boundary Record Parsing Vulnerability | ||
Description: | Microsoft Excel 2002 SP3 does not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Extra Out of Boundary Record Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3239 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7637 | |||
Oval ID: | oval:org.mitre.oval:def:7637 | ||
Title: | HTML Sanitization Vulnerability (CVE-2010-3243) | ||
Description: | Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "HTML Sanitization Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3243 | Version: | 12 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 8 Microsoft Office SharePoint Server 2007 Microsoft Windows SharePoint Services 3.0 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 4 | |
Application | 1 | |
Application | 1 | |
Application | 3 | |
Application | 6 | |
Application | 1 | |
Application | 1 | |
Application | 1 | |
Application | 1 | |
Application | 3 | |
Application | 2 | |
Application | 1 | |
Application | 4 | |
Application | 5 | |
Application | 1 | |
Application | 1 | |
Os | 2 | |
Os | 2 | |
Os | 1 | |
Os |
| 11 |
Os | 4 | |
Os | 2 |
ExploitDB Exploits
id | Description |
---|---|
2011-01-13 | MS10-073: Win32k Keyboard Layout Vulnerability |
2010-10-16 | Microsoft Office HtmlDlgHelper Class Memory Corruption |
OpenVAS Exploits
Date | Description |
---|---|
2011-09-22 | Name : Microsoft SharePoint SafeHTML Information Disclosure Vulnerabilities (2412048) File : nvt/secpod_ms10-072.nasl |
2010-10-13 | Name : Microsoft Internet Explorer Multiple Vulnerabilities (2360131) File : nvt/secpod_ms10-071.nasl |
2010-10-13 | Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (981957) File : nvt/secpod_ms10-073.nasl |
2010-10-13 | Name : Microsoft Windows Media Player Network Sharing Remote Code Execution Vulnerab... File : nvt/secpod_ms10-075.nasl |
2010-10-13 | Name : Embedded OpenType Font Engine Remote Code Execution Vulnerability (982132) File : nvt/secpod_ms10-076.nasl |
2010-10-13 | Name : OpenType Font (OTF) Format Driver Privilege Elevation Vulnerabilities (2279986) File : nvt/secpod_ms10-078.nasl |
2010-10-13 | Name : Microsoft Office Word Remote Code Execution Vulnerabilities (2293194) File : nvt/secpod_ms10-079.nasl |
2010-10-13 | Name : Microsoft Office Excel Remote Code Execution Vulnerabilities (2293211) File : nvt/secpod_ms10-080.nasl |
2010-10-13 | Name : Windows Common Control Library Remote Code Execution Vulnerability (2296011) File : nvt/secpod_ms10-081.nasl |
2010-10-13 | Name : Microsoft Windows Media Player Remote Code Execution Vulnerability (2378111)) File : nvt/secpod_ms10-082.nasl |
2010-10-13 | Name : Microsoft Windows Shell and WordPad COM Validation Vulnerability (2405882) File : nvt/secpod_ms10-083.nasl |
2010-10-13 | Name : Windows Local Procedure Call Privilege Elevation Vulnerability (2360937) File : nvt/secpod_ms10-084.nasl |
2010-10-13 | Name : Microsoft Windows SChannel Denial of Service Vulnerability (2207566) File : nvt/secpod_ms10-085.nasl |
2010-09-23 | Name : Microsoft Internet Explorer 'toStaticHTML()' Cross Site Scripting Vulnerability File : nvt/secpod_ms_ie_static_html_xss_vuln.nasl |
2010-06-09 | Name : Microsoft Office COM Validation Remote Code Execution Vulnerability (983235) File : nvt/secpod_ms10-036.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
68586 | Microsoft Windows LRPC Server LPC Message Handling Local Privilege Escalation Microsoft Windows is prone to an overflow condition. The Remote Procedure Call Subsystem fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted crafted LPC message, a local authenticated attacker can potentially gain elevated privileges. |
68584 | Microsoft Office Word Uninitialized Pointer Handling Remote Code Execution A memory corruption flaw exists in Microsoft Word. The program fails to sanitize user-supplied input when handling an uninitialized pointer during parsing of a Word document, resulting in memory corruption. With a specially crafted Word document, a context-dependent attacker can execute arbitrary code. |
68583 | Microsoft Office Word Unspecified Boundary Check Remote Code Execution A memory corruption flaw exists in Microsoft Word. The program fails to check an unspecified boundary while parsing Word documents, resulting in memory corruption. With a specially crafted Word document, a context-dependent attacker can execute arbitrary code. |
68582 | Microsoft Office Word Array Index Value Handling Unspecified Remote Code Exec... A memory corruption flaw exists in Microsoft Word. The program suffers from an array indexing error when handling certain values in a Word document, resulting in memory corruption. With a specially crafted Word document, a context-dependent attacker can execute arbitrary code. |
68581 | Microsoft Office Word File Unspecified Structure Handling Stack Overflow Microsoft Word is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted Word document, a context-dependent attacker can potentially execute arbitrary code. |
68580 | Microsoft Office Word Return Value Handling Unspecified Remote Code Execution A memory corruption flaw exists in Microsoft Word. The program fails to sanitize user-supplied input when handling unspecified return values during parsing of a Word document, resulting in memory corruption. With a specially crafted Word document, a context-dependent attacker can execute arbitrary code. |
68579 | Microsoft Office Word Bookmark Handling Invalid Pointer Remote Code Execution A memory corruption flaw exists in Microsoft Word. The program fails to sanitize user-supplied input when it encounters an invalid pointer when processing bookmarks in a Word document, resulting in memory corruption. With a specially crafted Word document, a context-dependent attacker can execute arbitrary code. |
68578 | Microsoft Office Word Pointer LFO Parsing Double-free Remote Code Execution A memory corruption flaw exists in Microsoft Word. The program suffers from an error due to the use of an invalid pointer while processing certain structures in Word documents, resulting in memory corruption. With a specially crafted Word document with crafted List Format Override records, a context-dependent attacker can execute arbitrary code. |
68577 | Microsoft Office Word Malformed Record Handling Remote Heap Overflow Microsoft Word is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted Word document containing malformed records, a context-dependent attacker can potentially execute arbitrary code. |
68576 | Microsoft Office Word BKF Object Parsing Array Indexing Remote Code Execution A memory corruption flaw exists in Microsoft Word. The program suffers from an an array indexing error when processing BKF objects, resulting in memory corruption. With a specially crafted Word document, a context-dependent attacker can execute arbitrary code. |
68575 | Microsoft Office Word File LVL Structure Parsing Remote Code Execution A memory corruption flaw exists in Microsoft Word. The program fails to sanitize user-supplied input when when processing LVL structures, resulting in memory corruption. With a specially crafted Word document, a context-dependent attacker can execute arbitrary code. |
68574 | Microsoft Office Word File Record Parsing Unspecified Memory Corruption A memory corruption flaw exists in Microsoft Word. The program fails to sanitize user-supplied input when handling a malformed record while parsing a Word document, resulting in memory corruption. With a specially crafted Word document, a context-dependent attacker can execute arbitrary code. |
68573 | Microsoft Office Excel File Unspecified Record Parsing Remote Integer Overflow Microsoft Office Excel is prone to an overflow condition. The program suffers from a sign-extension error and integer overflow error which may be further exploited to cause a heap-based buffer overflow. With a specially crafted Excel file with crafted record information, a context-dependent attacker can potentially execute arbitrary code. |
68572 | Microsoft Office Excel Formula Record Parsing Memory Corruption (2010-3231) A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when parsing Formula records, which may be exploited to cause an out-of-bounds memory write, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code. |
68571 | Microsoft Office Excel File Format Parsing Remote Code Execution A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when validating record information with certain format parsing, which may be exploited to cause an out-of-bounds memory write, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code. |
68570 | Microsoft Office Excel Lotus 1-2-3 Workbook Parsing Remote Overflow Microsoft Office Excel is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted Lotus 1-2-3 (.wk3) file with an overly long crafted record, a context-dependent attacker can potentially execute arbitrary code. |
68569 | Microsoft Office Excel Formula Substream Record Parsing Memory Corruption A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when parsing Formula Substream records, which may be exploited to cause an out-of-bounds memory write, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code. |
68568 | Microsoft Office Excel Formula Biff Record Parsing Remote Code Execution A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when validating formula information with a dangling pointer, which may be exploited to cause an out-of-bounds memory write, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code. |
68567 | Microsoft Office Excel Out Of Bounds Array Handling Remote Code Execution A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when validating record information, which may be exploited to cause an out-of-bounds memory write, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code. |
68566 | Microsoft Office Excel Merge Cell Record Pointer Handling Remote Code Execution A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when validating record information, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code. |
68565 | Microsoft Office Excel Negative Future Function Parsing Remote Code Execution A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when validating binary file-format information, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code. |
68564 | Microsoft Office Excel PtgExtraArray Structure Parsing Remote Code Execution A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when processing Extra Out of Boundary records, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code. |
68563 | Microsoft Office Excel RealTimeData Record Array Parsing Remote Code Execution A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when validating record information, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code. |
68562 | Microsoft Office Excel Out-of-Bounds Memory Write in Parsing Memory Corruption A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when validating binary file-format information, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code. |
68561 | Microsoft Office Excel Ghost Record Type Parsing Remote Code Execution Microsoft Office Excel contains a flaw that may allow a context-dependent attacker to execute arbitrary commands or code. The issue is due to missing input validation in a conversion routine when parsing a certain record type and can be exploited to corrupt memory outside the bounds of an allocated heap buffer via an overly large range specified by two record fields in a crafted Excel document, which may allow the attacker to execute arbitrary code. |
68560 | Microsoft Windows SChannel TLSv1 Crafted Client Certificate Request DoS Microsoft Windows contains a flaw that may allow denial of service. The issue is caused due to the Secure Channel (SChannel) security package failing to check a logical condition when parsing client certificates. This can be exploited to cause the LSASS service to stop responding and restart the system via a specially crafted client certificate request to an affected IIS server hosting a SSL-enabled web site |
68559 | Microsoft Windows OpenType Font Parsing Unspecified Remote Code Execution Microsoft Windows contains a flaw that may allow a remote attacker to execute arbitrary commands or code. An error in the parsing of OTF (OpenType Font) files can be exploited by loading a properly formatted font and then reload it with specially crafted offset and length fields for the head table of the font. This flaw may allow execution of arbitrary code with kernel privileges. |
68558 | Microsoft Windows OpenType Malformed Font Validation Remote Code Execution Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue exists in the way that the Windows OpenType Font (OTF) format driver improperly parses specially crafted OpenType fonts, and can result in arbitrary code execution on kernel mode. |
68557 | Microsoft Windows Media Player Reload Operation Object Deallocation Memory Co... A memory corruption flaw exists in Windows Media Player. The flaw is caused due to an error in wmp.dll when deallocating objects during a reload operation and can be exploited to corrupt memory by tricking a user into visiting a specially crafted web page. It allows execution of arbitrary code, but requires that a user clicks through one or more pop-up dialog boxes |
68556 | Microsoft .NET Framework x64 JIT Compiler Unprivileged Application Remote Cod... Microsoft .NET Framework contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to an unspecified error in the JIT compiler while optimizing code, which can be exploited to corrupt memory when a user visits a web page hosting a specially crafted XBAP (XAML browser application). |
68553 | Microsoft Windows t2embed.dll Embedded OpenType Font Parsing hdmx Record Pars... Microsoft Windows contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is caused due to an integer overflow error within t2embed.dll when parsing hdmx records in an Embedded OpenType (EOT) font file and can be exploited to corrupt memory by e.g. tricking a user into visiting a web site containing a specially crafted file. |
68552 | Microsoft Windows win32k.sys Driver Keyboard Layout Loading Local Privilege E... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The kernel-mode drivers fail to properly perform indexing of a function-pointer table when loading specific keyboard layouts, which may allow a local authenticated attacker to gain elevated privileges. |
68551 | Microsoft Windows win32k.sys Driver Window Class Data Validation Local Privil... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the kernel-mode drivers fail to properly manage a window class, allowing a local attacker to gain elevated privileges by creating a window and using 'SetWindowLongPtr' and 'SwitchWndProc' functions to manipulate certain data. |
68550 | Microsoft Windows Media Player Network Sharing Service RTSP Use-after-free Re... Microsoft Windows Media Player contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is caused due to a use-after-free error in the Network Sharing Service (wmpnetwk.exe) and can be exploited via a specially crafted Real Time Streaming Protocol (RTSP) packet. It allows execution of arbitrary code, but requires the Network Sharing Service is enabled. |
68549 | Microsoft Windows Common Control Library (comctl32.dll) Third-party SVG Conte... Microsoft Windows is prone to an overflow condition. The common control library, Comctl32.dll, fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted HTML document, a context-dependent attacker can potentially execute arbitrary code. |
68548 | Microsoft IE / SharePoint Unspecified XSS Microsoft SharePoint Server and Groove server contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the application does not properly sanitise HTML code using SafeHTML. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed |
68547 | Microsoft IE CSS Special Character Processing Unspecified Information Disclosure Microsoft IE contains a flaw that may lead to an unauthorized information disclosure. Â The issue is exists in the way that Internet Explorer processes CSS special characters. It can view content from another domain or Internet Explorer zone. |
68546 | Microsoft IE Object Handling Unspecified Memory Corruption (2010-3326) Microsoft IE contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. It can take complete control of an affected system. |
68543 | Microsoft IE HtmlDlgHelper Class Object Handling Memory Corruption Microsoft IE contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to Internet Explorer accesses an object that has not been correctly initialized or has been deleted when a document in an HTML format is opened in Microsoft Word. An attacker could exploit the vulnerability by convincing the user to open a malicious Word document. When a user closes the document, it could allow remote code execution. |
68542 | Microsoft IE CSS imports() Cross-domain Information Disclosure Microsoft IE contains a flaw that may lead to an unauthorized information disclosure. Â The issue could allow script to gain access to information in another domain or Internet Explorer zone. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could allow information disclosure if a user viewed the Web page. An attacker who successfully exploited this vulnerability could view content from another domain or Internet Explorer zone. |
68541 | Microsoft IE mshtml.dll CAttrArray::PrivateFind Function Object Handling Memo... Microsoft IE contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the way Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, it could allow remote code execution. |
68540 | Microsoft IE mshtml.dll Object Handling Uninitialized Memory Corruption (2010... Microsoft IE contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the way Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by convincing a user to view a specially crafted Word document. When a user closes the Word document, it could allow remote code execution |
68123 | Microsoft IE / SharePoint toStaticHTML Function Crafted CSS @import Rule XSS ... Microsoft SharePoint contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the application does not properly sanitise HTML code using SafeHTML. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. |
66003 | Microsoft Windows win32k.sys NtUserCheckAccessForIntegrityLevel Use-After-Fre... Microsoft Windows contains a use-after-freeflaw that may allow a local attacker to gain access to unauthorized privileges. The issue is triggered when an attacker uses call saturation to the 'NtUserCheckAccessForIntegrityLevel' function to cause a failure in the 'LockProcessByClientId' function, allowing a local attacker to gain elevated privileges. |
65219 | Microsoft Windows / Office COM Object Instantiation Validation Remote Code Ex... Microsoft Windows and Office fail to properly validate COM objects during instantiation. This may allow a context-dependent attacker to use a crafted file to execute arbitrary code. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2010-10-14 | IAVM : 2010-A-0145 - Multiple Vulnerabilities in Microsoft Office Word Severity : Category II - VMSKEY : V0025510 |
2010-10-14 | IAVM : 2010-A-0140 - Microsoft Windows Media Player Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0025516 |
2010-10-14 | IAVM : 2010-A-0141 - Microsoft Windows Media Player Network Sharing Service Remote Code Execution ... Severity : Category II - VMSKEY : V0025520 |
2010-10-14 | IAVM : 2010-A-0135 - Microsoft Windows Embedded OpenType Font Engine Vulnerability Severity : Category I - VMSKEY : V0025528 |
2010-10-14 | IAVM : 2010-A-0134 - Microsoft Windows COM Validation Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0025530 |
2010-10-14 | IAVM : 2010-B-0090 - Microsoft Windows Common Control Library Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0025534 |
Snort® IPS/IDS
Date | Description |
---|---|
2020-09-19 | Microsoft Windows Media Player Firefox plugin memory corruption attempt RuleID : 54833 - Revision : 1 - Type : FILE-MULTIMEDIA |
2018-02-22 | toStaticHTML CSS import XSS exploit attempt RuleID : 45514 - Revision : 1 - Type : BROWSER-IE |
2017-07-11 | Microsoft Internet Explorer CStyleSheetRule array memory corruption attempt RuleID : 43134 - Revision : 1 - Type : BROWSER-IE |
2016-07-26 | Microsoft Office Excel RealTimeData record exploit attempt RuleID : 39347 - Revision : 2 - Type : FILE-OFFICE |
2016-07-26 | Microsoft Office Excel RealTimeData record exploit attempt RuleID : 39346 - Revision : 2 - Type : FILE-OFFICE |
2016-07-08 | Microsoft Office Excel RealTimeData record exploit attempt RuleID : 39158 - Revision : 1 - Type : FILE-OFFICE |
2016-07-08 | Microsoft Office Excel RealTimeData record exploit attempt RuleID : 39157 - Revision : 3 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office Excel CrErr record integer overflow attempt RuleID : 37246 - Revision : 1 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Internet Explorer Scriptlet Component ActiveX clsid access RuleID : 36772 - Revision : 2 - Type : BROWSER-PLUGINS |
2015-03-17 | Microsoft Windows Comctl32.dll third-party SVG viewer heap overflow attempt RuleID : 33479 - Revision : 2 - Type : OS-WINDOWS |
2014-11-16 | Microsoft Office Excel PtgName invalid index exploit attempt RuleID : 31476 - Revision : 3 - Type : FILE-OFFICE |
2014-11-16 | Microsoft Office Excel PtgName invalid index exploit attempt RuleID : 31475 - Revision : 3 - Type : FILE-OFFICE |
2014-11-16 | Microsoft Office Excel PtgName invalid index exploit attempt RuleID : 31474 - Revision : 3 - Type : FILE-OFFICE |
2014-11-16 | Microsoft Office Excel PtgName invalid index exploit attempt RuleID : 31473 - Revision : 3 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Word unchecked index value remote code execution attempt RuleID : 25768 - Revision : 4 - Type : FILE-OFFICE |
2014-01-10 | Microsoft HtmlDlgHelper ActiveX clsid access RuleID : 23555 - Revision : 7 - Type : FILE-OFFICE |
2014-01-10 | OpenType Font file integer overflow attempt RuleID : 23155 - Revision : 5 - Type : FILE-OTHER |
2014-01-10 | OpenType Font file integer overflow attempt RuleID : 23154 - Revision : 5 - Type : FILE-OTHER |
2014-01-10 | OpenType Font file integer overflow attempt RuleID : 23153 - Revision : 5 - Type : FILE-OTHER |
2014-01-10 | OpenType Font file integer overflow attempt RuleID : 23152 - Revision : 8 - Type : FILE-OTHER |
2014-01-10 | Microsoft Office Excel MergeCells record parsing code execution attempt RuleID : 21415 - Revision : 10 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel MergeCells record parsing code execution attempt RuleID : 21414 - Revision : 7 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel MergeCells record parsing code execution attempt RuleID : 20130 - Revision : 6 - Type : SPECIFIC-THREATS |
2014-01-10 | Microsoft Internet Explorer CStyleSheetRule array memory corruption attempt RuleID : 19436 - Revision : 14 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer Cross-Domain information disclosure attempt RuleID : 19411 - Revision : 9 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer and SharePoint toStaticHTML information disclosur... RuleID : 19322 - Revision : 10 - Type : BROWSER-IE |
2014-01-10 | Microsoft Office Word sprmTDiagLine80 record parsing stack buffer overflow at... RuleID : 19317 - Revision : 12 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Windows embedded OpenType EOT font integer overflow attempt RuleID : 19308 - Revision : 16 - Type : FILE-OTHER |
2014-01-10 | Microsoft Office Excel PtgExtraArray parsing attempt RuleID : 19154 - Revision : 13 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Word malformed index code execution attempt RuleID : 19153 - Revision : 14 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel PtgExtraArray data parsing vulnerability exploit attempt RuleID : 19134 - Revision : 15 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel RealTimeData record exploit attempt RuleID : 18806 - Revision : 20 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel PtgName invalid index exploit attempt RuleID : 18538 - Revision : 15 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Windows Comctl32.dll third-party SVG viewer heap overflow attempt RuleID : 18297 - Revision : 16 - Type : OS-WINDOWS |
2014-01-10 | Microsoft .NET framework EntityObject execution attempt RuleID : 18064 - Revision : 8 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer 8 CSS XSRF exploit attempt RuleID : 17774 - Revision : 8 - Type : BROWSER-IE |
2014-01-10 | Microsoft Windows Media Player Firefox plugin memory corruption attempt RuleID : 17773 - Revision : 14 - Type : FILE-MULTIMEDIA |
2014-01-10 | Microsoft Internet Explorer Scriptlet Component ActiveX clsid access RuleID : 17772 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer cross-domain information disclosure attempt RuleID : 17771 - Revision : 12 - Type : BROWSER-IE |
2014-01-10 | Microsoft HtmlDlgHelper ActiveX clsid access RuleID : 17770 - Revision : 18 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Internet Explorer 8 CSS invalid mapping exploit attempt RuleID : 17769 - Revision : 13 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer 8 object event handler use after free exploit att... RuleID : 17768 - Revision : 15 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer 8 tostaticHTML CSS import vulnerability RuleID : 17767 - Revision : 15 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer 8 XSS in toStaticHTML API attempt RuleID : 17766 - Revision : 15 - Type : BROWSER-IE |
2014-01-10 | OpenType Font file parsing buffer overflow attempt RuleID : 17765 - Revision : 6 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Office Excel PtgName invalid index exploit attempt RuleID : 17764 - Revision : 19 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel GhostRw record exploit attempt RuleID : 17763 - Revision : 12 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Excel corrupted TABLE record clean up exploit attempt RuleID : 17762 - Revision : 12 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel RealTimeData record exploit attempt RuleID : 17760 - Revision : 18 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel invalid SerAr object exploit attempt RuleID : 17759 - Revision : 19 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel PtgExtraArray data parsing vulnerability exploit attempt RuleID : 17758 - Revision : 18 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel CrErr record integer overflow attempt RuleID : 17757 - Revision : 16 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Word XP PLFLSInTableStream heap overflow attempt RuleID : 17756 - Revision : 16 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Word unchecked index value remote code execution attempt RuleID : 17755 - Revision : 14 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Word bookmark bound check remote code execution attempt RuleID : 17754 - Revision : 13 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Windows Media Player network sharing service RTSP code execution at... RuleID : 17753 - Revision : 15 - Type : FILE-MULTIMEDIA |
2014-01-10 | OpenType Font file parsing denial of service attempt RuleID : 17752 - Revision : 11 - Type : FILE-OTHER |
2014-01-10 | Microsoft IIS 7.5 client verify null pointer attempt RuleID : 17750 - Revision : 15 - Type : SERVER-IIS |
2014-01-10 | Microsoft Internet Explorer compressed HDMX font processing integer overflow ... RuleID : 17747 - Revision : 16 - Type : BROWSER-IE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-10-20 | Name : An application installed on the remote Mac OS X host is affected by multiple ... File : macosx_ms_office_oct2010.nasl - Type : ACT_GATHER_INFO |
2010-10-18 | Name : The remote host is affected by multiple cross-site scripting vulnerabilities. File : safehtml_ms10_072.nasl - Type : ACT_GATHER_INFO |
2010-10-13 | Name : The remote Windows host has a denial of service vulnerability. File : smb_nt_ms10-085.nasl - Type : ACT_GATHER_INFO |
2010-10-13 | Name : Arbitrary code can be executed on the remote host through its LRPC facility. File : smb_nt_ms10-084.nasl - Type : ACT_GATHER_INFO |
2010-10-13 | Name : The remote windows host is affected by a remote code execution vulnerability. File : smb_nt_ms10-083.nasl - Type : ACT_GATHER_INFO |
2010-10-13 | Name : The remote Windows host has a media player that is affected by a code executi... File : smb_nt_ms10-082.nasl - Type : ACT_GATHER_INFO |
2010-10-13 | Name : A library on the remote Windows host has a buffer overflow vulnerability. File : smb_nt_ms10-081.nasl - Type : ACT_GATHER_INFO |
2010-10-13 | Name : Arbitrary code can be executed on the remote host through Microsoft Office Ex... File : smb_nt_ms10-080.nasl - Type : ACT_GATHER_INFO |
2010-10-13 | Name : Arbitrary code can be executed on the remote host through Microsoft Word. File : smb_nt_ms10-079.nasl - Type : ACT_GATHER_INFO |
2010-10-13 | Name : The remote Windows host contains a font driver that allows privilege escalation. File : smb_nt_ms10-078.nasl - Type : ACT_GATHER_INFO |
2010-10-13 | Name : The version of the .NET Framework installed on the remote host allows arbitra... File : smb_nt_ms10-077.nasl - Type : ACT_GATHER_INFO |
2010-10-13 | Name : It is possible to execute arbitrary code on the remote Windows host using the... File : smb_nt_ms10-076.nasl - Type : ACT_GATHER_INFO |
2010-10-13 | Name : It is possible to execute arbitrary code on the remote Windows host using the... File : smb_nt_ms10-075.nasl - Type : ACT_GATHER_INFO |
2010-10-13 | Name : The Windows kernel is affected by multiple vulnerabilities that could allow e... File : smb_nt_ms10-073.nasl - Type : ACT_GATHER_INFO |
2010-10-13 | Name : The remote host is affected by multiple cross-site scripting vulnerabilities. File : smb_nt_ms10-072.nasl - Type : ACT_GATHER_INFO |
2010-10-13 | Name : Arbitrary code can be executed on the remote host through a web browser. File : smb_nt_ms10-071.nasl - Type : ACT_GATHER_INFO |
2010-06-09 | Name : Arbitrary code can be executed on the remote host through opening a Microsoft... File : smb_nt_ms10-036.nasl - Type : ACT_GATHER_INFO |