Executive Summary

Summary
Title Microsoft Updates for Multiple Vulnerabilities
Informations
Name TA12-101A First vendor Publication 2012-04-10
Vendor US-CERT Last vendor Modification 2012-04-10
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

There are multiple vulnerabilities in Microsoft Windows, Internet Explorer, Microsoft .NET Framework, Microsoft Office, Microsoft Server Software, Microsoft SQL Server, Microsoft Developer Tools, and Microsoft Forefront United Access Gateway. Microsoft has released updates to address these vulnerabilities.

Description

The Microsoft Security Bulletin Summary for April 2012 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address the vulnerabilities.

Impact

A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system.

Solution

Apply updates

Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for April 2012, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates.

Original Source

Url : http://www.us-cert.gov/cas/techalerts/TA12-101A.html

CWE : Common Weakness Enumeration

% Id Name
56 % CWE-94 Failure to Control Generation of Code ('Code Injection')
22 % CWE-20 Improper Input Validation
11 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
11 % CWE-16 Configuration

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:15313
 
Oval ID: oval:org.mitre.oval:def:15313
Title: SelectAll Remote Code Execution Vulnerability
Description: Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "SelectAll Remote Code Execution Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-0171
Version: 7
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15462
 
Oval ID: oval:org.mitre.oval:def:15462
Title: MSCOMCTL.OCX RCE Vulnerability
Description: The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1; Commerce Server 2002 SP4, 2007 SP2, and 2009 Gold and R2; Visual FoxPro 8.0 SP1 and 9.0 SP2; and Visual Basic 6.0 Runtime allow remote attackers to execute arbitrary code via a crafted (a) web site, (b) Office document, or (c) .rtf file that triggers "system state" corruption, as exploited in the wild in April 2012, aka "MSCOMCTL.OCX RCE Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-0158
Version: 10
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s): Microsoft Office 2003
Microsoft Office 2003 Web Components
Microsoft Office 2007
Microsoft Office 2010
Microsoft SQL Server 2000 Analysis Services
Microsoft SQL Server 2000
Microsoft SQL Server 2005 Express Edition
Microsoft SQL Server 2005
Microsoft SQL Server 2008
Microsoft SQL Server 2008 R2
Microsoft BizTalk Server 2002
Microsoft Commerce Server 2002
Microsoft Commerce Server 2007
Microsoft Commerce Server 2009
Microsoft Commerce Server 2009 R2
Microsoft Visual FoxPro 8.0
Microsoft Visual FoxPro 9.0
Visual Basic 6.0 Runtime
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15495
 
Oval ID: oval:org.mitre.oval:def:15495
Title: .NET Framework Parameter Validation Vulnerability
Description: Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate function parameters, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka ".NET Framework Parameter Validation Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-0163
Version: 8
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s): Microsoft .NET Framework 1.0
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15550
 
Oval ID: oval:org.mitre.oval:def:15550
Title: VML Style Remote Code Execution Vulnerability
Description: Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Style Remote Code Execution Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-0172
Version: 7
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15557
 
Oval ID: oval:org.mitre.oval:def:15557
Title: Unfiltered Access to UAG Default Website Vulnerability
Description: Microsoft Forefront Unified Access Gateway (UAG) 2010 SP1 and SP1 Update 1 does not properly configure the default web site, which allows remote attackers to obtain sensitive information via a crafted HTTPS request, aka "Unfiltered Access to UAG Default Website Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-0147
Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s): Forefront Unified Access Gateway 2010
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15573
 
Oval ID: oval:org.mitre.oval:def:15573
Title: OnReadyStateChange Remote Code Execution Vulnerability
Description: Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnReadyStateChange Remote Code Execution Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-0170
Version: 7
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15594
 
Oval ID: oval:org.mitre.oval:def:15594
Title: WinVerifyTrust Signature Validation Vulnerability
Description: The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute arbitrary code via a modified file with additional content, aka "WinVerifyTrust Signature Validation Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-0151
Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15598
 
Oval ID: oval:org.mitre.oval:def:15598
Title: Office WPS Converter Heap Overflow Vulnerability
Description: Heap-based buffer overflow in the Office Works File Converter in Microsoft Office 2007 SP2, Works 9, and Works 6-9 File Converter allows remote attackers to execute arbitrary code via a crafted Works (aka .wps) file, aka "Office WPS Converter Heap Overflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-0177
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s): Microsoft Office 2007
Microsoft Works 9
Microsoft Works 6-9 Converter
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15611
 
Oval ID: oval:org.mitre.oval:def:15611
Title: JScript9 Remote Code Execution Vulnerability
Description: Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "JScript9 Remote Code Execution Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-0169
Version: 5
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s): Microsoft Internet Explorer 9
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 7
Application 1
Application 4
Application 2
Application 4
Application 5
Application 1
Application 15
Application 1
Application 2
Application 1
Application 1
Os 2
Os 1
Os 7
Os 2
Os 2

SAINT Exploits

Description Link
Microsoft Windows Common Controls MSCOMCTL.OCX Vulnerability More info here

OpenVAS Exploits

Date Description
2012-04-12 Name : MS Forefront Unified Access Gateway Information Disclosure Vulnerability (266...
File : nvt/secpod_ms12-026.nasl
2012-04-11 Name : Microsoft Internet Explorer Multiple Vulnerabilities (2675157)
File : nvt/secpod_ms12-023.nasl
2012-04-11 Name : Windows Authenticode Signature Remote Code Execution Vulnerability (2653956)
File : nvt/secpod_ms12-024.nasl
2012-04-11 Name : Microsoft .NET Framework Remote Code Execution Vulnerability (2671605)
File : nvt/secpod_ms12-025.nasl
2012-04-11 Name : Microsoft Windows Common Controls Remote Code Execution Vulnerability (2664258)
File : nvt/secpod_ms12-027.nasl
2012-04-11 Name : Microsoft Office Remote Code Execution Vulnerability (2639185)
File : nvt/secpod_ms12-028.nasl

Information Assurance Vulnerability Management (IAVM)

Date Description
2012-04-12 IAVM : 2012-A-0059 - Microsoft Windows Common Controls Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0031982
2012-04-12 IAVM : 2012-A-0060 - Microsoft Windows Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0031983
2012-04-12 IAVM : 2012-B-0041 - Microsoft Office Works File Convertor Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0031984
2012-04-12 IAVM : 2012-B-0042 - Multiple Vulnerabilities in Microsoft Forefront Unified Access Gateway (UAG)
Severity : Category II - VMSKEY : V0031985

Snort® IPS/IDS

Date Description
2017-09-19 RTF obfuscation string
RuleID : 43990 - Revision : 3 - Type : INDICATOR-OBFUSCATION
2017-09-19 newlines embedded in rtf header
RuleID : 43989 - Revision : 3 - Type : INDICATOR-OBFUSCATION
2016-03-25 Microsoft Internet Explorer vector graphics reference counting use-after-free...
RuleID : 37848 - Revision : 1 - Type : BROWSER-IE
2016-03-25 Microsoft Internet Explorer vector graphics reference counting use-after-free...
RuleID : 37847 - Revision : 1 - Type : BROWSER-IE
2015-09-29 Microsoft Internet Explorer iframe onreadystatechange handler use after free ...
RuleID : 35772 - Revision : 4 - Type : BROWSER-IE
2015-09-29 Microsoft Internet Explorer iframe onreadystatechange handler use after free ...
RuleID : 35771 - Revision : 4 - Type : BROWSER-IE
2015-09-24 Microsoft Internet Explorer iframe onreadystatechange handler use after free ...
RuleID : 35748 - Revision : 5 - Type : BROWSER-IE
2015-09-24 Microsoft Internet Explorer iframe onreadystatechange handler use after free ...
RuleID : 35747 - Revision : 5 - Type : BROWSER-IE
2015-01-20 Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt
RuleID : 32863 - Revision : 4 - Type : FILE-OFFICE
2015-01-20 Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt
RuleID : 32862 - Revision : 2 - Type : FILE-OFFICE
2015-01-20 Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt
RuleID : 32861 - Revision : 2 - Type : FILE-OFFICE
2015-01-20 Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt
RuleID : 32860 - Revision : 2 - Type : FILE-OFFICE
2015-01-20 Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt
RuleID : 32859 - Revision : 2 - Type : FILE-OFFICE
2015-01-20 Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt
RuleID : 32858 - Revision : 2 - Type : FILE-OFFICE
2015-01-20 Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt
RuleID : 32857 - Revision : 2 - Type : FILE-OFFICE
2015-01-06 Microsoft Works 9 and Word 12 converter heap overflow attempt
RuleID : 32644 - Revision : 2 - Type : FILE-OFFICE
2015-01-06 Microsoft Works 9 and Word 12 converter heap overflow attempt
RuleID : 32643 - Revision : 2 - Type : FILE-OFFICE
2014-11-16 Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt
RuleID : 31927 - Revision : 2 - Type : FILE-OFFICE
2014-11-16 Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt
RuleID : 31926 - Revision : 2 - Type : FILE-OFFICE
2014-11-16 Win.Trojan.Otupsys variant outbound connection
RuleID : 31716 - Revision : 2 - Type : MALWARE-CNC
2014-06-14 Shiqiang Gang malicious XLS targeted attack detection
RuleID : 30991 - Revision : 6 - Type : MALWARE-CNC
2014-06-14 Shiqiang Gang malicious XLS targeted attack detection
RuleID : 30990 - Revision : 5 - Type : MALWARE-CNC
2014-06-14 DNS request for known malware domain help.2012hi.hk
RuleID : 30989 - Revision : 3 - Type : BLACKLIST
2014-05-01 multiple binary tags in close proximity - potentially malicious
RuleID : 30328 - Revision : 3 - Type : INDICATOR-OBFUSCATION
2014-05-01 multiple binary tags in close proximity - potentially malicious
RuleID : 30327 - Revision : 3 - Type : INDICATOR-OBFUSCATION
2014-04-12 Microsoft Windows common controls stack buffer overflow via malicious toolbar...
RuleID : 30166 - Revision : 2 - Type : FILE-OFFICE
2014-04-12 Microsoft Windows common controls stack buffer overflow via malicious toolbar...
RuleID : 30165 - Revision : 2 - Type : FILE-OFFICE
2014-04-12 Microsoft Windows common controls stack buffer overflow via malicious MSComct...
RuleID : 30164 - Revision : 2 - Type : FILE-OFFICE
2014-04-12 Microsoft Windows common controls stack buffer overflow via malicious MSComct...
RuleID : 30163 - Revision : 2 - Type : FILE-OFFICE
2014-04-12 Microsoft Windows common controls stack buffer overflow via malicious MSComct...
RuleID : 30162 - Revision : 2 - Type : FILE-OFFICE
2014-04-12 Microsoft Windows common controls stack buffer overflow via malicious MSComct...
RuleID : 30161 - Revision : 2 - Type : FILE-OFFICE
2014-04-12 Microsoft Windows common controls stack buffer overflow via MIME HTML documen...
RuleID : 30160 - Revision : 2 - Type : FILE-OFFICE
2014-04-12 Microsoft Windows common controls stack buffer overflow via MIME HTML documen...
RuleID : 30159 - Revision : 2 - Type : FILE-OFFICE
2014-04-12 Microsoft Windows common controls stack buffer overflow via MIME HTML documen...
RuleID : 30158 - Revision : 2 - Type : FILE-OFFICE
2014-04-12 Microsoft Windows common controls stack buffer overflow via MIME HTML documen...
RuleID : 30157 - Revision : 2 - Type : FILE-OFFICE
2014-04-12 Microsoft Windows common controls stack buffer overflow via MIME HTML documen...
RuleID : 30156 - Revision : 2 - Type : FILE-OFFICE
2014-04-12 Microsoft Windows common controls stack buffer overflow via MIME HTML documen...
RuleID : 30155 - Revision : 2 - Type : FILE-OFFICE
2014-04-12 Microsoft Windows common controls stack buffer overflow via MIME HTML documen...
RuleID : 30154 - Revision : 2 - Type : FILE-OFFICE
2014-04-12 Microsoft Windows common controls stack buffer overflow via MIME HTML documen...
RuleID : 30153 - Revision : 2 - Type : FILE-OFFICE
2014-04-05 Win.Trojan.Zaleelq variant outbound connection
RuleID : 30037 - Revision : 3 - Type : MALWARE-CNC
2014-03-15 Microsoft Internet Explorer SelectAll dangling pointer use after free attempt
RuleID : 29797 - Revision : 3 - Type : BROWSER-IE
2014-03-15 Microsoft Internet Explorer SelectAll dangling pointer use after free attempt
RuleID : 29796 - Revision : 3 - Type : BROWSER-IE
2014-01-10 Win.Trojan.Terminator RAT variant outbound connection
RuleID : 28482 - Revision : 4 - Type : MALWARE-CNC
2014-01-10 DNS request for known malware domain catlovers.25u.com
RuleID : 28481 - Revision : 3 - Type : BLACKLIST
2014-01-10 DNS request for known malware domain liumingzhen.myftp.org
RuleID : 28480 - Revision : 3 - Type : BLACKLIST
2014-01-10 DNS request for known malware domain liumingzhen.zapto.org
RuleID : 28479 - Revision : 3 - Type : BLACKLIST
2014-01-10 Microsoft Internet Explorer iframe onreadystatechange handler use after free ...
RuleID : 28364 - Revision : 8 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer iframe onreadystatechange handler use after free ...
RuleID : 28363 - Revision : 8 - Type : BROWSER-IE
2014-01-10 Osx.Trojan.Janicab file download attempt
RuleID : 27549 - Revision : 3 - Type : MALWARE-OTHER
2014-01-10 Osx.Trojan.Janicab file download attempt
RuleID : 27548 - Revision : 3 - Type : MALWARE-OTHER
2014-01-10 Osx.Trojan.Janicab outbound connection
RuleID : 27547 - Revision : 4 - Type : MALWARE-CNC
2014-01-10 Osx.Trojan.Janicab outbound connection
RuleID : 27546 - Revision : 4 - Type : MALWARE-CNC
2014-01-10 Osx.Trojan.Janicab outbound connection
RuleID : 27545 - Revision : 4 - Type : MALWARE-CNC
2014-01-10 Osx.Trojan.Janicab runtime traffic detected
RuleID : 27544 - Revision : 3 - Type : MALWARE-CNC
2014-01-10 Microsoft Internet Explorer vector graphics reference counting use-after-free...
RuleID : 26584 - Revision : 7 - Type : BROWSER-IE
2014-01-10 Microsoft Windows Authenticode signature verification bypass attempt
RuleID : 25779 - Revision : 3 - Type : FILE-EXECUTABLE
2014-01-10 Microsoft Windows Authenticode signature verification bypass attempt
RuleID : 25357 - Revision : 8 - Type : FILE-EXECUTABLE
2014-01-10 Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt
RuleID : 23305 - Revision : 10 - Type : FILE-OFFICE
2014-01-10 Microsoft Internet Explorer iframe onreadystatechange handler use after free ...
RuleID : 23285 - Revision : 12 - Type : BROWSER-IE
2014-01-10 Microsoft Windows Authenticode signature verification bypass attempt
RuleID : 22942 - Revision : 9 - Type : FILE-EXECUTABLE
2014-01-10 Microsoft Windows .NET invalid parsing of graphics data attempt
RuleID : 22042 - Revision : 10 - Type : FILE-EXECUTABLE
2014-01-10 Microsoft Internet Explorer SelectAll dangling pointer use after free attempt
RuleID : 22038 - Revision : 8 - Type : BROWSER-IE
2014-01-10 Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt
RuleID : 21937 - Revision : 11 - Type : FILE-OFFICE
2014-01-10 Microsoft Works 9 and Word 12 converter heap overflow attempt
RuleID : 21935 - Revision : 9 - Type : FILE-OFFICE
2014-01-10 Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt
RuleID : 21906 - Revision : 12 - Type : FILE-OFFICE
2014-01-10 Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt
RuleID : 21905 - Revision : 12 - Type : FILE-OFFICE
2014-01-10 Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt
RuleID : 21904 - Revision : 12 - Type : FILE-OFFICE
2014-01-10 Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt
RuleID : 21903 - Revision : 12 - Type : FILE-OFFICE
2014-01-10 Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt
RuleID : 21902 - Revision : 13 - Type : FILE-OFFICE
2014-01-10 Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt
RuleID : 21901 - Revision : 7 - Type : FILE-OFFICE
2014-01-10 Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt
RuleID : 21900 - Revision : 7 - Type : FILE-OFFICE
2014-01-10 Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt
RuleID : 21899 - Revision : 7 - Type : FILE-OFFICE
2014-01-10 Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt
RuleID : 21898 - Revision : 7 - Type : FILE-OFFICE
2014-01-10 Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt
RuleID : 21897 - Revision : 7 - Type : FILE-OFFICE
2014-01-10 Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt
RuleID : 21896 - Revision : 7 - Type : FILE-OFFICE
2014-01-10 MSCOMCTL ActiveX control deserialization arbitrary code execution attempt
RuleID : 21801 - Revision : 9 - Type : FILE-OFFICE
2014-01-10 MSCOMCTL ActiveX control deserialization arbitrary code execution attempt
RuleID : 21800 - Revision : 9 - Type : FILE-OFFICE
2014-01-10 MSCOMCTL ActiveX control deserialization arbitrary code execution attempt
RuleID : 21799 - Revision : 9 - Type : FILE-OFFICE
2014-01-10 MSCOMCTL ActiveX control deserialization arbitrary code execution attempt
RuleID : 21798 - Revision : 9 - Type : FILE-OFFICE
2014-01-10 MSCOMCTL ActiveX control deserialization arbitrary code execution attempt
RuleID : 21797 - Revision : 9 - Type : FILE-OFFICE
2014-01-10 Microsoft Internet Explorer iframe onreadystatechange handler use after free ...
RuleID : 21796 - Revision : 14 - Type : BROWSER-IE
2014-01-10 Microsoft Windows Authenticode signature verification bypass attempt
RuleID : 21795 - Revision : 10 - Type : FILE-EXECUTABLE
2014-01-10 Microsoft Works 9 and Word 12 converter heap overflow attempt
RuleID : 21794 - Revision : 8 - Type : FILE-OFFICE
2014-01-10 Microsoft Internet Explorer vector graphics reference counting use-after-free...
RuleID : 21793 - Revision : 13 - Type : BROWSER-IE
2014-01-10 Microsoft Windows .NET invalid parsing of graphics data attempt
RuleID : 21792 - Revision : 11 - Type : FILE-EXECUTABLE
2014-01-10 Microsoft Internet Explorer SelectAll dangling pointer use after free attempt
RuleID : 21791 - Revision : 7 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer SelectAll dangling pointer use after free attempt
RuleID : 21790 - Revision : 7 - Type : BROWSER-IE

Nessus® Vulnerability Scanner

Date Description
2012-04-11 Name : The remote host is affected by code execution vulnerabilities.
File : smb_nt_ms12-023.nasl - Type : ACT_GATHER_INFO
2012-04-11 Name : The remote Windows host has a code execution vulnerability.
File : smb_nt_ms12-024.nasl - Type : ACT_GATHER_INFO
2012-04-11 Name : The .NET Framework install on the remote Windows host could allow arbitrary c...
File : smb_nt_ms12-025.nasl - Type : ACT_GATHER_INFO
2012-04-11 Name : A web application on the remote Windows host has multiple vulnerabilities.
File : smb_nt_ms12-026.nasl - Type : ACT_GATHER_INFO
2012-04-11 Name : The remote Windows host is affected by a remote code execution vulnerability.
File : smb_nt_ms12-027.nasl - Type : ACT_GATHER_INFO
2012-04-11 Name : The remote Windows host could allow arbitrary code execution.
File : smb_nt_ms12-028.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2013-03-07 13:21:06
  • Multiple Updates