Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
Name TA12-318A First vendor Publication 2012-11-13
Vendor US-CERT Last vendor Modification 2012-11-13
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.

Description

The Microsoft Security Bulletin Summary for November 2012 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address the vulnerabilities.

Impact

A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system.

Solution

Apply Updates

Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for November 2012, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates.

Original Source

Url : http://www.us-cert.gov/cas/techalerts/TA12-318A.html

CWE : Common Weakness Enumeration

% Id Name
38 % CWE-399 Resource Management Errors
25 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
12 % CWE-264 Permissions, Privileges, and Access Controls
12 % CWE-189 Numeric Errors (CWE/SANS Top 25)
6 % CWE-200 Information Exposure
6 % CWE-20 Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:15520
 
Oval ID: oval:org.mitre.oval:def:15520
Title: .NET Framework Insecure Library Loading Vulnerability - MS12-074
Description: Untrusted search path vulnerability in Entity Framework in ADO.NET in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, and 4 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .NET application, aka ".NET Framework Insecure Library Loading Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-2519
Version: 9
Platform(s): Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4.0
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15528
 
Oval ID: oval:org.mitre.oval:def:15528
Title: Windows Briefcase Integer Overflow Vulnerability - MS12-072
Description: Integer overflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted briefcase, aka "Windows Briefcase Integer Overflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-1528
Version: 7
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15677
 
Oval ID: oval:org.mitre.oval:def:15677
Title: CFormElement use after free vulnerability - MS12-071
Description: Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CFormElement Use After Free Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-1538
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Product(s): Microsoft Internet Explorer 9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15717
 
Oval ID: oval:org.mitre.oval:def:15717
Title: Excel SST Invalid Length Use After Free Vulnerability - MS12-076
Description: Use-after-free vulnerability in Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1, and Office 2008 and 2011 for Mac, allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel SST Invalid Length Use After Free Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-1887
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Excel 2003
Microsoft Excel 2007
Microsoft Excel 2010
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15737
 
Oval ID: oval:org.mitre.oval:def:15737
Title: Excel Stack Overflow Vulnerability - MS12-076
Description: Stack-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 2010 SP1; Office 2011 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Stack Overflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-2543
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Excel 2007
Microsoft Excel Viewer 2007
Microsoft Excel 2010
Microsoft Office Compatibility Pack
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15752
 
Oval ID: oval:org.mitre.oval:def:15752
Title: Excel SerAuxErrBar Heap Overflow Vulnerability - MS12-076
Description: Heap-based buffer overflow in Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Office 2008 and 2011 for Mac; and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel SerAuxErrBar Heap Overflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-1885
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Excel 2003
Microsoft Excel 2007
Microsoft Excel 2010
Microsoft Office Compatibility Pack
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15785
 
Oval ID: oval:org.mitre.oval:def:15785
Title: Code access security info disclosure vulnerability - MS12-074
Description: Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly consider trust levels during construction of output data, which allows remote attackers to obtain sensitive information via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka "Code Access Security Info Disclosure Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-1896
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.5.1
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15810
 
Oval ID: oval:org.mitre.oval:def:15810
Title: Web proxy auto-discovery vulnerability - MS12-074
Description: The Web Proxy Auto-Discovery (WPAD) functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not validate configuration data that is returned during acquisition of proxy settings, which allows remote attackers to execute arbitrary JavaScript code by providing crafted data during execution of (1) an XAML browser application (aka XBAP) or (2) a .NET Framework application, aka "Web Proxy Auto-Discovery Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-4776
Version: 11
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft .NET Framework 2.0
Microsoft .NET Framework 4.5
Microsoft .NET Framework 4.0
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5.1
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15817
 
Oval ID: oval:org.mitre.oval:def:15817
Title: Win32k Use After Free Vulnerability - MS12-075
Description: Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application, aka "Win32k Use After Free Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-2553
Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15847
 
Oval ID: oval:org.mitre.oval:def:15847
Title: TrueType Font Parsing Vulnerability - MS12-075
Description: The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT, as used by Google Chrome before 22.0.1229.79 and other programs, do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a crafted TrueType font file, aka "Windows Font Parsing Vulnerability" or "TrueType Font Parsing Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-2897
Version: 12
Platform(s): Microsoft Windows 7
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Google Chrome
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15886
 
Oval ID: oval:org.mitre.oval:def:15886
Title: CTreePos use after free vulnerability - MS12-071
Description: Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreePos Use After Free Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-1539
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Product(s): Microsoft Internet Explorer 9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15908
 
Oval ID: oval:org.mitre.oval:def:15908
Title: Excel Stack Overflow Vulnerability - MS12-076
Description: Stack-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 2010 SP1; Office 2011 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Stack Overflow Vulnerability."
Family: macos Class: vulnerability
Reference(s): CVE-2012-2543
Version: 3
Platform(s): Apple Mac OS X
Product(s): Microsoft Office 2011 for Mac
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15916
 
Oval ID: oval:org.mitre.oval:def:15916
Title: Excel SerAuxErrBar Heap Overflow Vulnerability - MS12-076
Description: Heap-based buffer overflow in Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Office 2008 and 2011 for Mac; and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel SerAuxErrBar Heap Overflow Vulnerability."
Family: macos Class: vulnerability
Reference(s): CVE-2012-1885
Version: 3
Platform(s): Apple Mac OS X
Product(s): Microsoft Office 2011 for Mac
Microsoft Office 2008 for Mac
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15924
 
Oval ID: oval:org.mitre.oval:def:15924
Title: Reflection Bypass Vulnerability - MS12-074
Description: The reflection implementation in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka "Reflection Bypass Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-1895
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4.0
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15927
 
Oval ID: oval:org.mitre.oval:def:15927
Title: Excel Memory Corruption Vulnerability - MS12-076
Description: Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Excel Viewer; and Office Compatibility Pack SP2 and SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-1886
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Excel 2003
Microsoft Excel 2007
Microsoft Excel Viewer 2007
Microsoft Excel 2010
Microsoft Office Compatibility Pack
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15932
 
Oval ID: oval:org.mitre.oval:def:15932
Title: CTreeNode use after free vulnerability - MS12-071
Description: Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-4775
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Product(s): Microsoft Internet Explorer 9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15936
 
Oval ID: oval:org.mitre.oval:def:15936
Title: Win32k Use After Free Vulnerability - MS12-075
Description: Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application, aka "Win32k Use After Free Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-2530
Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15960
 
Oval ID: oval:org.mitre.oval:def:15960
Title: WPF reflection optimization vulnerability - MS12-074
Description: The code-optimization feature in the reflection implementation in Microsoft .NET Framework 4 and 4.5 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka "WPF Reflection Optimization Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-4777
Version: 7
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft .NET Framework 4.5
Microsoft .NET Framework 4.0
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15970
 
Oval ID: oval:org.mitre.oval:def:15970
Title: Excel SST Invalid Length Use After Free Vulnerability - MS12-076
Description: Use-after-free vulnerability in Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1, and Office 2008 and 2011 for Mac, allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel SST Invalid Length Use After Free Vulnerability."
Family: macos Class: vulnerability
Reference(s): CVE-2012-1887
Version: 3
Platform(s): Apple Mac OS X
Product(s): Microsoft Office 2011 for Mac
Microsoft Office 2008 for Mac
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15975
 
Oval ID: oval:org.mitre.oval:def:15975
Title: Windows Briefcase Integer Underflow Vulnerability - MS12-072
Description: Integer underflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted briefcase, aka "Windows Briefcase Integer Underflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-1527
Version: 7
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 2488
Application 7
Application 5
Application 1
Application 1
Application 2
Application 2
Os 7
Os 2
Os 1
Os 1
Os 6
Os 1
Os 2
Os 2

OpenVAS Exploits

Date Description
2012-11-14 Name : Microsoft Internet Explorer Multiple Use-After-Free Vulnerabilities (2761451)
File : nvt/secpod_ms12-071.nasl
2012-11-14 Name : Microsoft Windows Shell Remote Code Execution Vulnerabilities (2727528)
File : nvt/secpod_ms12-072.nasl
2012-11-14 Name : Microsoft .NET Framework Remote Code Execution Vulnerability (2745030)
File : nvt/secpod_ms12-074.nasl
2012-11-14 Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (...
File : nvt/secpod_ms12-075.nasl
2012-11-14 Name : Microsoft Office Remote Code Execution Vulnerabilities (2720184)
File : nvt/secpod_ms12-076.nasl
2012-11-14 Name : Microsoft Office Remote Code Execution Vulnerabilities - 2720184 (Mac OS X)
File : nvt/secpod_ms12-076_macosx.nasl
2012-09-28 Name : Google Chrome Windows Kernel Memory Corruption Vulnerability
File : nvt/gb_google_chrome_mem_crptn_vuln_win.nasl

Information Assurance Vulnerability Management (IAVM)

Date Description
2012-11-15 IAVM : 2012-A-0184 - Multiple Remote Code Execution Vulnerabilities in Microsoft .NET Framework
Severity : Category I - VMSKEY : V0034955
2012-11-15 IAVM : 2012-A-0185 - Multiple Vulnerabilities in Microsoft Windows Shell
Severity : Category I - VMSKEY : V0034956

Snort® IPS/IDS

Date Description
2019-04-18 Microsoft Windows TTF parsing counter overflow attempt
RuleID : 49483 - Revision : 1 - Type : FILE-OTHER
2019-04-18 Microsoft Windows TTF parsing counter overflow attempt
RuleID : 49482 - Revision : 1 - Type : FILE-OTHER
2015-08-11 Microsoft proxy autoconfig script system library import attempt
RuleID : 35094 - Revision : 3 - Type : FILE-OTHER
2014-12-02 Microsoft Windows Briefcase integer overflow
RuleID : 32361 - Revision : 2 - Type : FILE-OTHER
2014-06-05 Microsoft Windows Briefcase integer underflow
RuleID : 30898 - Revision : 3 - Type : FILE-OTHER
2014-01-10 Microsoft Office Excel SST record invalid length memory corruption attempt
RuleID : 24674 - Revision : 6 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel SST record invalid length memory corruption attempt
RuleID : 24673 - Revision : 6 - Type : FILE-OFFICE
2014-01-10 Microsoft Windows Explorer briefcase database memory corruption attempt
RuleID : 24671 - Revision : 3 - Type : OS-WINDOWS
2014-01-10 Microsoft Office Excel invalid data item buffer overflow attempt
RuleID : 24666 - Revision : 6 - Type : FILE-OFFICE
2014-01-10 Microsoft .NET blacklisted method reflection sandbox bypass attempt
RuleID : 24665 - Revision : 6 - Type : FILE-EXECUTABLE
2014-01-10 Microsoft .NET blacklisted method reflection sandbox bypass attempt
RuleID : 24664 - Revision : 5 - Type : FILE-EXECUTABLE
2014-01-10 Microsoft Internet Explorer button object use after free memory corruption at...
RuleID : 24663 - Revision : 7 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer button object use after free memory corruption at...
RuleID : 24662 - Revision : 7 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer 9 style properties use after free attempt
RuleID : 24661 - Revision : 5 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer 9 style properties use after free attempt
RuleID : 24660 - Revision : 5 - Type : BROWSER-IE
2014-01-10 Microsoft Office Excel SERIES record code execution attempt
RuleID : 24659 - Revision : 8 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel SERIES record code execution attempt
RuleID : 24658 - Revision : 8 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel Publisher record heap buffer overflow attempt
RuleID : 24657 - Revision : 7 - Type : FILE-OFFICE
2014-01-10 Microsoft .NET fully qualified System.Data.dll assembly name exploit attempt
RuleID : 24656 - Revision : 2 - Type : OS-WINDOWS
2014-01-10 Microsoft .NET fully qualified System.Data.dll assembly name exploit attempt
RuleID : 24655 - Revision : 2 - Type : OS-WINDOWS
2014-01-10 Microsoft Internet Explorer 9 table th element use after free attempt
RuleID : 24654 - Revision : 5 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer 9 table th element use after free attempt
RuleID : 24653 - Revision : 5 - Type : BROWSER-IE
2014-01-10 Microsoft proxy autoconfig script system library import attempt
RuleID : 24652 - Revision : 6 - Type : FILE-OTHER
2014-01-10 Microsoft Windows TTF parsing counter overflow attempt
RuleID : 24650 - Revision : 9 - Type : FILE-OTHER
2014-01-10 Microsoft Windows TTF parsing counter overflow attempt
RuleID : 24649 - Revision : 8 - Type : FILE-OTHER
2014-01-10 Microsoft Office Excel Publisher record heap buffer overflow attempt
RuleID : 16654 - Revision : 20 - Type : FILE-OFFICE

Nessus® Vulnerability Scanner

Date Description
2012-11-14 Name : An application installed on the remote Mac OS X host is affected by multiple ...
File : macosx_ms12-076.nasl - Type : ACT_GATHER_INFO
2012-11-14 Name : The remote host has a web browser that is affected by code execution vulnerab...
File : smb_nt_ms12-071.nasl - Type : ACT_GATHER_INFO
2012-11-14 Name : The remote host is affected by code execution vulnerabilities.
File : smb_nt_ms12-072.nasl - Type : ACT_GATHER_INFO
2012-11-14 Name : The version of the .NET Framework installed on the remote host is affected by...
File : smb_nt_ms12-074.nasl - Type : ACT_GATHER_INFO
2012-11-14 Name : The remote Windows host is affected by remote code execution vulnerabilities.
File : smb_nt_ms12-075.nasl - Type : ACT_GATHER_INFO
2012-11-14 Name : It is possible to execute arbitrary code on the remote host through Microsoft...
File : smb_nt_ms12-076.nasl - Type : ACT_GATHER_INFO
2012-09-26 Name : The remote host contains a web browser that is affected by multiple vulnerabi...
File : google_chrome_22_0_1229_79.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2013-02-26 13:20:13
  • Multiple Updates
2012-11-14 05:20:03
  • First insertion