10 - TA12-346A

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Informations
Name	TA12-346A	First vendor Publication	2012-12-11
Vendor	US-CERT	Last vendor Modification	2012-12-11
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	10	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.

Description

The Microsoft Security Bulletin Summary for December 2012 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address the vulnerabilities.

Impact

A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system.

Solution

Apply Updates

Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for December 2012, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates.

Original Source

Url : http://www.us-cert.gov/cas/techalerts/TA12-346A.html

CWE : Common Weakness Enumeration

%	Id	Name
50 %	CWE-94	Failure to Control Generation of Code ('Code Injection')
20 %	CWE-399	Resource Management Errors
10 %	CWE-787	Out-of-bounds Write (CWE/SANS Top 25)
10 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
10 %	CWE-20	Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:15731

Oval ID:	oval:org.mitre.oval:def:15731
Title:	InjectHTMLStream Use After Free Vulnerability - MS12-077
Description:	Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "InjectHTMLStream Use After Free Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-4781	Version:	7
Platform(s):	Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 7 Microsoft Windows Server 2012 Microsoft Windows 8	Product(s):	Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 Microsoft Internet Explorer 10
Definition Synopsis:
IE6 + vulnerable (OS + file versions) Microsoft Internet Explorer 6 is installed AND Vulnerable OS's and their file versions XP(X86 + vulnerable file) Microsoft Windows XP (32-bit) is installed AND Check if the version of mshtml.dll is less than 6.0.2900.6315 OR 2k3/XP X64 and vulnerable file 2k3/XP X64 Microsoft Windows XP x64 is installed AND Microsoft Windows Server 2003 (32-bit) is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Windows Server 2003 (ia64) Gold is installed AND Check if the version of mshtml.dll is less than 6.0.3790.5080 OR IE7 + vulnerable (OS + file versions) Microsoft Internet Explorer 7 is installed AND Vulnerable OS's and their file versions XP /2k3 and vulnerable files XP/2k3 Microsoft Windows XP (32-bit) is installed AND Microsoft Windows XP x64 is installed AND Microsoft Windows Server 2003 (32-bit) is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Windows Server 2003 (ia64) Gold is installed AND LDR/GDR Check if the version of mshtml.dll is less than 7.0.6000.17116 OR Check for LDR Check for mshtml.dll version greater than or equal to 7.0.6000.21000 AND Check if the version of mshtml.dll is less than 7.0.6000.21318 OR Vista/2K8 and vulnerable files Vista/2k8 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND LDR/GDR Check if the version of mshtml.dll is less than 7.0.6002.18727 OR Check for LDR Mshtml.dll version is greater than or equal to 7.0.6002.22000 AND Check if the version of mshtml.dll is less than 7.0.6002.22971 OR IE8 + vulnerable (OS + file versions) Microsoft Internet Explorer 8 is installed AND Vulnerable OS's and their file versions XP/2k3/Vista/2k8 and vulnerable files XP/2k3/Vista/2k8 Microsoft Windows XP (32-bit) is installed AND Microsoft Windows XP x64 is installed AND Microsoft Windows Server 2003 (32-bit) is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Windows Server 2003 (ia64) Gold is installed AND LDR/GDR Check if the version of mshtml.dll is less than 8.0.6001.19393 OR LDR Check for mshtml.dll version greater than or equal to 8.0.6001.23000 AND Check if the version of mshtml.dll is less than 8.0.6001.23461 OR Win7/R2 and vulnerable files Win7/R2 Microsoft Windows 7 is installed AND Microsoft Windows Server 2008 R2 x64 Edition is installed AND LDR/GDR Check if the version of mshtml.dll is less than 8.0.7600.17166 OR LDR Mshtml.dll version is greater than or equal 8.0.7600.20000 AND Check if the version of mshtml.dll is less than 8.0.7600.21369 OR Win7/R2 and vulnerable files Win7/R2 Microsoft Windows 7 (32-bit) is installed AND Microsoft Windows 7 x64 Edition is installed AND Microsoft Windows Server 2008 R2 x64 Edition is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND LDR/GDR check Check if the version of mshtml.dll is less than 8.0.7601.17998 OR LDR/GDR Mshtml.dll version is greater than or equal to 8.0.7601.21000 AND Check if the version of mshtml.dll is less than 8.0.7601.22160 OR IE9 + vulnerable (OS + file versions) Microsoft Internet Explorer 9 is installed AND Vista/2k8/Win7/R2 Microsoft Windows 7 is installed AND Microsoft Windows Server 2008 R2 x64 Edition is installed AND Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Windows 7 (32-bit) is installed AND Microsoft Windows 7 x64 Edition is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND Check for LDR/GDR Check if the version of mshtml.dll is less than 9.0.8112.16457 OR Check for LDR Mshtml.dll version is greater than or equal to 9.0.8112.20000 AND Check if the version of mshtml.dll is less than 9.0.8112.20565 OR IE10 + vulnerable (OS + file versions) Microsoft Internet Explorer 10 is installed AND Vulnerable OS version + vulnerable files Win 7 / R2 and vulnerable file Win 7 / R2 Microsoft Windows 7 is installed AND Microsoft Windows Server 2008 R2 x64 Edition is installed AND Microsoft Windows 7 (32-bit) is installed AND Microsoft Windows 7 x64 Edition is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND Check if the version of mshtml.dll is less than 10.0.9200.16439 OR Win 8 / 2012 and vulnerable file versions Win 8 / 2012 Microsoft Windows 8 is installed AND Microsoft Windows Server 2012 is installed AND Check for vulnerable version Check if the version of mshtml.dll is less than 10.0.9200.16458 OR Check for LDR range Check if the version of mshtml.dll is greater than or equal to 10.0.9200.20000 AND Check if the version of mshtml.dll is less than 10.0.9200.20562

Definition Id: oval:org.mitre.oval:def:15845

Oval ID:	oval:org.mitre.oval:def:15845
Title:	TrueType Font Parsing Vulnerability - MS12-078
Description:	The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted TrueType Font (TTF) file, aka "TrueType Font Parsing Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-4786	Version:	7
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):
Definition Synopsis:
Check for vulnerable XP x86 Microsoft Windows XP (x86) SP3 is installed AND Check for vulnerable file the version of Atmfd.dll is less than 5.1.2.235 AND Check if the Win32k.sys version is less than 5.1.2600.6322 OR Check for vulnerable XP x64/2003 Check for XP x64/2003 Microsoft Windows XP x64 Edition SP2 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Check for vulnerable file Check if the atmfd.dll version is less than 5.2.2.235 AND Check if the Win32k.sys version is less than 5.2.3790.5094 OR Check for vulnerable Vista/2008 Check for Vista/2008 Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND Check for vulnerable file the version of Atmfd.dll is less than 5.1.2.235 AND Check if the Win32k.sys version is less than 6.0.6002.18733 OR Check for LDR the version of win32k.sys is greater than or equal to 6.0.6002.22000 AND Check if the Win32k.sys version is less than 6.0.6002.22977 OR Check for vulnerable 7/2008 R2 Check for 7/2008 R2 Microsoft Windows 7 is installed AND Microsoft Windows Server 2008 R2 x64 Edition is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND Check for vulnerable file Check if the atmfd.dll version is less than 5.1.2.237 AND Check if the Win32k.sys version is less than 6.1.7600.17174 OR Check for LDR the version of win32k.sys is greater than or equal to 6.1.7600.20000 AND Check if the Win32k.sys version is less than 6.1.7600.21379 OR Check for vulnerable 7/2008 R2 SP1 Check for 7/2008 R2 SP1 Microsoft Windows 7 (32-bit) Service Pack 1 is installed AND Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition Service Pack 1 is installed AND Check for vulnerable file Check if the atmfd.dll version is less than 5.1.2.237 AND Check if the Win32k.sys version is less than 6.1.7601.18009 OR Check for LDR the version of win32k.sys is greater than or equal to 6.1.7601.21000 AND Check if the Win32k.sys version is less than 6.1.7601.22171 OR Check for vulnerable Windows 8/2012 Check for OS Microsoft Windows 8 is installed AND Microsoft Windows Server 2012 is installed AND Check for vulnerable file Check if the atmfd.dll version is less than 5.1.2.236 AND Check if the Win32k.sys version is less than 6.2.9200.16453 OR Check for LDR Check if the Win32k.sys version is less than 6.2.9200.20557 AND Check if the version of Win32k.sys is greater than or equal to 6.2.9200.20000

Definition Id: oval:org.mitre.oval:def:15901

Oval ID:	oval:org.mitre.oval:def:15901
Title:	Windows Filename Parsing Vulnerability - MS12-081
Description:	Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow remote attackers to execute arbitrary code via a crafted (1) file name or (2) subfolder name that triggers use of unallocated memory as the destination of a copy operation, aka "Windows Filename Parsing Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-4774	Version:	7
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP	Product(s):
Definition Synopsis:
Win XP X86 + vulnerable file version Microsoft Windows XP (x86) SP3 is installed AND Check if the version of kernel32.dll is less than 5.1.2600.6293 OR XP X64 + vulnerable file version XP X64 / 2k3 Microsoft Windows XP x64 Edition SP2 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Check if the version of kernel32.dll is less than 5.2.3790.5069 OR Vista / 2k8 + vulnerable file version Vista / 2K8 Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND LDR/GDR Check if the version of kernel32.dll is less than 6.0.6002.18704 OR Check for LDR the version of Kernel32.dll is greater or equal 6.0.6002.22000 AND Check if the version of kernel32.dll is less than 6.0.6002.22942 OR Win 7 / R2 + vulnerable file version Win 7 / R2 Microsoft Windows 7 is installed AND Microsoft Windows Server 2008 R2 x64 Edition is installed AND Check for LDR/GDR Check if the version of kernel32.dll is less than 6.1.7600.17135 OR Check for LDR Check if the version of kernel32.dll is greater than or equal to 6.1.7600.20000 AND Check if the version of Kernel32.dll is less than 6.1.7600.21335 OR Win 7 / R2 SP1 + vulnerable file version Win 7 / R2 SP1 Microsoft Windows 7 (32-bit) Service Pack 1 is installed AND Microsoft Windows 7 x64 Service Pack 1 is installed AND Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition Service Pack 1 is installed AND Check for LDR/GDR Check if the version of kernel32.dll is less than 6.1.7601.17965 OR Check for LDR the version of Kernel32.dll is greater than or equal to 6.1.7601.21000 AND Check if the version of kernel32.dll is less than 6.1.7601.22125

Definition Id: oval:org.mitre.oval:def:15911

Oval ID:	oval:org.mitre.oval:def:15911
Title:	Oracle Outside In Contains Multiple Exploitable Vulnerabilities-II MS12-080
Description:	Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7.0 allows context-dependent attackers to affect availability, related to Outside In HTML Export SDK.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-3217	Version:	3
Platform(s):	Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2	Product(s):	Microsoft Exchange Server 2007 Microsoft Exchange Server 2010
Definition Synopsis:
Exchange Server 2007 vulnerable version Microsoft Exchange Server 2007 SP3 is installed AND Check if the version ExSetup.exe is less than 8.3.297.2 OR Exchange Server 2010 SP1 vulnerable version Microsoft Exchange Server 2010 SP1 is installed AND Check if the version ExSetup.exe is less than 14.1.438.0 OR Exchange Server 2010 SP2 Microsoft Exchange Server 2010 SP2 is installed AND Check if the version ExSetup.exe is less than 14.2.328.10

Definition Id: oval:org.mitre.oval:def:16066

Oval ID:	oval:org.mitre.oval:def:16066
Title:	CMarkup Use After Free Vulnerability - MS12-077
Description:	Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "CMarkup Use After Free Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-4782	Version:	7
Platform(s):	Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2012 Microsoft Windows 8	Product(s):	Microsoft Internet Explorer 9 Microsoft Internet Explorer 10
Definition Synopsis:
IE9 + vulnerable (OS + file versions) Microsoft Internet Explorer 9 is installed AND Vista/2k8/Win7/R2 Microsoft Windows 7 is installed AND Microsoft Windows Server 2008 R2 x64 Edition is installed AND Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Windows 7 (32-bit) is installed AND Microsoft Windows 7 x64 Edition is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND Check for LDR/GDR Check if the version of mshtml.dll is less than 9.0.8112.16457 OR Check for LDR Mshtml.dll version is greater than or equal to 9.0.8112.20000 AND Check if the version of mshtml.dll is less than 9.0.8112.20565 OR Win 8 / 2012 and IE10 vulnerable version Win 8 / 2012 Microsoft Windows 8 is installed AND Microsoft Windows Server 2012 is installed AND Check for vulnerable versions Check if the version of mshtml.dll is less than 10.0.9200.16458 OR Check for LDR Check if the version of mshtml.dll is greater than or equal to 10.0.9200.20000 AND Check if the version of mshtml.dll is less than 10.0.9200.20562

Definition Id: oval:org.mitre.oval:def:16067

Oval ID:	oval:org.mitre.oval:def:16067
Title:	OpenType Font Parsing Vulnerability - MS12-078
Description:	The OpenType Font (OTF) driver in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows remote attackers to execute arbitrary code via a crafted OpenType font file, aka "OpenType Font Parsing Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-2556	Version:	7
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):
Definition Synopsis:
Check for vulnerable XP x86 Microsoft Windows XP (x86) SP3 is installed AND Check for vulnerable file the version of Atmfd.dll is less than 5.1.2.235 AND Check if the Win32k.sys version is less than 5.1.2600.6322 OR Check for vulnerable XP x64/2003 Check for XP x64/2003 Microsoft Windows XP x64 Edition SP2 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Check for vulnerable file Check if the atmfd.dll version is less than 5.2.2.235 AND Check if the Win32k.sys version is less than 5.2.3790.5094 OR Check for vulnerable Vista/2008 Check for Vista/2008 Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND Check for vulnerable file the version of Atmfd.dll is less than 5.1.2.235 AND Check if the Win32k.sys version is less than 6.0.6002.18733 OR Check for LDR the version of win32k.sys is greater than or equal to 6.0.6002.22000 AND Check if the Win32k.sys version is less than 6.0.6002.22977 OR Check for vulnerable 7/2008 R2 Check for 7/2008 R2 Microsoft Windows 7 is installed AND Microsoft Windows Server 2008 R2 x64 Edition is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND Check for vulnerable file Check if the atmfd.dll version is less than 5.1.2.237 AND Check if the Win32k.sys version is less than 6.1.7600.17174 OR Check for LDR the version of win32k.sys is greater than or equal to 6.1.7600.20000 AND Check if the Win32k.sys version is less than 6.1.7600.21379 OR Check for vulnerable 7/2008 R2 SP1 Check for 7/2008 R2 SP1 Microsoft Windows 7 (32-bit) Service Pack 1 is installed AND Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition Service Pack 1 is installed AND Check for vulnerable file Check if the atmfd.dll version is less than 5.1.2.237 AND Check if the Win32k.sys version is less than 6.1.7601.18009 OR Check for LDR the version of win32k.sys is greater than or equal to 6.1.7601.21000 AND Check if the Win32k.sys version is less than 6.1.7601.22171 OR Check for vulnerable Windows 8/2012 Check for OS Microsoft Windows 8 is installed AND Microsoft Windows Server 2012 is installed AND Check for vulnerable file Check if the atmfd.dll version is less than 5.1.2.236 AND Check if the Win32k.sys version is less than 6.2.9200.16453 OR Check for LDR Check if the Win32k.sys version is less than 6.2.9200.20557 AND Check if the version of Win32k.sys is greater than or equal to 6.2.9200.20000

Definition Id: oval:org.mitre.oval:def:16073

Oval ID:	oval:org.mitre.oval:def:16073
Title:	Word RTF 'listoverridecount' Remote Code Execution Vulnerability - MS12-079
Description:	Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; and Office Web Apps 2010 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka "Word RTF 'listoverridecount' Remote Code Execution Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-2539	Version:	13
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP	Product(s):	Microsoft Office Compatibility Pack Microsoft Office Web Apps 2010 Microsoft Office Word Viewer Microsoft SharePoint Server 2010 Microsoft Word 2003 Microsoft Word 2007 Microsoft Word 2010
Definition Synopsis:
word 2003/version Check if the version of winword.exe is less than 11.0.8350 AND Microsoft Word 2003 SP3 is installed OR word 2007/version Check if the version of winword.exe is less than 12.0.6668.5000 AND word 2007 sp2/sp3 Microsoft Word 2007 SP2 is installed AND Microsoft Word 2007 SP3 is installed OR word 2010/version Check if the version of winword.exe is less than 14.0.6129.5000 AND Microsoft Word 2010 SP1 is installed OR word viewer/version Microsoft Word Viewer is installed AND Check if the version of wordview.exe is less than 11.0.8350 OR office compatibility pack/version Check if the version of wordcnv.dll is less than 12.0.6668.5000 AND compatibility pack sp2/sp3 Microsoft Office Compatibility Pack SP2 is installed AND Microsoft Office Compatibility Pack SP3 is installed OR web apps/version Microsoft Office Web Apps 2010 Service Pack 1 is installed AND Check if the version of msoserver.dll is less than 14.0.6129.5000 (web apps) OR sharepoint server/version Microsoft SharePoint Server 2010 Service Pack 1 is installed AND Check if the version of msoserver.dll is less than 14.0.6129.5000 (sharepoint server)

Definition Id: oval:org.mitre.oval:def:16080

Oval ID:	oval:org.mitre.oval:def:16080
Title:	Oracle Outside In Contains Multiple Exploitable Vulnerability - CVE-2012-3217 (MS13-013)
Description:	Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7.0 allows context-dependent attackers to affect availability, related to Outside In HTML Export SDK.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-3217	Version:	3
Platform(s):	Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2	Product(s):	Microsoft FAST Search Server 2010 for SharePoint
Definition Synopsis:
Microsoft FAST Search Server 2010 for SharePoint is installed AND Check if the version of vseshr.dll is less than 8.3.7.207

Definition Id: oval:org.mitre.oval:def:16086

Oval ID:	oval:org.mitre.oval:def:16086
Title:	DirectPlay Heap Overflow Vulnerability - MS12-082
Description:	Heap-based buffer overflow in DirectPlay in DirectX 9.0 through 11.1 in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows remote attackers to execute arbitrary code via a crafted Office document, aka "DirectPlay Heap Overflow Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-1537	Version:	7
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows Server 2012 Microsoft Windows 8	Product(s):
Definition Synopsis:
win xp 32 bit/version Microsoft Windows XP (x86) SP3 is installed AND Check if the version of dpnet.dll is less than 5.3.2600.6311 OR win xp 64 bit/server 2003/version server 2003/win xp Microsoft Windows Server 2003 (ia64) SP2 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows XP x64 Edition SP2 is installed AND Check if the version of dpnet.dll is less than 5.3.3790.5083 OR vista/server 2008/version vista/server 2008 Microsoft Windows Vista x64 Edition Service Pack 2 is installed AND Microsoft Windows Vista (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed AND Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed AND GDR/LDR Check if the version of dpnet.dll is less than 6.0.6002.18722 OR LDR range Check if the version of dpnet.dll is less than 6.0.6002.22964 AND Check if the version of dpnet.dll is greater than or equal to 6.0.6002.22000 OR win 7/server 2008 R2/version win 7/server 2008 R2 Microsoft Windows 7 is installed AND Microsoft Windows Server 2008 R2 x64 Edition is installed AND GDR/LDR Check if the version of dpnet.dll is less than 6.1.7600.17157 OR LDR range Check if the version of dpnet.dll is less than 6.1.7600.21360 AND Check if the version of dpnet.dll is greater than or equal to 6.1.7600.20000 OR win 7 sp1/server 2008 R2 sp1/version win 7 sp1/server 2008 R2 sp1 Microsoft Windows 7 (32-bit) Service Pack 1 is installed AND Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition Service Pack 1 is installed AND GDR.LDR Check if the version of dpnet.dll is less than 6.1.7601.17989 OR LDR range Check if the version of dpnet.dll is less than 6.1.7601.22150 AND Check if the version of dpnet.dll is greater than or equal to 6.1.7601.21000 OR Win 8 and Server 2012 vulnerable file version Win 8 / Server 2012 Microsoft Windows 8 is installed AND Microsoft Windows Server 2012 is installed AND Check for vulnerable version Check if the version of dpnet.dll is less than 6.2.9200.16450 OR Check for LDR range Check if the version of dpnet.dll is greater than or equal to 6.2.9200.20000 AND Check if the version of dpnet.dll is less than 6.2.9200.20554

Definition Id: oval:org.mitre.oval:def:16117

Oval ID:	oval:org.mitre.oval:def:16117
Title:	Revoked Certificate Bypass Vulnerability - MS12-083
Description:	The IP-HTTPS server in Windows Server 2008 R2 and R2 SP1 and Server 2012 does not properly validate certificates, which allows remote attackers to bypass intended access restrictions via a revoked certificate, aka "Revoked Certificate Bypass Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-2549	Version:	7
Platform(s):	Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):
Definition Synopsis:
R2 base + vulnerable file version Microsoft Windows Server 2008 R2 x64 Edition is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND LDR/GDR Check if the version of Iphlpsvc.dll is less than 6.1.7600.17157 OR Check for LDR Check if the version of Iphlpsvc.dll is greater than or equal to 6.1.7600.20000 AND Check if the version of Iphlpsvc.dll is less than 6.1.7600.21360 OR R2 SP1 + vulnerable file version R2 X64/ IA64 SP1 Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition Service Pack 1 is installed AND LDR/GDR Check if the version of Iphlpsvc.dll is less than 6.1.7601.17989 OR Check for LDR Check if the version of Iphlpsvc.dll is greater than or equal to 6.1.7601.21000 AND Check if the version of Iphlpsvc.dll is less than 6.1.7601.22150 OR Win 2k12 + vulnerable version Microsoft Windows Server 2012 is installed AND Check for vulnerable version Check if the version of Iphlpsvc.dll is less than 6.2.9200.16449 OR Check for LDR range Check if the version of Iphlpsvc.dll is greater than or equal to 6.2.9200.20000 AND Check if the version of Iphlpsvc.dll is less than 6.2.9200.20553

Definition Id: oval:org.mitre.oval:def:16158

Oval ID:	oval:org.mitre.oval:def:16158
Title:	RSS Feed May Cause Exchange DoS Vulnerability - MS12-080
Description:	Microsoft Exchange Server 2007 SP3 and 2010 SP1 and SP2 allows remote authenticated users to cause a denial of service (Information Store service hang) by subscribing to a crafted RSS feed, aka "RSS Feed May Cause Exchange DoS Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-4791	Version:	3
Platform(s):	Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2	Product(s):	Microsoft Exchange Server 2007 Microsoft Exchange Server 2010
Definition Synopsis:
Exchange Server 2007 vulnerable version Microsoft Exchange Server 2007 SP3 is installed AND Check if the version ExSetup.exe is less than 8.3.297.2 OR Exchange Server 2010 SP1 vulnerable version Microsoft Exchange Server 2010 SP1 is installed AND Check if the version ExSetup.exe is less than 14.1.438.0 OR Exchange Server 2010 SP2 Microsoft Exchange Server 2010 SP2 is installed AND Check if the version ExSetup.exe is less than 14.2.328.10

Definition Id: oval:org.mitre.oval:def:16178

Oval ID:	oval:org.mitre.oval:def:16178
Title:	Oracle Outside In Contains Multiple Exploitable Vulnerabilities-I MS12-080
Description:	Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-3214	Version:	3
Platform(s):	Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2	Product(s):	Microsoft Exchange Server 2007 Microsoft Exchange Server 2010
Definition Synopsis:
Exchange Server 2007 vulnerable version Microsoft Exchange Server 2007 SP3 is installed AND Check if the version ExSetup.exe is less than 8.3.297.2 OR Exchange Server 2010 SP1 vulnerable version Microsoft Exchange Server 2010 SP1 is installed AND Check if the version ExSetup.exe is less than 14.1.438.0 OR Exchange Server 2010 SP2 Microsoft Exchange Server 2010 SP2 is installed AND Check if the version ExSetup.exe is less than 14.2.328.10

Definition Id: oval:org.mitre.oval:def:16211

Oval ID:	oval:org.mitre.oval:def:16211
Title:	Improper Ref Counting Use After Free Vulnerability - MS12-077
Description:	Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "Improper Ref Counting Use After Free Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-4787	Version:	7
Platform(s):	Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2012 Microsoft Windows 8	Product(s):	Microsoft Internet Explorer 9 Microsoft Internet Explorer 10
Definition Synopsis:
IE9 + vulnerable (OS + file versions) Microsoft Internet Explorer 9 is installed AND Vista/2k8/Win7/R2 Microsoft Windows 7 is installed AND Microsoft Windows Server 2008 R2 x64 Edition is installed AND Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Windows 7 (32-bit) is installed AND Microsoft Windows 7 x64 Edition is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND Check for LDR/GDR Check if the version of mshtml.dll is less than 9.0.8112.16457 OR Check for LDR Mshtml.dll version is greater than or equal to 9.0.8112.20000 AND Check if the version of mshtml.dll is less than 9.0.8112.20565 OR IE10 + vulnerable (OS + file versions) Microsoft Internet Explorer 10 is installed AND Vulnerable OS version + vulnerable files Win 7 / R2 and vulnerable file Win 7 / R2 Microsoft Windows 7 is installed AND Microsoft Windows Server 2008 R2 x64 Edition is installed AND Microsoft Windows 7 (32-bit) is installed AND Microsoft Windows 7 x64 Edition is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND Check if the version of mshtml.dll is less than 10.0.9200.16439 OR Win 8 / 2012 and vulnerable file versions Win 8 / 2012 Microsoft Windows 8 is installed AND Microsoft Windows Server 2012 is installed AND Check for vulnerable version Check if the version of mshtml.dll is less than 10.0.9200.16458 OR Check for LDR range Check if the version of mshtml.dll is greater than or equal to 10.0.9200.20000 AND Check if the version of mshtml.dll is less than 10.0.9200.20562

Definition Id: oval:org.mitre.oval:def:16500

Oval ID:	oval:org.mitre.oval:def:16500
Title:	Oracle Outside In Contains Multiple Exploitable Vulnerability - CVE-2012-3214 (MS13-013)
Description:	Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-3214	Version:	3
Platform(s):	Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2	Product(s):	Microsoft FAST Search Server 2010 for SharePoint
Definition Synopsis:
Microsoft FAST Search Server 2010 for SharePoint is installed AND Check if the version of vseshr.dll is less than 8.3.7.207

CPE : Common Platform Enumeration

Type	Description	Count
Application	Microsoft Directx cpe:2.3:a:microsoft:directx:11.1:::::::* cpe:2.3:a:microsoft:directx:11.0:::::::* cpe:2.3:a:microsoft:directx:10.1:::::::* cpe:2.3:a:microsoft:directx:10.0:::::::* cpe:2.3:a:microsoft:directx:9.0:::::::*	5
Application	Microsoft Exchange Server cpe:2.3:a:microsoft:exchange_server:2010:sp1:::::: cpe:2.3:a:microsoft:exchange_server:2010:sp2:::::: cpe:2.3:a:microsoft:exchange_server:2007:sp3::::::	3
Application	Microsoft Internet Explorer cpe:2.3:a:microsoft:internet_explorer:10:::::::* cpe:2.3:a:microsoft:internet_explorer:9:::::::* cpe:2.3:a:microsoft:internet_explorer:8:::::::* cpe:2.3:a:microsoft:internet_explorer:7:::::::* cpe:2.3:a:microsoft:internet_explorer:6:::::::*	5
Application	Microsoft Office Compatibility Pack cpe:2.3:a:microsoft:office_compatibility_pack:-:sp2:::::: cpe:2.3:a:microsoft:office_compatibility_pack:-:sp3::::::	2
Application	Microsoft Office Web Apps cpe:2.3:a:microsoft:office_web_apps:2010:sp1::::::	1
Application	Microsoft Office Word Viewer cpe:2.3:a:microsoft:office_word_viewer:-:::::::*	1
Application	Microsoft Sharepoint Server cpe:2.3:a:microsoft:sharepoint_server:2010:::::::*	1
Application	Microsoft Word cpe:2.3:a:microsoft:word:2010:sp1:::::: cpe:2.3:a:microsoft:word:2007:sp3:::::: cpe:2.3:a:microsoft:word:2007:sp2:::::: cpe:2.3:a:microsoft:word:2003:sp3::::::	4
Application	Oracle Fusion Middleware cpe:2.3:a:oracle:fusion_middleware:8.3.7.0:::::::*	1
Os	Microsoft Windows 2003 Server cpe:2.3:o:microsoft:windows_2003_server::sp2::::::*	1
Os	Microsoft Windows 7 cpe:2.3:o:microsoft:windows_7:gold:::::::* cpe:2.3:o:microsoft:windows_7::sp1:x64::::: cpe:2.3:o:microsoft:windows_7::sp1:x86::::: cpe:2.3:o:microsoft:windows_7:::x86:::::* cpe:2.3:o:microsoft:windows_7:::x64:::::* cpe:2.3:o:microsoft:windows_7:-:::::::* cpe:2.3:o:microsoft:windows_7:-:sp1:::ultimate_n::x64: cpe:2.3:o:microsoft:windows_7:-:sp1::::::	8
Os	Microsoft Windows 8 cpe:2.3:o:microsoft:windows_8:-::::pro_n::x86:* cpe:2.3:o:microsoft:windows_8:-::::pro_n::x64:*	2
Os	Microsoft Windows Rt cpe:2.3:o:microsoft:windows_rt:-:::::::*	1
Os	Microsoft Windows Server 2003 cpe:2.3:o:microsoft:windows_server_2003::sp2::::::*	1
Os	Microsoft Windows Server 2008 cpe:2.3:o:microsoft:windows_server_2008:r2:::::::* cpe:2.3:o:microsoft:windows_server_2008:r2::::::x64: cpe:2.3:o:microsoft:windows_server_2008:r2::::::itanium: cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::: cpe:2.3:o:microsoft:windows_server_2008::r2:itanium::::: cpe:2.3:o:microsoft:windows_server_2008::sp2:x86::::: cpe:2.3:o:microsoft:windows_server_2008::sp2:itanium::::: cpe:2.3:o:microsoft:windows_server_2008:::x64:::::* cpe:2.3:o:microsoft:windows_server_2008:::itanium:::::* cpe:2.3:o:microsoft:windows_server_2008::sp2:x64::::: cpe:2.3:o:microsoft:windows_server_2008::sp2::::::* cpe:2.3:o:microsoft:windows_server_2008::r2:x64::::: cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:::::*	13
Os	Microsoft Windows Server 2012 cpe:2.3:o:microsoft:windows_server_2012:-:::::::*	1
Os	Microsoft Windows Vista cpe:2.3:o:microsoft:windows_vista::sp2::::::*	1
Os	Microsoft Windows Xp cpe:2.3:o:microsoft:windows_xp::sp2::::::* cpe:2.3:o:microsoft:windows_xp::sp3::::::* cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:::::*	3

OpenVAS Exploits

Date	Description
2012-12-12	Name : Microsoft Internet Explorer Multiple Vulnerabilities (2761465) File : nvt/secpod_ms12-077.nasl
2012-12-12	Name : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (... File : nvt/secpod_ms12-078.nasl
2012-12-12	Name : Microsoft Office Word Remote Code Execution Vulnerability (2780642) File : nvt/secpod_ms12-079.nasl
2012-12-12	Name : MS Exchange Server Remote Code Execution Vulnerabilities (2784126) File : nvt/secpod_ms12-080.nasl
2012-12-12	Name : Microsoft Windows File Handling Component Remote Code Execution Vulnerability... File : nvt/secpod_ms12-081.nasl
2012-12-12	Name : Microsoft Windows DirectPlay Remote Code Execution Vulnerability (2770660) File : nvt/secpod_ms12-082.nasl
2012-12-12	Name : Microsoft Windows IP-HTTPS Component Security Feature Bypass Vulnerability (2... File : nvt/secpod_ms12-083.nasl

Information Assurance Vulnerability Management (IAVM)

Date	Description
2013-02-14	IAVM : 2013-A-0044 - Multiple Vulnerabilities in FAST Search Server 2010 for Microsoft SharePoint Severity : Category II - VMSKEY : V0036831
2012-12-13	IAVM : 2012-B-0124 - Microsoft Windows DirectPlay Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0035487
2012-12-13	IAVM : 2012-A-0196 - Microsoft Windows File Handling Component Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0035488
2012-12-13	IAVM : 2012-B-0122 - Microsoft Windows IP-HTTPS Server Security Bypass Vulnerability Severity : Category I - VMSKEY : V0035489
2012-12-13	IAVM : 2012-A-0194 - Microsoft Office Word Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0035492

Snort® IPS/IDS

Date	Description
2019-05-16	Microsoft Internet Explorer invalid object property memory corruption attempt RuleID : 49812 - Revision : 1 - Type : BROWSER-IE
2019-05-16	Microsoft Internet Explorer invalid object property memory corruption attempt RuleID : 49811 - Revision : 1 - Type : BROWSER-IE
2019-04-18	Microsoft Windows TTF parsing counter overflow attempt RuleID : 49483 - Revision : 1 - Type : FILE-OTHER
2019-04-18	Microsoft Windows TTF parsing counter overflow attempt RuleID : 49482 - Revision : 1 - Type : FILE-OTHER
2016-04-05	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 37994 - Revision : 1 - Type : FILE-OFFICE
2016-04-05	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 37993 - Revision : 1 - Type : FILE-OFFICE
2016-04-05	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 37992 - Revision : 1 - Type : FILE-OFFICE
2016-04-05	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 37991 - Revision : 1 - Type : FILE-OFFICE
2016-04-05	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 37990 - Revision : 1 - Type : FILE-OFFICE
2016-04-05	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 37989 - Revision : 1 - Type : FILE-OFFICE
2016-04-05	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 37988 - Revision : 1 - Type : FILE-OFFICE
2016-04-05	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 37987 - Revision : 1 - Type : FILE-OFFICE
2016-04-05	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 37986 - Revision : 1 - Type : FILE-OFFICE
2016-04-05	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 37985 - Revision : 1 - Type : FILE-OFFICE
2016-04-05	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 37984 - Revision : 1 - Type : FILE-OFFICE
2016-04-05	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 37983 - Revision : 1 - Type : FILE-OFFICE
2016-04-05	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 37982 - Revision : 1 - Type : FILE-OFFICE
2016-04-05	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 37981 - Revision : 1 - Type : FILE-OFFICE
2016-04-05	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 37980 - Revision : 1 - Type : FILE-OFFICE
2016-04-05	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 37979 - Revision : 1 - Type : FILE-OFFICE
2016-04-05	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 37978 - Revision : 1 - Type : FILE-OFFICE
2016-04-05	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 37977 - Revision : 1 - Type : FILE-OFFICE
2016-04-05	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 37976 - Revision : 1 - Type : FILE-OFFICE
2016-04-05	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 37975 - Revision : 1 - Type : FILE-OFFICE
2014-02-08	Microsoft Internet Explorer invalid object property use after free memory cor... RuleID : 29265 - Revision : 3 - Type : BROWSER-IE
2014-01-10	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 28343 - Revision : 6 - Type : FILE-OFFICE
2014-01-10	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 28342 - Revision : 6 - Type : FILE-OFFICE
2014-01-10	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 28341 - Revision : 6 - Type : FILE-OFFICE
2014-01-10	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 28340 - Revision : 6 - Type : FILE-OFFICE
2014-01-10	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 28339 - Revision : 6 - Type : FILE-OFFICE
2014-01-10	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 28338 - Revision : 6 - Type : FILE-OFFICE
2014-01-10	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 28337 - Revision : 6 - Type : FILE-OFFICE
2014-01-10	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 28336 - Revision : 6 - Type : FILE-OFFICE
2014-01-10	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 28335 - Revision : 6 - Type : FILE-OFFICE
2014-01-10	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 28334 - Revision : 6 - Type : FILE-OFFICE
2014-01-10	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 28333 - Revision : 6 - Type : FILE-OFFICE
2014-01-10	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 28332 - Revision : 6 - Type : FILE-OFFICE
2014-01-10	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 28331 - Revision : 6 - Type : FILE-OFFICE
2014-01-10	Microsoft Office Word rtf invalid listoverridecount value attempt RuleID : 24975 - Revision : 12 - Type : FILE-OFFICE
2014-01-10	Microsoft Office Word rtf invalid listoverridecount value attempt RuleID : 24974 - Revision : 12 - Type : FILE-OFFICE
2014-01-10	SMB Trans2 FIND_FIRST2 response file name length overflow attempt RuleID : 24973 - Revision : 9 - Type : NETBIOS
2014-01-10	Microsoft Windows ATMFD Adobe font driver reserved command denial of service ... RuleID : 24971 - Revision : 3 - Type : FILE-OTHER
2014-01-10	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 24970 - Revision : 10 - Type : FILE-OFFICE
2014-01-10	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 24969 - Revision : 9 - Type : FILE-OFFICE
2014-01-10	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 24968 - Revision : 9 - Type : FILE-OFFICE
2014-01-10	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 24967 - Revision : 9 - Type : FILE-OFFICE
2014-01-10	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 24966 - Revision : 9 - Type : FILE-OFFICE
2014-01-10	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 24965 - Revision : 9 - Type : FILE-OFFICE
2014-01-10	Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access RuleID : 24964 - Revision : 9 - Type : FILE-OFFICE
2014-01-10	Microsoft DirectPlay ActiveX clsid access RuleID : 24963 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10	Microsoft dpnet.dll DirectPlay ActiveX clsid access RuleID : 24962 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10	Microsoft dpnet.dll DirectPlay ActiveX clsid access RuleID : 24961 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10	Microsoft dpnet.dll DirectPlay ActiveX clsid access RuleID : 24960 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10	Microsoft dpnet.dll DirectPlay ActiveX clsid access RuleID : 24959 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10	Microsoft dpnet.dll DirectPlay ActiveX clsid access RuleID : 24958 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10	Microsoft dpnet.dll DirectPlay ActiveX clsid access RuleID : 24957 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10	Microsoft Internet Explorer invalid object property use after free memory cor... RuleID : 24956 - Revision : 6 - Type : BROWSER-IE
2014-01-10	Microsoft Windows TTF parsing counter overflow attempt RuleID : 24650 - Revision : 9 - Type : FILE-OTHER
2014-01-10	Microsoft Windows TTF parsing counter overflow attempt RuleID : 24649 - Revision : 8 - Type : FILE-OTHER

Nessus® Vulnerability Scanner

Date	Description
2013-02-12	Name : The remote Windows host is affected by multiple code execution vulnerabilities. File : smb_nt_ms13-013.nasl - Type : ACT_GATHER_INFO
2012-12-11	Name : The remote host is affected by code execution vulnerabilities. File : smb_nt_ms12-077.nasl - Type : ACT_GATHER_INFO
2012-12-11	Name : The remote Windows host is affected by remote code execution vulnerabilities. File : smb_nt_ms12-078.nasl - Type : ACT_GATHER_INFO
2012-12-11	Name : A Microsoft Office component installed on the remote host is affected by a re... File : smb_nt_ms12-079.nasl - Type : ACT_GATHER_INFO
2012-12-11	Name : The remote mail server has multiple vulnerabilities. File : smb_nt_ms12-080.nasl - Type : ACT_GATHER_INFO
2012-12-11	Name : The remote Windows host has a remote code execution vulnerability. File : smb_nt_ms12-081.nasl - Type : ACT_GATHER_INFO
2012-12-11	Name : The remote Windows host could allow arbitrary code execution. File : smb_nt_ms12-082.nasl - Type : ACT_GATHER_INFO
2012-12-11	Name : The remote Windows host is affected by a security feature bypass vulnerability. File : smb_nt_ms12-083.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2013-02-26 13:20:13	Multiple Updates
2012-12-12 09:21:34	First insertion

Global Informations

Type	Count
CWE ID(s)	10
Oval ID(s)	14
CPE ID(s)	54
Openvas Exploit(s)	7
IAVM(s)	5
Snort® Rule(s)	59
Nessus® Exploit(s)	8

	Related
10	CVE-2012-4786
9.3	CVE-2012-4787
9.3	CVE-2012-4782
9.3	CVE-2012-4781
9.3	CVE-2012-4774
9.3	CVE-2012-2556
9.3	CVE-2012-1537
7.8	CVE-2012-2539
5.8	CVE-2012-2549
3.5	CVE-2012-4791
2.1	CVE-2012-3217
2.1	CVE-2012-3214
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 12 more Alert(s)