Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Informations | |||
|---|---|---|---|
| Name | TA13-253A | First vendor Publication | 2013-09-10 |
| Vendor | US-CERT | Last vendor Modification | 2013-09-10 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Overview Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.
DescriptionThe Microsoft Security Bulletin Summary for September 2013 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address these vulnerabilities. ImpactThese vulnerabilities could allow remote code execution, elevation of privilege, denial of service, or information disclosure.
SolutionApply Updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for September 2013, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates.
|
Original Source
| Url : http://www.us-cert.gov/cas/techalerts/TA13-253A.html |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 74 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 9 % | CWE-20 | Improper Input Validation |
| 4 % | CWE-399 | Resource Management Errors |
| 4 % | CWE-200 | Information Exposure |
| 4 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
| 2 % | CWE-264 | Permissions, Privileges, and Access Controls |
| 2 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:18065 | |||
| Oval ID: | oval:org.mitre.oval:def:18065 | ||
| Title: | Word Memory Corruption Vulnerability (CVE-2013-3855) - MS13-072 | ||
| Description: | Microsoft Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3855 | Version: | 7 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Word 2003 Microsoft Word 2007 Microsoft Word Viewer Microsoft Office Compatibility Pack |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18114 | |||
| Oval ID: | oval:org.mitre.oval:def:18114 | ||
| Title: | Internet Explorer Memory Corruption Vulnerability (CVE-2013-3208) - MS13-069 | ||
| Description: | Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3208 | Version: | 5 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18246 | |||
| Oval ID: | oval:org.mitre.oval:def:18246 | ||
| Title: | Word Memory Corruption Vulnerability (CVE-2013-3851) - MS13-072 | ||
| Description: | Microsoft Office 2003 SP3 and 2007 SP3, Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3851 | Version: | 7 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Word 2003 Microsoft Word 2007 Microsoft Word Viewer Microsoft Office Compatibility Pack |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18281 | |||
| Oval ID: | oval:org.mitre.oval:def:18281 | ||
| Title: | Word Memory Corruption Vulnerability (CVE-2013-3848) - MS13-072 | ||
| Description: | Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3847, CVE-2013-3849, and CVE-2013-3858. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3848 | Version: | 8 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Word 2003 Microsoft Word 2007 Microsoft Word 2010 Microsoft Word Viewer Microsoft Office Compatibility Pack |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18333 | |||
| Oval ID: | oval:org.mitre.oval:def:18333 | ||
| Title: | Microsoft Office memory corruption vulnerability (CVE-2013-1315) - MS13-067 | ||
| Description: | Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-1315 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft SharePoint Server 2007 Microsoft SharePoint Server 2010 Microsoft Office Web Apps |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18442 | |||
| Oval ID: | oval:org.mitre.oval:def:18442 | ||
| Title: | Access File Format Memory Corruption Vulnerability (CVE-2013-3156) - MS13-074 | ||
| Description: | Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file, aka "Access File Format Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3156 | Version: | 12 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Microsoft Office Access 2007 Microsoft Office Access 2010 Microsoft Office Access 2013 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18464 | |||
| Oval ID: | oval:org.mitre.oval:def:18464 | ||
| Title: | Word Memory Corruption Vulnerability (CVE-2013-3853) - MS13-072 | ||
| Description: | Microsoft Office 2007 SP3 and Word 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3854. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3853 | Version: | 4 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Word 2007 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:18543 | |||
| Oval ID: | oval:org.mitre.oval:def:18543 | ||
| Title: | Microsoft Office Memory Corruption Vulnerability (CVE-2013-1315) MS13-073 (Mac OS X) | ||
| Description: | Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | ||
| Family: | macos | Class: | vulnerability |
| Reference(s): | CVE-2013-1315 | Version: | 3 |
| Platform(s): | Apple Mac OS X Apple Mac OS X Server | Product(s): | Microsoft Office 2011 for Mac |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:18551 | |||
| Oval ID: | oval:org.mitre.oval:def:18551 | ||
| Title: | Win32k Elevation of Privilege Vulnerability (CVE-2013-1343) - MS13-076 | ||
| Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-1343 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18553 | |||
| Oval ID: | oval:org.mitre.oval:def:18553 | ||
| Title: | Win32k Elevation of Privilege Vulnerability (CVE-2013-3864) - MS13-076 | ||
| Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-1344, and CVE-2013-3865. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3864 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18557 | |||
| Oval ID: | oval:org.mitre.oval:def:18557 | ||
| Title: | Internet Explorer Memory Corruption Vulnerability (CVE-2013-3202) - MS13-069 | ||
| Description: | Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3202 | Version: | 5 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Microsoft Internet Explorer 10 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18579 | |||
| Oval ID: | oval:org.mitre.oval:def:18579 | ||
| Title: | Windows Theme File Remote Code Execution Vulnerability - MS13-071 | ||
| Description: | Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, and Windows Server 2008 SP2 allow remote attackers to execute arbitrary code via a crafted screensaver in a theme file, aka "Windows Theme File Remote Code Execution Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0810 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18624 | |||
| Oval ID: | oval:org.mitre.oval:def:18624 | ||
| Title: | Access Memory Corruption Vulnerability (CVE-2013-3155) - MS13-074 | ||
| Description: | Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file, aka "Access Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3157. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3155 | Version: | 12 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Microsoft Office Access 2007 Microsoft Office Access 2010 Microsoft Office Access 2013 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18635 | |||
| Oval ID: | oval:org.mitre.oval:def:18635 | ||
| Title: | Word Memory Corruption Vulnerability (CVE-2013-3852) - MS13-072 | ||
| Description: | Microsoft Word 2003 SP3, 2007 SP3, and 2010 SP1; Office Compatibility Pack SP3; and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3852 | Version: | 8 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Word 2003 Microsoft Word 2007 Microsoft Word 2010 Microsoft Word Viewer Microsoft Office Compatibility Pack |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18650 | |||
| Oval ID: | oval:org.mitre.oval:def:18650 | ||
| Title: | Internet Explorer Memory Corruption Vulnerability (CVE-2013-3209) - MS13-069 | ||
| Description: | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3201, CVE-2013-3203, CVE-2013-3206, and CVE-2013-3207. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3209 | Version: | 5 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista | Product(s): | Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18651 | |||
| Oval ID: | oval:org.mitre.oval:def:18651 | ||
| Title: | Internet Explorer Memory Corruption Vulnerability (CVE-2013-3201) - MS13-069 | ||
| Description: | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3203, CVE-2013-3206, CVE-2013-3207, and CVE-2013-3209. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3201 | Version: | 5 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista | Product(s): | Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18660 | |||
| Oval ID: | oval:org.mitre.oval:def:18660 | ||
| Title: | Win32k Elevation of Privilege Vulnerability (CVE-2013-1341) - MS13-076 | ||
| Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-1341 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows 8 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18664 | |||
| Oval ID: | oval:org.mitre.oval:def:18664 | ||
| Title: | Access Memory Corruption Vulnerability (CVE-2013-3157) - MS13-074 | ||
| Description: | Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file, aka "Access Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3155. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3157 | Version: | 12 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Microsoft Office Access 2007 Microsoft Office Access 2010 Microsoft Office Access 2013 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18686 | |||
| Oval ID: | oval:org.mitre.oval:def:18686 | ||
| Title: | XML External Entities Resolution Vulnerability (CVE-2013-3159) - MS13-073 | ||
| Description: | Microsoft Excel 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Excel Viewer; and Microsoft Office Compatibility Pack SP3 allow remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka "XML External Entities Resolution Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3159 | Version: | 6 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Excel 2003 Microsoft Excel 2007 Microsoft Excel 2010 Microsoft Excel Viewer 2007 Microsoft Office Compatibility Pack |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18696 | |||
| Oval ID: | oval:org.mitre.oval:def:18696 | ||
| Title: | Internet Explorer Memory Corruption Vulnerability (CVE-2013-3205) - MS13-069 | ||
| Description: | Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3205 | Version: | 5 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18709 | |||
| Oval ID: | oval:org.mitre.oval:def:18709 | ||
| Title: | Word Memory Corruption Vulnerability (CVE-2013-3858) - MS13-072 | ||
| Description: | Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3847, CVE-2013-3848, and CVE-2013-3849. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3858 | Version: | 8 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Word 2003 Microsoft Word 2007 Microsoft Word 2010 Microsoft Word Viewer Microsoft Office Compatibility Pack |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18714 | |||
| Oval ID: | oval:org.mitre.oval:def:18714 | ||
| Title: | Win32k Elevation of Privilege Vulnerability (CVE-2013-1342) - MS13-076 | ||
| Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1343, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-1342 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18719 | |||
| Oval ID: | oval:org.mitre.oval:def:18719 | ||
| Title: | Internet Explorer Memory Corruption Vulnerability (CVE-2013-3845) - MS13-069 | ||
| Description: | Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3845 | Version: | 5 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18741 | |||
| Oval ID: | oval:org.mitre.oval:def:18741 | ||
| Title: | Word Memory Corruption Vulnerability (CVE-2013-3857) - MS13-072 | ||
| Description: | Microsoft Word Automation Services in SharePoint Server 2010 SP1 and SP2, Word Web App 2010 SP1 and SP2 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1 and SP2, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3857 | Version: | 8 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Word 2003 Microsoft Word 2007 Microsoft Word 2010 Microsoft Word Viewer Microsoft Office Compatibility Pack |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18749 | |||
| Oval ID: | oval:org.mitre.oval:def:18749 | ||
| Title: | Word Memory Corruption Vulnerability (CVE-2013-3847) - MS13-072 | ||
| Description: | Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3848, CVE-2013-3849, and CVE-2013-3858. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3847 | Version: | 8 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Word 2003 Microsoft Word 2007 Microsoft Word 2010 Microsoft Word Viewer Microsoft Office Compatibility Pack |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18750 | |||
| Oval ID: | oval:org.mitre.oval:def:18750 | ||
| Title: | Cross-site scripting vulnerability in Microsoft SharePoint (CVE-2013-3179) - MS13-067 | ||
| Description: | Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "SharePoint XSS Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3179 | Version: | 9 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft SharePoint Foundation 2010 Microsoft SharePoint Foundation 2013 Microsoft SharePoint Server 2007 Microsoft SharePoint Server 2010 Microsoft SharePoint Server 2013 Microsoft SharePoint Services 3.0 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18753 | |||
| Oval ID: | oval:org.mitre.oval:def:18753 | ||
| Title: | Word Memory Corruption Vulnerability (CVE-2013-3850) - MS13-072 | ||
| Description: | Microsoft Word 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3850 | Version: | 8 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Word 2003 Microsoft Word 2007 Microsoft Word 2010 Microsoft Word Viewer Microsoft Office Compatibility Pack |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18759 | |||
| Oval ID: | oval:org.mitre.oval:def:18759 | ||
| Title: | OLE Property Vulnerability - MS13-070 | ||
| Description: | Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via a crafted OLE object in a file, aka "OLE Property Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3863 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18774 | |||
| Oval ID: | oval:org.mitre.oval:def:18774 | ||
| Title: | Word Memory Corruption Vulnerability (CVE-2013-3849) - MS13-072 | ||
| Description: | Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3847, CVE-2013-3848, and CVE-2013-3858. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3849 | Version: | 8 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Word 2003 Microsoft Word 2007 Microsoft Word 2010 Microsoft Word Viewer Microsoft Office Compatibility Pack |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18792 | |||
| Oval ID: | oval:org.mitre.oval:def:18792 | ||
| Title: | Win32k Elevation of Privilege Vulnerability (CVE-2013-1344) - MS13-076 | ||
| Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-3864, and CVE-2013-3865. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-1344 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18797 | |||
| Oval ID: | oval:org.mitre.oval:def:18797 | ||
| Title: | Word Memory Corruption Vulnerability (CVE-2013-3856) - MS13-072 | ||
| Description: | Microsoft Word 2003 SP3 and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3856 | Version: | 4 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Word 2003 Microsoft Word Viewer |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:18800 | |||
| Oval ID: | oval:org.mitre.oval:def:18800 | ||
| Title: | Denial of service vulnerability in Microsoft SharePoint (CVE-2013-3848) - MS13-067 | ||
| Description: | Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3847, CVE-2013-3849, and CVE-2013-3858. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3848 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft SharePoint Server 2010 Microsoft Office Web Apps |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18801 | |||
| Oval ID: | oval:org.mitre.oval:def:18801 | ||
| Title: | Memory corruption vulnerability in Microsoft SharePoint (CVE-2013-3858) - MS13-067 | ||
| Description: | Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3847, CVE-2013-3848, and CVE-2013-3849. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3858 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Office Web Apps Microsoft SharePoint Server 2010 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18813 | |||
| Oval ID: | oval:org.mitre.oval:def:18813 | ||
| Title: | Win32k Elevation of Privilege Vulnerability (CVE-2013-3865) - MS13-076 | ||
| Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-1344, and CVE-2013-3864. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3865 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18819 | |||
| Oval ID: | oval:org.mitre.oval:def:18819 | ||
| Title: | Word Memory Corruption Vulnerability (CVE-2013-3160) - MS13-072 | ||
| Description: | Microsoft Office 2003 SP3 and 2007 SP3, Word 2003 SP3 and 2007 SP3, and Word Viewer allow remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka "XML External Entities Resolution Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3160 | Version: | 7 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Word 2003 Microsoft Word 2007 Microsoft Word Viewer Microsoft Office Compatibility Pack |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18855 | |||
| Oval ID: | oval:org.mitre.oval:def:18855 | ||
| Title: | Internet Explorer Memory Corruption Vulnerability (CVE-2013-3206) - MS13-069 | ||
| Description: | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3201, CVE-2013-3203, CVE-2013-3207, and CVE-2013-3209. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3206 | Version: | 5 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista | Product(s): | Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18857 | |||
| Oval ID: | oval:org.mitre.oval:def:18857 | ||
| Title: | Message Certificate Vulnerability (CVE-2013-3870) - MS13-068 | ||
| Description: | Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to execute arbitrary code by including many nested S/MIME certificates in an e-mail message, aka "Message Certificate Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3870 | Version: | 4 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Microsoft Outlook 2007 Microsoft Outlook 2010 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18916 | |||
| Oval ID: | oval:org.mitre.oval:def:18916 | ||
| Title: | Internet Explorer Memory Corruption Vulnerability (CVE-2013-3203) - MS13-069 | ||
| Description: | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3201, CVE-2013-3206, CVE-2013-3207, and CVE-2013-3209. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3203 | Version: | 5 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista | Product(s): | Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18942 | |||
| Oval ID: | oval:org.mitre.oval:def:18942 | ||
| Title: | Word memory corruption vulnerability in Microsoft SharePoint (CVE-2013-3857) - MS13-067 | ||
| Description: | Microsoft Word Automation Services in SharePoint Server 2010 SP1 and SP2, Word Web App 2010 SP1 and SP2 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1 and SP2, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3857 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft SharePoint Server 2010 Microsoft Office Web Apps |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18950 | |||
| Oval ID: | oval:org.mitre.oval:def:18950 | ||
| Title: | Microsoft Office Memory Corruption Vulnerability (CVE-2013-1315) - MS13-073 | ||
| Description: | Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-1315 | Version: | 6 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Excel 2003 Microsoft Excel 2007 Microsoft Excel 2010 Microsoft Excel 2013 Microsoft Excel Viewer 2007 Microsoft Office Compatibility Pack |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18951 | |||
| Oval ID: | oval:org.mitre.oval:def:18951 | ||
| Title: | Win32k Elevation of Privilege Vulnerability (CVE-2013-3866) - MS13-076 | ||
| Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3866 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18964 | |||
| Oval ID: | oval:org.mitre.oval:def:18964 | ||
| Title: | Internet Explorer Memory Corruption Vulnerability (CVE-2013-3207) - MS13-069 | ||
| Description: | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3201, CVE-2013-3203, CVE-2013-3206, and CVE-2013-3209. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3207 | Version: | 5 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista | Product(s): | Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18975 | |||
| Oval ID: | oval:org.mitre.oval:def:18975 | ||
| Title: | Internet Explorer Memory Corruption Vulnerability (CVE-2013-3204) - MS13-069 | ||
| Description: | Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3204 | Version: | 5 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18984 | |||
| Oval ID: | oval:org.mitre.oval:def:18984 | ||
| Title: | Microsoft Office Memory Corruption Vulnerability (CVE-2013-3158) - MS13-073 | ||
| Description: | Microsoft Excel 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3158 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Excel 2003 Microsoft Excel 2007 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:18988 | |||
| Oval ID: | oval:org.mitre.oval:def:18988 | ||
| Title: | Denial of service vulnerability in Microsoft SharePoint (CVE-2013-3847) - MS13-067 | ||
| Description: | Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3848, CVE-2013-3849, and CVE-2013-3858. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3847 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft SharePoint Server 2010 Microsoft Office Web Apps |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19009 | |||
| Oval ID: | oval:org.mitre.oval:def:19009 | ||
| Title: | Word Memory Corruption Vulnerability (CVE-2013-3854) - MS13-072 | ||
| Description: | Microsoft Office 2007 SP3 and Word 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3853. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3854 | Version: | 4 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Word 2007 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:19036 | |||
| Oval ID: | oval:org.mitre.oval:def:19036 | ||
| Title: | Denial of service vulnerability in Microsoft SharePoint (CVE-2013-0081) - MS13-067 | ||
| Description: | Microsoft SharePoint Portal Server 2003 SP3 and SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 do not properly process unassigned workflows, which allows remote attackers to cause a denial of service (W3WP process hang) via a crafted URL, aka "SharePoint Denial of Service Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0081 | Version: | 9 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft SharePoint Foundation 2010 Microsoft SharePoint Foundation 2013 Microsoft SharePoint Server 2007 Microsoft SharePoint Server 2010 Microsoft SharePoint Server 2013 Microsoft SharePoint Services 2.0 Microsoft SharePoint Services 3.0 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19040 | |||
| Oval ID: | oval:org.mitre.oval:def:19040 | ||
| Title: | MAC disabled vulnerability in Microsoft SharePoint and Microsoft Exchange Server (CVE-2013-1330) - MS13-067, MS13-105 | ||
| Description: | The default configuration of Microsoft SharePoint Portal Server 2003 SP3, SharePoint Server 2007 SP3 and 2010 SP1 and SP2, and Office Web Apps 2010 does not set the EnableViewStateMac attribute, which allows remote attackers to execute arbitrary code by leveraging an unassigned workflow, aka "MAC Disabled Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-1330 | Version: | 9 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Exchange Server 2007 Microsoft Exchange Server 2010 Microsoft Exchange Server 2013 Microsoft SharePoint Foundation 2010 Microsoft SharePoint Server 2007 Microsoft SharePoint Server 2010 Microsoft SharePoint Services 2.0 Microsoft SharePoint Services 3.0 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19100 | |||
| Oval ID: | oval:org.mitre.oval:def:19100 | ||
| Title: | Denial of service vulnerability in Microsoft SharePoint (CVE-2013-3849) - MS13-067 | ||
| Description: | Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3847, CVE-2013-3848, and CVE-2013-3858. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3849 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft SharePoint Server 2010 Microsoft Office Web Apps |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19136 | |||
| Oval ID: | oval:org.mitre.oval:def:19136 | ||
| Title: | Cross-site scripting vulnerability in Microsoft SharePoint (CVE-2013-3180) - MS13-067 | ||
| Description: | Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 and SP2 and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted POST request, aka "POST XSS Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3180 | Version: | 9 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft SharePoint Foundation 2010 Microsoft SharePoint Foundation 2013 Microsoft SharePoint Server 2010 Microsoft SharePoint Server 2013 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26382 | |||
| Oval ID: | oval:org.mitre.oval:def:26382 | ||
| Title: | Service Control Manager Double Free Vulnerability (MS13-077) | ||
| Description: | Double free vulnerability in Microsoft Windows 7 and Server 2008 R2 SP1 allows local users to gain privileges via a crafted service description that is not properly handled by services.exe in the Service Control Manager (SCM), aka "Service Control Manager Double Free Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3862 | Version: | 3 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 R2 | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
SAINT Exploits
| Description | Link |
|---|---|
| Internet Explorer CCaret UpdateScreenCaret Memory Corruption | More info here |
| Windows Crafted Theme File Handling Vulnerability | More info here |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2013-12-12 | IAVM : 2013-A-0231 - Multiple Vulnerabilities in Microsoft Exchange Server Severity : Category I - VMSKEY : V0042592 |
| 2013-09-12 | IAVM : 2013-B-0099 - Multiple Remote Code Execution Vulnerabilities in Microsoft Access Severity : Category II - VMSKEY : V0040287 |
| 2013-09-12 | IAVM : 2013-A-0177 - Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform Severity : Category I - VMSKEY : V0040288 |
| 2013-09-12 | IAVM : 2013-A-0178 - Multiple Vulnerabilities in Microsoft Office Severity : Category II - VMSKEY : V0040289 |
| 2013-09-12 | IAVM : 2013-A-0176 - Microsoft Windows Object Linking and Embedding (OLE) Remote Code Execution Vu... Severity : Category II - VMSKEY : V0040290 |
| 2013-09-12 | IAVM : 2013-A-0174 - Multiple Remote Code Execution Vulnerabilities in Microsoft SharePoint Server Severity : Category II - VMSKEY : V0040292 |
| 2013-09-12 | IAVM : 2013-A-0173 - Microsoft Outlook Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0040293 |
| 2013-09-12 | IAVM : 2013-A-0171 - Multiple Remote Code Execution Vulnerabilities in Microsoft Excel Severity : Category I - VMSKEY : V0040295 |
| 2013-09-12 | IAVM : 2013-B-0104 - Microsoft Windows Theme File Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0040299 |
| 2013-09-12 | IAVM : 2013-B-0103 - Microsoft Windows Service Control Manager Privilege Escalation Vulnerability Severity : Category II - VMSKEY : V0040300 |
| 2013-09-12 | IAVM : 2013-B-0102 - Microsoft Office Input Method Editor (IME) Privilege Escalation Vulnerability Severity : Category II - VMSKEY : V0040301 |
| 2013-09-12 | IAVM : 2013-B-0101 - Microsoft FrontPage Information Disclosure Vulnerability Severity : Category I - VMSKEY : V0040302 |
| 2013-09-12 | IAVM : 2013-B-0100 - Microsoft Active Directory Denial of Service Vulnerability Severity : Category I - VMSKEY : V0040303 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2019-07-23 | Microsoft Office Excel malicious cce value following a PtgMemFunc token RuleID : 50462 - Revision : 1 - Type : FILE-OFFICE |
| 2019-07-23 | Microsoft Office Excel malicious cce value following a PtgMemFunc token RuleID : 50461 - Revision : 1 - Type : FILE-OFFICE |
| 2019-04-02 | Microsoft Access arbitrary code execution attempt RuleID : 49300 - Revision : 3 - Type : FILE-OFFICE |
| 2019-04-02 | Microsoft Access arbitrary code execution attempt RuleID : 49299 - Revision : 3 - Type : FILE-OFFICE |
| 2019-03-28 | Microsoft Access arbitrary code execution attempt RuleID : 49286 - Revision : 3 - Type : FILE-OFFICE |
| 2019-03-28 | Microsoft Access arbitrary code execution attempt RuleID : 49285 - Revision : 2 - Type : FILE-OFFICE |
| 2016-11-15 | Microsoft Office Excel malicious cce value following a PtgMemFunc token RuleID : 40460 - Revision : 3 - Type : FILE-OFFICE |
| 2016-11-15 | Microsoft Office Excel malicious cce value following a PtgMemFunc token RuleID : 40459 - Revision : 3 - Type : FILE-OFFICE |
| 2016-07-26 | Microsoft Office Excel RealTimeData record exploit attempt RuleID : 39347 - Revision : 2 - Type : FILE-OFFICE |
| 2016-07-26 | Microsoft Office Excel RealTimeData record exploit attempt RuleID : 39346 - Revision : 2 - Type : FILE-OFFICE |
| 2016-03-22 | Microsoft Internet Explorer CDisplayPointer use after free attempt RuleID : 37811 - Revision : 1 - Type : BROWSER-IE |
| 2016-03-22 | Microsoft Internet Explorer CDisplayPointer use after free attempt RuleID : 37810 - Revision : 1 - Type : BROWSER-IE |
| 2015-02-18 | Microsoft Internet Explorer CTreePos Use After Free attempt RuleID : 33098 - Revision : 7 - Type : BROWSER-IE |
| 2015-02-18 | Microsoft Internet Explorer CTreePos Use After Free attempt RuleID : 33097 - Revision : 7 - Type : BROWSER-IE |
| 2015-02-18 | Microsoft Internet Explorer CTreePos Use After Free attempt RuleID : 33096 - Revision : 7 - Type : BROWSER-IE |
| 2015-02-18 | Microsoft Internet Explorer CTreePos Use After Free attempt RuleID : 33095 - Revision : 7 - Type : BROWSER-IE |
| 2014-11-16 | Microsoft Access memory corruption attempt RuleID : 31537 - Revision : 3 - Type : FILE-OFFICE |
| 2014-11-16 | Microsoft Access memory corruption attempt RuleID : 31536 - Revision : 3 - Type : FILE-OFFICE |
| 2014-11-16 | Microsoft Access memory corruption attempt RuleID : 31535 - Revision : 3 - Type : FILE-OFFICE |
| 2014-11-16 | Microsoft Access memory corruption attempt RuleID : 31534 - Revision : 3 - Type : FILE-OFFICE |
| 2014-04-24 | Microsoft Office Excel malicious cce value following a PtgMemFunc token RuleID : 30243 - Revision : 5 - Type : FILE-OFFICE |
| 2014-04-24 | Microsoft Office Excel malicious cce value following a PtgMemFunc token RuleID : 30242 - Revision : 5 - Type : FILE-OFFICE |
| 2014-01-23 | Microsoft Internet Explorer CDisplayPointer use after free attempt RuleID : 29035 - Revision : 5 - Type : BROWSER-IE |
| 2014-01-23 | Microsoft Internet Explorer CDisplayPointer use after free attempt RuleID : 29034 - Revision : 5 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer javascript call method type confusion attempt RuleID : 28232 - Revision : 2 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer javascript call method type confusion attempt RuleID : 28231 - Revision : 2 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Windows Active Directory LDAP denial of service attempt RuleID : 27860 - Revision : 3 - Type : OS-WINDOWS |
| 2014-01-10 | Microsoft Office Word malformed OCXINFO element EoP attempt RuleID : 27859 - Revision : 4 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Word malformed OCXINFO element EoP attempt RuleID : 27858 - Revision : 4 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Word document invalid cell count memory corruption attempt RuleID : 27857 - Revision : 2 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Word document invalid cell count memory corruption attempt RuleID : 27856 - Revision : 2 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Word document invalid cell count memory corruption attempt RuleID : 27855 - Revision : 3 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Word document invalid cell count memory corruption attempt RuleID : 27854 - Revision : 3 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Word invalid number of cells memory corruption attempt RuleID : 27853 - Revision : 3 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Word invalid number of cells memory corruption attempt RuleID : 27852 - Revision : 3 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office SDTI signed integer underflow attempt RuleID : 27851 - Revision : 5 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office SDTI signed integer underflow attempt RuleID : 27850 - Revision : 4 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Internet Explorer iframe execCommand use after free attempt RuleID : 27846 - Revision : 2 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer iframe execCommand use after free attempt RuleID : 27845 - Revision : 2 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer CTreePos object use-after-free attempt RuleID : 27844 - Revision : 7 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer CTreePos object use-after-free attempt RuleID : 27843 - Revision : 6 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer CSegment object use after free attempt RuleID : 27842 - Revision : 2 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer 9 MutationEvent use after free attempt RuleID : 27841 - Revision : 6 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer range markup switch use after free attempt RuleID : 27840 - Revision : 3 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer range markup switch use after free attempt RuleID : 27839 - Revision : 3 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer CDisplayPointer use after free attempt RuleID : 27838 - Revision : 5 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer CDisplayPointer use after free attempt RuleID : 27837 - Revision : 5 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer AddOption use after free attempt RuleID : 27836 - Revision : 3 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer AddOption use after free attempt RuleID : 27835 - Revision : 3 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer javascript apply method type confusion attempt RuleID : 27834 - Revision : 2 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer javascript call method type confusion attempt RuleID : 27833 - Revision : 2 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer javascript apply method type confusion attempt RuleID : 27832 - Revision : 2 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer javascript call method type confusion attempt RuleID : 27831 - Revision : 2 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer hgroup element DOM reset use after free attempt RuleID : 27830 - Revision : 2 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer hgroup element DOM reset use after free attempt RuleID : 27829 - Revision : 2 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft SharePoint self cross site scripting attempt RuleID : 27828 - Revision : 3 - Type : SERVER-WEBAPP |
| 2014-01-10 | Microsoft SharePoint self cross site scripting attempt RuleID : 27827 - Revision : 3 - Type : SERVER-WEBAPP |
| 2014-01-10 | Microsoft SharePoint self cross site scripting attempt RuleID : 27826 - Revision : 3 - Type : SERVER-WEBAPP |
| 2014-01-10 | Microsoft Office Excel invalid external defined names read AV attempt RuleID : 27825 - Revision : 2 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel invalid external defined names read AV attempt RuleID : 27824 - Revision : 2 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office SharePoint malicious serialized viewstate evaluation attempt RuleID : 27823 - Revision : 3 - Type : SERVER-WEBAPP |
| 2014-01-10 | Microsoft Windows XP .theme file remote code execution attempt RuleID : 27822 - Revision : 9 - Type : FILE-OTHER |
| 2014-01-10 | Microsoft Office Excel PtgMemFunc zero-value cce-field read access violation ... RuleID : 27821 - Revision : 4 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel PtgMemFunc zero-value cce-field read access violation ... RuleID : 27820 - Revision : 4 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft SharePoint denial of service attempt RuleID : 27819 - Revision : 3 - Type : SERVER-OTHER |
| 2014-01-10 | Microsoft SharePoint denial of service attempt RuleID : 27818 - Revision : 3 - Type : SERVER-OTHER |
| 2014-01-10 | XML parameter entity reference local file disclosure attempt RuleID : 26626 - Revision : 6 - Type : FILE-OFFICE |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2013-12-11 | Name : The remote mail server has multiple vulnerabilities. File : smb_nt_ms13-105.nasl - Type : ACT_GATHER_INFO |
| 2013-09-17 | Name : The version of Microsoft Office installed on the remote Windows host has a pr... File : smb_nt_ms13-075.nasl - Type : ACT_GATHER_INFO |
| 2013-09-11 | Name : An application installed on the remote Mac OS X host is affected by multiple ... File : macosx_ms13-073.nasl - Type : ACT_GATHER_INFO |
| 2013-09-11 | Name : The remote host is affected by multiple vulnerabilities. File : smb_nt_ms13-067.nasl - Type : ACT_GATHER_INFO |
| 2013-09-11 | Name : The version of Microsoft Office installed on the remote Windows is affected b... File : smb_nt_ms13-068.nasl - Type : ACT_GATHER_INFO |
| 2013-09-11 | Name : The remote host is affected by multiple code execution vulnerabilities. File : smb_nt_ms13-069.nasl - Type : ACT_GATHER_INFO |
| 2013-09-11 | Name : The remote Windows host is affected by a code execution vulnerability. File : smb_nt_ms13-070.nasl - Type : ACT_GATHER_INFO |
| 2013-09-11 | Name : The remote Windows host is affected by a code execution vulnerability. File : smb_nt_ms13-071.nasl - Type : ACT_GATHER_INFO |
| 2013-09-11 | Name : The Microsoft Office component installed on the remote host is affected by mu... File : smb_nt_ms13-072.nasl - Type : ACT_GATHER_INFO |
| 2013-09-11 | Name : It is possible to execute arbitrary code on the remote host through Microsoft... File : smb_nt_ms13-073.nasl - Type : ACT_GATHER_INFO |
| 2013-09-11 | Name : It is possible to execute arbitrary code on the remote host through Microsoft... File : smb_nt_ms13-074.nasl - Type : ACT_GATHER_INFO |
| 2013-09-11 | Name : The Windows kernel on the remote host is affected by multiple vulnerabilities. File : smb_nt_ms13-076.nasl - Type : ACT_GATHER_INFO |
| 2013-09-11 | Name : The remote host is affected by a privilege escalation vulnerability. File : smb_nt_ms13-077.nasl - Type : ACT_GATHER_INFO |
| 2013-09-11 | Name : The remote host is affected by an information disclosure vulnerability. File : smb_nt_ms13-078.nasl - Type : ACT_GATHER_INFO |
| 2013-09-11 | Name : The remote host is affected by an Active Directory denial of service vulnerab... File : smb_nt_ms13-079.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2013-10-11 13:31:26 |
|
| 2013-09-11 05:19:27 |
|
