Download
| Alert*
|
oval:org.mitre.oval:def:396
A version of Microsoft Windows Server 2003 (ia64) Gold is installed. oval:org.mitre.oval:def:1816 Double free vulnerability in Microsoft Windows 2000, XP, 2003, and Vista allows local users to gain privileges by calling the MessageBox function with a MB_SERVICE_NOTIFICATION message with crafted data, which sends a HardError message to Client/Server Runtime Server Subsystem (CSRSS) process, which ... oval:org.mitre.oval:def:2013 The Client Server Run-Time Subsystem (CSRSS) in Microsoft Windows allows local users to cause a denial of service (crash) or read arbitrary memory from csrss.exe via crafted arguments to the NtRaiseHardError function with status 0x50000018, a different vulnerability than CVE-2006-6696. oval:org.mitre.oval:def:2034 Unspecified vulnerability in Microsoft Agent (msagent\agentsvr.exe) in Windows 2000 SP4, XP SP2, and Server 2003, 2003 SP1, and 2003 SP2 allows remote attackers to execute arbitrary code via crafted URLs, which result in memory corruption. oval:org.mitre.oval:def:679 The patch IE7-KB929969-WindowsServer2003-ia64-enu.exe that addresses the vulnerabilities discussed in Microsoft Security Bulletin MS07-004 should be installed. oval:org.secpod.oval:def:3302 The host is missing a critical security update according to Microsoft security bulletin, MS08-008. The update is required to fix remote code execution vulnerability. A flaw is present in Object Linking and Embedding (OLE) Automation, which fails to handle a specially crafted Web page. Successful exp ... oval:org.mitre.oval:def:5388 Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, Office 2004 for Mac, and Visual basic 6.0 SP6 allows remote attackers to execute arbitrary code via a crafted script request. oval:org.secpod.oval:def:2246 The host is installed with Windows Internet Name Service (WINS) and is prone to privilege elevation vulnerability. A flaw is present in the application which is caused by a sequence of specially crafted packets received on the loopback interface. Successful exploitation allows attacker to execute ar ... oval:org.mitre.oval:def:5 Microsoft Internet Explorer 5 SP4 and 6 do not properly garbage collect when "multiple imports are used on a styleSheets collection" to construct a chain of Cascading Style Sheets (CSS), which allows remote attackers to execute arbitrary code via unspecified vectors. oval:org.mitre.oval:def:6508 Stack consumption vulnerability in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows remote authenticated users to cause a denial of service (daemon crash) via a list (ls) -R command containing a wildcard that references a subdirectory, followed by a .. (dot dot ... oval:org.mitre.oval:def:6080 Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability." oval:org.secpod.oval:def:2643 The host is missing an important security update according to Microsoft security bulletin, MS09-053. The update is required to fix remote code execution vulnerabilities. The flaws are present in the FTP Service in Microsoft Internet Information Services, which fails to handle the FTP Service list op ... oval:org.secpod.oval:def:4133 The host is installed with Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, R2 SP1, Windows 7 Gold or SP1 on 64-bit platforms and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly validate ... oval:org.secpod.oval:def:1733 The host is installed with Microsoft Chart controls and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle special characters within a specially crafted URI. Successful exploitation could allow attackers to gain sensitive information. oval:org.secpod.oval:def:2537 The host is installed with Microsoft Active Accessibility component and is prone to a remote code execution vulnerability. A flaw is present in the Microsoft Active Accessibility component, which fails to handle specially crafted dynamic link library file present in the same network directory. Succe ... oval:org.secpod.oval:def:2548 The host is installed with Microsoft .NET Framework or Microsoft Silverlight and is prone to a remote code execution vulnerability. Flaws are present in the Microsoft ASP.NET and Microsoft Silverlight, which fails to handle specially crafted web pages. Successful exploitation could allow attackers t ... |
