312 matches found
MS Security Advisory 2974294: Vulnerability in Microsoft Malware Protection Engine Could Allow Denial of Service
A vulnerable version of Microsoft Malware Protection Engine MMPE is installed on the remote host. Scanning a maliciously crafted file could prevent the Malware Protection Engine from monitoring affected systems until the file is manually removed and the service is restarted. This plugin checks if...
Microsoft Releases Security Advisory for Microsoft Malware Protection Engine
Microsoft has released a security advisory to address a vulnerability to the Microsoft Malware Protection Engine. Successful exploitation of the vulnerability could allow an attacker to cause a denial of service. An update is available for the following affected software: Microsoft Forefront Clie...
Ancient 'STONED' Virus Signatures found in Bitcoin Blockchain
If you are dealing in cryptocurrency Bitcoin and have Microsoft's Security Essentials MSE installed on your system, then you could be infected by a virus called "DOS/STONED" from the Bitcoin BlockChain. With a number of high-profile cases of fraud, theft, and technical incompetence against the...
CVE-2013-5402
Cross-site scripting XSS vulnerability in IBM Maximo Asset Management, Maximo Asset Management Essentials, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities 7.1.x through 7.1.1.12, 7.1.2, 7.5 befo...
Microsoft Security Essentials outdated libraries
Outdated runtime libraries with known vulnerabilities are installed in Windows XP / 2003...
Vulnerable Microsoft VC++ 2005 RTM runtime libraries installed with "Microsoft Security Essentials" (and numerous other Microsoft products)
Hi @ll, this is part 2 of "Defense in depth -- the Microsoft way", see http://seclists.org/fulldisclosure/2013/May/107 On Windows NT 5.x the current "Microsoft Security Essentials" v4.2 available from http://www.microsoft.com/securityessentials, and offered as optional update KB2804527 via...
Microsoft Windows Essentials information leakage
Microsoft Writer invalid URL handling...
CVE-2013-0096
Writer in Microsoft Windows Essentials 2011 and 2012 allows remote attackers to bypass proxy settings and overwrite arbitrary files via crafted URL parameters, aka "Windows Essentials Improper URI Handling Vulnerability."...
CVE-2013-0096
Writer in Microsoft Windows Essentials 2011 and 2012 allows remote attackers to bypass proxy settings and overwrite arbitrary files via crafted URL parameters, aka "Windows Essentials Improper URI Handling Vulnerability."...
Spoofing
Writer in Microsoft Windows Essentials 2011 and 2012 allows remote attackers to bypass proxy settings and overwrite arbitrary files via crafted URL parameters, aka "Windows Essentials Improper URI Handling Vulnerability."...
CVE-2013-0096
Writer in Microsoft Windows Essentials 2011 and 2012 allows remote attackers to bypass proxy settings and overwrite arbitrary files via crafted URL parameters, aka "Windows Essentials Improper URI Handling Vulnerability."...
CVE-2013-0096
CVE-2013-0096 relates to Microsoft Windows Essentials Writer: an information-disclosure vulnerability in Windows Essentials 2011/2012 where specially crafted URLs could cause a user’s proxy settings to be bypassed and files overwritten. Exploitation relies on handling of URIs by Windows Writer, e...
MS13-045: Vulnerability in Windows Essentials Could Allow Information Disclosure (2813707)
The version of Windows Essentials 2011 or 2012 installed on the remote host has an information disclosure vulnerability. Windows Writer, part of Windows Essentials, fails to properly handle specially crafted URLs. A remote attacker could exploit this by tricking a user into opening a maliciously...
Windows Essentials Information Disclosure Vulnerability (2813707)
This host is missing an important security update according to Microsoft Bulletin MS13-045. OpenVAS Vulnerability Test $Id: secpodms13-045.nasl 8160 2017-12-18 15:33:57Z cfischer $ Windows Essentials Information Disclosure Vulnerability 2813707 Authors: Arun Kallavi Copyright: Copyright c 2013...
Windows Essentials Information Disclosure Vulnerability (2813707)
This host is missing an important security update according to Microsoft Bulletin MS13-045. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...
MS Security Advisory 2846338: Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution
A vulnerable version of Microsoft Malware Protection Engine MMPE is installed on the remote host. Scanning a maliciously crafted file can result in arbitrary code execution. This plugin checks if a vulnerable version of MMPE is being used by any of the following applications : - Microsoft Forefro...
Windows Live Essentials Version Detection
Detects the installed version of Windows Live Essentials on Windows. The script logs in via smb, searches for Windows Live Essentials in the registry, gets the from registry. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...
Microsoft Windows Essentials Installed
Windows Essentials formerly Windows Live Essentials and Windows Live Installer is installed on the remote host. Windows Essentials is a suite of applications for Windows. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid66420; scriptversion"1.8";...
Windows Live Essentials Improper URI Handling Vulnerability (MS13-045; CVE-2013-0096)
An information disclosure vulnerability exists when Windows Live Writer fails to properly handle a specially crafted URL. An attacker who successfully exploited this vulnerability could perform various actions on behalf of the logged-on user. These actions include the ability to overwrite files a...
Microsoft Windows Essentials CVE-2013-0096 URI Handling Information Disclosure Vulnerability
Description Microsoft Windows Essentials is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows Essentials 2011 Microsoft Windows Essentials 2012 Recommendations...