Lucene search
K

157 matches found

OpenVAS
OpenVAS
added 2011/09/14 12:0 a.m.62 views

Microsoft SharePoint Server 2007 '_layouts/help.aspx' Cross Site Scripting Vulnerability

Microsoft SharePoint Server 2007 and SharePoint Services 3.0 are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

4.3CVSS6.2AI score0.28707EPSS
Exploits1References8
seebug.org
seebug.org
added 2011/08/10 12:0 a.m.35 views

Microsoft Windows DNS Server未初始化内存远程拒绝服务漏洞

Bugtraq ID: 49019 CVE ID:CVE-2011-1970 Microsoft Windows是一款流行的操作系统。 Windows DNS服务处理一个查询不存在域的请求时存在错误,不正确处理未初始化的内存对象可导致DNS服务停止响应,造成拒绝服务攻击。 Microsoft Windows Server 2008 Standard Edition SP2 Microsoft Windows Server 2008 Standard Edition Release Candidate Microsoft Windows Server 2008 Standard Editi...

5CVSS6.2AI score0.23037EPSS
Exploits1
ThreatPost
ThreatPost
added 2011/06/14 8:16 p.m.10 views

Microsoft Ships 16 Fixes in June's Patch Tuesday

Microsoft patched nine critical vulnerabilities and seven important vulnerabilities, pushing out a total of 16 patches in the June edition of Patch Tuesday. One of the bugs patched was used to compromise Internet Explorer during the Pwn2Own contest this year. Four of the critical vulnerabilities...

1.1AI score
Exploits0References3
CISA
CISA
added 2011/01/28 12:0 a.m.11 views

Microsoft Releases Security Advisory 2501696

Microsoft has released Microsoft security advisory 2501696 indicating that it is investigating public reports of a vulnerability affecting Windows. This vulnerability is due to the way MHTML interprets MIME-formatted requests for content blocks within a document. Exploitation of this vulnerabilit...

6.3AI score
Exploits0References3
Exploit DB
Exploit DB
added 2010/09/28 12:0 a.m.38 views

Microsoft Internet Explorer - 'Winhlp32.exe' MsgBox Code Execution (MS10-023) (Metasploit)

$Id: ms10022ievbscriptwinhlp32.rb 10504 2010-09-28 16:19:50Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7.6CVSS7AI score0.86367EPSS
Exploits7
seebug.org
seebug.org
added 2010/06/10 12:0 a.m.59 views

Office Excel OBJ记录解析栈溢出漏洞(MS10-038)

BUGTRAQ ID: 40520 CVE ID: CVE-2010-0822 Excel是微软Office套件中的电子表格工具。 Excel在解析电子表格中的畸形OBJ(recType 0x5D)记录时存在栈溢出漏洞,用户受骗打开了畸形的Excel文档就会导致执行任意代码。 Microsoft Excel 2002 SP3 Microsoft Office 2008 for Mac Microsoft Office 2004 for Mac 临时解决方法: 不要打开从不可信任来源接收到或从可信任来源意外接收到的Excel文件。 厂商补丁: Microsoft ---------...

9.3CVSS2.4AI score0.70121EPSS
Exploits21
Packet Storm
Packet Storm
added 2009/12/01 12:0 a.m.27 views

Microsoft Technet Cross Site Scripting

A cross site scripting vulnerability was discovered by t3am3lite on the Microsoft technet site. Full blog with screenshots: http://security-sh3ll.blogspot.com/2009/11/microsoft-technet-vulnerable-to-cross.html Exploitation:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/09/09 12:0 a.m.164 views

Microsoft Windows Vista/7 - SMB2.0 Negotiate Protocol Request Remote Blue Screen of Death (MS07-063)

============================================= - Release date: September 7th, 2009 - Discovered by: Laurent Gaffié - Severity: High ============================================= I. VULNERABILITY ------------------------- Windows Vista, Server 2008 R2, 7 RC : SMB2.0 NEGOTIATE PROTOCOL REQUEST Remo...

7.4AI score
Exploits0
Metasploit
Metasploit
added 2009/04/15 9:38 p.m.36 views

Microsoft Whale Intelligent Application Gateway ActiveX Control Buffer Overflow

This module exploits a stack buffer overflow in Microsoft Whale Intelligent Application Gateway Whale Client. When sending an overly long string to CheckForUpdates method of WhlMgr.dll 3.1.502.64 an attacker may be able to execute arbitrary code. This module requires Metasploit:...

9.3CVSS7.8AI score0.45535EPSS
Exploits6
seebug.org
seebug.org
added 2009/04/08 12:0 a.m.39 views

PowerPoint畸形文件解析代码执行漏洞

BUGTRAQ ID: 34351 CVECAN ID: CVE-2009-0556 Microsoft PowerPoint是微软Office套件中的文档演示工具。 PowerPoint在解析特制的PPT文件时可能会导致访问内存中的无效对象,这可能允许攻击者执行任意代码。目前这个漏洞正在被名为Exploit:Win32/Apptom.gen的病毒积极的理由。 Microsoft PowerPoint 2004 for Mac Microsoft PowerPoint 2003 SP3 Microsoft PowerPoint 2002 SP3 Microsoft PowerPoint...

9.3CVSS6.4AI score0.67539EPSS
Exploits5
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.28 views

SMB Registry : SQL7 Patches

The remote SQL server seems to be vulnerable to the SQL abuse vulnerability described in technet article Q256052. This problem allows an attacker who has to ability to execute SQL queries on this host to gain elevated privileges. OpenVAS Vulnerability Test $Id: smbmssql7.nasl 6056 2017-05-02...

7.5CVSS0.7AI score0.49698EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 1970/01/01 12:0 a.m.22 views

Security update 1970-01-01

...

7AI score
Exploits0
Microsoft KB
Microsoft KB
added 1970/01/01 12:0 a.m.34 views

Security update 1970-01-01

...

7AI score
Exploits0
Microsoft KB
Microsoft KB
added 1970/01/01 12:0 a.m.39 views

Internet Explorer help

None None...

5.8AI score
Exploits0
Microsoft KB
Microsoft KB
added 1970/01/01 12:0 a.m.51 views

Internet Explorer help

None None...

5.8AI score
Exploits0
Microsoft KB
Microsoft KB
added 1970/01/01 12:0 a.m.14 views

Security update 1970-01-01

...

5.3AI score
Exploits0
Microsoft KB
Microsoft KB
added 1970/01/01 12:0 a.m.36 views

MS11-012: Vulnerabilities in Windows kernel-mode drivers could allow elevation of privilege

None None...

5.3AI score
Exploits0
Rows per page
Query Builder