Download
| Alert*
|
oval:org.secpod.oval:def:10947
The host is installed with .NET Framework 4.5 and is prone to authentication bypass vulnerability. A flaw is present in the application, which fails to create policy requirements for custom Windows Communication Foundation (WCF) endpoint authentication in certain situations involving passwords over ... oval:org.secpod.oval:def:10945 The host is missing an important security update according to Microsoft bulletin, MS13-040. The update is required to fix spoofing vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted XML file. Successful exploitation allows attackers to gain access ... oval:org.secpod.oval:def:10946 The host is installed with .NET Framework 2.0, 3.5, 3.5.1, 4.0 or 4.5 and is prone to spoofing vulnerability. A flaw is present in the application, which fails to check signatures in XML file. Successful exploitation allows attackers to make undetected changes to signed XML documents via unspecified ... oval:org.secpod.oval:def:18533 The host is installed with .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4.0, 4.5 or 4.5.1 and is prone to privilege escalation vulnerability. A flaw is present in the application, which fails to handles TypeFilterLevel checks for some malformed objects. Successful exploitation allows attacker to exe ... oval:org.secpod.oval:def:18532 The host is missing an important security update according to Microsoft bulletin, MS14-026. The update is required to fix multiple vulnerabilities. The flaw is present in the .NET Remoting implementation, which fails to handle a crafted website. Successful exploitation allows attacker to execute arb ... oval:org.secpod.oval:def:21094 The host is missing a critical security update according to Microsoft bulletin, MS14-053. The update is required to fix a denial of service vulnerability. A flaw are present in the applications, which does not properly use a hash table for request data. Successful exploitation allows for an unauthen ... oval:org.secpod.oval:def:21373 The host is installed with .Net framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1 or 4.5.2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly parse specially crafted internationalized resource identifiers resulting in memory corruption. Su ... oval:org.secpod.oval:def:21095 The host is installed with .Net framework 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1 or 4.5.2 and is prone to denial of service vulnerability. A flaw are present in the applications, which does not properly use a hash table for request data. Successful exploitation allows for an unauthenti ... oval:org.secpod.oval:def:21835 The host is missing a important security update according to Microsoft security advisory, 2905247. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a improper configuration of view state MAC. Successful exploitation al ... oval:org.secpod.oval:def:24110 The host is installed with .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4.0, 4.5 or 4.5.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which improperly handles certain requests on systems that have custom error messages disabled. Successful exploitat ... oval:org.secpod.oval:def:24111 The host is missing an important security update according to Microsoft bulletin, MS15-041. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which improperly handles certain requests on systems that have custom error messages disabled. Succ ... oval:org.secpod.oval:def:24339 The host is installed with Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 and is prone to an opentype font parsing vulnerability. A flaw is present in the applications, which fail to handle a crafted OpenType font. Successful exploitation could allow attackers to execute arbi ... oval:org.secpod.oval:def:21565 The host is missing an important security update according to Microsoft bulletin, MS14-072. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle TypeFilterLevel checks for some malformed objects. Successful exploitation al ... oval:org.secpod.oval:def:21564 The host is installed with .NET Framework 1.1 SP1, 2.0 SP2, 3.5.1, 4.0, 4.5 or 4.5.1 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to handle TypeFilterLevel checks for some malformed objects. Successful exploitation allows attacker to execute ... oval:org.secpod.oval:def:25853 The host is installed with Microsoft Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2, .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 or 4.6 and is prone to an Onetype font parsing vulnerability. A flaw ... oval:org.secpod.oval:def:24303 The host is installed with .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4.0, 4.5, 4.5.1 or 4.5.2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Forms, which improperly handle objects in memory. Successful exploitation allows attackers to take complete contr ... oval:org.secpod.oval:def:21375 The host is missing a critical security update according to Microsoft bulletin, MS14-057. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a specially crafted URI request containing international characters. Successful exploitati ... oval:org.secpod.oval:def:21372 The host is installed with .Net framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1 or 4.5.2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which inadvertently processes data prior to verification. Successful exploitation allows attacker to take complete cont ... oval:org.secpod.oval:def:24304 The host is installed with .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.0, 4.5, 4.5.1 or 4.5.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which improperly handle crafted XML data. Successful exploitation allows attackers to degrade the performance of a .NET-ena ... oval:org.secpod.oval:def:24305 The host is missing an important security update according to Microsoft bulletin, MS15-048. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle a specially crafted vectors. Successful exploitation could allow attackers to t ... oval:org.secpod.oval:def:5130 The host is missing an important security update according to Microsoft security bulletin, MS12-025. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to properly validate parameters when passing data to a function. Successful expl ... oval:org.secpod.oval:def:5129 The host is installed with Microsoft .NET Framework 1.1 SP1 or 2.0 SP2 or 3.5.1 or 4 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to properly validate parameters when passing data to a function. Successful exploitation allows remote attackers ... oval:org.secpod.oval:def:16786 The host is missing a important security update according to Microsoft bulletin, MS14-009. The update is required to fix multiple vulnerabilities. The flaws are present in microsoft graphic component, which fails to handle a crafted website. Successful exploitation allows remote attackers to bypass ... oval:org.secpod.oval:def:16789 The host is installed with .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4.0, 4.5 or 4.5.1 and is prone to type traversal vulnerability. A flaw is present in the application, which improperly verifies that a method is safe for execution. Successful exploitation allows attacker to take complete contro ... oval:org.secpod.oval:def:16788 The host is installed with .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4.0, 4.5 or 4.5.1 and is prone to post request denial of service vulnerability. A flaw is present in the application, which improperly identifies stale or closed HTTP client connections. Successful exploitation allows attackers ... oval:org.secpod.oval:def:7923 Microsoft .NET Framework 4.5 is installed oval:org.secpod.oval:def:15663 The host is installed with .Net framework 2.0, 3.5.1, 4.0 or 4.5 and is prone to an entity expansion vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:15664 The host is installed with .Net framework 2.0, 3.5.1, 4.0 or 4.5 and is prone to a JSON parsing vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:15661 The host is missing a critical security update, according to Microsoft bulletin MS13-082. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the application, which fails to handle crafted OpenType font (OTF) file. Successful exploitation could allo ... oval:org.secpod.oval:def:15662 The host is installed with .Net framework 3.0, 3.5.1, 4.0 or 4.5 and is prone to an openType font parsing vulnerability. A flaw is present in the application, which fails to handle a crafted OTF file. Successful exploitation could allow attackers to take complete control of an affected system. oval:org.secpod.oval:def:14327 The host is installed with Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, 4 or 4.5 and is prone to delegate reflection bypass vulnerability. A flaw is present in the application, which fails to properly check the permissions of objects that use reflection. Successful exploitation allows ... oval:org.secpod.oval:def:14325 Microsoft .NET Framework 2.0 SP2, 3.5.1, 4 or 4.5 on 64-bit platforms and is prone to array allocation vulnerability. A flaw is present in the application, which fails to properly allocate arrays of structures. Successful exploitation allows attackers to execute arbitrary code. oval:org.secpod.oval:def:14326 The host is installed with Microsoft .NET Framework 2.0 SP2, 3.5.1, 4 or 4.5 and is prone to anonymous method injection vulnerability. A flaw is present in the application, which fails to properly check the permissions of objects that use reflection. Successful exploitation allows attackers to execu ... oval:org.secpod.oval:def:14324 The host is installed with Microsoft .NET Framework 2.0 SP2, 3.5.1, 4 or 4.5 and is prone to delegate serialization vulnerability. A flaw is present in the application, which fails to properly check the permissions of delegate objects. Successful exploitation allows attackers to execute arbitrary co ... oval:org.secpod.oval:def:9280 The host is missing an important security update according to Microsoft bulletin, MS13-015. The update is required to fix privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle a web browser that can run XAML Browser Applications. Successful exploita ... oval:org.secpod.oval:def:9281 The host is installed with .NET Framework 2.0 or 3.5 or 3.5.1 or 4.0 or 4.5 and is prone to privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle permissions of a callback function. Successful exploitation allows attackers to take complete control o ... oval:org.secpod.oval:def:8339 The host is installed with Microsoft .NET Framework 2.0 SP2, 3.0, 3.5.1, 4 or 4.5 and is prone to S.DS.P buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle System.DirectoryServices.Protocols (S.DS.P) namespace method. Successful exploitation allows re ... oval:org.secpod.oval:def:8340 The host is installed with Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.0, 3.5.1, 4 or 4.5 and is prone to double construction vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation allows remote attackers to install programs, v ... oval:org.secpod.oval:def:8341 The host is missing an important security update according to Microsoft security bulletin, MS13-004. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle the vectors related to memory. Successful exploitation allows remote a ... oval:org.secpod.oval:def:8337 The host is installed with Microsoft .NET Framework 1.1 SP1 or 2.0 SP2 or 3.5.1 or 4 or 4.5 and is prone to WinForms buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a Windows Forms method. Successful exploitation allows remote attackers to install ... oval:org.secpod.oval:def:8338 The host is installed with Microsoft .NET Framework 1.1 SP1 or 2.0 SP2 or 3.0 or 4 and is prone to system drawing information disclosure vulnerability. A flaw is present in the application, which fails to properly handle pointers to unmanaged memory locations. Successful exploitation allows remote a ... oval:org.secpod.oval:def:7927 The host is installed with Microsoft .NET Framework 2.0 SP2, 3.5.1, 4 or 4.5 and is prone to Web proxy auto-discovery vulnerability. A flaw is present in the applications, which is caused by a lack of validation when the .NET Framework acquires the default web proxy settings and executes JavaScript ... oval:org.secpod.oval:def:7928 The host is installed with Microsoft .NET Framework 4 or 4.5 and is prone to WPF reflection optimization vulnerability. A flaw is present in the applications, which fails to properly validate permissions of objects involved with reflection. Successful exploitation allows attackers to take complete c ... oval:org.secpod.oval:def:7929 The host is missing a critical security update according to Microsoft Security Bulletin, MS12-074. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle certain vectors and properly perform validations. Successful exploitation allows ... oval:org.secpod.oval:def:31010 The host is installed with .Net framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2 or 4.6 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle specially crafted XML files. An attacker who successfully exploited this vulnerability could ... oval:org.secpod.oval:def:31011 The host is installed with .Net framework 4, 4.5, 4.5.1, 4.5.2 or 4.6 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which improperly validates values in HTTP requests. An attacker who successfully exploited the vulnerability could leverage a vulnerabl ... oval:org.secpod.oval:def:31013 The host is missing an important security update according to Microsoft bulletin, MS15-118. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted vectors. An attacker who successfully exploited this vulnerability could take co ... oval:org.secpod.oval:def:25855 The host is installed with Microsoft Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2, Windows 10, .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, or 4.6 and is prone to an Onetype font parsing vulnerabilit ... oval:org.secpod.oval:def:26552 The host is installed with .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.0, 4.5, 4.5.1, 4.5.2 or 4.6 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to validate the number of objects in memory before copying those objects into an array. An attacker ... oval:org.secpod.oval:def:26554 The host is missing an important security update according to Microsoft bulletin, MS15-101. The update is required to fix multiple elevation of privilege vulnerabilities. The flaws are present in the application, which improperly optimizes certain parameters resulting in a code generation error. An ... oval:org.secpod.oval:def:26553 The host is installed with .NET Framework 4.5, 4.5.1, 4.5.2 or 4.6 and is prone to a MVC denial of service vulnerability. A flaw is present in the application, which fails to handle certain specially crafted requests. An attacker who successfully exploited this vulnerability could send a small numbe ... oval:org.secpod.oval:def:14317 The host is installed with Microsoft Office 2003 SP3 /2007 SP3 /2010 SP1, Windows, Visual Studio .NET 2003 SP1, Lync 2010, Lync Basic 2013 or Lync 2010 Attendee, and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to properly process crafted TrueTyp ... oval:org.secpod.oval:def:14328 The host is installed with Microsoft .NET Framework 2.0 SP2, 3.5.1, 4 or 4.5 or Silverlight 5 before 5.1.20513.0 and is prone to array access violation vulnerability. A flaw is present in the applications, which fail to properly prevent changes to data in multidimensional arrays of structures. Succe ... oval:org.secpod.oval:def:24338 The host is installed with Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, Silverlight 5 or Silverlight 5 Developer Runtime and is prone to a truetype f ... oval:org.secpod.oval:def:25849 The host is installed with Microsoft Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2, Windows 10, .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, Office 2007 SP3 or 2010 SP2, Live Meeting 2007 Console ... oval:org.secpod.oval:def:25850 The host is installed with Microsoft Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2, Windows 10, .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, Office 2007 SP3 or 2010 SP2, Live Meeting 2007 Console ... oval:org.secpod.oval:def:25856 The host is installed with Microsoft Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2, .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, Office 2007 SP3 or 2010 SP2, Live Meeting 2007 Console, Lync 2010, ... oval:org.secpod.oval:def:25857 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2, .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, Office 2007 SP3 or 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 ... oval:org.secpod.oval:def:25859 The host is missing a critical security update according to Microsoft security bulletin, MS15-080. The update is required fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle a crafted TrueType fonts or OneType fonts. Successful exploitation could allow attac ... oval:org.secpod.oval:def:14322 The host is missing a critical security update according to Microsoft bulletin, ms13-052. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle certain vectors and improper validations. Successful exploitation allows attacker ... oval:org.secpod.oval:def:24340 The host is missing a critical security update according to Microsoft security bulletin, MS15-044. The update is required fix multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to handle a crafted TrueType or OpenType font. Successful exploitation c ... oval:org.secpod.oval:def:31753 The host is installed with Microsoft Lync 2010, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft Lync Basic 2013, Microsoft Lync 2010 Attendee, Microsoft live meeting 2007, Microsoft Live Meeting 2007 Add-In, Microsoft Office 2007, Microsoft Office 2010, .NET Fra ... oval:org.secpod.oval:def:31757 The host is missing a critical security update according to Microsoft security bulletin, MS15-128. The update is required to fix graphics memory corruption vulnerabilities. The flaws are present in the Windows font library, which improperly handles specially crafted embedded fonts. An attacker who s ... |
