Download
| Alert*
|
oval:org.mitre.oval:def:7581
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClea ... oval:org.mitre.oval:def:6473 The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly re ... oval:org.mitre.oval:def:6716 The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly re ... oval:org.secpod.oval:def:2299 The host is missing a critical security update according to Microsoft security bulletin, MS09-060. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office, which validates the ATL ... oval:org.mitre.oval:def:6373 The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClea ... oval:org.secpod.oval:def:1379 The host is missing an important security update according to Microsoft security bulletin, MS10-045. The update is required to fix remote code execution vulnerability. A flaw is present in the Microsoft Office Outlook, which fails to verify attachments in a specially crafted e-mail message. Successf ... oval:org.secpod.oval:def:1989 The host is missing a critical security update according to Microsoft security bulletin, MS10-064. The update is required to fix heap-based buffer overflow vulnerability. A flaw is present in the Outlook in Microsoft Windows, which fails to check specially crafted e-mail message. Successful exploita ... oval:org.secpod.oval:def:43912 The host is missing a critical security update for KB4011697 oval:org.secpod.oval:def:43901 The host is missing a critical security update for KB4011200 oval:org.secpod.oval:def:15961 The host is installed with Microsoft Outlook 2007 SP3, 2010 SP1, SP2 or 2013 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle the expansion of S/MIME certificate metadata. Successful exploitation could allow attackers to di ... oval:org.secpod.oval:def:15962 The host is missing an important security update according to Microsoft security bulletin, MS13-094. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle the expansion of S/MIME certificate metadata. Successful ex ... oval:org.secpod.oval:def:2666 The host is missing a critical security update according to Microsoft security bulletin, MS08-072. The update is required to fix remote code execution vulnerabilities. The flaws are present in Microsoft Office Word and Microsoft Office Outlook, which allows remote code execution if a user opens a sp ... oval:org.mitre.oval:def:5278 Unspecified vulnerability in Microsoft Outlook in Office 2000 SP3, XP SP3, 2003 SP2 and Sp3, and Office System allows user-assisted remote attackers to execute arbitrary code via a crafted mailto URI. oval:org.mitre.oval:def:5352 The application Microsoft Outlook 2007 is installed. oval:org.secpod.oval:def:41547 The host is missing an important security update KB3213643 oval:org.mitre.oval:def:7125 Heap-based buffer overflow in Microsoft Outlook 2002 SP3, 2003 SP3, and 2007 SP2, when Online Mode for an Exchange Server is enabled, allows remote attackers to execute arbitrary code via a crafted e-mail message, aka "Heap Based Buffer Overflow in Outlook Vulnerability." oval:org.secpod.oval:def:15388 The host is installed with Microsoft Outlook 2007 or 2010 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle S/MIME email messages. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:15389 Microsoft Outlook 2007 SP1 is installed oval:org.secpod.oval:def:39796 The host is missing a critical security update KB3127890 oval:org.secpod.oval:def:15384 Microsoft Outlook 2007 SP3 is installed oval:org.mitre.oval:def:11623 Microsoft Office Outlook 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 does not properly verify e-mail attachments with a PR_ATTACH_METHOD property value of ATTACH_BY_REFERENCE, which allows user-assisted remote attackers to execute arbitrary code via a crafted message, aka "Microsoft Outlook SMB Attachm ... oval:org.secpod.oval:def:15391 The host is missing a critical security update according to Microsoft security bulletin, MS13-068. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to handle S/MIME email messages. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:15390 Microsoft Outlook 2007 SP2 is installed oval:org.secpod.oval:def:2615 The host is missing a critical security update according to Microsoft security bulletin, MS08-015. The update is required to fix remote code execution vulnerability. A flaw is present in Microsoft Office Outlook, which fails handle a specially crafted mailto URI. Successful exploitation could allow ... oval:org.secpod.oval:def:41011 The host is missing an important security update KB3191898 oval:org.mitre.oval:def:5682 Integer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Co ... oval:org.mitre.oval:def:5737 Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1 allow remote attackers to execute arbitrary code via crafted control words ... oval:org.mitre.oval:def:5807 Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execu ... oval:org.mitre.oval:def:5952 Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allo ... oval:org.mitre.oval:def:6096 Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allo ... oval:org.mitre.oval:def:6098 Double free vulnerability in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; and Office 2004 for Mac allow remote attackers t ... oval:org.secpod.oval:def:33263 The host is missing an important security update according to Microsoft security bulletin, MS16-028. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle a specially crafted Microsoft Office file. An attacker who successfully exploit ... oval:org.secpod.oval:def:39753 A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create ... oval:org.secpod.oval:def:39757 A security feature bypass vulnerability exists in Microsoft Office software when the Office software improperly handles the parsing of file formats. The security feature bypass by itself does not allow arbitrary code execution. However, to successfully exploit the vulnerability, an attacker would ha ... oval:org.secpod.oval:def:40988 A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create ... oval:org.secpod.oval:def:40989 A security feature bypass vulnerability exists in Microsoft Office software when it improperly handles the parsing of file formats. The security feature bypass by itself does not allow arbitrary code execution. However, to successfully exploit the vulnerability, an attacker would have to use it in c ... oval:org.secpod.oval:def:43902 The host is missing a critical security update for KB4011682 oval:org.secpod.oval:def:37073 The host is missing a critical security update according to Microsoft security bulletin, MS16-107. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle a specially crafted Microsoft Office file. Successful exploitation could ... oval:org.secpod.oval:def:41548 A security feature bypass vulnerability exists when Microsoft Office Outlook improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary commands.In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to ... oval:org.secpod.oval:def:41549 An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data.To exploit the vulnerability, an attacker could craft a special documen ... oval:org.secpod.oval:def:41550 A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create ... oval:org.secpod.oval:def:37085 The host is installed with Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1 or Outlook 2016 and is prone to a spoofing vulnerability. A flaw is present in the applications, which fail to handle crafted MIME data in an e-mail attachment. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:43876 An elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incoming messages without sufficient validation of the formatting of the messages. An attacker who successfully exploited the vulnerability could attempt to force Outlook to load a local or remote message s ... oval:org.secpod.oval:def:43438 A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create ... oval:org.secpod.oval:def:43878 A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative u ... oval:org.secpod.oval:def:43498 The host is missing an important security update 4011213 oval:org.secpod.oval:def:36750 The host is missing a critical security update according to Microsoft security bulletin, MS16-099. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbitr ... oval:org.mitre.oval:def:7573 The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obtain sensitive information via a crafted HTML docum ... oval:org.mitre.oval:def:6478 The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obtain sensitive information via a crafted HTML docum ... |
