[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:8493
The "account lockout duration" policy should meet minimum requirements.

oval:org.mitre.oval:def:12824
The operating system installed on the system is Microsoft Windows Server 2008

oval:org.secpod.oval:def:10169
This policy setting determines which subsystems are used to support applications in your environment.

oval:org.secpod.oval:def:7963
The Password protect the screen saver setting should be configured correctly.

oval:org.secpod.oval:def:7965
The Screen Saver timeout setting should be configured correctly.

oval:org.secpod.oval:def:7985
Requirement : 2.3.c Verify that administrator access to the web-based management interfaces is encrypted with strong cryptography.

oval:org.secpod.oval:def:5199
The host is installed with RealNetworks Helix Server or Helix Mobile Server 14.x before 14.3.x and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle a specially crafted authentication credentials. Successful exploitation allows remote attackers to ...

oval:org.secpod.oval:def:5198
The host is installed with RealNetworks Helix Server or Helix Server or Helix Mobile Server 14.x before 14.3.x and is prone to multiple cross-site scripting (XSS) vulnerabilities. The flaws are present in the application, which fails to properly filter HTML code from user-supplied input before displ ...

oval:org.secpod.oval:def:5193
The host is installed with RealNetworks Helix Server or Helix Server or Helix Mobile Server 14.x before 14.3.x and is prone to information disclosure vulnerability. A flaw is present in the application, which stores passwords in cleartext under adm_b_db\users\. Successful exploitation allows attacke ...

oval:org.secpod.oval:def:5197
The host is installed with RealNetworks Helix Server or Helix Server or Helix Mobile Server 14.x before 14.3.x and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle connection to the SNMP master agent process on TCP port 705. Successful ...

oval:org.secpod.oval:def:5196
The host is installed with RealNetworks Helix Server or Helix Server or Helix Mobile Server 14.x before 14.3.x and is prone to cross-site request forgery (CSRF) vulnerability. A flaw is present in the application, which fails to handle a specially crafted URL that consumes excessive stack memory. Su ...

oval:org.secpod.oval:def:5195
The host is installed with RealNetworks Helix Server or Helix Server or Helix Mobile Server 14.x before 14.3.x and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a specially crafted DisplayString request to the SNMP master agent process. Succ ...

oval:org.secpod.oval:def:7961
Enables desktop screen savers. If you disable this setting, screen savers do not run. Also, this setting disables the Screen Saver section of the Screen Saver dialog in the Personalization or Display Control Panel. As a result, users cannot change the screen saver options. If you do not configure ...

oval:org.secpod.oval:def:8517
The maximum number of failed attempts that can occur before the account is locked out This security setting determines the number of failed logon attempts that causes a user account to be locked out. A locked-out account cannot be used until it is reset by an administrator or until the lockout dura ...

oval:org.secpod.oval:def:8612
The maximum tolerance for computer clock synchronization for Kerberos should be set appropriately.

oval:org.secpod.oval:def:8610
The "Set Client connection Encryption Level" policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:10235
The "MSS: (TCPMaxConnectResponseRetransmissions) SYN-ACK retransmissions when a connection request is not acknowledged" setting should be configured correctly.

oval:org.secpod.oval:def:10203
The "MSS: (Hidden) Hide Computer From the Browse List (not recommended except for highly secure environments)" setting should be configured correctly.

oval:org.secpod.oval:def:8569
The "MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers" setting should be configured correctly.

oval:org.secpod.oval:def:8560
The "Increase a process working set" setting should be configured correctly.

oval:org.secpod.oval:def:8501
The "MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes" setting should be configured correctly.

oval:org.secpod.oval:def:8515
The "MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)" setting should be configured correctly.

oval:org.secpod.oval:def:8512
The "MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)" setting should be configured correctly.

oval:org.secpod.oval:def:10168
The "MSS: (SynAttackProtect) Syn attack protection level (protects against DoS)" setting should be configured correctly.

oval:org.secpod.oval:def:10192
The "Access this computer from the network (SeNetworkLogonRight)" setting should be configured correctly.

oval:org.secpod.oval:def:10193
The "Shut down the system (SeShutdownPrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:8588
The "MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds" setting should be configured correctly.

oval:org.secpod.oval:def:10185
The "MSS: (EnableDeadGWDetect) Allow automatic detection of dead network gateways (could lead to DoS)" setting should be configured correctly.

oval:org.secpod.oval:def:8598
The "MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)" setting should be configured correctly.

oval:org.secpod.oval:def:8594
The "MSS: (TCPMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting should be configured correctly.

oval:org.secpod.oval:def:8590
The "MSS: (NoDefaultExempt) Configure IPSec exemptions for various types of network traffic." setting should be configured correctly.

oval:org.secpod.oval:def:10309
The "MSS: (TCPMaxDataRetransmissions) IPv6, how many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting should be configured correctly.

oval:org.secpod.oval:def:10308
The "MSS: (DisableIPSourceRouting) IPv6 source routing protection level (protects against packet spoofing)" setting should be configured correctly.

oval:org.secpod.oval:def:8601
The "User Account Control: Only elevate UIAccess applications that are installed in secure locations" setting should be configured correctly.

oval:org.secpod.oval:def:8602
The "User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode" setting should be configured correctly.

oval:org.secpod.oval:def:8603
The "User Account Control: Run all administrators in Admin Approval Mode" setting should be configured correctly.

oval:org.secpod.oval:def:8604
The "User Account Control: Detect application installations and prompt for elevation" setting should be configured correctly.

oval:org.secpod.oval:def:8600
The "Network security: LAN Manager authentication level" setting should be configured correctly.

oval:org.secpod.oval:def:8609
Authentication requirements for RPC clients should be configured appropriately.

oval:org.secpod.oval:def:8605
The "User Account Control: Switch to the secure desktop when prompting for elevation" setting should be configured correctly.

oval:org.secpod.oval:def:8606
The "Network access: Shares that can be accessed anonymously" setting should be configured correctly.

oval:org.secpod.oval:def:8607
The "User Account Control: Only elevate executables that are signed and validated" setting should be configured correctly.

oval:org.secpod.oval:def:8608
The "Allow Unsolicited Remote Assistance" policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:8613
The maximum lifetime for Kerberos user tickets should be set appropriately.

oval:org.secpod.oval:def:8614
The "Registry policy processing" policy should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8615
RPC Endpoint Mapper Client Authentication should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8611
The maximum lifetime for Kerberos user ticket renewal should be set appropriately.

oval:org.secpod.oval:def:8616
The maximum lifetime for Kerberos service tickets should be set appropriately.

oval:org.secpod.oval:def:8617
The "Enforce user logon restrictions" policy should be set correctly.

oval:org.secpod.oval:def:8618
The "Do Not Allow Windows Messenger to be Run" policy should be set correctly.

oval:org.secpod.oval:def:8619
The "Turn off Autoplay" policy should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:7700
This setting requires users to wait for a certain number of days before changing their password again.

oval:org.secpod.oval:def:7701
This setting requires if users need to maintain certain complexity or not.

oval:org.secpod.oval:def:7702
This forces users to change their passwords regularly.

oval:org.secpod.oval:def:7703
The number of passwords remembered

oval:org.secpod.oval:def:7704
This setting requires users password to have certain minimum number of characters

oval:org.secpod.oval:def:7705
This setting holds if we need to store passwords using reversible encryption.

oval:org.secpod.oval:def:10271
Auditing of "Registry" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10272
The "Take ownership of files or other objects (SeTakeOwnershipPrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:10273
Auditing of "Kerberos Authentication Service" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10274
Auditing of "Credential Validation" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10275
Auditing of "Process Termination" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10276
Auditing of "DPAPI Activity" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10277
Auditing of "File System" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10278
Auditing of "Directory Service Replication" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10270
Auditing of "Filtering Platform Connection" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10268
Auditing of "RPC Events" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10269
Auditing of "Handle Manipulation" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10282
Auditing of "Application Group Management" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10283
Auditing of "RPC Events" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10284
Auditing of "Security System Extension" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10285
Auditing of "Registry" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10286
Auditing of "Detailed Directory Service Replication" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10287
Auditing of "Special Logon" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10288
Auditing of "Security Group Management" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10289
Auditing of "Other Account Logon Events" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10280
Auditing of "Audit account management" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10281
The application log maximum size should be configured correctly.

oval:org.secpod.oval:def:10279
Auditing of "IPsec Quick Mode" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10250
Auditing of "Audit Policy Change" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10251
Auditing of "Filtering Platform Connection" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10252
Auditing of "System Integrity" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10253
Auditing of "Logon" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10254
Auditing of "Security Group Management" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10255
Auditing of "Directory Service Changes" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10256
Auditing of "Security State Change" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10246
Auditing of "Computer Account Management" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10247
The "Shutdown: Clear virtual memory pagefile" setting should be configured correctly.

oval:org.secpod.oval:def:10248
Auditing of "Kernel Object" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10249
The "Network security: Force logoff when logon hours expire" setting should be configured correctly.

oval:org.secpod.oval:def:10260
Auditing of "SAM" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10261
Auditing of "Application Group Management" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10262
Auditing of "Logon" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10263
Auditing of "Filtering Platform Packet Drop" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10264
Auditing of "Other Account Management Events" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10265
Auditing of "File System" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10266
Auditing of "Detailed Directory Service Replication" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10267
Auditing of "Filtering Platform Policy Change" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10257
Auditing of "Authorization Policy Change" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10258
Auditing of "Credential Validation" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10259
Auditing of "MPSSVC Rule-Level Policy Change" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8498
The "Perform volume maintenance tasks (SeManageVolumePrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:8499
The "Interactive logon: Smart card removal behavior" setting should be configured correctly.

oval:org.secpod.oval:def:8494
The "Back up files and directories (SeBackupPrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:8495
The "Create a pagefile (SeCreatePagefilePrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:8496
The "Create permanent shared objects" setting should be configured correctly.

oval:org.secpod.oval:def:8497
The "Impersonate a client after authentication" setting should be configured correctly.

oval:org.secpod.oval:def:10293
Auditing of "Network Policy Server" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10294
Auditing of "Audit directory service access" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10295
Auditing of "Other Object Access Events" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10296
Auditing of "Kerberos Authentication Service" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10297
Auditing of "File Share" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10298
Auditing of "DPAPI Activity" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10299
Auditing of "Non Sensitive Privilege Use" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10290
Auditing of "Authentication Policy Change" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10291
Auditing of "Logoff" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10292
Auditing of "Authorization Policy Change" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10200
Auditing of "Other System Events" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10201
Auditing of "Kernel Object" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10230
Auditing of "Application Generated" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10231
Auditing of "Other Privilege Use Events" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10232
Auditing of "Network Policy Server" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10233
Auditing of "Process Creation" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10234
The "Devices: Restrict floppy access to locally logged-on user only" setting should be configured correctly.

oval:org.secpod.oval:def:10224
Auditing of "Sensitive Privilege Use" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10225
Auditing of "IPsec Extended Mode" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10226
Auditing of "IPsec Driver" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10227
Auditing of "MPSSVC Rule-Level Policy Change" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10228
Auditing of "Certification Services" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10229
Auditing of "Directory Service Access" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10240
Auditing of "File Share" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10241
Auditing of "Kerberos Service Ticket Operations" events on success should be enabled or disabled as appropriate. Auditing of "Kerberos Service Ticket Operations" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10242
Auditing of "Handle Manipulation" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10243
Auditing of "IPsec Main Mode" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10244
Auditing of "User Account Management" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10245
Auditing of "Security State Change" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10236
Auditing of "Other Policy Change Events" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10237
Auditing of "Other Privilege Use Events" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10238
Auditing of "Process Termination" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10239
Auditing of "User Account Management" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10210
Auditing of "Audit policy change" events on sucess should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10211
Auditing of "Audit Policy Change" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10212
The "Log on as a service (SeServiceLogonRight)" setting should be configured correctly.

oval:org.secpod.oval:def:10202
Auditing of "Sensitive Privilege Use" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10204
Auditing of "Audit logon events" events on sucess should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10205
Auditing of "Audit account logon events" events on sucess should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10206
Auditing of "IPsec Main Mode" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10207
The system log maximum size should be configured correctly.

oval:org.secpod.oval:def:10208
Auditing of "Audit privilege use" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10209
Auditing of "IPsec Extended Mode" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10220
The "Accounts: Administrator account status" setting should be configured correctly.

oval:org.secpod.oval:def:10221
The "Network access: Do not allow anonymous enumeration of SAM accounts and shares" setting should be configured correctly.

oval:org.secpod.oval:def:10222
The "Interactive logon: Require Domain Controller authentication to unlock workstation" setting should be configured correctly.

oval:org.secpod.oval:def:10223
Auditing of "System Integrity" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10213
Auditing of "Distribution Group Management" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10214
Auditing of "Computer Account Management" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10215
Auditing of "Kerberos Service Ticket Operations" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10216
Auditing of "Filtering Platform Packet Drop" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10217
The "MSS: (NoDriveTypeAutoRun) Disable Autorun for all drives (recommended)" setting should be configured correctly.

oval:org.secpod.oval:def:10218
The "Audit: Shut down system immediately if unable to log security audits" setting should be configured correctly.

oval:org.secpod.oval:def:10219
The "Network access: Allow anonymous SID/Name translation" setting should be configured correctly.

oval:org.secpod.oval:def:8568
The "System cryptography: Force strong key protection for user keys stored on the computer" setting should be configured correctly.

oval:org.secpod.oval:def:8564
The "Debug programs (SeDebugPrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:8565
This policy setting determines the length of time before the Account lockout threshold resets to zero.

oval:org.secpod.oval:def:8566
The "Deny access to this computer from the network (SeDenyNetworkLogonRight)" setting should be configured correctly.

oval:org.secpod.oval:def:8567
The "Domain Controller: LDAP server signing requirements" setting should be configured correctly.

oval:org.secpod.oval:def:8561
The "MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)" setting should be configured correctly.

oval:org.secpod.oval:def:8562
The "Allow log on through Terminal Services (SeRemoteInteractiveLogonRight)" setting should be configured correctly.

oval:org.secpod.oval:def:8563
The "Recovery console: Allow automatic administrative logon" setting should be configured correctly.

oval:org.secpod.oval:def:8579
The "Profile single process (SeProfileSingleProcessPrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:8575
The "Accounts: Guest account status" setting should be configured correctly.

oval:org.secpod.oval:def:8576
The "User Account Control: Behavior of the elevation prompt for standard users" setting should be configured correctly.

oval:org.secpod.oval:def:8577
The "Microsoft network client: Digitally sign communications (always)" setting should be configured correctly.

oval:org.secpod.oval:def:8578
The "Network access: Remotely accessible registry paths and sub paths" setting should be configured correctly.

oval:org.secpod.oval:def:8571
The "Network security: LDAP client signing requirements" setting should be configured correctly.

oval:org.secpod.oval:def:8572
The "Increase scheduling priority (SeIncreaseBasePriorityPrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:8573
The "Interactive logon: Do not require CTRL+ALT+DEL" setting should be configured correctly.

oval:org.secpod.oval:def:8574
The "Lock pages in memory (SeLockMemoryPrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:8570
The "Interactive logon: Prompt user to change password before expiration" setting should be configured correctly

oval:org.secpod.oval:def:7699
MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires (0 recommended)

oval:org.secpod.oval:def:8546
The "Microsoft network server: Digitally sign communications (if client agrees)" setting should be configured correctly.

oval:org.secpod.oval:def:8547
The "User Account Control: Virtualize file and registry write failures to per-user locations" setting should be configured correctly.

oval:org.secpod.oval:def:8548
The "Microsoft network client: Send unencrypted password to third-party SMB servers" setting should be configured correctly.

oval:org.secpod.oval:def:8549
The "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" setting should be configured correctly.

oval:org.secpod.oval:def:8542
The "Devices: Allow undock without having to log on" setting should be configured correctly.

oval:org.secpod.oval:def:8543
The "Domain member: Disable machine account password changes" setting should be configured correctly.

oval:org.secpod.oval:def:8544
The "Modify firmware environment values (SeSystemEnvironmentPrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:8545
The "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing" setting should be configured correctly.

oval:org.secpod.oval:def:8540
The "Microsoft network server: Amount of idle time required before suspending session" setting should be configured correctly.

oval:org.secpod.oval:def:8541
The "Add workstations to domain" setting should be configured correctly.

oval:org.secpod.oval:def:8557
The "User Account Control: Admin Approval Mode for the Built-in Administrator account" setting should be configured correctly.

oval:org.secpod.oval:def:8558
The "Network security: Do not store LAN Manager hash value on next password change" setting should be configured correctly.

oval:org.secpod.oval:def:8559
The "Create symbolic links" setting should be configured correctly.

oval:org.secpod.oval:def:8553
The "Change the system time (SeSystemTimePrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:8554
The "Restore files and directories (SeRestorePrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:8555
The "Deny log on locally (SeDenyInteractiveLogonRight)" setting should be configured correctly.

oval:org.secpod.oval:def:8556
The "Interactive logon: Number of previous logons to cache (in case domain controller is not available)" setting should be configured correctly.

oval:org.secpod.oval:def:8550
The "Domain member: Maximum machine account password age" setting should be configured correctly.

oval:org.secpod.oval:def:8551
The "Bypass traverse checking (SeChangeNotifyPrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:8552
The "Allow log on locally" setting should be configured correctly.

oval:org.secpod.oval:def:8524
The "Domain Controller: Allow server operators to schedule tasks" setting should be configured correctly.

oval:org.secpod.oval:def:8525
The "Act as part of the operating system (SeTcbPrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:8526
The "Network access: Named Pipes that can be accessed anonymously" setting should be configured correctly.

oval:org.secpod.oval:def:8527
The "Network access: Do not allow storage of credentials or .NET Passports for network authentication" setting should be configured correctly.

oval:org.secpod.oval:def:8520
The "Log on as a batch job (SeBatchLogonRight)" setting should be configured correctly.

oval:org.secpod.oval:def:8521
The "Adjust memory quotas for a process (SeIncreaseQuotaPrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:8522
The "Microsoft network server: Disconnect clients when logon hours expire" setting should be configured correctly.

oval:org.secpod.oval:def:8523
The "Interactive logon: Message title for users attempting to log on" setting should be configured correctly.

oval:org.secpod.oval:def:8528
The "Profile system performance (SeSystemProfilePrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:8529
The "Generate security audits (SeAuditPrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:8535
The "Interactive logon: Do not display last user name" setting should be configured correctly.

oval:org.secpod.oval:def:8536
The "Domain member: Digitally encrypt or sign secure channel data (always)" setting should be configured correctly.

oval:org.secpod.oval:def:8537
The "Interactive logon: Message text for users attempting to log on" setting should be configured correctly.

oval:org.secpod.oval:def:8538
The "Create global objects (SeCreateGlobalPrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:8531
The "Modify an object label" setting should be configured correctly.

oval:org.secpod.oval:def:8532
The "Devices: Prevent users from installing printer drivers" setting should be configured correctly.

oval:org.secpod.oval:def:8533
The automatic generation of 8.3 file names for NTFS should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8534
The "Change the time zone" setting should be configured correctly.

oval:org.secpod.oval:def:8539
The "Accounts: Rename administrator account" setting should be configured correctly.

oval:org.secpod.oval:def:8530
The "Synchronize directory service data" setting should be configured correctly.

oval:org.secpod.oval:def:8502
The "Enable computer and user accounts to be trusted for delegation (SeEnableDelegationPrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:8503
The "Create a token object (SeCreateTokenPrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:8504
The "Network access: Remotely accessible registry paths" setting should be configured correctly.

oval:org.secpod.oval:def:8505
The "Replace a process level token (SeAssignPrimaryTokenPrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:7895
The "account lockout duration" policy should meet minimum requirements.

oval:org.secpod.oval:def:8500
The "Load and unload device drivers (SeLoadDriverPrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:7896
Account lockout threshold is the profile defined number of invalid logon attempts

oval:org.secpod.oval:def:8506
The "Recovery console: Allow floppy copy and access to all drives and all folders" setting should be configured correctly.

oval:org.secpod.oval:def:8508
The "Force shutdown from a remote system (SeRemoteShutdownPrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:8509
The "Audit: Audit the access of global system objects" setting should be configured correctly.

oval:org.secpod.oval:def:8513
The "Domain member: Require strong (Windows 2000 or later) session key" setting should be configured correctly.

oval:org.secpod.oval:def:8514
The "Network access: Let Everyone permissions apply to anonymous users" setting should be configured correctly.

oval:org.secpod.oval:def:8516
This policy setting determines whether a domain member should attempt to negotiate encryption for all secure channel traffic that it initiates.

oval:org.secpod.oval:def:8510
The "Network security: Minimum session security for NTLM SSP based (including secure RPC) clients" setting should be configured correctly.

oval:org.secpod.oval:def:8511
The "Audit: Audit the use of Backup and Restore privilege" setting should be configured correctly.

oval:org.secpod.oval:def:8518
The "Domain Controller: Refuse machine account password changes" setting should be configured correctly.

oval:org.secpod.oval:def:8519
The "Deny log on as a service (SeDenyServiceLogonRight)" setting should be configured correctly.

oval:org.secpod.oval:def:10167
The "Devices: Restrict CD-ROM access to locally logged-on user only" setting should be configured correctly.

oval:org.secpod.oval:def:10194
Auditing of "Certification Services" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10195
The "Deny log on through Terminal Services (SeDenyRemoteInteractiveLogonRight)" setting should be configured correctly.

oval:org.secpod.oval:def:10196
Auditing of "Non Sensitive Privilege Use" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10197
Auditing of "Account Lockout" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10198
Auditing of "Audit object access" events on sucess should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10199
Auditing of "Authentication Policy Change" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10190
Auditing of "Other Account Management Events" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10191
Auditing of "IPsec Quick Mode" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10172
Auditing of "Directory Service Replication" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10173
Auditing of "Other Policy Change Events" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10174
The "Retention method for application log" setting should be configured correctly.

oval:org.secpod.oval:def:10175
The "Deny log on as a batch job (SeDenyBatchLogonRight)" setting should be configured correctly.

oval:org.secpod.oval:def:10176
The "Retention method for security log" setting should be configured correctly.

oval:org.secpod.oval:def:8586
The "Microsoft network server: Digitally sign communications (always)" setting should be configured correctly.

oval:org.secpod.oval:def:10177
Auditing of "Audit system events" events on sucess should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8587
The "Remove computer from docking station (SeUndockPrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:10178
Auditing of "Security System Extension" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10179
The "Manage auditing and security log (SeSecurityPrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:8589
The "Shutdown: Allow system to be shut down without having to log on" setting should be configured correctly.

oval:org.secpod.oval:def:10170
Auditing of "Distribution Group Management" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10171
Auditing of "Other Account Logon Events" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8582
The "Accounts: Limit local account use of blank passwords to console logon only" setting should be configured correctly.

oval:org.secpod.oval:def:8583
The "Accounts: Rename guest account" setting should be configured correctly.

oval:org.secpod.oval:def:8584
The "Devices: Allowed to format and eject removable media" setting should be configured correctly.

oval:org.secpod.oval:def:8585
The "Microsoft network client: Digitally sign communications (if server agrees)" setting should be configured correctly.

oval:org.secpod.oval:def:8580
The "Network access: Restrict anonymous access to Named Pipes and Shares" setting should be configured correctly.

oval:org.secpod.oval:def:8581
The "Domain member: Digitally sign secure channel data (when possible)" setting should be configured correctly.

oval:org.secpod.oval:def:10183
Auditing of "SAM" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10184
The "Network access: Do not allow anonymous enumeration of SAM accounts" setting should be configured correctly.

oval:org.secpod.oval:def:10186
Auditing of "Other Logon/Logoff Events" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10187
Auditing of "Process Creation" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8597
The "MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning" setting should be configured correctly.

oval:org.secpod.oval:def:10188
Auditing of "Other System Events" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10189
Auditing of "Other Object Access Events" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8599
The "System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)" setting should be configured correctly.

oval:org.secpod.oval:def:10180
Auditing of "Account Lockout" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10181
Auditing of "Directory Service Access" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10182
Auditing of "Audit system events" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8593
The "System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies" setting should be configured correctly.

oval:org.secpod.oval:def:8595
The "System objects: Require case insensitivity for non-Windows subsystems" setting should be configured correctly.

oval:org.secpod.oval:def:8596
The "User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop" setting should be configured correctly.

oval:org.secpod.oval:def:8591
The "Network access: Sharing and security model for local accounts" setting should be configured correctly.

oval:org.secpod.oval:def:8592
The "Network security: Minimum session security for NTLM SSP based (including secure RPC) servers" setting should be configured correctly.

oval:org.secpod.oval:def:10310
The "Always Prompt Client for Password upon Connection" policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:10311
The default behavior for AutoRun should be properly configured.

oval:org.secpod.oval:def:10301
Auditing of "IPsec Driver" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10302
Auditing of "Special Logon" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10303
Auditing of "Filtering Platform Policy Change" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10304
Auditing of "Other Logon/Logoff Events" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10305
Auditing of "Logoff" events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10306
Auditing of "Application Generated" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10307
Auditing of "Directory Service Changes" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10312
The "Reschedule Automatic Updates scheduled installations" setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10313
Disable saving of dial-up passwords should be properly configured.

oval:org.secpod.oval:def:10314
The "Unsigned Driver Installation Behavior" policy should be set correctly.

oval:org.secpod.oval:def:10315
The "Disable remote Desktop Sharing" setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10316
The "Configure Automatic Updates" setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10317
The "Enumerate administrator accounts on elevation" setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10318
The "No auto-restart for scheduled Automatic Updates installations" policy should be set correctly.

oval:org.secpod.oval:def:10300
The "Retention method for system log" setting should be configured correctly.

oval:org.secpod.oval:def:8507
The host is installed with Google Chrome before 40.0.2214.91 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle vectors related to a (1) zero-length quantifier or (2) look-behind expression. Successful exploitation could allow attackers to ...

oval:org.secpod.oval:def:3937
The host is installed with Microsoft Windows Server 2008 or Microsoft Windows Server 2008 R2 and is prone to untrusted search path vulnerability. A flaw is present in the Color Control Panel, which allows dll hijacking via a Trojan horse sti.dll file in the current working directory. Successful expl ...

oval:org.secpod.oval:def:39
The host is installed with Microsoft Windows Human Interface Device (HID) driver and is prone to security bypass vulnerability. A flaw is present in the device driver, which allows keyboard or mouse functionality to the USB connection without giving a warning to the user. Successful exploitation cou ...

oval:org.secpod.oval:def:3429
The host is installed with Internet Explorer 9 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to properly handle XSS Filter. Successful exploitation allows attackers to view content from another domain or Internet Explorer zone.

oval:org.secpod.oval:def:4158
The host is installed with Microsoft .NET Framework 2.0 SP2, and 3.5.1 and is prone heap corruption vulnerability. A flaw is present in the Microsoft .NET Framework, which fails to handle calculation of buffer length while processing specially crafted input. Successful exploitation could allow remot ...

oval:org.secpod.oval:def:6340
The host is installed with Microsoft Internet Explorer 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a deleted object. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:6339
The host is installed with Microsoft Internet Explorer 9 and is prone to a cached object remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a deleted object. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:6026
The host is installed with Microsoft .Net framework 2.0 Sp2 or 3.5.1 or 4.0 or 4.5 Beta and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to properly execute a function pointer. Successful exploitation allows attackers to take complete control of ...

oval:org.secpod.oval:def:7925
The host is installed with Microsoft .NET Framework 2.0 SP2 or 3.5.1 and is prone to Code access security info disclosure vulnerability. A flaw is present in the applications, which does not properly sanitize the output of a function when called from partially trusted code. Successful exploitation a ...

oval:org.secpod.oval:def:2298
The host is missing a critical security update according to Microsoft security bulletin, MS09-055. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft Active Template Library (ATL) ActiveX Controls. Successful exploitation allows an attacker to ...

oval:org.mitre.oval:def:6716
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly re ...

oval:org.secpod.oval:def:2513
The host is missing an critical security update according to Microsoft security bulletin, MS09-072. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the Internet Explorer, which fails to handle objects in memory. Successful exploitation allows an att ...

oval:org.mitre.oval:def:6304
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly re ...

oval:org.mitre.oval:def:6621
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly re ...

oval:org.mitre.oval:def:6421
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly re ...

oval:org.mitre.oval:def:6245
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly re ...

oval:org.mitre.oval:def:6473
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly re ...

oval:org.secpod.oval:def:2354
The host is missing a critical security update according to Microsoft security bulletin, MS09-050. The update is required to fix remote code execution vulnerabilities in Server Message Block Version 2 (SMBv2). The flaws are present in the Server Message Block Version 2, which fails handle a speciall ...

oval:org.mitre.oval:def:6336
Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC do not properly process the command value in an SMB Multi-Protocol Negotiate Request packet, which allows remote attackers to execute arbitrary code via a crafted SMBv2 packet to the Server service, aka "S ...

oval:org.mitre.oval:def:5595
Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 do not properly validate fields in SMBv2 packets, which allows remote attackers to cause a denial of service (infinite loop and system hang) via a crafted packet to the Server service, aka "SMBv2 Infinite Loop Vulnerability."

oval:org.secpod.oval:def:1169
The host is installed with Microsoft Windows XP SP3, Microsoft Windows Server 2003 XP2, Windows Server 2008 SP1 or SP2 and is prone to remote code execution vulnerability. A flaw is present in the application which fails to handle specially crafted request. Successful exploitation allows remote atta ...

oval:org.secpod.oval:def:2720
The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, or R2 SP1, or Windows 7 base or SP1 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fail to handle the processing of a continuous flow of specially crafted UDP packets ...

oval:org.secpod.oval:def:2715
The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, R2 SP1, R2-IA64 and Windows 7, SP1 and is prone remote code execution vulnerability. A flaw is present in the Windows Mail and Windows Meeting Space, which fails to handle a specially crafted dynamic link library (D ...

oval:org.secpod.oval:def:3433
The host is installed with Microsoft Time component and is prone to remote code execution vulnerability. A flaw is present in the application which is caused by a specially crafted Web page. Successful exploitation allows remote attacker gain user rights as the logged-on user.

oval:org.secpod.oval:def:3431
The host is installed with Internet Explorer 6 or 7 or 8 or 9 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to properly handle Web pages. Successful exploitation allows attackers to to view content from a different domain or Internet Explorer ...

oval:org.secpod.oval:def:3435
The host is installed with Active Directory or Active Directory Application Mode (ADAM) or Active Directory Lightweight Directory Service (AD LDS) and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a crafted application when run by an a ...

oval:org.secpod.oval:def:5627
The host is installed with Microsoft Office, Windows, .NET Framework, and Silverlight and is prone TrueType Font parsing vulnerability. A flaw is present in the applications, which fail to handle a specially crafted TrueType font file. Successful exploitation could allow remote attackers to install ...

oval:org.secpod.oval:def:3421
The host is installed with Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows Server 2008 R2, Windows 7 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to handle a specially crafted TrueType font file. Successful expl ...

oval:org.secpod.oval:def:3718
The host is installed with Microsoft Windows and is prone to information disclosure vulnerability. A flaw is present in the application, which is caused by a design flaw in the SSL and TLS protocols when Cipher-block chaining (CBC) mode of operation is used. Successful exploitation allows attackers ...

oval:org.secpod.oval:def:3425
The host is installed with Microsoft Windows and is prone to elevation of privilege vulnerability. A flaw is present in the Client/Server Run-time Subsystem (CSRSS), which fails to properly validate permissions when a lower-integrity process communicates a device event message to a higher-integrity ...

oval:org.secpod.oval:def:3631
The host is installed with Microsoft .NET Framework 1.1 or 2.0 or 3.5 or 3.5.1 or 4.0 and is prone to an elevation of privilege vulnerability. A flaw is present in the applications, which fail to correctly authenticate specially crafted usernames. Successful exploitation allows remote authenticated ...

oval:org.secpod.oval:def:3632
The host is installed with Microsoft .NET Framework 1.1 or 2.0 or 3.5 or 3.5.1 or 4.0 and is prone to an elevation of privilege vulnerability. A flaw is present in the applications, which fail to properly handle cached content when Forms Authentication is used with sliding expiry. Successful exploit ...

oval:org.secpod.oval:def:3630
The host is installed with Microsoft .Net Framework 2.0 or 3.5 or 3.5.1 or 4.0 and is prone to open redirect vulnerability. A flaw is present in the applications, which fail to properly verify return URLs during the forms authentication process. Successful exploitation allows remote attackers to red ...

oval:org.secpod.oval:def:3629
The host is installed with Microsoft .NET Framework 1.1 or 2.0 or 3.5 or 3.5.1 or 4.0 and is prone to denial of service vulnerability. A flaw is present in the applications, where ASP.NET fails to properly hash specially crafted requests and inserts that data into a hash table causing a hash collisi ...

oval:org.secpod.oval:def:4731
The host is installed with Windows DNS server and is prone denial of service vulnerability. A flaw is present in the DNS server, which fails to handle a specially crafted DNS query to the target DNS server. Successful exploitation could allow remote attackers to cause system to stop responding and a ...

oval:org.secpod.oval:def:4734
The host is installed with Microsoft Windows and is prone to remote code execution vulnerability. A flaw is present in the Remote Desktop Protocol, where it accesses an object in memory that has been improperly initialized or has been deleted. Successful exploitation allows remote attackers to take ...

oval:org.secpod.oval:def:3713
The host is installed with Microsoft Windows and is prone to remote code execution vulnerability. A flaw is present in the application, which is caused when Windows Media Player fails to handle a specially crafted MIDI file. Successful exploitation allows attackers to run arbitrary code in the conte ...

oval:org.secpod.oval:def:3711
The host is installed with Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle the way that the CSRSS processes a sequence of specially crafted Unicode char ...

oval:org.secpod.oval:def:3714
The host is installed with Microsoft Windows and is prone to remote code execution vulnerability. A flaw is present in the application, which is caused when filters in DirectShow do not properly handle specially crafted media files. Successful exploitation allows attackers to run arbitrary code in t ...

oval:org.secpod.oval:def:3707
The host is installed with Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, or R2 SP1, Windows 7 Gold or SP1 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly load structured exception handling tabl ...

oval:org.secpod.oval:def:3726
The host is installed with Microsoft Windows XP or Windows Server 2003 or Windows Server 2008 or Windows Vista or Windows 7 or Windows Server 2008 R2 and is prone to remote code execution vulnerability. A flaw is present in the applications, which does not perform proper validation on input passed f ...

oval:org.secpod.oval:def:4137
The host is installed with Internet Explorer 6,7,8 or 9 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly perform copy-and-paste operations. Successful exploitation could allow attackers to read content from a different (1) domain ...

oval:org.secpod.oval:def:4138
The host is installed with Internet Explorer 7,8 or 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle access to a deleted object. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:4157
The host is installed with Microsoft .NET Framework 2.0 SP2, 3.5.1, 4.0 or Silverlight and is prone unmanaged objects vulnerability. A flaw is present in the applications, which fails to handle a specially crafted Microsoft .NET Framework application. Successful exploitation could allow remote attac ...

oval:org.secpod.oval:def:3717
The host is installed with Microsoft Windows and is prone to remote code execution vulnerability. A flaw is present in the application which is caused by the way that Windows Packager loads ClickOnce applications embedded in Microsoft Office files. Successful exploitation allows remote attacker to g ...

oval:org.secpod.oval:def:5102
The host is installed with Windows XP SP2 or SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, R2 SP1, Windows 7 or SP1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly validate the digest of a signed por ...

oval:org.secpod.oval:def:4733
The host is installed with Windows kernel-mode driver and is prone postmessage function vulnerability. A flaw is present in the kernel-mode driver, which fails to handle PostMessage function. Successful exploitation could allow remote attackers to install programs, view, change, or delete data or cr ...

oval:org.secpod.oval:def:4738
The host is installed with Windows DirectWrite and is prone denial of service vulnerability. A flaw is present in the DirectWrite application, which fails to handle a specially crafted sequence of unicode characters. Successful exploitation could allow remote attackers to cause a target application ...

oval:org.secpod.oval:def:4131
The host is installed with Microsoft Windows XP or Windows Server 2003 or Windows Server 2008 or Windows Vista or Windows 7 or Windows Server 2008 R2 and is prone to elevation of privilege vulnerability. A flaw is present in the applications, where the Windows kernel-mode driver does not properly ha ...

oval:org.secpod.oval:def:4147
The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, R2 SP1, R2-IA64 and Windows 7, SP1 and is prone buffer overflow vulnerability. A flaw is present in the C Run-Time Library msvcrt.dll file, which fails to handle a specially crafted media file. Successful exploitati ...

oval:org.secpod.oval:def:5589
The host is installed with Microsoft .Net Framework 1.1 SP1 or 2.0 SP2 or 3.0 SP2 or 3.5 SP1 or 3.5.1 or 4.0 and is prone to remote code execution vulnerability. A flaw is present in the Microsoft .NET Framework, which fails due to the improper serialization of untrusted input through partially trus ...

oval:org.secpod.oval:def:5588
The host is installed with Microsoft .Net Framework 1.1 SP1 or 2.0 SP2 or 3.0 SP2 or 3.5 SP1 or 3.5.1 or 4.0 and is prone to remote code execution vulnerability. A flaw is present in the Microsoft .NET Framework, which fails due to the improper serialization of untrusted input. Successful exploitati ...

oval:org.secpod.oval:def:5129
The host is installed with Microsoft .NET Framework 1.1 SP1 or 2.0 SP2 or 3.5.1 or 4 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to properly validate parameters when passing data to a function. Successful exploitation allows remote attackers ...

oval:org.secpod.oval:def:5628
The host is installed with Microsoft Office, Windows, and Silverlight and is prone TrueType Font parsing vulnerability. A flaw is present in the applications, which fails to handle a specially crafted TrueType font file. Successful exploitation could allow remote attackers to install programs, view, ...

oval:org.secpod.oval:def:5631
The host is installed with Microsoft Office, Windows and is prone GDI+ record type vulnerability. A flaw is present in the applications, which fail to handle a specially crafted EMF images. Successful exploitation could allow remote attackers to install programs, view, change, or delete data or crea ...

oval:org.secpod.oval:def:5092
The host is installed with Microsoft Internet Explorer 6 through 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a crafted HTML document. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:5581
The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2 or R2 SP1, or Windows 7 or SP1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly enforce firewall rules for outbound broadcast packets. Successful ...

oval:org.secpod.oval:def:6028
The host is installed with Microsoft Windows XP or Windows Server 2003 or Windows Vista or Windows Server 2008 or R2 or Windows 7 and is prone to remote code execution vulnerability. A flaw is present in the Remote Desktop Protocol, which fails to properly process RDP packets in memory. Successful e ...

oval:org.secpod.oval:def:6346
The host is installed with Microsoft Windows and is prone to command injection vulnerability. A flaw is present in the windows shell, which fails to handle file and directory names. Successful exploitation allows remote attackers to install programs, view, change or delete data or create new account ...

oval:org.secpod.oval:def:5094
The host is installed with Microsoft Internet Explorer 6 or 7 and is prone to an OnReadyStateChange remote code execution vulnerability. A flaw is present in the application, which fails to handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:5096
The host is installed with Microsoft Internet Explorer 6 through 8 and is prone to a VML style remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code ...

oval:org.secpod.oval:def:5095
The host is installed with Microsoft Internet Explorer 6 through 9 and is prone to a SelectAll remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code ...

oval:org.secpod.oval:def:5585
The host is installed with Windows Vista SP2 or Windows Server 2008 SP2 or 2008 R2 or 2008 R2 SP1 or Windows 7 or SP1 and is prone to a privilege escalation vulnerability. A flaw is present in Windows Partition Manager, which fails to handle a specially crafted application. Successful exploitation c ...

oval:org.secpod.oval:def:5634
The host is installed with Microsoft Windows and is prone privilege escalation vulnerability. A flaw is present in the application, which fails to handle the Windows kernel-mode driver. Successful exploitation could allow remote attackers to install programs, view, change, or delete data or create n ...

oval:org.secpod.oval:def:5635
The host is installed with Microsoft Windows and is prone privilege escalation vulnerability. A flaw is present in the application, which fails to handle the Windows kernel-mode driver. Successful exploitation could allow remote attackers to install programs, view, change, or delete data or create n ...

oval:org.secpod.oval:def:6036
The host is installed with Internet Explorer 6 through 8 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle an object that has been deleted. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:6710
The host is installed with Internet Explorer 6 and 7 and is prone to a layout memory corruption vulnerability. A flaw is present in the application, which fails to handle deleted objects in memory. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:6993
The host is installed with Microsoft Internet Explorer 8 or 9 and is prone to an onmove use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to an object that was not properly initialized or is deleted. Successful exploitat ...

oval:org.secpod.oval:def:8180
The host is installed with Microsoft Windows XP SP2 or SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2 or R2 SP1, Windows 7 or SP1, Windows 8 or Windows Server 2012 and is prone to remote code execution vulnerability. A flaw is present in Windows DirectPlay, which fails ...

oval:org.secpod.oval:def:6687
The host is installed with Microsoft Windows XP, Server 2003, Vista, Server 2008, Windows 7 or Server 2008 R2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle a Remote Administration Protocol (RAP) response. Successful exploitation ...

oval:org.secpod.oval:def:5636
The host is installed with Microsoft Windows and is prone privilege escalation vulnerability. A flaw is present in the application, which fails to handle the Windows kernel-mode driver. Successful exploitation could allow remote attackers to install programs, view, change, or delete data or create n ...

oval:org.secpod.oval:def:6034
The host is installed with Microsoft Windows XP or Windows Server 2003 or Windows Vista or Windows Server 2008 or R2 or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to properly validate input passed from user mode. Successful explo ...

oval:org.secpod.oval:def:6033
The host is installed with Microsoft Windows XP or Windows Server 2003 or Windows Vista or Windows Server 2008 or R2 or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to properly validate input passed from user mode. Successful explo ...

oval:org.secpod.oval:def:6032
The host is installed with Microsoft Windows XP or Windows Server 2003 or Windows Vista or Windows Server 2008 or R2 or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to properly validate input passed from user mode. Successful explo ...

oval:org.secpod.oval:def:6031
The host is installed with Microsoft Windows XP or Windows Server 2003 or Windows Vista or Windows Server 2008 or R2 or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle TrueType font loading. Successful exploitation ...

oval:org.secpod.oval:def:6043
The host is installed with Internet Explorer 7 through 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly create and initialize string data. Successful exploitation could allow attackers to obtain sensitive information from process ...

oval:org.secpod.oval:def:6042
The host is installed with Internet Explorer 6 through 9 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle crafted character sequences with EUC-JP encoding. Successful exploitation could allow attackers to inject arbitrary web script or ...

oval:org.secpod.oval:def:6353
The host is installed with Microsoft Windows and is prone to information disclosure vulnerability. A flaw is present in the application, which is caused by a design flaw in the TLS protocol when Cipher-block chaining (CBC) mode of operation is used. Successful exploitation allows attackers to decryp ...

oval:org.secpod.oval:def:6035
The host is installed with Internet Explorer 6 through 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle an object that has been deleted. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:6048
The host is installed with Internet Explorer 6 through 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle an object that has been deleted. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:6047
The host is installed with Internet Explorer 6 through 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle an object that has been deleted. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:6046
The host is installed with Internet Explorer 6 through 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:6049
The host is installed with Internet Explorer 6 through 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:6051
The host is installed with Internet Explorer 6 through 9 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to block cross-domain scrolling events. Successful exploitation could allow attackers to read content from a different domain or zone.

oval:org.secpod.oval:def:6200
The host is installed with Microsoft XML Core Services 3.0, 4.0, 5.0 or 6.0 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial o ...

oval:org.secpod.oval:def:6343
The host is installed with Microsoft Windows XP SP2, SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, R2 SP1, Windows 7 Gold or SP1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly validate parameters ...

oval:org.secpod.oval:def:6342
The host is installed with Microsoft Windows XP SP2, SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, R2 SP1, Windows 7 Gold or SP1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle specific keyboard layo ...

oval:org.secpod.oval:def:6349
The host is installed with Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows Data Access Components (WDAC) 6.0 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to handle a crafted XML data that triggers access to an uninitiali ...

oval:org.secpod.oval:def:7924
The host is installed with Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5.1 or 4 and is prone to reflection bypass vulnerability. A flaw is present in the applications, which fail to properly validate the permissions of objects performing reflection. Successful exploitation allows attackers to take ...

oval:org.secpod.oval:def:7926
The host is installed with Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5.1 or 4 and is prone to untrusted search path vulnerability. A flaw is present in the applications, which is caused when Entity Framework, a .NET Framework component, incorrectly restricts the path used for loading external lib ...

oval:org.secpod.oval:def:7311
The host is installed with Microsoft Windows XP, server 2003, server 2008, server 2008 R2, Vista or Windows 7 and is prone to integer overflow vulnerability. A flaw is present in the application, which is caused when the Windows kernel improperly handles objects in memory. Successful exploitation al ...

oval:org.secpod.oval:def:6685
The host is installed with Microsoft Windows XP SP2, SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, R2 SP1, Windows 7 Gold or SP1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle objects in memory prop ...

oval:org.secpod.oval:def:6709
The host is installed with Internet Explorer 6 through 9 and is prone to an asynchronous null object access remote code execution vulnerability. A flaw is present in the application, which fails to handle deleted objects in memory. Successful exploitation could allow attackers to execute arbitrary c ...

oval:org.secpod.oval:def:6711
The host is installed with Internet Explorer 6 through 9 and is prone to a virtual function table corruption vulnerability. A flaw is present in the application, which fails to handle deleted objects in memory. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:7931
The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 or Windows 7 and is prone to privilege escalation vulnerability. A flaw is present in the Windows kernel, which fails to properly handle the objects in memory. Successful exploitation could allow attackers ...

oval:org.secpod.oval:def:6994
The host is installed with Microsoft Internet Explorer 9 and is prone to an event listener use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:6995
The host is installed with Microsoft Internet Explorer 9 and is prone to an layout use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbitrary ...

oval:org.secpod.oval:def:6996
The host is installed with Microsoft Internet Explorer 6 through 8 and is prone to an cloneNode use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to exec ...

oval:org.secpod.oval:def:8191
The host is installed with Windows XP, Windows Vista, Windows Server 2008,Windows Server 2008 R2, Windows Server 2003 or Windows 7 and is prone to remote code execution vulnerabilities. The flaws are present in the Windows kernel, which fails to handle a specially crafted OpenType font file. Success ...

oval:org.secpod.oval:def:7077
The host is installed with Google Chrome before 22.0.1229.79 in Microsoft Windows 7 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle memory. Successful exploitation allows remote attackers to execute arbitrary code or cause a denia ...

oval:org.secpod.oval:def:7927
The host is installed with Microsoft .NET Framework 2.0 SP2, 3.5.1, 4 or 4.5 and is prone to Web proxy auto-discovery vulnerability. A flaw is present in the applications, which is caused by a lack of validation when the .NET Framework acquires the default web proxy settings and executes JavaScript ...

oval:org.secpod.oval:def:8182
The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2008 R2, Windows Server 2003 or Windows 7 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to parse filenames. Successful exploitation could allow attacke ...

oval:org.secpod.oval:def:6992
The host is installed with Microsoft Internet Explorer 6 through 9 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:8322
The host is installed with Internet Explorer 6, Internet Explorer 7 or Internet Explorer 8 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to properly handle object in memory. Successful exploitation could allow attackers to execute arbitrary co ...

oval:org.secpod.oval:def:8192
The host is installed with Windows XP, Windows Vista, Windows Server 2008,Windows Server 2008 R2, Windows Server 2003 or Windows 7 and is prone to remote code execution vulnerabilities. The flaws are present in the Windows kernel, which fails to handle a specially crafted TrueType font file. Success ...

oval:org.secpod.oval:def:8193
The host is installed with Internet Explorer 6, 7, 8, 9 or 10 and is prone to an InjectHTMLStream use-after-free vulnerability. A flaw is present in the application, which fails to handle a deleted object. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:8195
The host is installed with Internet Explorer 9 and is prone to an CMarkup use-after-free vulnerability. A flaw is present in the application, which fails to handle a deleted object. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:8196
The host is installed with Internet Explorer 9 or 10 and is prone to an improper ref counting use-after-free vulnerability. A flaw is present in the application, which fails to handle a deleted or improperly initialized object. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:8337
The host is installed with Microsoft .NET Framework 1.1 SP1 or 2.0 SP2 or 3.5.1 or 4 or 4.5 and is prone to WinForms buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a Windows Forms method. Successful exploitation allows remote attackers to install ...

oval:org.secpod.oval:def:8338
The host is installed with Microsoft .NET Framework 1.1 SP1 or 2.0 SP2 or 3.0 or 4 and is prone to system drawing information disclosure vulnerability. A flaw is present in the application, which fails to properly handle pointers to unmanaged memory locations. Successful exploitation allows remote a ...

oval:org.secpod.oval:def:8339
The host is installed with Microsoft .NET Framework 2.0 SP2, 3.0, 3.5.1, 4 or 4.5 and is prone to S.DS.P buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle System.DirectoryServices.Protocols (S.DS.P) namespace method. Successful exploitation allows re ...

oval:org.secpod.oval:def:8333
The host is installed with Windows Vista, Windows Server 2008,Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle window broadcast messages. Successful exploitat ...

oval:org.secpod.oval:def:8340
The host is installed with Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.0, 3.5.1, 4 or 4.5 and is prone to double construction vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation allows remote attackers to install programs, v ...

oval:org.secpod.oval:def:8342
The host is installed with Microsoft .NET Framework 3.5 Service Pack 1, Microsoft .NET Framework 4 or Management OData IIS Extension and is prone to a denial of service vulnerability. A flaw is present in the applications, which fail to handle crafted HTTP requests. Successful exploitation could all ...

oval:org.secpod.oval:def:8351
The host is installed with Microsoft XML Core Services 4.0, 5.0, 6.0 on Microsoft Windows or with Microsoft Groove Server 2007, Microsoft SharePoint Server 2007, Microsoft Expression Web 2, Microsoft Expression Web, Microsoft Office Compatibility Pack, Microsoft Word Viewer, Microsoft Office 2007, M ...

oval:org.secpod.oval:def:8335
The host is installed with Microsoft Windows Vista, Windows 7, Windows server 2008, Windows server 208 R2, Windows 8 or Windows server 2012 and is prone to security feature bypass vulnerability. A flaw is present in the application, which fails to properly handle SSL/TLS session version negotiation. ...

oval:org.secpod.oval:def:9286
The host is installed with Internet Explorer 6, 7, 8 or 9 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:9284
The host is installed with Internet Explorer 6, 7, 8, 9 or 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:9285
The host is installed with Internet Explorer 6, 7, 8 or 9 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:9240
The host is installed with Microsoft Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8 or Windows Server 2012 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a connection termination sequence. Succ ...

oval:org.secpod.oval:def:9294
The host is installed with Internet Explorer 6, 7, 8, 9 or 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:9295
The host is installed with Internet Explorer 6, 7, 8, 9 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:9296
The host is installed with Internet Explorer 6, 7, 8, 9 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:9281
The host is installed with .NET Framework 2.0 or 3.5 or 3.5.1 or 4.0 or 4.5 and is prone to privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle permissions of a callback function. Successful exploitation allows attackers to take complete control o ...

oval:org.secpod.oval:def:9283
The host is installed with Internet Explorer 6 or 7 or 8 or 9 or 10 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to handle a specially crafted webpage. Successful exploitation could allow an attacker to gain the same user rights as the current us ...

oval:org.secpod.oval:def:9712
The host is installed with Internet Explorer 6,7,8,9 or 10 and is prone to an onresize use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:9229
The host is installed with Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a specially crafted media file (such as an .mpg file), a Microsoft Office docume ...

oval:org.secpod.oval:def:9713
The host is installed with Internet Explorer 6,7,8,9 or 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:9715
The host is installed with Internet Explorer 6,7,8,9 or 10 and is prone to a CCaret use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:9714
The host is installed with Internet Explorer 6,7,8,9 or 10 and is prone to a CMarkupBehaviorContext use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:9717
The host is installed with Internet Explorer 6,7,8,9 or 10 and is prone to a GetMarkupPtr use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:9718
The host is installed with Internet Explorer 6,7,8,9 or 10 and is prone to a use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:9720
The host is installed with Internet Explorer 6,7,8,9 or 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:9250
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9251
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9246
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9247
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9248
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9249
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9244
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, Windows 7, Server 2012 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver i ...

oval:org.secpod.oval:def:9245
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, Windows 7, Server 2012 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver i ...

oval:org.secpod.oval:def:9257
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9258
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9259
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9253
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9254
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9255
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9256
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9252
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9260
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9268
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9269
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9264
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9265
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9266
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9267
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9261
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9262
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9263
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9236
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, Windows 7 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel improperly handles objects ...

oval:org.secpod.oval:def:9237
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, Windows 7 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel improperly handles objects ...

oval:org.secpod.oval:def:9238
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, Windows 7 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel improperly handles objects ...

oval:org.secpod.oval:def:9270
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9271
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9272
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ...

oval:org.secpod.oval:def:9273
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles object ...

oval:org.secpod.oval:def:9742
The host is installed with Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8 or Windows Server 2012 and is prone to a privilege escalation vulnerability. A flaw is present in the kernel-mode drivers, which fails to handle obje ...

oval:org.secpod.oval:def:9741
The host is installed with Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8 or Windows Server 2012 and is prone to a privilege escalation vulnerability. A flaw is present in the kernel-mode drivers, which fails to handle obje ...

oval:org.secpod.oval:def:9740
The host is installed with Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8 or Windows Server 2012 and is prone to a privilege escalation vulnerability. A flaw is present in the kernel-mode drivers, which fails to handle obje ...

oval:org.secpod.oval:def:10733
The host is installed with Microsoft Windows XP, Server 2003, Server 2008, R2, Server 2012, Windows Vista, Windows 7 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation allows attack ...

oval:org.secpod.oval:def:10950
The host is installed with Microsoft Internet Explorer 6 through 8 and is prone to JSON array information disclosure vulnerability. A flaw is present in the application, which fails to properly restrict data access by VBScript. Successful exploitation could allow attackers to perform cross-domain re ...

oval:org.secpod.oval:def:10729
The host is installed with Windows XP, Server 2003, Vista, or Server 2008 are prone to a CSRSS memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted application. Successful exploitation could allow attackers to gain privileges.

oval:org.secpod.oval:def:10738
The host is installed with Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012 and is prone to a race condition vulnerability. A flaw is present in the application, which fails to properly handle objec ...

oval:org.secpod.oval:def:10736
The host is installed with Microsoft Windows Server 2008, R2, Server 2012, Windows Vista, Windows 7 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation allows attackers to gain eleva ...

oval:org.secpod.oval:def:10737
The host is installed with Microsoft Windows Server 2008, R2, Windows Vista or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation allows attackers to gain elevated privileges and read ...

oval:org.secpod.oval:def:10948
The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbit ...

oval:org.secpod.oval:def:10953
The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbit ...

oval:org.secpod.oval:def:10954
The host is installed with Microsoft Internet Explorer 6 or 7 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbitrary c ...

oval:org.secpod.oval:def:10741
The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbit ...

oval:org.secpod.oval:def:10742
The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbit ...

oval:org.secpod.oval:def:10966
The host is installed with Microsoft Windows Vista, Windows Server 2008 or R2 , Windows 7 SP1, Windows 8, Windows Server 2012 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could al ...

oval:org.secpod.oval:def:10847
The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation allows attackers to execute arbitrary cod ...

oval:org.secpod.oval:def:14200
The host is installed with Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8 or Windows 2012 and is prone to a privilege escalation vulnerability. A flaw is present in the Windows Print Spooler components which fails to validate a specially crafted print job. Successfu ...

oval:org.secpod.oval:def:10946
The host is installed with .NET Framework 2.0, 3.5, 3.5.1, 4.0 or 4.5 and is prone to spoofing vulnerability. A flaw is present in the application, which fails to check signatures in XML file. Successful exploitation allows attackers to make undetected changes to signed XML documents via unspecified ...

oval:org.secpod.oval:def:10968
The host is installed with Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, R2, Windows 7, Windows 8, Windows Server 2012 and is prone to a windows handle vulnerability. A flaw is present in the application which fails to properly handle deleted objects in memory. Succe ...

oval:org.secpod.oval:def:10957
The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbit ...

oval:org.secpod.oval:def:14178
The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:14175
The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:14180
The host is installed with Microsoft Internet Explorer 7, 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:14185
The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:14193
The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:14191
The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:14197
The host is installed with Microsoft Windows Vista, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to a TCP/IP integer overflow vulnerability. A flaw is present in the application, which fails to properly handle packets during TCP connection. S ...

oval:org.secpod.oval:def:2621
The host is missing a critical security update according to Microsoft security bulletin, MS09-037. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft Active Template Library (ATL) header. Components and controls built using ATL headers fails t ...

oval:org.mitre.oval:def:5437
Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, through Vista SP1, and Server 2008 allows local users to execute arbitrary code via unknown vectors related to improper input validation. NOTE: it was later reported that one affected function is ...

oval:org.secpod.oval:def:2651
The host is missing an important security update according to Microsoft security bulletin, MS08-025. The update is required to fix privilege escalation vulnerability. A flaw is present in the Windows kernel, which fails to handle validation of inputs passed from user mode. Successful exploitation co ...

oval:org.secpod.oval:def:3339
The host is missing a critical security update according to Microsoft security bulletin, MS08-052. The update is required to fix remote code execution vulnerabilities. The flaws are present in Microsoft Windows GDI+, which fails handle a specially crafted image file or browsed a Web site that contai ...

oval:org.mitre.oval:def:5986
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQ ...

oval:org.secpod.oval:def:2626
The host is missing a critical security update according to bulletin, MS08-078. The update is required to fix multiple remote code execution vulnerabilities. The flaw are present in the application, which fails to handle a specially crafted Web page. Successful exploitation could allow remote code e ...

oval:org.mitre.oval:def:6007
Use-after-free vulnerability in mshtml.dll in Microsoft Internet Explorer 5.01, 6, and 7 on Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a crafted XML document containing nested SPAN elements, as exploited ...

oval:org.mitre.oval:def:7158
The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10. ...

oval:org.secpod.oval:def:2299
The host is missing a critical security update according to Microsoft security bulletin, MS09-060. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office, which validates the ATL ...

oval:org.secpod.oval:def:2617
The host is missing a moderate security update according to Microsoft security bulletin, MS09-035. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft Active Template Library (ATL) included with Visual Studio, which allows an attacker to force ...

oval:org.secpod.oval:def:400059
Note: This advisory was resent because the list of packages was wrong. The flash-player is a web-browser plugin that allows displaying animated web-content and remote access to client hardware . A specially crafted Shockwave-Flash file could cause a buffer overflow in the flash-player plugin. This ...

oval:org.secpod.oval:def:6688
The host is installed with Microsoft Windows XP, Server 2003, Vista, Server 2008, Windows 7 or Server 2008 R2 and is prone to format string vulnerability. A flaw is present in the application, which fails to handle a specially crafted response. Successful exploitation allows attackers to take comple ...

oval:org.secpod.oval:def:9287
The host is installed with Internet Explorer 7, 8, 9 or 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:40431
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by runnin ...

oval:org.secpod.oval:def:40507
The host is missing security updates for KB4018885.

CVE    11
CVE-2012-1194
CVE-2007-6753
CVE-2010-4562
CVE-2010-0719
...
CCE    307
CCE-2541-1
CCE-2574-2
CCE-2223-6
CCE-2149-3
...
*CPE
cpe:/o:microsoft:windows_server_2008:-
XCCDF    10
xccdf_saner20_benchmark_Windows_2008_wmi_service_pack
xccdf_org.secpod_benchmark_hipaa_windows_2k8_server
xccdf_org.secpod_benchmark_nerc_cip_Windows_2008_server
xccdf_org.secpod_benchmark_cip_std_ver3_Windows_2008_server
...

© 2013 SecPod Technologies