Download
| Alert*
oval:org.secpod.oval:def:24849
The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to a Win32k null pointer dereference vulnerability. A flaw is present in the application, which fails to pro ... oval:org.mitre.oval:def:1282 The operating system installed on the system is Microsoft Windows Vista (32-bit) oval:org.mitre.oval:def:1804 The patch Windows6.0-KB925902-x86.msu that addresses the vulnerabilities discussed in Microsoft Security Bulletin MS07-017 should be installed. oval:org.mitre.oval:def:1469 The patch Windows6.0-KB930178-x86.msu that addresses the vulnerabilities discussed in Microsoft Security Bulletin MS07-021 should be installed. oval:org.secpod.oval:def:21558 The host is installed with Microsoft Windows Vista, Server 2008, Windows 7, Server 2008 R2, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle failed logon attempts. Successful ex ... oval:org.secpod.oval:def:10947 The host is installed with .NET Framework 4.5 and is prone to authentication bypass vulnerability. A flaw is present in the application, which fails to create policy requirements for custom Windows Communication Foundation (WCF) endpoint authentication in certain situations involving passwords over ... oval:org.secpod.oval:def:10946 The host is installed with .NET Framework 2.0, 3.5, 3.5.1, 4.0 or 4.5 and is prone to spoofing vulnerability. A flaw is present in the application, which fails to check signatures in XML file. Successful exploitation allows attackers to make undetected changes to signed XML documents via unspecified ... oval:org.secpod.oval:def:23103 The host is installed with Microsoft Windows Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the OLE automation array, which fails to handle specially ... oval:org.mitre.oval:def:1706 Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption. oval:org.secpod.oval:def:24855 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to a Win32k Pool buffer overflow vulnerability. A flaw is present in the application, which fails to properl ... oval:org.secpod.oval:def:24856 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to a Win32k elevation of privilege vulnerability. A flaw is present in the application, which fails to prope ... oval:org.secpod.oval:def:24853 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to a Win32k buffer overflow vulnerability. A flaw is present in the application, which fails to properly val ... oval:org.secpod.oval:def:25800 The host is installed with Microsoft Windows Vista SP2 or Windows Server 2008 SP2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly handles certain logging activities. Successful exploitation could allow attackers to take complete control of an ... oval:org.secpod.oval:def:23759 The host is installed with Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8 or 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted file or website. Successful exploitation ... oval:org.secpod.oval:def:23758 The host is installed with Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8 or 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted file or website. Successful exploitation ... oval:org.secpod.oval:def:23757 The host is installed with Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8 or 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted file or website. Successful exploitation ... oval:org.secpod.oval:def:23756 The host is installed with Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8 or 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted file or website. Successful exploitation ... oval:org.secpod.oval:def:23755 The host is installed with Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8 or 8.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly read or display certain fonts. Successful exploitation could allow ... oval:org.secpod.oval:def:23754 The host is installed with Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8 or 8.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly manage memory when parsing fonts. Successful exploitation could allow at ... oval:org.secpod.oval:def:20770 The host is installed with Microsoft Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted application. An attacker wh ... oval:org.secpod.oval:def:24301 The host is installed with Microsoft Windows Vista, Server 2008, Windows 7, 2008 R2, Windows 8, 8.1, Server 2012 or Server 2012 R2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a specially crafted .msc file. Successful exploitation cou ... oval:org.secpod.oval:def:18533 The host is installed with .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4.0, 4.5 or 4.5.1 and is prone to privilege escalation vulnerability. A flaw is present in the application, which fails to handles TypeFilterLevel checks for some malformed objects. Successful exploitation allows attacker to exe ... oval:org.secpod.oval:def:6709 The host is installed with Internet Explorer 6 through 9 and is prone to an asynchronous null object access remote code execution vulnerability. A flaw is present in the application, which fails to handle deleted objects in memory. Successful exploitation could allow attackers to execute arbitrary c ... oval:org.secpod.oval:def:6711 The host is installed with Internet Explorer 6 through 9 and is prone to a virtual function table corruption vulnerability. A flaw is present in the application, which fails to handle deleted objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6710 The host is installed with Internet Explorer 6 and 7 and is prone to a layout memory corruption vulnerability. A flaw is present in the application, which fails to handle deleted objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:21362 The host is installed with Microsoft Windows Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle TrueType ... oval:org.secpod.oval:def:24086 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to process certain specially crafted Enhanced Metafile (EMF) image form ... oval:org.secpod.oval:def:20126 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails ... oval:org.secpod.oval:def:3433 The host is installed with Microsoft Time component and is prone to remote code execution vulnerability. A flaw is present in the application which is caused by a specially crafted Web page. Successful exploitation allows remote attacker gain user rights as the logged-on user. oval:org.secpod.oval:def:21554 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle proce ... oval:org.secpod.oval:def:21549 The host is installed with Microsoft Windows Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle crafted OLE objects. Successful ... oval:org.secpod.oval:def:21548 The host is installed with Microsoft Windows Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the OLE automation array, which fails to handle crafted O ... oval:org.secpod.oval:def:21543 The host is installed with Microsoft XML Core Services 3.0 on Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, w ... oval:org.secpod.oval:def:23760 The host is installed with Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8 or 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted file or website. Successful exploitation ... oval:org.secpod.oval:def:24290 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails ... oval:org.secpod.oval:def:24291 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails ... oval:org.secpod.oval:def:24292 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails ... oval:org.secpod.oval:def:24293 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails ... oval:org.secpod.oval:def:24294 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails ... oval:org.secpod.oval:def:24295 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails ... oval:org.secpod.oval:def:23477 The host is installed with Microsoft Windows Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to a security feature bypass vulnerability. A flaw is present in the group policy application of security configuration ... oval:org.secpod.oval:def:24847 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows kernel-mode driver, which fails ... oval:org.secpod.oval:def:25349 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel-mode driver, which fails ... oval:org.secpod.oval:def:25354 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8 or Server 2012 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel-mode driver, which fails to properly handle objects i ... oval:org.secpod.oval:def:25350 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows kernel-mode driver, which fails ... oval:org.secpod.oval:def:25806 The host is installed with Microsoft XML Core Services 3.0 or Microsoft XML Core Services 6.0 on Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 or Microsoft XML Core Services 5.0 on Microsoft Office 2007 SP2, SP3 or Micr ... oval:org.secpod.oval:def:23743 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows kernel-mode driver, which deref ... oval:org.secpod.oval:def:23752 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle uninitialize ... oval:org.secpod.oval:def:23742 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows kernel-mode driver, which leaks ... oval:org.secpod.oval:def:23741 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows kernel-mode driver, which fails ... oval:org.secpod.oval:def:23761 The host is installed with Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8 or 8.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly read or display certain fonts. Successful exploitation could allow ... oval:org.secpod.oval:def:24280 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows kernel-mode driver, which leaks ... oval:org.secpod.oval:def:24281 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows kernel-mode driver, which leaks ... oval:org.secpod.oval:def:24282 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows kernel-mode driver, which leaks ... oval:org.secpod.oval:def:24283 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows kernel-mode driver, which leaks ... oval:org.secpod.oval:def:24284 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2 or Server 2008 SP2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel-mode driver, which improperly handles objects in memory. Successful exploitation allows remote attackers to exec ... oval:org.secpod.oval:def:24279 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows kernel-mode driver, which leaks ... oval:org.secpod.oval:def:24299 The host is installed with Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, Windows 7, 8, 8.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which allows the use of a weak Diffie-Hellman ephemeral (DFE) key length of 512 bits in an encrypte ... oval:org.secpod.oval:def:21367 The host is installed with Microsoft Windows Server 2003, Vista or Server 2008 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which is caused when the FASTFAT driver executes a function that results in a buffer under-allocation issue. Successful exploi ... oval:org.secpod.oval:def:21373 The host is installed with .Net framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1 or 4.5.2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly parse specially crafted internationalized resource identifiers resulting in memory corruption. Su ... oval:org.secpod.oval:def:10741 The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbit ... oval:org.secpod.oval:def:10742 The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbit ... oval:org.secpod.oval:def:21095 The host is installed with .Net framework 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1 or 4.5.2 and is prone to denial of service vulnerability. A flaw are present in the applications, which does not properly use a hash table for request data. Successful exploitation allows for an unauthenti ... oval:org.secpod.oval:def:10847 The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation allows attackers to execute arbitrary cod ... oval:org.secpod.oval:def:21590 The host is installed with Internet Explorer 6, 7, 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19797 The host is installed with Microsoft Windows Vista, Server 2008, Windows 7, Windows 8, Windows Server 2012, Windows Server 2008 R2, Windows 8.1 or Windows Server 2012 R2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly processes special ... oval:org.secpod.oval:def:23112 The host is installed with Microsoft Windows Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to a directory traversal elevation of privilege vulnerability. A flaw is present in the TS WebProxy Windows component, which fails to properly san ... oval:org.secpod.oval:def:33792 The host is installed with Microsoft Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2 or Windows 8.1 and is prone to an OLE Remote code execution vulnerability. A flaw is present in the application, which fails to properly validate user input. An attacker who succes ... oval:org.secpod.oval:def:3559 The host is installed with Serv-U FTP Server before 11.1.0.5 and is prone to directory traversal vulnerability. A flaw is present in the application, which fails to properly validate the given input. Successful exploitation allows remote attackers to disclose potentially sensitive information and ma ... oval:org.secpod.oval:def:24841 The host is installed with Microsoft Windows Vista, Windows 7, Windows 8, Windows Server 2008, Windows Server 2008 R2 or Windows Server 2012 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly validate user input. Successful exploita ... oval:org.secpod.oval:def:25358 The host is installed with Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 and is prone to a dll planting remote code execution vulnerability. A flaw is present in the application, which fails to properly load crafted DLLs. Successful explo ... oval:org.mitre.oval:def:1884 The Teredo interface in Microsoft Windows Vista and Vista x64 Edition does not properly handle certain network traffic, which allows remote attackers to bypass firewall blocking rules and obtain sensitive information via crafted IPv6 traffic, aka "Windows Vista Firewall Blocking Rule Information Dis ... oval:org.secpod.oval:def:43962 Microsoft Internet Explorer is prone to a denial-of-service vulnerability. A flaw is present in internet explorer, which fails to handle some exceptional conditions. Successful exploits can allow attackers to hang the affected browser, resulting in denial-of-service conditions. oval:org.secpod.oval:def:24110 The host is installed with .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4.0, 4.5 or 4.5.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which improperly handles certain requests on systems that have custom error messages disabled. Successful exploitat ... oval:org.secpod.oval:def:23773 The host is installed with Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8, 8.1 and is prone to a WTS remote code execution vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow atta ... oval:org.secpod.oval:def:24338 The host is installed with Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, Silverlight 5 or Silverlight 5 Developer Runtime and is prone to a truetype f ... oval:org.secpod.oval:def:24339 The host is installed with Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 and is prone to an opentype font parsing vulnerability. A flaw is present in the applications, which fail to handle a crafted OpenType font. Successful exploitation could allow attackers to execute arbi ... oval:org.secpod.oval:def:21365 The host is installed with Microsoft Windows Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle crafted OLE objects. Successful ... oval:org.secpod.oval:def:10745 The host is installed with Microsoft Active Directory or Active Directory Application Mode (ADAM) or Active Directory Lightweight Directory Service (AD LDS) or Active Directory Services and is prone to a denial of service vulnerability. A flaw is present in an application, which fails to handle a cr ... oval:org.secpod.oval:def:25346 The host is installed with Microsoft Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an OLE elevation of privilege vulnerability. A flaw is present in the application, which fails to properly validate user inpu ... oval:org.secpod.oval:def:25347 The host is installed with Microsoft Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an OLE elevation of privilege vulnerability. A flaw is present in the application, which fails to properly validate user inpu ... oval:org.secpod.oval:def:25856 The host is installed with Microsoft Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2, .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, Office 2007 SP3 or 2010 SP2, Live Meeting 2007 Console, Lync 2010, ... oval:org.secpod.oval:def:25857 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2, .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, Office 2007 SP3 or 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 ... oval:org.secpod.oval:def:25844 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1 or Server 2012 R2 and is prone to an Onetype font parsing vulnerability. A flaw is present in the application, which fails to handle a crafted OpenType font ... oval:org.secpod.oval:def:25847 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which terminates a process when a user logs ... oval:org.secpod.oval:def:25848 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1 or Server 2012 R2 and is prone to a security feature bypass vulnerability. A flaw is present in the Windows kernel-mode driver, which fails to properly vali ... oval:org.secpod.oval:def:25853 The host is installed with Microsoft Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2, .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 or 4.6 and is prone to an Onetype font parsing vulnerability. A flaw ... oval:org.secpod.oval:def:34315 The host is installed with Windows Media Center on Microsoft Windows Vista, 7 or 8.1 and is prone to a remote Code Execution Vulnerability. A flaw is present in the application, which fails to handle a specially crafted Media Center link (.mcl) file that references malicious code. Successful exploit ... oval:org.secpod.oval:def:25814 The host is installed with Microsoft Windows Server 2008 R2, Server 2008, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to a remote desktop session host spoofing vulnerability. A flaw is present in the application, which fails to properly validate certi ... oval:org.secpod.oval:def:21556 The host is installed with Microsoft Windows Vista, Server 2008, Windows 7, Server 2008 R2, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to validate permissions under specific conditio ... oval:org.secpod.oval:def:21564 The host is installed with .NET Framework 1.1 SP1, 2.0 SP2, 3.5.1, 4.0, 4.5 or 4.5.1 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to handle TypeFilterLevel checks for some malformed objects. Successful exploitation allows attacker to execute ... oval:org.secpod.oval:def:18530 The host is installed with Microsoft Windows Vista, Server 2008, Windows 7, Server 2008 R2, Windows 8, Server 2012, Windows 8.1 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle passwords being distributed ... oval:org.secpod.oval:def:19801 The host is installed with Microsoft XML Core Services 3.0 on Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 or Microsoft XML Core Services 6.0 on Microsoft Windows Server 2003 SP2, Vista SP2, Server 200 ... oval:org.mitre.oval:def:1275 Unspecified vulnerability in the (1) Windows Services for UNIX 3.0 and 3.5, and (2) Subsystem for UNIX-based Applications in Microsoft Windows 2000, XP, Server 2003, and Vista allows local users to gain privileges via unspecified vectors related to "certain setuid binary files." oval:org.secpod.oval:def:20814 The host is installed with .Net framework 2.0, 3.0 or 3.5.1 and is prone to an security feature bypass vulnerability. A flaw is present in the application, which fails to handle a crafted web site. Successful exploitation could allow an attacker to bypass the Address Space Layout Randomization (ASLR ... oval:org.secpod.oval:def:23099 The host is installed with Microsoft Windows Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an elevation of privilege vulnerability. A flaw is present in the WebDAV Kernel-Mode Driver, which fails to properly ... oval:org.secpod.oval:def:23110 The host is installed with Microsoft Windows Server 2003, Windows 7, 8, 8.1, Server 2008, 2008 R2, 2012 or 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to validate user privileges to load registry hives. Successful exploitation co ... oval:org.secpod.oval:def:23104 The host is installed with Microsoft Windows 7, 8, 8.1, Server 2008, 2008 R2, 2012 or 2012 R2 and is prone to a security feature bypass vulnerability. A flaw is present in the application, which fails to fails to properly validate whether a domain-connected computer is connected to the domain or to ... oval:org.secpod.oval:def:20093 The host is installed with DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1 or Windows Server 2012 R2 and is prone to a elevation of privilege vulnerability. A flaw is present in the application, which fails to ... oval:org.secpod.oval:def:20094 The host is installed with Microsoft Windows Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. S ... oval:org.secpod.oval:def:21374 The host is installed with .Net framework 2.0 SP2 or 3.5.1 and is prone to a ASLR execution vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted content. Successful exploitation allows attacker to bypass the ASLR security feature. oval:org.secpod.oval:def:21372 The host is installed with .Net framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1 or 4.5.2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which inadvertently processes data prior to verification. Successful exploitation allows attacker to take complete cont ... oval:org.secpod.oval:def:21361 The host is installed with Microsoft Windows Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle objects ... oval:org.secpod.oval:def:18180 The host is installed with Windows Server 2003, Server 2008, Vista, Windows 7, Server 2008 R2, Server 2012, Windows 8.1 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle file association. Successful exploit ... oval:org.secpod.oval:def:33815 The host is installed with Microsoft .NET Framework 4.6 or .NET Framework 4.6.1 on Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1 or Server 2008 R2 SP1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly validate input bef ... oval:org.secpod.oval:def:25338 The host is installed with Microsoft Windows 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 and is prone to a RPC elevation of privilege vulnerability. A flaw is present in the application, which inadvertently allows DCE/RPC con ... oval:org.secpod.oval:def:25341 The host is missing an important security update according to Microsoft security bulletin, MS15-077. The update is required to fix a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. An attacker who successfully exploited this vu ... oval:org.secpod.oval:def:25344 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012, 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to process certain specially cr ... oval:org.secpod.oval:def:25340 The host is installed with Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8 or 8.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. An attacker who successfully exploited this vu ... oval:org.secpod.oval:def:24082 The host is installed with Microsoft XML Core Services 3.0 in Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1 and is prone to a same origin policy SFB vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful ... oval:org.secpod.oval:def:32914 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1 or Server 2008 R2 SP1 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel, which fails to properly handle objects in memory. Successful exploitation could run arbitrary code in kernel mo ... oval:org.secpod.oval:def:24107 The host is installed with Microsoft Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1 or Server 2012 R2 and is prone to a NtCreateTransactionManager type confusion vulnerability. A flaw is present in the application, which fails to properly validate ... oval:org.secpod.oval:def:24109 The host is installed with Microsoft Server 2003, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1 or Server 2012 R2 and is prone to MS-DOS device name vulnerability. A flaw is present in the application, which fails to properly validate and enforce ... oval:org.secpod.oval:def:25810 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly validate and enforc ... oval:org.secpod.oval:def:34302 The host is installed with Microsoft Windows Vista or Server 2008 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly validate input before loading certain libraries. An attacker who successfully exploited this vulnerability could take ... oval:org.secpod.oval:def:25811 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which improperly allows certain registry in ... oval:org.secpod.oval:def:25812 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which improperly allows certain filesystem ... oval:org.secpod.oval:def:21569 The host is installed with Microsoft Input method editor Japanese on Microsoft Windows Server 2003, Server 2008, Server 2008 R2 or Windows 7 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted file. Success ... oval:org.secpod.oval:def:3427 The host is installed with Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7 (32 bit versions) and is prone to a privilege escalation vulnerability. A flaw is present in the applications, which fail to properly handle the way the kernel accesses an object that has not be ... oval:org.secpod.oval:def:23776 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. The flaw is present in the application, which exists in the way that Windows Registry Vir ... oval:org.secpod.oval:def:37929 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1 or Server 2008 R2 SP1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle Windows Kernel API. An attacker who successfully exploited the vu ... oval:org.secpod.oval:def:23775 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1 and is prone to an elevation of privilege vulnerability. The flaw is present in the application, when Windows fails to properly validate and enforce impersonation levels. An at ... oval:org.secpod.oval:def:20773 The host is missing an important security update according to Microsoft security bulletin, MS14-049. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which improperly handles the repair of a previously installed application. Successful expl ... oval:org.secpod.oval:def:20768 The host is installed with Microsoft Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a crafted application. S ... oval:org.secpod.oval:def:21615 The host is installed with Microsoft Windows 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 and is prone to a remote elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a forged sign ... oval:org.secpod.oval:def:20769 The host is installed with Microsoft Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a crafted application. S ... oval:org.secpod.oval:def:20772 The host is installed with Microsoft Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which improperly handles the repair of a previ ... oval:org.secpod.oval:def:24297 The host is installed with Windows Vista, 7, 8 or 8.1, Server 2008, 2008 R2, 2012 or 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which improperly verifies impersonation levels. Successful exploitation could allow attackers to gain elevated p ... oval:org.secpod.oval:def:24303 The host is installed with .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4.0, 4.5, 4.5.1 or 4.5.2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Forms, which improperly handle objects in memory. Successful exploitation allows attackers to take complete contr ... oval:org.secpod.oval:def:23492 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which improperly handles objects i ... oval:org.secpod.oval:def:23491 The host is missing an important security update according to Microsoft security bulletin MS15-010. The update is required to fix multiple vulnerabilities. The flaw is present in the Windows Kernel-Mode driver, which fails to handle crafted vectors. Successful exploitation could allow attackers to g ... oval:org.secpod.oval:def:23495 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 and is prone to a denial of service vulnerability. A flaw is present in the application, which improperly handles a malicious fil ... oval:org.secpod.oval:def:23494 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which improperly handles objects i ... oval:org.secpod.oval:def:20096 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1 or Windows Server 2012 R2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly validat ... oval:org.secpod.oval:def:24854 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to a Microsoft Windows Kernel brush object use after free vulnerability. A flaw is present in the applicatio ... oval:org.secpod.oval:def:24845 The host is installed with Microsoft Windows Vista, Windows 7, Windows 8, Windows Server 2008, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 or Windows Server 2012 R2 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to properly access an o ... oval:org.secpod.oval:def:24848 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an use after free vulnerability. A flaw is present in the Windows kernel-mode driver, which fails to prop ... oval:org.secpod.oval:def:24850 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to a kernel bitmap handling use after free vulnerability. A flaw is present in the application, which fails ... oval:org.secpod.oval:def:24851 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to a Microsoft Windows station use after free vulnerability. A flaw is present in the application, which fai ... oval:org.secpod.oval:def:24852 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to a Microsoft Windows Kernel object use after free vulnerability. A flaw is present in the application, whi ... oval:org.secpod.oval:def:20775 The host is missing a critical security update according to Microsoft security bulletin, MS14-043. The update is required to fix an use after free vulnerability. A flaw is present in the application, which fails to specially crafted Microsoft Office file that invokes Windows Media Center resources. ... oval:org.secpod.oval:def:20774 The host is installed with Windows Media Center in Microsoft Windows Vista, 7, 8 or 8.1 and is prone to a CSyncBasePlayer use after free vulnerability. A flaw is present in the application, which fails to specially crafted Microsoft Office file that invokes Windows Media Center resources. Successful ... oval:org.secpod.oval:def:17389 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2008 R2, Windows Server 2003, Windows 7, Windows 8, Windows Server 2012, Windows 8.1 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which ... oval:org.secpod.oval:def:23774 The host is installed with Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8, 8.1 and is prone to a DLL planting remote code execution vulnerability. A flaw is present in the application, which fails to properly handle loading of DLL files. Successful exploitation coul ... oval:org.secpod.oval:def:25808 The host is installed with Microsoft XML Core Services 3.0 or on Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 or Microsoft XML Core Services 5.0 on Microsoft Office 2007 SP2 and is prone to an information disclosure vu ... oval:org.secpod.oval:def:25802 The host is installed with Microsoft Windows Vista, Server 2008, Windows Server 2008 R2, Windows 7, Windows 8, Windows 8.1, Windows Server 2012 or Windows Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle crafted data. ... oval:org.secpod.oval:def:25807 The host is installed with Microsoft XML Core Services 3.0 or on Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 or Microsoft XML Core Services 5.0 on Microsoft Office 2007 SP2 and is prone to an information disclosure vu ... oval:org.secpod.oval:def:23765 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 and is prone to a security feature bypass vulnerability. A flaw is present in the application, that is caused by an issue in the ... oval:org.secpod.oval:def:24304 The host is installed with .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.0, 4.5, 4.5.1 or 4.5.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which improperly handle crafted XML data. Successful exploitation allows attackers to degrade the performance of a .NET-ena ... oval:org.mitre.oval:def:7604 Unspecified vulnerability in Apple iTunes before 9.1 allows local users to gain console privileges via vectors related to log files, "insecure file operation," and syncing an iPhone, iPad, or iPod touch. oval:org.secpod.oval:def:21540 The host is installed with Microsoft Windows Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a specially c ... oval:org.secpod.oval:def:24844 The host is installed with Microsoft Windows Media Player 9 through 12 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to handle crafted DataObject on a web site. Successful exploitation could allow attackers to execute arbitrary code on the aff ... oval:org.mitre.oval:def:7995 Buffer overflow in Apple QuickTime 7.5.5 and iTunes 8.0 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a long type attribute in a quicktime tag (1) on a web page or embedded in a (2) .mp4 or (3) .mov file, possibly related to the Check_sta ... oval:org.secpod.oval:def:5096 The host is installed with Microsoft Internet Explorer 6 through 8 and is prone to a VML style remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code ... oval:org.secpod.oval:def:4137 The host is installed with Internet Explorer 6,7,8 or 9 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly perform copy-and-paste operations. Successful exploitation could allow attackers to read content from a different (1) domain ... oval:org.secpod.oval:def:4138 The host is installed with Internet Explorer 7,8 or 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle access to a deleted object. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:4139 The host is installed with Internet Explorer 9 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle the creation and initialization of string objects. Successful exploitation could allow remote attackers to read data from arbit ... oval:org.secpod.oval:def:4140 The host is installed with Internet Explorer 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle access to a deleted object. Successful exploitation could allow remote attackers to execute arbitrary code. oval:org.secpod.oval:def:5094 The host is installed with Microsoft Internet Explorer 6 or 7 and is prone to an OnReadyStateChange remote code execution vulnerability. A flaw is present in the application, which fails to handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:5093 The host is installed with Microsoft Internet Explorer 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle objects in memory that have been deleted. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:5092 The host is installed with Microsoft Internet Explorer 6 through 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a crafted HTML document. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:5095 The host is installed with Microsoft Internet Explorer 6 through 9 and is prone to a SelectAll remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code ... oval:org.secpod.oval:def:5589 The host is installed with Microsoft .Net Framework 1.1 SP1 or 2.0 SP2 or 3.0 SP2 or 3.5 SP1 or 3.5.1 or 4.0 and is prone to remote code execution vulnerability. A flaw is present in the Microsoft .NET Framework, which fails due to the improper serialization of untrusted input through partially trus ... oval:org.secpod.oval:def:5588 The host is installed with Microsoft .Net Framework 1.1 SP1 or 2.0 SP2 or 3.0 SP2 or 3.5 SP1 or 3.5.1 or 4.0 and is prone to remote code execution vulnerability. A flaw is present in the Microsoft .NET Framework, which fails due to the improper serialization of untrusted input. Successful exploitati ... oval:org.secpod.oval:def:5581 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2 or R2 SP1, or Windows 7 or SP1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly enforce firewall rules for outbound broadcast packets. Successful ... oval:org.secpod.oval:def:5129 The host is installed with Microsoft .NET Framework 1.1 SP1 or 2.0 SP2 or 3.5.1 or 4 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to properly validate parameters when passing data to a function. Successful exploitation allows remote attackers ... oval:org.secpod.oval:def:3431 The host is installed with Internet Explorer 6 or 7 or 8 or 9 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to properly handle Web pages. Successful exploitation allows attackers to to view content from a different domain or Internet Explorer ... oval:org.secpod.oval:def:1203 The host is installed with Microsoft Internet Explorer and is prone to time element memory corruption vulnerability. A flaw is present in the browser, which fails to access an object that has not been properly initialized or has been deleted. Successful exploitation could allow remote attackers to e ... oval:org.secpod.oval:def:6994 The host is installed with Microsoft Internet Explorer 9 and is prone to an event listener use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6993 The host is installed with Microsoft Internet Explorer 8 or 9 and is prone to an onmove use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to an object that was not properly initialized or is deleted. Successful exploitat ... oval:org.secpod.oval:def:6992 The host is installed with Microsoft Internet Explorer 6 through 9 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6996 The host is installed with Microsoft Internet Explorer 6 through 8 and is prone to an cloneNode use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to exec ... oval:org.secpod.oval:def:6995 The host is installed with Microsoft Internet Explorer 9 and is prone to an layout use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbitrary ... oval:org.mitre.oval:def:4730 The Bluetooth stack in Microsoft Windows XP SP2 and SP3, and Vista Gold and SP1, allows physically proximate attackers to execute arbitrary code via a large series of Service Discovery Protocol (SDP) packets. oval:org.mitre.oval:def:13255 Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origin of web script, which allows remote attackers to bypass the intended cross-domain security policy, and execute arbitrary code or obtain sensitive information, via a crafted HTML document, aka "Event ... oval:org.secpod.oval:def:3183 The host is missing an important security update according to Microsoft security bulletin, MS08-062. The update is required to fix remote code execution vulnerability. A flaw is present in the Windows Internet Printing Service, which fails to handle memory is allocation within the Internet Printing ... oval:org.secpod.oval:def:3296 The host is missing an important security update according to Microsoft security bulletin, MS08-048. The update is required to fix information disclosure vulnerability. A flaw is present in Outlook Express and Windows Mail, which fails handle a specially crafted Web page. Successful exploitation cou ... oval:org.secpod.oval:def:3302 The host is missing a critical security update according to Microsoft security bulletin, MS08-008. The update is required to fix remote code execution vulnerability. A flaw is present in Object Linking and Embedding (OLE) Automation, which fails to handle a specially crafted Web page. Successful exp ... oval:org.mitre.oval:def:4904 Unspecified vulnerability in an ActiveX control (dxtmsft.dll) in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via a crafted image, aka "Argument Handling Memory Corruption Vulnerability." oval:org.secpod.oval:def:10778 The host is installed with Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Server 2008 R2 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to handle specially crafted webpage. Successful exploitation coul ... oval:org.secpod.oval:def:11705 The host is installed with Microsoft Internet Explorer 9 or 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:10948 The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbit ... oval:org.secpod.oval:def:10949 The host is installed with Microsoft Internet Explorer 8 or 9 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbitrary c ... oval:org.secpod.oval:def:10950 The host is installed with Microsoft Internet Explorer 6 through 8 and is prone to JSON array information disclosure vulnerability. A flaw is present in the application, which fails to properly restrict data access by VBScript. Successful exploitation could allow attackers to perform cross-domain re ... oval:org.secpod.oval:def:10951 The host is installed with Microsoft Internet Explorer 9 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:10952 The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbit ... oval:org.secpod.oval:def:10953 The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbit ... oval:org.secpod.oval:def:10954 The host is installed with Microsoft Internet Explorer 6 or 7 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbitrary c ... oval:org.secpod.oval:def:10955 The host is installed with Microsoft Internet Explorer 8 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:10956 The host is installed with Microsoft Internet Explorer 9 or 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:10957 The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbit ... oval:org.secpod.oval:def:14192 The host is installed with Microsoft Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.mitre.oval:def:6093 The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by ... oval:org.secpod.oval:def:14193 The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14190 The host is installed with Microsoft Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a script while debugging a webpage. Successful exploitation could allow attackers to execute arbitrary code. oval:org.mitre.oval:def:6095 The Event System in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate per-user subscriptions, which allows remote authenticated users to execute arbitrary code via a crafted event subscription request. oval:org.secpod.oval:def:14191 The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.mitre.oval:def:6090 The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving JSOP_DEFVAR and properties that lack the JSPROP_PERMAN ... oval:org.secpod.oval:def:14195 The host is installed with Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7 or Windows 8 and is prone to a kernel information disclosure vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploita ... oval:org.secpod.oval:def:14178 The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14179 The host is installed with Microsoft Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14176 The host is installed with Microsoft Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14177 The host is installed with Microsoft Internet Explorer 8 through 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14175 The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.mitre.oval:def:6070 The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to (1) nsAsyncInstantiateEvent::Run, (2) nsStyleContext ... oval:org.mitre.oval:def:6064 Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header. N ... oval:org.secpod.oval:def:2295 The host is missing a important security update according to Microsoft security bulletin, MS09-040. The update is required to fix privilege elevation vulnerability. The flaw is present in the Windows Message Queuing Service, which fails to handle a specially crafted request sent to MSMQ service. Suc ... oval:org.secpod.oval:def:14187 The host is installed with Microsoft Internet Explorer 8 through 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14188 The host is installed with Microsoft Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14181 The host is installed with Microsoft Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.mitre.oval:def:6060 Microsoft Windows Vista through SP1 and Server 2008 do not properly import the default IPsec policy from a Windows Server 2003 domain to a Windows Server 2008 domain, which prevents IPsec rules from being enforced and allows remote attackers to bypass intended access restrictions. oval:org.secpod.oval:def:14180 The host is installed with Microsoft Internet Explorer 7, 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14185 The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14186 The host is installed with Microsoft Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14183 The host is installed with Microsoft Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.mitre.oval:def:6057 The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773. oval:org.secpod.oval:def:7932 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 or Windows 7 and is prone to use after free vulnerability. A flaw is present in the Windows kernel, which fails to properly handle the objects in memory. Successful exploitation could allow attackers to in ... oval:org.mitre.oval:def:6097 The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which tr ... oval:org.mitre.oval:def:6099 Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors. oval:org.secpod.oval:def:16775 The host is installed with Microsoft Internet Explorer 8 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a denial of se ... oval:org.secpod.oval:def:16774 The host is installed with Microsoft Internet Explorer 8 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a denial of se ... oval:org.secpod.oval:def:16773 The host is installed with Microsoft Internet Explorer 8 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a denial of se ... oval:org.secpod.oval:def:16772 The host is installed with Microsoft Internet Explorer 8 or 9 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a denial ... oval:org.secpod.oval:def:16779 The host is installed with Microsoft Internet Explorer 9 or 10 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a denial ... oval:org.secpod.oval:def:16778 The host is installed with Microsoft Internet Explorer 9 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a denial of se ... oval:org.secpod.oval:def:16776 The host is installed with Microsoft Internet Explorer 6, 7 or 8 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a deni ... oval:org.secpod.oval:def:39407 A remote code execution vulnerability exists due to the way the Windows Graphics Component handles objects in memory. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create n ... oval:org.secpod.oval:def:39408 Multiple information disclosure vulnerabilities exist in the way that the Color Management Module (ICM32.dll) handles objects in memory. These vulnerabilities allow an attacker to retrieve information to bypassusermode ASLR (Address Space Layout Randomization) on a targeted system. By itself, the in ... oval:org.secpod.oval:def:16789 The host is installed with .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4.0, 4.5 or 4.5.1 and is prone to type traversal vulnerability. A flaw is present in the application, which improperly verifies that a method is safe for execution. Successful exploitation allows attacker to take complete contro ... oval:org.secpod.oval:def:16788 The host is installed with .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4.0, 4.5 or 4.5.1 and is prone to post request denial of service vulnerability. A flaw is present in the application, which improperly identifies stale or closed HTTP client connections. Successful exploitation allows attackers ... oval:org.secpod.oval:def:16753 The host is installed with Microsoft XML Core Services 3.0 on Microsoft Windows XP SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 and is prone to information disclosure vulnerability. A flaw is present in the applica ... oval:org.secpod.oval:def:16768 The host is installed with Microsoft Internet Explorer 8, 9 or 10 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a den ... oval:org.secpod.oval:def:16766 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9 or 10 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause ... oval:org.mitre.oval:def:5630 Array index vulnerability in the Event System in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote authenticated users to execute arbitrary code via a crafted event subscription request that is used to access an array of function p ... oval:org.mitre.oval:def:5625 Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. oval:org.secpod.oval:def:15461 The host is installed with Internet Explorer 6, 7, 8, 9, or 10 and is prone to remote code execution vulnerability. The flaw is present in the application, which fails to properly handle an object in memory that has been deleted or has not been properly allocated. Successful exploitation allows atta ... oval:org.secpod.oval:def:16790 The host is installed with .NET Framework 2.0 SP2 or 3.5.1 and is prone to address space layout randomization vulnerability. A flaw is present in the application, which fails to handle ASLR security feature. Successful exploitation allows attacker to bypass the ASLR security feature. oval:org.mitre.oval:def:5615 Unspecified vulnerability in Microsoft Windows Media Player 11 allows remote attackers to execute arbitrary code via a crafted audio-only file that is streamed from a Server-Side Playlist (SSPL) on Windows Media Server, aka "Windows Media Player Sampling Rate Vulnerability." oval:org.secpod.oval:def:39419 A remote code execution vulnerability exists when Windows improperly validates input before loading dynamic link library (DLL) files. An attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete da ... oval:org.mitre.oval:def:5600 Windows Explorer in Microsoft Windows Vista up to SP1, and Server 2008, allows user-assisted remote attackers to execute arbitrary code via crafted saved-search (.search-ms) files that are not properly handled when saving, aka "Windows Saved Search Vulnerability." oval:org.mitre.oval:def:5602 Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, a different vulnerability than CVE-2008-2254, aka "HTML Object Memory Corruption Vulnerability." oval:org.secpod.oval:def:15964 The host is installed with Microsoft Windows XP SP3, Server 2003 SP2, Vista Sp2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly ha ... oval:org.mitre.oval:def:5672 Buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG-4 video file. oval:org.mitre.oval:def:6524 Maxthon Browser 3.0.0.145 Alpha with Ultramode does not properly block javascript: and data: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header that contains a javascript: URI, ( ... oval:org.secpod.oval:def:584 The host is installed with Microsoft Windows and is prone to buffer overflow vulnerability. A flaw is present in BowserWriteErrorLogEntry function in Common Internet File System (CIFS) browser service in Mrxsmb.sys or bowser.sys, which fail to properly handle malicious browser election request packe ... oval:org.secpod.oval:def:15969 The host is installed with Microsoft Windows XP SP2, Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 or Windows Server 2012 R2 and is prone to remote code execution vulnerability. A flaw is prese ... oval:org.mitre.oval:def:6509 Unspecified vulnerability in ashWsFtr.dll in Avast! Home and Professional for Windows before 4.8.1356 has unknown impact and local attack vectors. oval:org.secpod.oval:def:2724 The host is missing a security update according to Microsoft security bulletin, MS09-023. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft ActiveX Controls and Yahoo! Music Jukebox product, which fails to handle a specially crafted Web page ... oval:org.mitre.oval:def:5646 Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a QTVR movie file with crafted THKD atoms. oval:org.mitre.oval:def:5236 Microsoft DirectX 8.1 through 9.0c, and DirectX on Microsoft XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, does not properly perform MJPEG error checking, which allows remote attackers to execute arbitrary code via a crafted MJPEG stream in a (1) AVI or (2) ASF file, ... oval:org.mitre.oval:def:6558 Avast! AntiVirus is installed. oval:org.secpod.oval:def:15982 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9 or 10 and is prone to a information disclosure vulnerability. The flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to bypass the Same Origin Policy and obtain sensit ... oval:org.secpod.oval:def:15983 The host is installed with Microsoft Internet Explorer 6, 7 or 8 and is prone to a information disclosure vulnerability. The flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to read content from a different domain or zone via craft ... oval:org.secpod.oval:def:15984 The host is installed with Microsoft Internet Explorer 6, 7, 8 or 9 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:15985 The host is installed with Microsoft Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:38616 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1 or Server 2008 R2 SP1 and is prone to a denial of service vulnerability. A flaw is present in the Windows Local Security Authority Subsystem Service, which improperly handles specially crafted authentication reque ... oval:org.secpod.oval:def:15998 The host is installed with Microsoft Windows XP SP3, Server 2003 SP2, Vista Sp2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to handle ... oval:org.mitre.oval:def:5689 Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and execute arbitrary code through credential-reflection ... oval:org.mitre.oval:def:6121 The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773. oval:org.secpod.oval:def:2353 The host is missing a important security update according to Microsoft security bulletin, MS09-026. The update is required to fix privilege escalation vulnerability. A flaw is present in the Windows RPC. The RPC Marshalling Engine fails to update its internal state appropriately. Successful exploita ... oval:org.mitre.oval:def:5266 Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to a document object "appended in a specific order," aka "HTML Objects Memory Corruption V ... oval:org.mitre.oval:def:6113 Buffer overflow in Apple QuickTime 7.5.5 and iTunes 8.0 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a long type attribute in a quicktime tag (1) on a web page or embedded in a (2) .mp4 or (3) .mov file, possibly related to the Check_sta ... oval:org.mitre.oval:def:5265 Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross ... oval:org.secpod.oval:def:53 The host is installed with Microsoft Windows Fax Services Cover Page Editor and is prone to heap-based buffer overflow vulnerability. The flaw is present in the CDrawPoly::Serialize function in fxscover.exe. Successful exploitation allows remote attackers to execute arbitrary code via a long record ... oval:org.mitre.oval:def:6109 The Message Queuing (aka MSMQ) service for Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP2, and Vista Gold does not properly validate unspecified IOCTL request data from user mode before passing this data to kernel mode, which allows local users to gain privileges via a crafted request, aka "MSM ... oval:org.mitre.oval:def:5240 Unspecified vulnerability in the TCP/IP support in Microsoft Windows Vista allows remote DHCP servers to cause a denial of service (hang and restart) via a crafted DHCP packet. oval:org.secpod.oval:def:82 The host is installed with Microsoft FTP Service for Internet Information Services (IIS) and is prone to heap buffer overrun vulnerability.A flaw is present in the TELNET_STREAM_CONTEXT::OnSendData function in the FTP protocol handler (ftpsvc.dll), which fails to properly handle a crafted FTP reques ... oval:org.mitre.oval:def:6170 The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to (1) nsAsyncInstantiateEvent::Run, (2) nsStyleContext ... oval:org.mitre.oval:def:6162 Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets. oval:org.mitre.oval:def:6157 Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 decode invisible characters when they are displayed in the location bar, which causes an incorrect address to be displayed and makes it easier for remote attackers to spoof URLs and conduct phishing attacks. oval:org.mitre.oval:def:6153 Integer signedness error in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a Cinepak encoded movie file with a crafted MDAT atom that triggers a heap-based buffer overflow. oval:org.mitre.oval:def:6154 The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modif ... oval:org.mitre.oval:def:6151 The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to nsSVGElement::BindToTree. oval:org.mitre.oval:def:6142 Stack-based buffer overflow in the TEA decoding algorithm in RhinoSoft Serv-U FTP server 7.0.0.1, 9.0.0.5, and other versions before 9.1.0.0 allows remote attackers to execute arbitrary code via a long hexadecimal string. oval:org.mitre.oval:def:6141 The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains "some non-set elements," which causes jsarray.cpp to pa ... oval:org.mitre.oval:def:6135 Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted RTSP URL. oval:org.mitre.oval:def:6131 Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header. N ... oval:org.mitre.oval:def:6132 Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a QuickTime movie file containing invalid image width data in JPEG atoms within STSD atoms. oval:org.mitre.oval:def:6139 Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross ... oval:org.secpod.oval:def:16013 The host is installed with Microsoft Windows XP SP2, SP3, Server 2003 SP2, Vista SP1, SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to security feature bypass vulnerability. A flaw is present in the application, which fail ... oval:org.secpod.oval:def:16494 The host is installed with Microsoft Internet Explorer 9 or 10 and is prone to use-after-free vulnerability. The flaw is present in Microsoft Internet Explorer 9 and 10, which fails to handle a crafted CSpliceTreeEngine::InsertSplice object in an HTML document. Successful exploitation allows remote ... oval:org.secpod.oval:def:14297 The host is installed with Microsoft Internet Explorer 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service via a craf ... oval:org.secpod.oval:def:14298 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9 or 10 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly process a HTML webpage. Successful exploitation could allow attackers to inject arbitrary web script or HTML via ... oval:org.secpod.oval:def:14291 The host is installed with Microsoft Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service via a ... oval:org.mitre.oval:def:6194 The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Di ... oval:org.secpod.oval:def:14290 The host is installed with Microsoft Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service via a craf ... oval:org.secpod.oval:def:14295 The host is installed with Microsoft Internet Explorer 7, 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of servic ... oval:org.secpod.oval:def:14296 The host is installed with Microsoft Internet Explorer 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service v ... oval:org.mitre.oval:def:6191 nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect. oval:org.secpod.oval:def:14293 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of ser ... oval:org.secpod.oval:def:14294 The host is installed with Microsoft Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service via ... oval:org.mitre.oval:def:6187 Unspecified vulnerability in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted H.263 encoded movie file that triggers memory corruption. oval:org.mitre.oval:def:6177 The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by leveraging inco ... oval:org.secpod.oval:def:31693 The host is installed with Windows Media Center on Microsoft Windows Vista, 7, 8 or 8.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a specially crafted Media Center link (.mcl) file that references malicious code. An attacker w ... oval:org.secpod.oval:def:31694 The host is installed with Windows Media Center on Microsoft Windows Vista, 7, 8 or 8.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a specially crafted Media Center link (.mcl) file that references malicious code. An attacker w ... oval:org.secpod.oval:def:38295 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1 or Server 2008 R2 SP1 and is prone to an information disclosure vulnerability. A flaw is present in the windows GDI component, which improperly discloses the contents of its memory. An attacker who successfully ex ... oval:org.mitre.oval:def:5703 The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which tr ... oval:org.mitre.oval:def:6607 The operating system having AOL installation. oval:org.secpod.oval:def:14288 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of ser ... oval:org.secpod.oval:def:14289 The host is installed with Microsoft Internet Explorer 7 or 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service via a ... oval:org.secpod.oval:def:14287 The host is installed with Microsoft Internet Explorer 6, 7, 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:14284 The host is installed with Microsoft Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service via a ... oval:org.secpod.oval:def:14285 The host is installed with Microsoft Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service via a craf ... oval:org.secpod.oval:def:14282 The host is installed with Microsoft Internet Explorer 7, 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a web script. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of ser ... oval:org.secpod.oval:def:14283 The host is installed with Microsoft Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service via ... oval:org.mitre.oval:def:5748 Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. oval:org.mitre.oval:def:5720 Heap-based buffer overflow in the substringData method in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code, related to an unspecified manipulation of a DOM object before a call to this method, aka the "HTML Objects Memory Corruption Vulnerability." oval:org.mitre.oval:def:5795 Unspecified vulnerability in the sFlow dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via unspecified vectors. oval:org.mitre.oval:def:5319 The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definiti ... oval:org.mitre.oval:def:5798 Rhino Software Serv-U 7.0.0.1 through 8.2.0.3 allows remote attackers to cause a denial of service (server crash) via unspecified vectors related to the "SITE SET TRANSFERPROGRESS ON" FTP command. oval:org.mitre.oval:def:5764 Integer overflow in the Internet Printing Protocol (IPP) ISAPI extension in Microsoft Internet Information Services (IIS) 5.0 through 7.0 on Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to execute arbitrary code via an HTTP POST request ... oval:org.secpod.oval:def:15642 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:15645 The host is installed with Microsoft Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:16977 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle obj ... oval:org.secpod.oval:def:15646 The host is installed with Microsoft Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:14313 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to a elevation of privilege vulnerability. The flaw is present in the application, which fails to properly handl ... oval:org.mitre.oval:def:6200 Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame's URL during a SAVEMODE_FILEONLY save of the inner frame. oval:org.mitre.oval:def:6207 Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection. oval:org.secpod.oval:def:14325 Microsoft .NET Framework 2.0 SP2, 3.5.1, 4 or 4.5 on 64-bit platforms and is prone to array allocation vulnerability. A flaw is present in the application, which fails to properly allocate arrays of structures. Successful exploitation allows attackers to execute arbitrary code. oval:org.secpod.oval:def:16988 The host is installed with Internet Explorer 6 through 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execut ... oval:org.secpod.oval:def:14326 The host is installed with Microsoft .NET Framework 2.0 SP2, 3.5.1, 4 or 4.5 and is prone to anonymous method injection vulnerability. A flaw is present in the application, which fails to properly check the permissions of objects that use reflection. Successful exploitation allows attackers to execu ... oval:org.secpod.oval:def:16987 The host is installed with Internet Explorer 6 through 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execut ... oval:org.secpod.oval:def:14324 The host is installed with Microsoft .NET Framework 2.0 SP2, 3.5.1, 4 or 4.5 and is prone to delegate serialization vulnerability. A flaw is present in the application, which fails to properly check the permissions of delegate objects. Successful exploitation allows attackers to execute arbitrary co ... oval:org.secpod.oval:def:16980 The host is installed with DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1 or Windows Server 2012 R2 and is prone to a memory corruption vulnerability. A flaw is ... oval:org.secpod.oval:def:15649 The host is installed with Microsoft Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:16978 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle obj ... oval:org.mitre.oval:def:5335 The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet. oval:org.secpod.oval:def:14301 The host is installed with WMV video codec 9, Windows Media Format Runtime 9, 9.5, Windows Media Format Runtime 11, Windows Media Player 11 or 12 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to handle crafted media files. Successful exploit ... oval:org.mitre.oval:def:6248 The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving JSOP_DEFVAR and properties that lack the JSPROP_PERMAN ... oval:org.mitre.oval:def:5389 Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows local users to gain privileges via unknown vectors related to file change notifications in the TPRoot, NNTPFile\Root, or WWWRoot folders. oval:org.mitre.oval:def:5388 Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, Office 2004 for Mac, and Visual basic 6.0 SP6 allows remote attackers to execute arbitrary code via a crafted script request. oval:org.mitre.oval:def:6232 The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving JSOP_DEFVAR and properties that lack the JSPROP_PERMAN ... oval:org.mitre.oval:def:5381 Heap-based buffer overflow in the WebDAV Mini-Redirector in Microsoft Windows XP SP2, Server 2003 SP1 and SP2, and Vista allows remote attackers to execute arbitrary code via a crafted WebDAV response. oval:org.mitre.oval:def:6223 The WLCCP dissector in Wireshark 0.99.7 through 1.0.4 allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors. oval:org.mitre.oval:def:6222 Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame's URL during a SAVEMODE_FILEONLY save of the inner frame. oval:org.mitre.oval:def:6227 The RPC Marshalling Engine (aka NDR) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly maintain its internal state, which allows remote attackers to overwrite arbitrary memory locations via a crafted RPC message that trigg ... oval:org.mitre.oval:def:6226 Stack-based buffer overflow in aswMon2.sys in Avast! Home and Professional for Windows 4.8.1351, and possibly other versions before 4.8.1356, allows local users to cause a denial of service (system crash) and possibly gain privileges via a crafted IOCTL request to IOCTL 0xb2c80018. oval:org.mitre.oval:def:6229 Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 decode invisible characters when they are displayed in the location bar, which causes an incorrect address to be displayed and makes it easier for remote attackers to spoof URLs and conduct phishing attacks. oval:org.mitre.oval:def:5370 Unspecified vulnerability in the kernel in Microsoft Windows XP SP2, Server 2003, and Vista allows remote attackers to cause a denial of service (CPU consumption) and possibly execute arbitrary code via crafted (1) IGMPv3 and (2) MLDv2 packets that trigger memory corruption, aka "Windows Kernel TCP/ ... oval:org.mitre.oval:def:6211 Buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted MP3 audio file. oval:org.mitre.oval:def:5366 Microsoft Internet Explorer 5.01, 6, and 7 does not properly handle objects that have been incorrectly initialized or deleted, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, aka "Uninitialized Memory Corruption Vulnerability." oval:org.mitre.oval:def:6218 Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via an AVI movie file with an invalid nBlockAlign value in the _WAVEFORMATEX structure. oval:org.mitre.oval:def:6290 Buffer overflow in Apple iTunes before 9.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .pls file. oval:org.mitre.oval:def:6287 The Windows Print Spooler in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows remote authenticated users to gain privileges via a crafted RPC message that triggers loading of a DLL file from an arbitrary directory, aka "Print Spooler L ... oval:org.mitre.oval:def:6266 The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modif ... oval:org.secpod.oval:def:8180 The host is installed with Microsoft Windows XP SP2 or SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2 or R2 SP1, Windows 7 or SP1, Windows 8 or Windows Server 2012 and is prone to remote code execution vulnerability. A flaw is present in Windows DirectPlay, which fails ... oval:org.mitre.oval:def:6262 The operating system having Maxthon Browser installation. oval:org.mitre.oval:def:6258 Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file. oval:org.secpod.oval:def:8192 The host is installed with Windows XP, Windows Vista, Windows Server 2008,Windows Server 2008 R2, Windows Server 2003 or Windows 7 and is prone to remote code execution vulnerabilities. The flaws are present in the Windows kernel, which fails to handle a specially crafted TrueType font file. Success ... oval:org.secpod.oval:def:8193 The host is installed with Internet Explorer 6, 7, 8, 9 or 10 and is prone to an InjectHTMLStream use-after-free vulnerability. A flaw is present in the application, which fails to handle a deleted object. Successful exploitation could allow attackers to execute arbitrary code. oval:org.mitre.oval:def:7170 vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, allows user-assisted remote attackers to execute arbitrary code by referencing a (1) local pathname, (2) UNC share pathname, or (3) WebDAV server with a ... oval:org.secpod.oval:def:31756 The host is installed with Microsoft Lync 2010, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft Lync Basic 2013, Microsoft Lync 2010 Attendee, Microsoft live meeting 2007, Microsoft Live Meeting 2007 Add-In, Microsoft Office 2007, Microsoft Office 2010 or Word V ... oval:org.mitre.oval:def:7158 The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10. ... oval:org.secpod.oval:def:31730 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current u ... oval:org.secpod.oval:def:31732 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current u ... oval:org.secpod.oval:def:2034 The host is missing a critical security update according to Microsoft security bulletin, MS10-022. The update is required to fix remote code execution vulnerability. A flaw is present in VBScript engine, which fails to process WIndows help files in protected mode. User is forced to press the F1 key ... oval:org.secpod.oval:def:16188 The host is installed with Microsoft Internet Explorer 6, 7, 8 or 9 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to handle an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the current u ... oval:org.mitre.oval:def:7193 Untrusted search path vulnerability in avast! Free Antivirus version 5.0.594 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse mfc90loc.dll that is located in the same folder as an avast license (.avastlic) f ... oval:org.mitre.oval:def:5820 Microsoft Internet Explorer 6 and 7 accesses uninitialized memory, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, aka "HTML Object Memory Corruption Vulnerability." oval:org.secpod.oval:def:15663 The host is installed with .Net framework 2.0, 3.5.1, 4.0 or 4.5 and is prone to an entity expansion vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:15664 The host is installed with .Net framework 2.0, 3.5.1, 4.0 or 4.5 and is prone to a JSON parsing vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:16994 The host is installed with Internet Explorer 8 through 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execu ... oval:org.secpod.oval:def:15662 The host is installed with .Net framework 3.0, 3.5.1, 4.0 or 4.5 and is prone to an openType font parsing vulnerability. A flaw is present in the application, which fails to handle a crafted OTF file. Successful exploitation could allow attackers to take complete control of an affected system. oval:org.secpod.oval:def:16992 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execute arbitrar ... oval:org.mitre.oval:def:5816 Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection. oval:org.secpod.oval:def:16998 The host is installed with Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execute ar ... oval:org.secpod.oval:def:16991 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execute arb ... oval:org.secpod.oval:def:14327 The host is installed with Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, 4 or 4.5 and is prone to delegate reflection bypass vulnerability. A flaw is present in the application, which fails to properly check the permissions of objects that use reflection. Successful exploitation allows ... oval:org.secpod.oval:def:14328 The host is installed with Microsoft .NET Framework 2.0 SP2, 3.5.1, 4 or 4.5 or Silverlight 5 before 5.1.20513.0 and is prone to array access violation vulnerability. A flaw is present in the applications, which fail to properly prevent changes to data in multidimensional arrays of structures. Succe ... oval:org.mitre.oval:def:5810 The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to nsSVGElement::BindToTree. oval:org.mitre.oval:def:5806 Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection. oval:org.secpod.oval:def:31722 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. oval:org.secpod.oval:def:31725 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. oval:org.mitre.oval:def:5875 The operating system having Rhino Software Serv-U installation. oval:org.secpod.oval:def:31728 The host is installed with Internet Explorer 7 or 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current u ... oval:org.secpod.oval:def:31729 The host is installed with Internet Explorer 7 or 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current u ... oval:org.secpod.oval:def:31702 The host is installed with Microsoft Vista SP2, Server 2008 SP2, Windows 7 SP1 or Server 2008 R2 SP1and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly validate input before loading libraries. Successful exploitation could allow attack ... oval:org.mitre.oval:def:5850 Unspecified vulnerability in the Load method in the IPersistStreamInit interface in the Active Template Library (ATL), as used in the Microsoft Video ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 20 ... oval:org.mitre.oval:def:5856 The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains "some non-set elements," which causes jsarray.cpp to pa ... oval:org.secpod.oval:def:2993 The host is missing a critical security update according to Microsoft security bulletin, MS08-033. The update is required to fix remote code execution vulnerability. A flaw is present in Microsoft DirectX, which fails to handle a specially crafted media file. Successful exploitation could allow an ... oval:org.secpod.oval:def:2512 The host is missing an important security update according to Microsoft security bulletin, MS09-036. The update is required to fix denial of service vulnerability. A flaw is present in the Microsoft .NET Framework component of Microsoft Windows, which fails to handle specially crafted HTTP requests. ... oval:org.secpod.oval:def:2995 The host is missing a critical security update according to Microsoft security bulletin, MS08-030. The update is required to fix remote code execution vulnerabilities. The flaws are present in Bluetooth stack in Windows, which fails to handle service description requests. Successful exploitation all ... oval:org.mitre.oval:def:5423 Unspecified vulnerability in packet.c in the GSM A RR dissector in Wireshark 1.2.0 and 1.2.1 allows remote attackers to cause a denial of service (application crash) via unknown vectors related to "an uninitialized dissector handle," which triggers an assertion failure. oval:org.mitre.oval:def:5891 Microsoft Windows XP Professional SP2, Vista, and Server 2003 and 2008 does not properly assign activities to the (1) NetworkService and (2) LocalService accounts, which might allow context-dependent attackers to gain privileges by using one service process to capture a resource from a second servic ... oval:org.mitre.oval:def:5886 The MHTML protocol handler in a component of Microsoft Outlook Express 5.5 SP2 and 6 through SP1, and Windows Mail, does not assign the correct Internet Explorer Security Zone to UNC share pathnames, which allows remote attackers to bypass intended access restrictions and read arbitrary files via an ... oval:org.mitre.oval:def:5480 The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definiti ... oval:org.mitre.oval:def:5475 The HxTocCtrl ActiveX control (hxvz.dll), as used in Microsoft Internet Explorer 5.01 SP4 and 6 SP1, in Windows XP SP2, Server 2003 SP1 and SP2, Vista SP1, and Server 2008, allows remote attackers to execute arbitrary code via malformed arguments, which triggers memory corruption. oval:org.mitre.oval:def:6321 Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors. oval:org.mitre.oval:def:6312 The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Di ... oval:org.mitre.oval:def:5467 Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted H.264 movie file. oval:org.mitre.oval:def:11304 Stack-based buffer overflow in SigPlus Pro 3.74 ActiveX control allows remote attackers to execute arbitrary code via a long eighth argument (HexString) to the LCDWriteString method. oval:org.mitre.oval:def:6363 Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold ... oval:org.mitre.oval:def:7217 Untrusted search path vulnerability in Apple iTunes before 9.1, when running on Windows 7, Vista, and XP, allows local users and possibly remote attackers to gain privileges via a Trojan horse DLL in the current working directory. oval:org.secpod.oval:def:30025 The host is installed with Internet Explorer 8 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which does not properly validate permissions under specific conditions. Successful exploitation could allow attackers to run script with elevated privileges. oval:org.secpod.oval:def:16196 The host is installed with Microsoft Windows XP SP2, SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2, Server 2008 R2 SP2, Windows 7 SP1, Windows Server 2012 or Windows 8 and is prone to denial of service vulnerability. The flaw is present in the application, which fails to properly handle objects i ... oval:org.secpod.oval:def:16190 The host is installed with Microsoft Internet Explorer 7 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to handle an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.mitre.oval:def:5487 Unspecified vulnerability in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via crafted HTML layout combinations, aka "HTML Rendering Memory Corruption Vulnerability." oval:org.mitre.oval:def:5481 Stack-based buffer overflow in certain ActiveX controls in (1) FPOLE.OCX 6.0.8450.0 and (2) Foxtlib.ocx, as used in the Microsoft Visual FoxPro 6.0 fpole 1.0 Type Library; and Internet Explorer 5.01, 6 SP1 and SP2, and 7; allows remote attackers to execute arbitrary code via a long first argument to ... oval:org.secpod.oval:def:30005 The host is installed with Microsoft Windows Vista or Windows 7 and is prone to a Microsoft Tablet Input Band use-after-free vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to execute arbitrary code ... oval:org.secpod.oval:def:14822 The host is installed with Internet Explorer 9 or 10 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:14823 The host is installed with Internet Explorer 6, 7, 8, 9 or 10 and is prone to cross-site-scripting (XSS) vulnerability. A flaw is present in the application, which fails to properly handle certain character sequences. Successful exploitation allows attackers to perform cross-site scripting attacks. oval:org.secpod.oval:def:14836 The host is installed with Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7 or Windows 8 and is prone to elevation of privilege vulnerability. The flaw is present in the Windows kernel, which fails to handle memory corruption condition in the NT Virtual DOS Machine (NTV ... oval:org.secpod.oval:def:14837 The host is installed with Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7 or Windows 8 and is prone to elevation of privilege vulnerability. The flaw is present in the Windows kernel, which fails to handle memory corruption condition in the NT Virtual DOS Machine (NTV ... oval:org.secpod.oval:def:14838 The host is installed with Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7 or Windows 8 and is prone to elevation of privilege vulnerability. The flaw is present in the Windows kernel, which fails to handle memory corruption condition in the NT Virtual DOS Machine (NTV ... oval:org.mitre.oval:def:6393 ASP.NET in Microsoft .NET Framework 2.0 SP1 and SP2 and 3.5 Gold and SP1, when ASP 2.0 is used in integrated mode on IIS 7.0, does not properly manage request scheduling, which allows remote attackers to cause a denial of service (daemon outage) via a series of crafted HTTP requests, aka "Remote Una ... oval:org.secpod.oval:def:14820 The host is installed with Internet Explorer 9 or 10 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:14821 The host is installed with Internet Explorer 9 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:2531 The host is installed with Microsoft Internet Explorer 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly access a dereference memory address. Successful exploitation could allow an attacker to execute arbitrary code. oval:org.secpod.oval:def:2534 The host is installed with Microsoft Internet Explorer 6,7,8 or 9 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to properly handle a virtual function table after it has been corrupted. Successful exploitation could allow an attacker to execu ... oval:org.secpod.oval:def:2533 The host is installed with Microsoft Internet Explorer 6,7,8 or 9 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to properly handle deleted elements. Successful exploitation could allow an attacker to execute arbitrary code. oval:org.mitre.oval:def:6379 Buffer overflow in the IPMI dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an array index error. NOTE: some of these details are obtained from third party information. oval:org.secpod.oval:def:14819 The host is installed with Internet Explorer 8, 9 or 10 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:14814 The host is installed with Internet Explorer 7, 8, 9 or 10 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:14817 The host is installed with Internet Explorer 8 or 9 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:14818 The host is installed with Internet Explorer 8 or 9 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:14815 The host is installed with Internet Explorer 6, 7, 8, 9 or 10 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the current us ... oval:org.secpod.oval:def:14816 The host is installed with Internet Explorer 9 or 10 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:39379 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39370 A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts ... oval:org.secpod.oval:def:39371 A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts ... oval:org.secpod.oval:def:39372 A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts ... oval:org.secpod.oval:def:39373 A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts ... oval:org.secpod.oval:def:39374 A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts ... oval:org.secpod.oval:def:39375 A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts ... oval:org.secpod.oval:def:39376 A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts ... oval:org.secpod.oval:def:39360 An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. A locally authenticated attacker could exploit this vulnerability by ... oval:org.secpod.oval:def:39359 An elevation of privilege vulnerability exists when the Windows Transaction Manager improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.In a local attack scenario, an attacker could exploit this vulnerability by r ... oval:org.secpod.oval:def:15399 The host is installed with Internet Explorer 9 or 10 and is prone to memory corruption vulnerability. The flaw is present in the application, which fails to properly handle crafted webpage. Successful exploitation allows attackers to execute arbitrary code and gain the user rights as the current use ... oval:org.secpod.oval:def:15397 The host is installed with Internet Explorer 7, 8, 9 or 10 and is prone to memory corruption vulnerability. The flaw is present in the application, which fails to properly handle crafted webpage. Successful exploitation allows attackers to execute arbitrary code and gain the user rights as the curre ... oval:org.secpod.oval:def:15398 The host is installed with Internet Explorer 6, 7 or 8 and is prone to memory corruption vulnerability. The flaw is present in the application, which fails to properly handle crafted webpage. Successful exploitation allows attackers to execute arbitrary code and gain the user rights as the current u ... oval:org.secpod.oval:def:15396 The host is installed with Internet Explorer 9 or 10 and is prone to memory corruption vulnerability. The flaw is present in the application, which fails to properly handle crafted webpage. Successful exploitation allows attackers to execute arbitrary code and gain the user rights as the current use ... oval:org.secpod.oval:def:15394 The host is installed with Internet Explorer 9 or 10 and is prone to memory corruption vulnerability. The flaw is present in the application, which fails to properly handle crafted webpage. Successful exploitation allows attackers to execute arbitrary code and gain the user rights as the current use ... oval:org.mitre.oval:def:5913 Microsoft Internet Explorer 6 and 7 does not perform proper "argument validation" during print preview, which allows remote attackers to execute arbitrary code via unknown vectors, aka "HTML Component Handling Vulnerability." oval:org.mitre.oval:def:5901 Cross-domain vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 7 allows remote attackers to access restricted information from other domains via JavaScript that uses the Object data type for the value of a (1) location or (2) location.href property, related to incorrect determination of ... oval:org.secpod.oval:def:39391 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39392 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39393 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39394 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39395 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39396 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39397 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39390 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39388 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39389 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39380 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39381 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39382 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39383 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39384 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39385 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39386 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39387 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39778 An elevation of privilege vulnerability exists in Windows when the Microsoft Graphics Component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or del ... oval:org.mitre.oval:def:5956 nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect. oval:org.mitre.oval:def:5945 The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which tr ... oval:org.mitre.oval:def:5947 The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773. oval:org.mitre.oval:def:5933 The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modif ... oval:org.mitre.oval:def:5936 Buffer overflow in Apple QuickTime 7.5.5 and iTunes 8.0 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a long type attribute in a quicktime tag (1) on a web page or embedded in a (2) .mp4 or (3) .mov file, possibly related to the Check_sta ... oval:org.mitre.oval:def:12020 SigPlus Pro ActiveX control is installed oval:org.secpod.oval:def:16210 The host is installed with Microsoft Windows XP SP2, Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 or Windows Server 2012 R2 and is prone to use after free vulnerability. A flaw is present in th ... oval:org.mitre.oval:def:5992 The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to nsSVGElement::BindToTree. oval:org.mitre.oval:def:5980 The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains "some non-set elements," which causes jsarray.cpp to pa ... oval:org.secpod.oval:def:39319 An information disclosure vulnerability exists in Windows when Windows DVD Maker fails to properly parse a specially crafted .msdvd file. An attacker who successfully exploited the vulnerability could obtain information to further compromise a target system.To exploit the vulnerability, an attacker ... oval:org.mitre.oval:def:5974 Unspecified vulnerability in Apple QuickTime MPEG-2 Playback Component before 7.60.92.0 on Windows allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted MPEG-2 movie. oval:org.mitre.oval:def:5976 Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party information. oval:org.secpod.oval:def:30964 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1 or Windows 7 SP1 and is prone to a heap-based overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted jnt files. Successful exploitation allows a ... oval:org.secpod.oval:def:30962 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1 or Windows 7 SP1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly check the length of a buffer prior to copying memory into it. Successful ... oval:org.secpod.oval:def:30968 The host is installed with Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, Windows 7, 8 or 8.1 and is prone to a tls triple handshake vulnerability. A flaw is present in the application, which fails to properly extend master secret binding support to all supported version of TLS. Successful e ... oval:org.secpod.oval:def:2623 The host is missing a critical security update according to Microsoft bulletin, MS08-045. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the application, which fails to handle a specially crafted web page. Successful exploitation could allow at ... oval:org.secpod.oval:def:2626 The host is missing a critical security update according to bulletin, MS08-078. The update is required to fix multiple remote code execution vulnerabilities. The flaw are present in the application, which fails to handle a specially crafted Web page. Successful exploitation could allow remote code e ... oval:org.secpod.oval:def:2627 The host is missing a critical security update according to, MS08-001. The update is required to fix multple remote code execution vulnerabilities. A flaw is present in the application, which fails in Transmission Control Protocol/Internet Protocol (TCP/IP) processing. Successful exploitation could ... oval:org.mitre.oval:def:6407 Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly process Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted audio file that uses th ... oval:org.mitre.oval:def:6405 Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie file. oval:org.secpod.oval:def:2629 The host is missing a critical security update according to Microsoft bulletin, MS08-024. The update is required to fix a remote code execution vulnerability. A flaw is present in the application. which fails to handle a specially crafted web page. Successful exploitation could allow attackers to ex ... oval:org.secpod.oval:def:2609 The host is missing a critical security update according to Microsoft security bulletin, MS08-067. The update is required to fix remote code execution vulnerability. A flaw is present in Server service, which fails to handle a specially crafted RPC request. Successful exploitation could allow an att ... oval:org.secpod.oval:def:33236 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1 or Server 2008 R2 SP1 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows, which fails to properly sanitize handles in memory. An attacker who successfully exploited this vulnerability could ru ... oval:org.mitre.oval:def:5527 The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to (1) nsAsyncInstantiateEvent::Run, (2) nsStyleContext ... oval:org.secpod.oval:def:15400 The host is installed with Internet Explorer 9 or 10 and is prone to memory corruption vulnerability. The flaw is present in the application, which fails to properly handle crafted webpage. Successful exploitation allows attackers to execute arbitrary code and gain the user rights as the current use ... oval:org.secpod.oval:def:15403 The host is installed with Internet Explorer 8 or 9 and is prone to memory corruption vulnerability. The flaw is present in the application, which fails to properly handle crafted webpage. Successful exploitation allows attackers to execute arbitrary code and gain the user rights as the current user ... oval:org.secpod.oval:def:15401 The host is installed with Internet Explorer 8, 9 or 10 and is prone to memory corruption vulnerability. The flaw is present in the application, which fails to properly handle crafted webpage. Successful exploitation allows attackers to execute arbitrary code and gain the user rights as the current ... oval:org.secpod.oval:def:15402 The host is installed with Internet Explorer 9 or 10 and is prone to memory corruption vulnerability. The flaw is present in the application, which fails to properly handle crafted webpage. Successful exploitation allows attackers to execute arbitrary code and gain the user rights as the current use ... oval:org.secpod.oval:def:26543 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1 or Windows Server 2012 R2 and is prone to a task file deletion elevation of privilege vulnerability. A flaw is present in the application, which fail ... oval:org.mitre.oval:def:5591 Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross ... oval:org.secpod.oval:def:26534 The host is installed with Windows Media Center on Microsoft Windows Vista, 7, 8 or 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a specially crafted Media Center link (.mcl) file that references malicious code. An attacker who ... oval:org.mitre.oval:def:5580 Stack-based buffer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF image file with crafted filename parameters, aka "GDI Stack Overflow Vulnerability." oval:org.mitre.oval:def:6437 Maxthon Browser 2.5.3.80 UNICODE allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the site cont ... oval:org.secpod.oval:def:26519 The host is installed with Internet Explorer 8 and is prone to a scripting engine remote memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of ... oval:org.secpod.oval:def:26521 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the currently logged-in ... oval:org.secpod.oval:def:26520 The host is installed with Internet Explorer 7 or 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the currently logge ... oval:org.secpod.oval:def:39826 The host is installed with Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the JScript and VBScript engines render, which fails to properly handle objects in memory. Successful exploitation could allow the attackers to execute arbitrary code in the c ... oval:org.mitre.oval:def:5563 Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 through SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream that triggers memory corruption, as demonstrated using an invalid MIME-type that does not have a registered handler. oval:org.mitre.oval:def:6413 Unspecified vulnerability in the TLS dissector in Wireshark 1.2.0 and 1.2.1, when running on Windows, allows remote attackers to cause a denial of service (application crash) via unknown vectors related to TLS 1.2 conversations. oval:org.mitre.oval:def:6416 Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissector. NOTE: it was later reported that the RADIUS ... oval:org.secpod.oval:def:7909 The host is installed with Microsoft Internet Information Services 7.0 or 7.5 and is prone to command injection vulnerability. A flaw is present in Internet Information Services (IIS), which fails to properly handle specially crafted FTP commands. Successful exploitation could allow information disc ... oval:org.mitre.oval:def:6000 Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to CFunctionPointer and the appending of document objects, aka "Uninitialized Memory Corruption Vulne ... oval:org.secpod.oval:def:31006 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. oval:org.mitre.oval:def:6007 Use-after-free vulnerability in mshtml.dll in Microsoft Internet Explorer 5.01, 6, and 7 on Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a crafted XML document containing nested SPAN elements, as exploited ... oval:org.mitre.oval:def:11606 The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer value as part of producing Timer ID values for the setTimeout and setInterval methods in VBScript and JScript, which allows remote attackers to obtain sensitive information about the heap memory addr ... oval:org.secpod.oval:def:9292 The host is installed with Internet Explorer 8 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.mitre.oval:def:6045 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate parameters sent from user mode to the kernel, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Corruption ... oval:org.secpod.oval:def:9294 The host is installed with Internet Explorer 6, 7, 8, 9 or 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9295 The host is installed with Internet Explorer 6, 7, 8, 9 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.mitre.oval:def:6035 Integer overflow in the IopfCompleteRequest API in the kernel in Microsoft Windows 2000, XP, Server 2003, and Vista allows context-dependent attackers to gain privileges. NOTE: this issue was originally reported for GEARAspiWDM.sys 2.0.7.5 in Gear Software CD DVD Filter driver before 4.001.7, as use ... oval:org.mitre.oval:def:6039 Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 decode invisible characters when they are displayed in the location bar, which causes an incorrect address to be displayed and makes it easier for remote attackers to spoof URLs and conduct phishing attacks. oval:org.secpod.oval:def:2646 The host is missing an important security update according to Microsoft security bulletin, MS08-038. The update is required to fix remote code execution vulnerability. A flaw is present in Windows Explorer, which fails handle a specially crafted saved-search file. Successful exploitation could allow ... oval:org.secpod.oval:def:33213 The host is installed with Microsoft Windows Vista SP2 or Windows Server 2008 SP2 and is prone to a remote code execution vulnerability. A flaw is present in the Windows, which fails to properly validate input before loading certain libraries. Successful exploitation could allow remote attackers to ... oval:org.secpod.oval:def:2648 The host is missing a critical security update according to Microsoft security bulletin, MS08-054. The update is required to fix remote code execution vulnerability. A flaw is present in Windows Media Player, which fails to handle a specially crafted audio file is streamed from a Windows Media serve ... oval:org.secpod.oval:def:2647 The host is missing an important security update according to Microsoft security bulletin, MS08-004. The update is required to fix denial of service vulnerability. A flaw is present in Transmission Control Protocol/Internet Protocol (TCP/IP) processing, which fails handle validation of the IP addres ... oval:org.mitre.oval:def:6025 Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to a document object "appended in a specific order" with "particular functions ... perform ... oval:org.mitre.oval:def:6024 aavmKer4.sys in avast! Home and Professional for Windows before 4.8.1356 does not properly validate input to IOCTLs (1) 0xb2d6000c and (2) 0xb2d60034, which allows local users to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption, a different vulnerabili ... oval:org.mitre.oval:def:6021 The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Di ... oval:org.secpod.oval:def:2650 The host is missing a critical security update according to Microsoft security bulletin, MS08-053. The update is required to fix remote code execution vulnerability. A flaw is present in Windows Media Encoder 9 Series, which fails to handle a specially crafted Web page. Successful exploitation could ... oval:org.secpod.oval:def:2652 The host is missing a critical security update according to Microsoft security bulletin, MS08-007. The update is required to fix remote code execution vulnerability. A flaw is present in the WebDAV Mini-Redirector, which fails to handle responses and long pathnames. Successful exploitation could all ... oval:org.secpod.oval:def:2654 The host is missing an important security update according to Microsoft security bulletin, MS08-005. The update is required to fix privilege escalation vulnerability. A flaw is present in Internet Information Services (IIS), which fails to handle file change notifications in the FTPRoot, NNTPFile\Ro ... oval:org.secpod.oval:def:2656 The host is missing an important security update according to Microsoft security bulletin, MS08-047. The update is required to fix information disclosure vulnerability. A flaw is present in Windows Internet Protocol Security (IPsec), which fails to handle processing IPsec rules. Successful exploitat ... oval:org.mitre.oval:def:6015 The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definiti ... oval:org.secpod.oval:def:9286 The host is installed with Internet Explorer 6, 7, 8 or 9 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.mitre.oval:def:6018 Stack-based buffer overflow in the WMEncProfileManager ActiveX control in wmex.dll in Microsoft Windows Media Encoder 9 Series allows remote attackers to execute arbitrary code via a long first argument to the GetDetailsString method, aka "Windows Media Encoder Buffer Overrun Vulnerability." oval:org.mitre.oval:def:6017 nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect. oval:org.secpod.oval:def:9284 The host is installed with Internet Explorer 6, 7, 8, 9 or 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9285 The host is installed with Internet Explorer 6, 7, 8 or 9 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:15986 The host is installed with Microsoft Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:15987 The host is installed with Microsoft Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:15990 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:15988 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:15989 The host is installed with Microsoft Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:15641 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:15650 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:16185 The host is installed with Microsoft Internet Explorer 7, 8, 9, 10 or 11 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to properly validate permissions. Successful exploitation allows attackers to gain elevation of privilege. oval:org.secpod.oval:def:16186 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to handle an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the c ... oval:org.secpod.oval:def:16777 The host is installed with Microsoft Internet Explorer 8, 9, 10 or 11 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a ... oval:org.secpod.oval:def:16771 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or c ... oval:org.secpod.oval:def:16770 The host is installed with Microsoft Internet Explorer 9, 10 or 11 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a de ... oval:org.secpod.oval:def:16769 The host is installed with Microsoft Internet Explorer 9, 10 or 11 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a de ... oval:org.secpod.oval:def:16785 The host is installed with Microsoft Internet Explorer 9, 10 or 11 and is prone to information disclosure vulnerability. A flaw is present in the application, which is caused when Internet Explorer does not properly enforce cross-domain policies. Successful exploitation allows attackers to view cont ... oval:org.secpod.oval:def:16783 The host is installed with Microsoft Internet Explorer 9, 10 or 11 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a de ... oval:org.secpod.oval:def:16782 The host is installed with Microsoft Internet Explorer 8, 9, 10 or 11 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a ... oval:org.secpod.oval:def:16781 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or c ... oval:org.secpod.oval:def:16780 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or c ... oval:org.secpod.oval:def:16757 The host is installed with VBScript engine 5.6, 5.7 or 5.8 or Microsoft Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitra ... oval:org.secpod.oval:def:16767 The host is installed with Microsoft Internet Explorer 9, 10 or 11 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a de ... oval:org.secpod.oval:def:16765 The host is installed with Microsoft Internet Explorer 8, 9, 10 or 11 and is prone to elevation of privilege vulnerability.. A flaw is present in the application, which fails to properly properly validate permissions. Successful exploitation allows attackers to bypass the Mandatory Integrity Control ... oval:org.secpod.oval:def:16984 The host is installed with Internet Explorer 6 through 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execu ... oval:org.secpod.oval:def:16986 The host is installed with Internet Explorer 9 through 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execu ... oval:org.secpod.oval:def:16985 The host is installed with Internet Explorer 8 through 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execu ... oval:org.secpod.oval:def:16187 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to handle an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the c ... oval:org.secpod.oval:def:17001 The host is installed with Internet Explorer 8 through 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execu ... oval:org.secpod.oval:def:17000 The host is installed with Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execute ar ... oval:org.secpod.oval:def:16995 The host is installed with Internet Explorer 6 through 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execu ... oval:org.secpod.oval:def:16993 The host is installed with Internet Explorer 8 through 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execu ... oval:org.secpod.oval:def:16996 The host is installed with Internet Explorer 8 through 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execu ... oval:org.secpod.oval:def:16990 The host is installed with Internet Explorer 6 through 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execu ... oval:org.secpod.oval:def:19864 The host is installed with IE 6,7 or 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19861 The host is installed with IE 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:18541 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code ... oval:org.secpod.oval:def:18540 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code ... oval:org.secpod.oval:def:19812 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19814 The host is installed with IE 6,7,8,9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19815 The host is installed with IE 6,7,8,9,10 or 11 and is prone to a TLS server certificate renegotiation vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19810 The host is installed with IE 6,7,8,9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19811 The host is installed with IE 7,8,9,10 or 11 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19809 The host is installed with IE 6,7,8,9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19846 The host is installed with IE 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19843 The host is installed with IE 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19858 The host is installed with IE 6 or 7 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19859 The host is installed with IE 6,7 or 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19824 The host is installed with IE 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19826 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19821 The host is installed with IE 8,9,10 or 11 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19822 The host is installed with IE 6,7,8,9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19817 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19818 The host is installed with IE 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19819 The host is installed with IE 6,7,8,9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19834 The host is installed with IE 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19836 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19837 The host is installed with IE 6,8,9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19830 The host is installed with IE 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19833 The host is installed with IE 7,8,9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19827 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19829 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:17394 The host is installed with Microsoft Internet Explorer 9 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:17393 The host is installed with Microsoft Internet Explorer 9 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:17392 The host is installed with Microsoft Internet Explorer 9 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:17397 The host is missing a critical security update according to Microsoft bulletin, MS14-018. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted website. Successful exploitation allows attacker to execute arbitrary code in the ... oval:org.secpod.oval:def:17396 The host is installed with Microsoft Internet Explorer 6, 7, 8 or 9 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:17395 The host is installed with Microsoft Internet Explorer 6 or 7 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:17584 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or c ... oval:org.secpod.oval:def:19867 The host is installed with IE 8,9,10 or 11 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19865 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19842 The host is installed with IE 6,7,8,9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19844 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19840 The host is installed with IE 8,9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19839 The host is installed with IE 6,7,8,9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19856 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19857 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19850 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19851 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19849 The host is installed with IE 6,7,8,9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:20059 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:20119 The host is installed with Internet Explorer 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20115 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20116 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20113 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20114 The host is installed with Internet Explorer 6, 7 or 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20122 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20123 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20120 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20108 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20107 The host is installed with Internet Explorer 6 or 7 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20104 The host is installed with Internet Explorer 7 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20105 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20102 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20103 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a Extended Validation (EV) certificate security feature bypass vulnerability. A flaw is present in the application , which force to prevent the use of wildcard certificates. Successful exploitation could allow attackers t ... oval:org.secpod.oval:def:20111 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20112 The host is installed with Internet Explorer 6 or 7 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20110 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20101 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20124 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20798 The host is installed with Internet Explorer 7, 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20796 The host is installed with Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20787 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20790 The host is installed with Internet Explorer 8 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:21389 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:21379 The host is installed with Internet Explorer 6, 7, 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to elevate privileges in affected versions of Internet Explore ... oval:org.secpod.oval:def:21380 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to elevate privileges in affected versions of Internet Exp ... oval:org.secpod.oval:def:21388 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a ASLR bypass vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow an attacker to bypass the Address Space Layout Randomization (ASLR) security featur ... oval:org.secpod.oval:def:21385 The host is installed with Internet Explorer 6, 7 or 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to elevate privileges in affected versions of Internet Explorer. oval:org.secpod.oval:def:21386 The host is installed with Internet Explorer 6 or 7 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to elevate privileges in affected versions of Internet Explorer. oval:org.secpod.oval:def:21384 The host is installed with Internet Explorer 6 or 7 and is prone to a elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to elevate privileges in affected versions of Internet Explorer. oval:org.secpod.oval:def:21381 The host is installed with Internet Explorer 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to elevate privileges in affected versions of Internet Explorer. oval:org.secpod.oval:def:21376 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to elevate privileges in affected versions of Internet E ... oval:org.secpod.oval:def:21377 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to elevate privileges in affected versions of Internet E ... oval:org.secpod.oval:def:21050 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a information disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to detect anti-malware applications in use on a targe ... oval:org.secpod.oval:def:21057 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21058 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21055 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21056 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21053 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21054 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21051 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21052 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21083 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service. oval:org.secpod.oval:def:21086 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21084 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service. oval:org.secpod.oval:def:21085 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service. oval:org.secpod.oval:def:21070 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21078 The host is installed with Internet Explorer 6 through 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service. oval:org.secpod.oval:def:21075 The host is installed with Internet Explorer 6 through 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service. oval:org.secpod.oval:def:21059 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21060 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21061 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21068 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21069 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21066 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21067 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21064 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21065 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21062 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21063 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21574 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21589 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21587 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a clipboard information disclosure vulnerability. A flaw is present in the application, which does not properly restrict access to the clipboard of a user who visits a website. Successful exploitation could allow attacker ... oval:org.secpod.oval:def:21588 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21578 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21579 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21576 The host is installed with Internet Explorer 8 or 9 and is prone to an ASLR Bypass vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow an attacker to more reliably predict the memory offsets of specific instructions in a g ... oval:org.secpod.oval:def:21577 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a cross-domain information disclosure vulnerability. A flaw is present in the application, which does not properly enforce cross-domain policies. Successful exploitation could allow an attacker to gain access to inform ... oval:org.secpod.oval:def:21584 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21581 The host is installed with Internet Explorer 9 or 10 and is prone to a cross-domain information disclosure vulnerability. A flaw is present in the application, which does not properly enforce cross-domain policies. Successful exploitation could allow an attacker to gain access to information in anot ... oval:org.secpod.oval:def:21582 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a cross-domain information disclosure vulnerability. A flaw is present in the application, which does not properly enforce cross-domain policies. Successful exploitation could allow an attacker to gain access to information ... oval:org.secpod.oval:def:21580 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21868 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to an XSS filter bypass vulnerability. A flaw is present in the application, which fails to handle a specially crafted content. An attacker who successfully exploited this vulnerability could cause script code to run on another ... oval:org.secpod.oval:def:21866 The host is installed with Internet Explorer 6, 7 or 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21867 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to an XSS filter bypass vulnerability. A flaw is present in the application, which fails to handle a specially crafted content. An attacker who successfully exploited this vulnerability could cause script code to run on another ... oval:org.secpod.oval:def:21864 The host is installed with Internet Explorer 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21862 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21870 The host is installed with VBScript engine 5.6, 5.7 or 5.8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21857 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21860 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21861 The host is installed with Internet Explorer 6 or 7 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23508 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23505 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23504 The host is installed with Internet Explorer 6, 7, 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23503 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23502 The host is installed with Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23511 The host is installed with Internet Explorer 6 or 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23510 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23500 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23539 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a cross-domain information disclosure vulnerability. A flaw is present in the application, which does not properly enforce cross-domain policies. Successful exploitation could allow an attacker to gain access to inform ... oval:org.secpod.oval:def:23538 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to use the Address Space Layout Randomization (ASLR) security feature, allowing an attacker to more reliably predict the memory offsets of spe ... oval:org.secpod.oval:def:23536 The host is installed with Internet Explorer 8 and is prone to an ASLR bypass vulnerability. A flaw is present in the application, which fails to use the Address Space Layout Randomization (ASLR) security feature, allowing an attacker to more reliably predict the memory offsets of specific instructi ... oval:org.secpod.oval:def:23534 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which does not properly validate permissions under specific conditions, potentially allowing script to be run with elevated privileges. Successful e ... oval:org.secpod.oval:def:23528 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23527 The host is installed with Internet Explorer 8 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23526 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23525 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23524 The host is installed with Internet Explorer 6, 7 or 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23523 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23532 The host is installed with Internet Explorer 6, 7, 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23530 The host is installed with Internet Explorer 6, 7 or 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23517 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23515 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23513 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23512 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23522 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23521 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23520 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23788 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which does not properly enforce cross-domain policies. Successful exploitation could allow attackers to access information from one domain and ... oval:org.secpod.oval:def:23787 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which does not properly enforce cross-domain policies. Successful exploitation could allow attackers to access information from one domain and injec ... oval:org.secpod.oval:def:23790 The host is installed with VBScript engine 5.6, 5.7 or 5.8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23779 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23778 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23785 The host is installed with Internet Explorer 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23783 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23499 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:24098 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to an ASLR bypass vulnerability. A flaw is present in the application, which does not use the Address Space Layout Randomization (ASLR) security feature. Successful exploitation could allow attackers to bypass the Address ... oval:org.secpod.oval:def:24090 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:24092 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:24095 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:24096 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:24089 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:24315 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:24316 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:24317 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which does not properly validate permissions under specific conditions. Successful exploitation could allow attackers to elevate privileges ... oval:org.secpod.oval:def:24318 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:24337 The host is installed with JScript and Vbscript 5.6 or 5.7 or 5.8 scripting engines and is prone to ASLR bypass vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to execute remote code on a target system. oval:org.secpod.oval:def:24329 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:24330 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:24332 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:24336 The host is installed with VBScript engine 5.6, 5.7 or 5.8 and is prone to a ASLR vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to execute remote code on a target system. oval:org.secpod.oval:def:24325 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current u ... oval:org.secpod.oval:def:24326 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a information disclosure vulnerability. A flaw is present in the application, which does not properly restrict access to the clipboard of a user who visits a website. Successful exploitation could allow attackers to colle ... oval:org.secpod.oval:def:24327 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current u ... oval:org.secpod.oval:def:24328 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:24331 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user ... oval:org.secpod.oval:def:25374 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:25375 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:25376 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:25377 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:25378 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:25379 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:25396 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:25397 The host is installed with Internet Explorer 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:25394 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:25395 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:25385 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:25386 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:25387 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a XSS filter bypass vulnerability. A flaw is present in the application, which fails to handle a specially crafted content. Successful exploitation could allow malicious script to run in the wrong security context, leading t ... oval:org.secpod.oval:def:25388 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which does not properly handle cached image information. Successful exploitation could allow attackers to gain access to information about the us ... oval:org.secpod.oval:def:25380 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which does not properly handle requests for module resources. Successful exploitation could allow attackers to detect the existence of spec ... oval:org.secpod.oval:def:25381 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to an ASLR bypass vulnerability. A flaw is present in the application, which fails to handle the memory offsets of specific instructions in a given call stack. An attacker who successfully exploited this vulnerability cou ... oval:org.secpod.oval:def:25382 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:25383 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which does not properly enforce cross-domain policies. Successful exploitation could allow attackers to gain access to information in another domain ... oval:org.secpod.oval:def:25384 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:25401 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to an elevation of privilege Vulnerability. A flaw is present in the application, which does not properly validate permissions under specific conditions. An attacker who successfully exploited the vulnerability could elevate ... oval:org.secpod.oval:def:25402 The host is installed with Vbscript 5.6 or 5.7 or 5.8 scripting engines and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to execute remote code on a target system. oval:org.secpod.oval:def:25833 The host is installed with Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user ... oval:org.secpod.oval:def:25834 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current ... oval:org.secpod.oval:def:25835 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current ... oval:org.secpod.oval:def:25826 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:25829 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curre ... oval:org.secpod.oval:def:26514 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curr ... oval:org.secpod.oval:def:26515 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curr ... oval:org.secpod.oval:def:26518 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the currently ... oval:org.secpod.oval:def:26517 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the currently ... oval:org.secpod.oval:def:31743 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a XSS filter bypass vulnerability. A flaw is present in the application, which does not properly enforce cross-domain policies. An attacker who successfully exploited this vulnerability could elevate privileges in affected vers ... oval:org.secpod.oval:def:31733 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as th ... oval:org.secpod.oval:def:32899 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could corrupt memory, execute arbitrary code in the cont ... oval:org.secpod.oval:def:33249 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successfully exploitation can corrupt memory in such a way that an attacker could execute arbitrary code in t ... oval:org.secpod.oval:def:33810 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successfully exploitation can corrupt memory in such a way that an attacker could execute arbitrary code in the context ... oval:org.secpod.oval:def:38310 The host is installed with Internet Explorer 9, 10 or 11 is prone to an information disclosure vulnerability. A flaw is present in the hyperlink object library, which improperly handles objects in memory. Successful exploitation could allow attackers to obtain information to further compromise a tar ... oval:org.secpod.oval:def:20801 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20800 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20795 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20786 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20785 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20793 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20792 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20777 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20778 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20783 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:39758 A remote code execution vulnerability exists in the way that Microsoft Office and WordPad parse specially crafted files. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or creat ... oval:org.mitre.oval:def:6340 The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state t ... oval:org.mitre.oval:def:6793 Unspecified vulnerability in registry-key validation in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Registry Key Vulnerability." oval:org.mitre.oval:def:7113 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not properly allocate memory for the destination key associated with a symbolic-link registry key, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Allocati ... oval:org.secpod.oval:def:30020 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as th ... oval:org.mitre.oval:def:6173 Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in the wild by a March 2009 eBay listing. oval:org.mitre.oval:def:6185 Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in the wild by a March 2009 eBay listing. oval:org.mitre.oval:def:6296 Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in the wild by a March 2009 eBay listing. oval:org.mitre.oval:def:5250 The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption and assertion failures. oval:org.mitre.oval:def:6163 The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption and assertion failures. oval:org.mitre.oval:def:6196 The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption and assertion failures. oval:org.mitre.oval:def:5519 Microsoft Internet Explorer 6 through 6.0.2900.2180, and 7.0.6000.16711, allows remote attackers to cause a denial of service (CPU consumption) via an automatically submitted form containing a KEYGEN element, a related issue to CVE-2009-1828. oval:org.secpod.oval:def:32584 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or 2012 R2 and is prone to an ASLR bypass vulnerability. A flaw is present in the Windows graphics device interface, which fails to handle objects in memory. Succe ... oval:org.secpod.oval:def:32614 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1 or Windows Server 2008 R2 SP1 and is prone to privilege escalation vulnerability. A flaw is present in the system, which fails to load DLL file. Successful exploitation could allow local attackers to gain ... oval:org.secpod.oval:def:35931 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a security feature bypass vulnerability. A flaw is present in Internet Explorer, which improperly handles URLs validation process in IE for restricted ports. Successful exploitation could allow attackers to trick a user to visi ... oval:org.secpod.oval:def:37006 The host is installed with Vista SP2, Server 2008 SP2, Server 2008 R2 SP1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle kernel API enforced permissions. An attacker who successfully exploited the vulnerability could impe ... oval:org.secpod.oval:def:19806 The host is installed with Microsoft Office 2010, 2007, Lync 2010, 2013, SP1, Lync Basic 2013, SP1 or Lync 2010 Attendee and is prone to remote code execution vulnerability. A flaw is present in the applications, which fail to properly handle specially crafted files in a way that corrupts memory. Su ... oval:org.secpod.oval:def:19807 The host is installed with Microsoft Office 2010, 2007, Lync 2010, 2013, SP1, Lync Basic 2013, SP1 or Lync 2010 Attendee and is prone to remote code execution vulnerability. A flaw is present in the applications, which fail to properly validate specially crafted files. Successful exploitation allows ... oval:org.secpod.oval:def:21875 The host is installed with Microsoft Windows Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an information disclosure vulnerability. A flaw is present in the Graphics Component, which improperly handles the de ... oval:org.secpod.oval:def:23481 The host is installed with Microsoft Windows Server 2003, Server 2008, Server 2008 R2, Server 2008 R2 IA64, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an information disclosure vulnerability. A flaw is present in the Graphics Component, which fail ... oval:org.secpod.oval:def:23763 The host is installed with Microsoft Windows Server 2003, Server 2008, Server 2008 R2, Server 2008 R2 IA64, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an information disclosure vulnerability. A flaw is present which exists when Windows fails to pr ... oval:org.secpod.oval:def:26564 The host is installed with Windows Vista SP2, Windows Server 2008 SP2, Microsoft Lync 2010, Microsoft Lync Basic 2013, Skype For Business 2016, Microsoft Lync 2010 Attendee, Microsoft live meeting 2007, Microsoft Office 2007, Microsoft Office 2010 and is prone to a graphics component buffer overflow ... oval:org.secpod.oval:def:36738 The host is installed with Microsoft Windows Vista, 7, Server 2008, Server 2008 R2, Microsoft Lync 2010, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft Lync Basic 2013, Microsoft Lync 2010 Attendee, Microsoft live meeting 2007, Microsoft Live Meeting 2007 Add-I ... oval:org.secpod.oval:def:36737 The host is installed with Microsoft Windows Vista, 7, Server 2008, Server 2008 R2, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft Lync 2010, Microsoft Lync Basic 2013, Microsoft Lync 2010 Attendee, Microsoft live meeting 2007, Microsoft Live Meeting 2007 Add-I ... oval:org.secpod.oval:def:1223 The host is installed with Microsoft Internet Explorer and is prone to cookiejacking vulnerability. A flaw is present in the application, which fails to properly restrict cross-zone drag-and-drop actions. Successful exploitation allow user-assisted remote attackers to read cookie files. oval:org.mitre.oval:def:6508 Stack consumption vulnerability in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows remote authenticated users to cause a denial of service (daemon crash) via a list (ls) -R command containing a wildcard that references a subdirectory, followed by a .. (dot dot ... oval:org.secpod.oval:def:2643 The host is missing an important security update according to Microsoft security bulletin, MS09-053. The update is required to fix remote code execution vulnerabilities. The flaws are present in the FTP Service in Microsoft Internet Information Services, which fails to handle the FTP Service list op ... oval:org.secpod.oval:def:23493 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 and is prone to a security feature bypass vulnerability. A flaw is present in the application, which fails to properly validate a ... oval:org.secpod.oval:def:23483 The host is installed with Microsoft Windows Server 2008, Server 2008 R2, Server 2008 R2 IA64, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to a remote code execution vulnerability. The flaw is present in the Group Policy, which fails to handle files t ... oval:org.secpod.oval:def:3718 The host is installed with Microsoft Windows and is prone to information disclosure vulnerability. A flaw is present in the application, which is caused by a design flaw in the SSL and TLS protocols when Cipher-block chaining (CBC) mode of operation is used. Successful exploitation allows attackers ... oval:org.secpod.oval:def:16983 The host is installed with Microsoft Active Directory or Active Directory Application Mode (ADAM) or Active Directory Lightweight Directory Service (AD LDS) or Active Directory Services and is prone to security bypass vulnerability. A flaw is present in an application, which fails to handle validati ... oval:org.secpod.oval:def:15671 The host is installed with Microsoft Windows XP SP2, SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2, Server 2008 R2 SP2, Windows 7 SP1, Windows Server 2012 or Windows 8 and is prone to remote code vulnerability. A flaw is present in the application, which fails to properly parse OpenType fonts. Su ... oval:org.secpod.oval:def:16195 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Server 2008 R2 SP2, Windows 7 SP1, Windows Server 2012 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploi ... oval:org.secpod.oval:def:15435 The host is installed with Microsoft Windows Vista, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to an denial of service vulnerability. The flaw is present in the Active Directory Lightweight Directory Service (AD LDS), which fails to properl ... oval:org.secpod.oval:def:15667 The host is installed with Microsoft Windows XP SP2, SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2, Server 2008 R2 SP2, Windows 7 SP1, Windows Server 2012 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle object ... oval:org.secpod.oval:def:15666 The host is installed with Microsoft Windows XP SP2, SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2, Server 2008 R2 SP2, Windows 7 SP1, Windows Server 2012 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle object ... oval:org.secpod.oval:def:15659 The host is installed with Microsoft Windows XP, Microsoft Windows Server 2003, Microsoft Windows Vista, Microsoft Windows Server 2008, Microsoft Windows 7, Microsoft Windows Server 2008 R2, Microsoft Windows 8 or Microsoft Windows Server 2012 and is prone to remote code execution vulnerability. A f ... oval:org.secpod.oval:def:15670 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Server 2008 R2 SP2 or Windows 7 SP1 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation allows attackers to run a ... oval:org.secpod.oval:def:15425 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to an elevation of privilege vulnerability. The flaw is present in the Windows Kernel-Mode, which fails to proper ... oval:org.secpod.oval:def:15426 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to an elevation of privilege vulnerability. The flaw is present in the Windows Kernel-Mode, which fails to proper ... oval:org.secpod.oval:def:15423 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to an elevation of privilege vulnerability. The flaw is present in the Windows Kernel-Mode, which fails to proper ... oval:org.secpod.oval:def:15424 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to an elevation of privilege vulnerability. The flaw is present in the Windows Kernel-Mode, which fails to proper ... oval:org.secpod.oval:def:15421 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to an elevation of privilege vulnerability. The flaw is present in the Windows Kernel-Mode, which fails to proper ... oval:org.secpod.oval:def:15422 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to an elevation of privilege vulnerability. The flaw is present in the Windows Kernel-Mode, which fails to proper ... oval:org.secpod.oval:def:15420 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows 7, or Windows 8 and is prone to an elevation of privilege vulnerability. The flaw is present in the Windows Kernel-Mode, which fails to properly handle objects in ... oval:org.secpod.oval:def:14824 The host is installed with Internet Explorer 7, 8, 9 or 10 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation allows attackers to elevate the privileges of a process that is launched ... oval:org.secpod.oval:def:15407 The host is installed with Microsoft Windows XP, Windows Server 2003, Windows Vista or Windows Server 2008 and is prone to remote code execution vulnerability. The flaw is present in the Windows theme file (Themeui.dll), which fails to properly handle crafted Windows theme when user forced open the ... oval:org.secpod.oval:def:14299 The host is installed with DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8 or Windows Server 2012 and is prone to a remote code execution vulnerability. A flaw is present in the application, whic ... oval:org.secpod.oval:def:14312 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to an elevation of privilege vulnerability. The flaw is present in the application, which fails to properly hand ... oval:org.secpod.oval:def:14842 The host is installed with Microsoft Windows Vista, Server 2008, Windows 7, Windows 8, Windows Server 2012 or Windows Server 2008 R2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly allocate memory for incoming ICMPv6 packets. Successfu ... oval:org.secpod.oval:def:14833 The host is installed with Microsoft Windows and is prone to a remote procedure call vulnerability. A flaw is present in the application, which fails to handle asynchronous RPC requests. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14310 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2 or Windows 7 and is prone to a elevation of privilege vulnerability. The flaw is present in the application, which fails to properly handle objects in memory. Successful ... oval:org.secpod.oval:def:14311 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2 or Windows 7 and is prone to a elevation of privilege vulnerability. The flaw is present in the application, which fails to properly handle objects in memory. Successful ... oval:org.secpod.oval:def:14308 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to an elevation of privilege vulnerability. The flaw is present in the application, which fails to properly hand ... oval:org.secpod.oval:def:14309 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to an elevation of privilege vulnerability. The flaw is present in the application, which fails to properly hand ... oval:org.secpod.oval:def:14197 The host is installed with Microsoft Windows Vista, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to a TCP/IP integer overflow vulnerability. A flaw is present in the application, which fails to properly handle packets during TCP connection. S ... oval:org.secpod.oval:def:14200 The host is installed with Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8 or Windows 2012 and is prone to a privilege escalation vulnerability. A flaw is present in the Windows Print Spooler components which fails to validate a specially crafted print job. Successfu ... oval:org.secpod.oval:def:14307 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to an elevation of privilege vulnerability. The flaw is present in the application, which fails to properly hand ... oval:org.secpod.oval:def:10966 The host is installed with Microsoft Windows Vista, Windows Server 2008 or R2 , Windows 7 SP1, Windows 8, Windows Server 2012 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could al ... oval:org.secpod.oval:def:10968 The host is installed with Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, R2, Windows 7, Windows 8, Windows Server 2012 and is prone to a windows handle vulnerability. A flaw is present in the application which fails to properly handle deleted objects in memory. Succe ... oval:org.secpod.oval:def:10729 The host is installed with Windows XP, Server 2003, Vista, or Server 2008 are prone to a CSRSS memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted application. Successful exploitation could allow attackers to gain privileges. oval:org.secpod.oval:def:10738 The host is installed with Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012 and is prone to a race condition vulnerability. A flaw is present in the application, which fails to properly handle objec ... oval:org.secpod.oval:def:10733 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, R2, Server 2012, Windows Vista, Windows 7 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation allows attack ... oval:org.secpod.oval:def:10735 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Windows Vista, Windows 7 or Windows 8 and is prone to denial of service vulnerability. A flaw is present int he application, which fails to handle a specially crafted font file. Successful exploitation allows attackers to cau ... oval:org.secpod.oval:def:10736 The host is installed with Microsoft Windows Server 2008, R2, Server 2012, Windows Vista, Windows 7 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation allows attackers to gain eleva ... oval:org.secpod.oval:def:10737 The host is installed with Microsoft Windows Server 2008, R2, Windows Vista or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation allows attackers to gain elevated privileges and read ... oval:org.secpod.oval:def:10941 The host is installed with Internet Explorer 8 or 9 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle an object in memory that has been deleted or has not been properly allocated. Successful exploitation could allow attackers to execute arbi ... oval:org.secpod.oval:def:9742 The host is installed with Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8 or Windows Server 2012 and is prone to a privilege escalation vulnerability. A flaw is present in the kernel-mode drivers, which fails to handle obje ... oval:org.secpod.oval:def:9741 The host is installed with Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8 or Windows Server 2012 and is prone to a privilege escalation vulnerability. A flaw is present in the kernel-mode drivers, which fails to handle obje ... oval:org.secpod.oval:def:9740 The host is installed with Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8 or Windows Server 2012 and is prone to a privilege escalation vulnerability. A flaw is present in the kernel-mode drivers, which fails to handle obje ... oval:org.secpod.oval:def:9719 The host is installed with Internet Explorer 8 and is prone to a CTreeNode use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9715 The host is installed with Internet Explorer 6,7,8,9 or 10 and is prone to a CCaret use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9717 The host is installed with Internet Explorer 6,7,8,9 or 10 and is prone to a GetMarkupPtr use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9716 The host is installed with Internet Explorer 8 and is prone to a CElement use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9718 The host is installed with Internet Explorer 6,7,8,9 or 10 and is prone to a use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9720 The host is installed with Internet Explorer 6,7,8,9 or 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9713 The host is installed with Internet Explorer 6,7,8,9 or 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9712 The host is installed with Internet Explorer 6,7,8,9 or 10 and is prone to an onresize use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9714 The host is installed with Internet Explorer 6,7,8,9 or 10 and is prone to a CMarkupBehaviorContext use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14835 The host is installed with Windows Vista, Windows Server 2008, Windows 7 or Windows Server 2008 R2 and is prone to a ASLR security feature bypass vulnerability. The flaw is present in Windows Kernel, which fails to properly handle the implementation of Address Space Layout Randomization (ASLR). Succ ... oval:org.secpod.oval:def:9238 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, Windows 7 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel improperly handles objects ... oval:org.secpod.oval:def:9236 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, Windows 7 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel improperly handles objects ... oval:org.secpod.oval:def:9237 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, Windows 7 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel improperly handles objects ... oval:org.secpod.oval:def:9271 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9272 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9273 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles object ... oval:org.secpod.oval:def:9268 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9269 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9266 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9267 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9270 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9264 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9265 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9261 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9262 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9263 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9257 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9258 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9259 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9256 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9260 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9253 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9254 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9255 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9251 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9252 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9250 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9246 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9247 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9248 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9249 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9244 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, Windows 7, Server 2012 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver i ... oval:org.secpod.oval:def:9245 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, Windows 7, Server 2012 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver i ... oval:org.secpod.oval:def:9240 The host is installed with Microsoft Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8 or Windows Server 2012 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a connection termination sequence. Succ ... oval:org.secpod.oval:def:9229 The host is installed with Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a specially crafted media file (such as an .mpg file), a Microsoft Office docume ... oval:org.secpod.oval:def:9281 The host is installed with .NET Framework 2.0 or 3.5 or 3.5.1 or 4.0 or 4.5 and is prone to privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle permissions of a callback function. Successful exploitation allows attackers to take complete control o ... oval:org.secpod.oval:def:9290 The host is installed with Internet Explorer 9 or 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9291 The host is installed with Internet Explorer 8 or 9 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9293 The host is installed with Internet Explorer 9 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9296 The host is installed with Internet Explorer 6, 7, 8, 9 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9283 The host is installed with Internet Explorer 6 or 7 or 8 or 9 or 10 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to handle a specially crafted webpage. Successful exploitation could allow an attacker to gain the same user rights as the current us ... oval:org.secpod.oval:def:8333 The host is installed with Windows Vista, Windows Server 2008,Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle window broadcast messages. Successful exploitat ... oval:org.secpod.oval:def:8335 The host is installed with Microsoft Windows Vista, Windows 7, Windows server 2008, Windows server 208 R2, Windows 8 or Windows server 2012 and is prone to security feature bypass vulnerability. A flaw is present in the application, which fails to properly handle SSL/TLS session version negotiation. ... oval:org.secpod.oval:def:9287 The host is installed with Internet Explorer 7, 8, 9 or 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9288 The host is installed with Internet Explorer 9 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9289 The host is installed with Internet Explorer 9 or 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:8339 The host is installed with Microsoft .NET Framework 2.0 SP2, 3.0, 3.5.1, 4 or 4.5 and is prone to S.DS.P buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle System.DirectoryServices.Protocols (S.DS.P) namespace method. Successful exploitation allows re ... oval:org.secpod.oval:def:8340 The host is installed with Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.0, 3.5.1, 4 or 4.5 and is prone to double construction vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation allows remote attackers to install programs, v ... oval:org.secpod.oval:def:8342 The host is installed with Microsoft .NET Framework 3.5 Service Pack 1, Microsoft .NET Framework 4 or Management OData IIS Extension and is prone to a denial of service vulnerability. A flaw is present in the applications, which fail to handle crafted HTTP requests. Successful exploitation could all ... oval:org.secpod.oval:def:8195 The host is installed with Internet Explorer 9 and is prone to an CMarkup use-after-free vulnerability. A flaw is present in the application, which fails to handle a deleted object. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:8196 The host is installed with Internet Explorer 9 or 10 and is prone to an improper ref counting use-after-free vulnerability. A flaw is present in the application, which fails to handle a deleted or improperly initialized object. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:8322 The host is installed with Internet Explorer 6, Internet Explorer 7 or Internet Explorer 8 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to properly handle object in memory. Successful exploitation could allow attackers to execute arbitrary co ... oval:org.secpod.oval:def:8337 The host is installed with Microsoft .NET Framework 1.1 SP1 or 2.0 SP2 or 3.5.1 or 4 or 4.5 and is prone to WinForms buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a Windows Forms method. Successful exploitation allows remote attackers to install ... oval:org.secpod.oval:def:8338 The host is installed with Microsoft .NET Framework 1.1 SP1 or 2.0 SP2 or 3.0 or 4 and is prone to system drawing information disclosure vulnerability. A flaw is present in the application, which fails to properly handle pointers to unmanaged memory locations. Successful exploitation allows remote a ... oval:org.secpod.oval:def:8182 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2008 R2, Windows Server 2003 or Windows 7 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to parse filenames. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:8191 The host is installed with Windows XP, Windows Vista, Windows Server 2008,Windows Server 2008 R2, Windows Server 2003 or Windows 7 and is prone to remote code execution vulnerabilities. The flaws are present in the Windows kernel, which fails to handle a specially crafted OpenType font file. Success ... oval:org.secpod.oval:def:7927 The host is installed with Microsoft .NET Framework 2.0 SP2, 3.5.1, 4 or 4.5 and is prone to Web proxy auto-discovery vulnerability. A flaw is present in the applications, which is caused by a lack of validation when the .NET Framework acquires the default web proxy settings and executes JavaScript ... oval:org.secpod.oval:def:7928 The host is installed with Microsoft .NET Framework 4 or 4.5 and is prone to WPF reflection optimization vulnerability. A flaw is present in the applications, which fails to properly validate permissions of objects involved with reflection. Successful exploitation allows attackers to take complete c ... oval:org.secpod.oval:def:7906 The host is installed with Microsoft Internet Explorer 9 and is prone to use after free vulnerability. A flaw is present in the Internet Explorer, which fails to handle objects in memory. Successful exploitation allows an attacker to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:7931 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 or Windows 7 and is prone to privilege escalation vulnerability. A flaw is present in the Windows kernel, which fails to properly handle the objects in memory. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:7924 The host is installed with Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5.1 or 4 and is prone to reflection bypass vulnerability. A flaw is present in the applications, which fail to properly validate the permissions of objects performing reflection. Successful exploitation allows attackers to take ... oval:org.secpod.oval:def:7925 The host is installed with Microsoft .NET Framework 2.0 SP2 or 3.5.1 and is prone to Code access security info disclosure vulnerability. A flaw is present in the applications, which does not properly sanitize the output of a function when called from partially trusted code. Successful exploitation a ... oval:org.secpod.oval:def:7926 The host is installed with Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5.1 or 4 and is prone to untrusted search path vulnerability. A flaw is present in the applications, which is caused when Entity Framework, a .NET Framework component, incorrectly restricts the path used for loading external lib ... oval:org.secpod.oval:def:7905 The host is installed with Microsoft Internet Explorer 9 and is prone to use after free vulnerability. A flaw is present in the Internet Explorer, which fails to handle objects in memory. Successful exploitation allows an attacker to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:7311 The host is installed with Microsoft Windows XP, server 2003, server 2008, server 2008 R2, Vista or Windows 7 and is prone to integer overflow vulnerability. A flaw is present in the application, which is caused when the Windows kernel improperly handles objects in memory. Successful exploitation al ... oval:org.secpod.oval:def:7077 The host is installed with Google Chrome before 22.0.1229.79 in Microsoft Windows 7 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle memory. Successful exploitation allows remote attackers to execute arbitrary code or cause a denia ... oval:org.secpod.oval:def:7920 The host is installed with Microsoft Windows XP SP2 or SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2 or R2 SP1, Windows 7 or SP1, windows 8, or windows server 2012 and is prone to integer underflow vulnerability. A flaw is present in the application, which fails to pro ... oval:org.secpod.oval:def:7921 The host is installed with Microsoft Windows XP SP2 or SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2 or R2 SP1, Windows 7 or SP1 and is prone to integer overflow vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted bri ... oval:org.secpod.oval:def:7904 The host is installed with Microsoft Internet Explorer 9 and is prone to use after free vulnerability. A flaw is present in the Internet Explorer, which fails to handle objects in memory. Successful exploitation allows an attacker to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:6685 The host is installed with Microsoft Windows XP SP2, SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, R2 SP1, Windows 7 Gold or SP1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle objects in memory prop ... oval:org.secpod.oval:def:6688 The host is installed with Microsoft Windows XP, Server 2003, Vista, Server 2008, Windows 7 or Server 2008 R2 and is prone to format string vulnerability. A flaw is present in the application, which fails to handle a specially crafted response. Successful exploitation allows attackers to take comple ... oval:org.secpod.oval:def:6687 The host is installed with Microsoft Windows XP, Server 2003, Vista, Server 2008, Windows 7 or Server 2008 R2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle a Remote Administration Protocol (RAP) response. Successful exploitation ... oval:org.secpod.oval:def:6343 The host is installed with Microsoft Windows XP SP2, SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, R2 SP1, Windows 7 Gold or SP1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly validate parameters ... oval:org.secpod.oval:def:6342 The host is installed with Microsoft Windows XP SP2, SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, R2 SP1, Windows 7 Gold or SP1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle specific keyboard layo ... oval:org.secpod.oval:def:6349 The host is installed with Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows Data Access Components (WDAC) 6.0 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to handle a crafted XML data that triggers access to an uninitiali ... oval:org.secpod.oval:def:6346 The host is installed with Microsoft Windows and is prone to command injection vulnerability. A flaw is present in the windows shell, which fails to handle file and directory names. Successful exploitation allows remote attackers to install programs, view, change or delete data or create new account ... oval:org.secpod.oval:def:6340 The host is installed with Microsoft Internet Explorer 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a deleted object. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6353 The host is installed with Microsoft Windows and is prone to information disclosure vulnerability. A flaw is present in the application, which is caused by a design flaw in the TLS protocol when Cipher-block chaining (CBC) mode of operation is used. Successful exploitation allows attackers to decryp ... oval:org.secpod.oval:def:6339 The host is installed with Microsoft Internet Explorer 9 and is prone to a cached object remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a deleted object. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6036 The host is installed with Internet Explorer 6 through 8 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle an object that has been deleted. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6035 The host is installed with Internet Explorer 6 through 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle an object that has been deleted. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6048 The host is installed with Internet Explorer 6 through 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle an object that has been deleted. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6047 The host is installed with Internet Explorer 6 through 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle an object that has been deleted. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6046 The host is installed with Internet Explorer 6 through 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6045 The host is installed with Internet Explorer 8 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6049 The host is installed with Internet Explorer 6 through 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6044 The host is installed with Internet Explorer 8 and 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6043 The host is installed with Internet Explorer 7 through 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly create and initialize string data. Successful exploitation could allow attackers to obtain sensitive information from process ... oval:org.secpod.oval:def:6042 The host is installed with Internet Explorer 6 through 9 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle crafted character sequences with EUC-JP encoding. Successful exploitation could allow attackers to inject arbitrary web script or ... oval:org.secpod.oval:def:6051 The host is installed with Internet Explorer 6 through 9 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to block cross-domain scrolling events. Successful exploitation could allow attackers to read content from a different domain or zone. oval:org.secpod.oval:def:6050 The host is installed with Internet Explorer 8 or 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6033 The host is installed with Microsoft Windows XP or Windows Server 2003 or Windows Vista or Windows Server 2008 or R2 or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to properly validate input passed from user mode. Successful explo ... oval:org.secpod.oval:def:6032 The host is installed with Microsoft Windows XP or Windows Server 2003 or Windows Vista or Windows Server 2008 or R2 or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to properly validate input passed from user mode. Successful explo ... oval:org.secpod.oval:def:6031 The host is installed with Microsoft Windows XP or Windows Server 2003 or Windows Vista or Windows Server 2008 or R2 or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle TrueType font loading. Successful exploitation ... oval:org.secpod.oval:def:6026 The host is installed with Microsoft .Net framework 2.0 Sp2 or 3.5.1 or 4.0 or 4.5 Beta and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to properly execute a function pointer. Successful exploitation allows attackers to take complete control of ... oval:org.secpod.oval:def:6037 The host is installed with Internet Explorer 8 and 9 or Microsoft Communicator 2007 R2 or Lync 2010 or Lync 2010 Attendee Microsoft InfoPath 2007 or 2010, Microsoft SharePoint Server 2007 or 2010, Microsoft SharePoint Foundation 2010, Microsoft SharePoint Services 3.0 or Microsoft Groove Server 2010 ... oval:org.secpod.oval:def:6034 The host is installed with Microsoft Windows XP or Windows Server 2003 or Windows Vista or Windows Server 2008 or R2 or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to properly validate input passed from user mode. Successful explo ... oval:org.secpod.oval:def:5102 The host is installed with Windows XP SP2 or SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, R2 SP1, Windows 7 or SP1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly validate the digest of a signed por ... oval:org.secpod.oval:def:5585 The host is installed with Windows Vista SP2 or Windows Server 2008 SP2 or 2008 R2 or 2008 R2 SP1 or Windows 7 or SP1 and is prone to a privilege escalation vulnerability. A flaw is present in Windows Partition Manager, which fails to handle a specially crafted application. Successful exploitation c ... oval:org.secpod.oval:def:6028 The host is installed with Microsoft Windows XP or Windows Server 2003 or Windows Vista or Windows Server 2008 or R2 or Windows 7 and is prone to remote code execution vulnerability. A flaw is present in the Remote Desktop Protocol, which fails to properly process RDP packets in memory. Successful e ... oval:org.secpod.oval:def:5629 The host is installed with Microsoft .NET Framework 4 and is prone buffer allocation vulnerability. A flaw is present in the application, which fails to handle a specially crafted Microsoft .NET Framework application. Successful exploitation could allow remote attackers to install programs, view, ch ... oval:org.secpod.oval:def:5630 The host is installed with Microsoft .NET Framework 4 and is prone index comparison vulnerability. A flaw is present in the applications, which fails to handle WPF APIs. Successful exploitation could allow remote attackers to execute code or to elevate their user rights in any fashion. oval:org.secpod.oval:def:5634 The host is installed with Microsoft Windows and is prone privilege escalation vulnerability. A flaw is present in the application, which fails to handle the Windows kernel-mode driver. Successful exploitation could allow remote attackers to install programs, view, change, or delete data or create n ... oval:org.secpod.oval:def:5636 The host is installed with Microsoft Windows and is prone privilege escalation vulnerability. A flaw is present in the application, which fails to handle the Windows kernel-mode driver. Successful exploitation could allow remote attackers to install programs, view, change, or delete data or create n ... oval:org.secpod.oval:def:5635 The host is installed with Microsoft Windows and is prone privilege escalation vulnerability. A flaw is present in the application, which fails to handle the Windows kernel-mode driver. Successful exploitation could allow remote attackers to install programs, view, change, or delete data or create n ... oval:org.secpod.oval:def:4131 The host is installed with Microsoft Windows XP or Windows Server 2003 or Windows Server 2008 or Windows Vista or Windows 7 or Windows Server 2008 R2 and is prone to elevation of privilege vulnerability. A flaw is present in the applications, where the Windows kernel-mode driver does not properly ha ... oval:org.secpod.oval:def:4147 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, R2 SP1, R2-IA64 and Windows 7, SP1 and is prone buffer overflow vulnerability. A flaw is present in the C Run-Time Library msvcrt.dll file, which fails to handle a specially crafted media file. Successful exploitati ... oval:org.secpod.oval:def:3726 The host is installed with Microsoft Windows XP or Windows Server 2003 or Windows Server 2008 or Windows Vista or Windows 7 or Windows Server 2008 R2 and is prone to remote code execution vulnerability. A flaw is present in the applications, which does not perform proper validation on input passed f ... oval:org.secpod.oval:def:4733 The host is installed with Windows kernel-mode driver and is prone postmessage function vulnerability. A flaw is present in the kernel-mode driver, which fails to handle PostMessage function. Successful exploitation could allow remote attackers to install programs, view, change, or delete data or cr ... oval:org.secpod.oval:def:4734 The host is installed with Microsoft Windows and is prone to remote code execution vulnerability. A flaw is present in the Remote Desktop Protocol, where it accesses an object in memory that has been improperly initialized or has been deleted. Successful exploitation allows remote attackers to take ... oval:org.secpod.oval:def:4738 The host is installed with Windows DirectWrite and is prone denial of service vulnerability. A flaw is present in the DirectWrite application, which fails to handle a specially crafted sequence of unicode characters. Successful exploitation could allow remote attackers to cause a target application ... oval:org.secpod.oval:def:4157 The host is installed with Microsoft .NET Framework 2.0 SP2, 3.5.1, 4.0 or Silverlight and is prone unmanaged objects vulnerability. A flaw is present in the applications, which fails to handle a specially crafted Microsoft .NET Framework application. Successful exploitation could allow remote attac ... oval:org.secpod.oval:def:4158 The host is installed with Microsoft .NET Framework 2.0 SP2, and 3.5.1 and is prone heap corruption vulnerability. A flaw is present in the Microsoft .NET Framework, which fails to handle calculation of buffer length while processing specially crafted input. Successful exploitation could allow remot ... oval:org.secpod.oval:def:3711 The host is installed with Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle the way that the CSRSS processes a sequence of specially crafted Unicode char ... oval:org.secpod.oval:def:3717 The host is installed with Microsoft Windows and is prone to remote code execution vulnerability. A flaw is present in the application which is caused by the way that Windows Packager loads ClickOnce applications embedded in Microsoft Office files. Successful exploitation allows remote attacker to g ... oval:org.secpod.oval:def:3630 The host is installed with Microsoft .Net Framework 2.0 or 3.5 or 3.5.1 or 4.0 and is prone to open redirect vulnerability. A flaw is present in the applications, which fail to properly verify return URLs during the forms authentication process. Successful exploitation allows remote attackers to red ... oval:org.secpod.oval:def:3713 The host is installed with Microsoft Windows and is prone to remote code execution vulnerability. A flaw is present in the application, which is caused when Windows Media Player fails to handle a specially crafted MIDI file. Successful exploitation allows attackers to run arbitrary code in the conte ... oval:org.secpod.oval:def:3714 The host is installed with Microsoft Windows and is prone to remote code execution vulnerability. A flaw is present in the application, which is caused when filters in DirectShow do not properly handle specially crafted media files. Successful exploitation allows attackers to run arbitrary code in t ... oval:org.secpod.oval:def:3707 The host is installed with Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, or R2 SP1, Windows 7 Gold or SP1 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly load structured exception handling tabl ... oval:org.secpod.oval:def:3435 The host is installed with Active Directory or Active Directory Application Mode (ADAM) or Active Directory Lightweight Directory Service (AD LDS) and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a crafted application when run by an a ... oval:org.secpod.oval:def:3416 The host is installed with Windows Media Player and Windows Media Center and is prone to memory corruption vulnerability. A flaw is present in the application which is caused by a specially crafted Microsoft Digital Video Recording (.dvr-ms) file. Successful exploitation allows remote attacker to in ... oval:org.secpod.oval:def:2716 The host is installed with Active Directory or Active Directory Application Mode (ADAM) or Active Directory Lightweight Directory Service (AD LDS) and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when Active Directory is configured to use LD ... oval:org.secpod.oval:def:2544 The host is installed with Microsoft Windows Vista SP1 or SP2 or Windows Media Center TV Pack or Microsoft Windows 7 or Microsoft Windows 7 SP1 and is prone to remote code execution vulnerability. A flaw is present in the application which fails to properly restrict the path used when loading extern ... oval:org.secpod.oval:def:2548 The host is installed with Microsoft .NET Framework or Microsoft Silverlight and is prone to a remote code execution vulnerability. Flaws are present in the Microsoft ASP.NET and Microsoft Silverlight, which fails to handle specially crafted web pages. Successful exploitation could allow attackers t ... oval:org.secpod.oval:def:1748 The host Microsoft Windows is prone to denial of service vulnerability. A flaw is present in the operating system, which fails to handle a specially crafted file on network share or web site. Successful exploitation allows remote attackers to create denial of service conditions. oval:org.secpod.oval:def:1412 The host is installed with Microsoft Windows XP or Windows server 2003 or Windows server 2008 or Windows Vista or Windows 7 or Windows server 2008 R2 and is prone to elevation of privilege vulnerability. A flaw is present in Client/Server Run-time Subsystem (CSRSS) that is caused by an integer overf ... oval:org.secpod.oval:def:1180 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in Microsoft Server Message Block which does not properly handle specially crafted SMB responses. Successful exploitation allow ... oval:org.secpod.oval:def:1171 The host is installed with Microsoft .Net framework 2.0 SP1 or 2.0 SP2 or 3.5 or 3.5 SP1 or 4.0 or Microsoft Silverlight 4 and is prone to remote code execution vulnerability. A flaw is present in the applications which is caused when the .NET Framework or Microsoft Silverlight improperly validate a ... oval:org.secpod.oval:def:1201 The host is installed with Microsoft Internet Explorer and is prone information disclosure vulnerability. A flaw is present in the browser, which fails to handle a crafted Web page. Successful exploitation could allow remote attackers to execute arbitrary code or gain sensitive information. oval:org.secpod.oval:def:715 The host is installed with Javascript and Vbscript 5.6 or 5.7 or 5.8 scripting engines and is prone to remote code execution vulnerability. A flaw is present in the application which is caused when the scripting engines attempt to reallocate memory while decoding a script in order to run it, an inte ... oval:org.secpod.oval:def:1040 The host is missing a Critical security update according to Microsoft security bulletin, MS11-019. The update is required to fix remote code execution vulnerability in Microsoft Windows. The flaws are present in the SMB Client Could which fails to handle specially crafted SMB response to a client-in ... oval:org.secpod.oval:def:664 The host is installed with Microsoft Windows and is prone to remote code execution vulnerability. A flaw is present in windows SMB client which fails to validate specially crafted SMB responses. Successful exploitation could allow an attacker to gain complete control of the system. oval:org.secpod.oval:def:1039 The host is missing a Critical security update according to Microsoft security bulletin, MS11-015. The update is required to fix remote code execution vulnerability in Microsoft Windows Media Player/Windows Media Center and DirectShow. A flaw is present in the application which fails to handle a spe ... oval:org.secpod.oval:def:299 The host is installed with Microsoft Windows and is prone to arbitrary code execution Vulnerability. A flaw is present in Microsoft DirectShow which incorrectly restricts the path used for loading external libraries. Successful exploitation allows remote attcker to take complete control of an affect ... oval:org.secpod.oval:def:298 The host is installed with Microsoft Windows Media Player/Windows Media Center and is prone to remote code execution vulnerability. A flaw is present in the application which gives error when parsing ".dvr-ms" media files. Successful exploitation allows remote attacker to execute arbitrary code in t ... oval:org.secpod.oval:def:714 The host is installed with Microsoft .NET Framework and is prone to remote code execution vulnerability. A flaw is present in x86 JIT compiler, which fails to compiling certain function calls. Successful exploitation could allow remote attackers to corrupt the stack and execute remote code. oval:org.secpod.oval:def:297 The host is installed with Microsoft Remote Desktop client and is prone to remote code execution vulnerability. A flaw is present in the application which fails to handle the loading of DLL files. Successful exploitation could allow an attacker to execute arbitrary code on the remote system. oval:org.mitre.oval:def:6684 Use-after-free vulnerability in the Media Player Network Sharing Service in Microsoft Windows Vista SP1 and SP2 and Windows 7 allows remote attackers to execute arbitrary code via a crafted Real Time Streaming Protocol (RTSP) packet, aka "RTSP Use After Free Vulnerability." oval:org.mitre.oval:def:7637 Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attackers to inject arbitrary web script or HTML via unspecified vec ... oval:org.mitre.oval:def:6653 Microsoft Windows Media Player (WMP) 9 through 12 does not properly deallocate objects during a browser reload action, which allows user-assisted remote attackers to execute arbitrary code via crafted media content referenced in an HTML document, aka "Windows Media Player Memory Corruption Vulnerabi ... oval:org.mitre.oval:def:7120 Heap-based buffer overflow in the Local Security Authority Subsystem Service (LSASS), as used in Active Directory in Microsoft Windows Server 2003 SP2 and Windows Server 2008 Gold, SP2, and R2; Active Directory Application Mode (ADAM) in Windows XP SP2 and SP3 and Windows Server 2003 SP2; and Active ... oval:org.mitre.oval:def:11845 The TCP/IP stack in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly handle malformed IPv6 packets, which allows remote attackers to cause a denial of service (system hang) via multiple crafted packets, aka "IPv6 Memory Corruption Vulnerabil ... oval:org.mitre.oval:def:7517 Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media Format Runtime 9, 9.5, and 11; Media Encoder 9; and the Asycfilt.dll COM component allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "Media Decompression Vulnerability." oval:org.mitre.oval:def:7492 Unspecified vulnerability in the Microsoft Internet Explorer 8 Developer Tools ActiveX control in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 and R2, and Windows 7 allows remote attackers to execute arbitrary code via un ... oval:org.secpod.oval:def:1047 The host is missing an critical security update according to Microsoft security bulletin, MS11-027. The update is required to fix remote code execution vulnerability in Microsoft Internet Explorer. The flaws are present in the application which fails to handle memory corruption, an input validation. ... oval:org.secpod.oval:def:1990 The host is missing a critical security update according to Microsoft security bulletin, MS10-034. The update is required to fix remote code execution vulnerability. A flaw is present in the activex control iedvtool.dll and max3activex.dll, which fails to handle specially crafted Web page. Successfu ... oval:org.mitre.oval:def:6677 Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPath 2003 SP3, 2007 SP1, and 2007 SP2; Office SharePoint Server 2007 SP1 and SP2; SharePoint Services 3.0 SP1 and SP2; and Internet Explorer 8 allows remote attackers to inject arbitrary web script or H ... oval:org.secpod.oval:def:1457 The host is missing a critical security update according to Microsoft security bulletin, MS10-029. The update is required to fix address spoofing vulnerability. A flaw is present in the ISATAP Component, which fails to check the inner packet's IPv6 source address in a tunneled ISATAP packets. Succes ... oval:org.mitre.oval:def:7012 The kernel in Microsoft Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, does not properly handle unspecified exceptions, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Exception Handler Vulnerability." oval:org.mitre.oval:def:7509 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not perform the expected validation before creating a symbolic link, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Symbolic Link Value Vulner ... oval:org.mitre.oval:def:7574 Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to bypass intended IPv4 source-address restrictions via a mismatched IPv6 source address in a tunneled ISATAP packet, aka "ISATAP IPv6 Source Address Spoofing Vulnerabilit ... oval:org.secpod.oval:def:1585 The host is missing a critical security update according to Microsoft security bulletin, MS10-021. The update is required to fix privilege escalation vulnerabilities. Flaws are present in the Windows Kernel, which fails to validate specially crafted applications like the creation of symbolic links o ... oval:org.secpod.oval:def:2048 The host is missing a critical security update according to Microsoft security bulletin, MS10-019. The update is required to fix remote code execution vulnerabilities. Flaws are present in the Windows cabinet file viewer shell extension and authenticode signature verification used for portable execu ... oval:org.mitre.oval:def:6886 The Authenticode Signature verification functionality in cabview.dll in Cabinet File Viewer Shell Extension 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does no ... oval:org.mitre.oval:def:6918 The SMB client in Microsoft Windows Server 2003 SP2, Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2 allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and reboot) via a crafted SMB transaction response t ... oval:org.mitre.oval:def:7441 Multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to execute arbitrary code via a crafted AVI file, aka "MPEG Layer-3 Audio Decoder Stack ... oval:org.secpod.oval:def:1988 The host is missing a critical security update according to Microsoft security bulletin, MS10-026. The update is required to fix remote code execution vulnerability. A flaw is present in the MPEG Layer-3 audio codecs, which fails to decode a specially crafted AVI file containing an MPEG Layer-3 audi ... oval:org.secpod.oval:def:1584 The host is missing a critical security update according to Microsoft security bulletin, MS10-020. The update is required to fix remote code execution vulnerabilities. Flaws are present in the Windows SMB Client, which fails to handle a specially crafted SMB response sent to a client-initiated SMB r ... oval:org.mitre.oval:def:7129 The SMB client in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly allocate memory for SMB responses, which allows remote SMB servers and man-in-the-middle attackers t ... oval:org.mitre.oval:def:6787 The WinVerifyTrust function in Authenticode Signature Verification 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly use unspecified fields in a fi ... oval:org.mitre.oval:def:6770 The kernel in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly translate a registry key's virtual path to its real path, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Virtual Pa ... oval:org.mitre.oval:def:7840 Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 does not properly handle unspecified "encoding strings," which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site, aka "Post Encoding Information Disclosure Vulnerability." oval:org.mitre.oval:def:8302 Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulner ... oval:org.mitre.oval:def:8446 Use-after-free vulnerability in the Peer Objects component (aka iepeers.dll) in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010, ak ... oval:org.secpod.oval:def:2032 The host is missing a critical security update according to Microsoft security bulletin, MS10-018. The update is required to fix multiple vulnerabilities. Flaws are present in the Internet Explorer, which fails to verify the origin of scripts and handle objects in memory and improper validation of l ... oval:org.mitre.oval:def:8532 Microsoft Internet Explorer 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, leading to memory corruption, aka "HTML Rendering Memory Corruption Vulnerability." oval:org.mitre.oval:def:8554 Microsoft Internet Explorer 6, 6 SP1, and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerabi ... oval:org.mitre.oval:def:8553 Cross-domain vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 allows user-assisted remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted HTML document in a situation where the client user drags one browser window across another ... oval:org.mitre.oval:def:6814 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not properly validate a registry-key argument to an unspecified system call, which allows local users to cause a denial of service (reboot) via a crafted application ... oval:org.mitre.oval:def:7722 Use-after-free vulnerability in mstime.dll in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via vectors related to the TIME2 behavior, the CTimeAction object, and destruction of markup, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability." oval:org.mitre.oval:def:7774 Race condition in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Race Condition Memory Corruption Vulnerability." oval:org.secpod.oval:def:1987 The host is missing a critical security update according to Microsoft security bulletin, MS10-016. The update is required to fix remote code execution vulnerability. A flaw is present in the Windows Movie Maker, which fails to handle a specially crafted movie maker or microsoft producer project file ... oval:org.mitre.oval:def:8595 Buffer overflow in Microsoft Windows Movie Maker 2.1, 2.6, and 6.0, and Microsoft Producer 2003, allows remote attackers to execute arbitrary code via a crafted project (.MSWMM) file, aka "Movie Maker and Producer Buffer Overflow Vulnerability." oval:org.mitre.oval:def:8424 The Microsoft Data Analyzer ActiveX control (aka the Office Excel ActiveX control for Data Analysis) in max3activex.dll in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote ... oval:org.mitre.oval:def:8400 The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when a custom network driver is used, does not properly handle local fragmentation of Encapsulating Security Payload (ESP) over UDP packets, which allows remote attackers to execute arbitrary code v ... oval:org.mitre.oval:def:8449 The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows remote attackers to cause a denial of service (system hang) via crafted packets with malformed TCP selective acknowledgement (SACK) values, aka "TCP/IP Selective Acknowledgement Vulnerability. ... oval:org.secpod.oval:def:1565 The host is missing a critical security update according to Microsoft security bulletin, MS10-013. The update is required to fix remote code execution vulnerability. A flaw is present in Microsoft DirectShow, which fails to parse a specially crafted AVI file before opening it. Successful exploitatio ... oval:org.mitre.oval:def:8478 The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when IPv6 is enabled, does not properly perform bounds checking on ICMPv6 Router Advertisement packets, which allows remote attackers to execute arbitrary code via crafted packets, aka "ICMPv6 Route ... oval:org.secpod.oval:def:2030 The host is missing a critical security update according to Microsoft security bulletin, MS10-008. The update is required to fix remote code execution vulnerability. A flaw is present in the activex control max3activex.dll, which fails to handle specially crafted Web page. Successful exploitation al ... oval:org.secpod.oval:def:2036 The host is missing a critical security update according to Microsoft security bulletin, MS10-009. The update is required to fix remote code execution vulnerabilities. Flaws are present in the Windows TCP/IP implementation, which fails to handle specially crafted ICMPv6 packets. Successful exploitat ... oval:org.mitre.oval:def:8064 Heap-based buffer overflow in DirectShow in Microsoft DirectX, as used in the AVI Filter on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2, and in Quartz on Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 ... oval:org.mitre.oval:def:8516 The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when IPv6 is enabled, does not properly perform bounds checking on ICMPv6 Route Information packets, which allows remote attackers to execute arbitrary code via crafted packets, aka "ICMPv6 Route In ... oval:org.mitre.oval:def:8314 The SMB implementation in the Server service in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate the share and servername fields in SMB packets, which allows ... oval:org.mitre.oval:def:8438 The SMB implementation in the Server service in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate request fields, which allows remote authenticated users to ex ... oval:org.secpod.oval:def:2035 The host is missing a critical security update according to Microsoft security bulletin, MS10-012. The update is required to fix remote code execution vulnerabilities. A flaw is present in the SMB Server, which fails to validate crafted SMB requests. Successful exploitation could allow an attacker t ... oval:org.mitre.oval:def:8524 Multiple race conditions in the SMB implementation in the Server service in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allow remote attackers to cause a denial of service (system hang) via a crafted (1) SMBv1 or (2) SMBv2 Negotiate packet, aka "S ... oval:org.mitre.oval:def:7751 The SMB implementation in the Server service in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not use a sufficient source of entropy, which allows remote attackers to obtain acc ... oval:org.mitre.oval:def:8298 Race condition in the SMB client implementation in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code, and in the SMB client implementation in Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows local us ... oval:org.secpod.oval:def:1568 The host is missing a critical security update according to Microsoft security bulletin, MS10-006. The update is required to fix code execution vulnerabilities. Flaws are present in the SMB Client in Microsoft Windows, which fails to validate crafted response from SMB servers and man-in-the-middle a ... oval:org.mitre.oval:def:8344 The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly val ... oval:org.mitre.oval:def:8324 Integer overflow in the Embedded OpenType (EOT) Font Engine (t2embed.dll) in Microsoft Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code via compr ... oval:org.mitre.oval:def:8392 Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows local users to gain privileges via a crafted application, aka "Windows Kernel Double Free Vulnerability." oval:org.secpod.oval:def:1224 The host is missing a Critical security update according to Microsoft security bulletin, MS10-001. The update is required to fix remote code execution vulnerability. A flaw is present in the OpenType (EOT) Font Client which fails to properly parse specially crafted EOT fonts. Successful exploitation ... oval:org.secpod.oval:def:1727 The host is missing a critical security update according to Microsoft security bulletin, MS10-015. The update is required to fix privilege escalation vulnerabilities. Flaws are present in the Windows Kernel, which fails to handle certain exceptions. Successful exploitation could allow an attacker t ... oval:org.secpod.oval:def:2286 The host is missing a critical security update according to Microsoft security bulletin, MS09-071. The update is required to fix remote code execution vulnerabilities. Flaws are present in the Microsoft Internet Authentication Service, which fails to validates authentication requests by PEAP clients ... oval:org.mitre.oval:def:6519 Microsoft Internet Explorer 7 and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability." oval:org.mitre.oval:def:6570 Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a diffe ... oval:org.mitre.oval:def:6209 The Internet Authentication Service (IAS) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold and SP1, and Server 2008 Gold does not properly verify the credentials in an MS-CHAP v2 Protected Extensible Authentication Protocol (PEAP) authentication request, which allows remote ... oval:org.secpod.oval:def:2513 The host is missing an critical security update according to Microsoft security bulletin, MS09-072. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the Internet Explorer, which fails to handle objects in memory. Successful exploitation allows an att ... oval:org.mitre.oval:def:6382 Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a diffe ... oval:org.mitre.oval:def:6079 The Web Services on Devices API (WSDAPI) in Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 does not properly process the headers of WSD messages, which allows remote attackers to execute arbitrary code via a crafted (1) message or (2) response, aka "Web Services on Devices API Memory ... oval:org.secpod.oval:def:2283 The host is missing a critical security update according to Microsoft security bulletin, MS09-063. The update is required to fix remote code execution vulnerability. A flaw is present in the Web Services on Devices Application Programming Interface (WSDAPI), which fails to process headers in WSD mes ... oval:org.secpod.oval:def:2244 The host is missing a critical security update according to Microsoft security bulletin, MS09-065. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Windows kernel, which fails to validate the argument passed to the system call and input passed from us ... oval:org.mitre.oval:def:6277 The Graphics Device Interface (GDI) in win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, ak ... oval:org.mitre.oval:def:6381 Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory that (1) were not properly initialized or (2) are deleted, which allows remote attackers to execute arbitrary code via vectors involving a call to the getElementsByTagName method for the STYLE tag name, selection of the s ... oval:org.mitre.oval:def:6190 Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulner ... oval:org.mitre.oval:def:5766 Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulner ... oval:org.secpod.oval:def:2514 The host is missing a critical security update according to Microsoft security bulletin, MS09-054. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Internet Explorer, which fails to handle a specially crafted Web page. Successful exploitation allows a ... oval:org.mitre.oval:def:6336 Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC do not properly process the command value in an SMB Multi-Protocol Negotiate Request packet, which allows remote attackers to execute arbitrary code via a crafted SMBv2 packet to the Server service, aka "S ... oval:org.mitre.oval:def:5588 win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not correctly validate an argument to an unspecified system call, which allows local users to gain privileges via a crafted application that triggers a ... oval:org.secpod.oval:def:2663 The host is missing a critical security update according to Microsoft security bulletin, MS09-062. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft Windows GDI+, which fails to validate data within GDI+ when rendering WMF images and improper ... oval:org.secpod.oval:def:2296 The host is missing an important security update according to Microsoft security bulletin, MS09-059. The update is required to fix denial of service vulnerability. A flaw is present in the Microsoft Windows Local Security Authority Subsystem Service (LSASS), which fails handle malformed packets duri ... oval:org.mitre.oval:def:6263 Integer underflow in the NTLM authentication feature in the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to cause a denia ... oval:org.secpod.oval:def:2635 The host is missing a critical security update according to Microsoft security bulletin, MS09-051. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Windows Media Runtime, which fails to process ASF files and initialize functions in compressed audio fi ... oval:org.mitre.oval:def:5595 Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 do not properly validate fields in SMBv2 packets, which allows remote attackers to cause a denial of service (infinite loop and system hang) via a crafted packet to the Server service, aka "SMBv2 Infinite Loop Vulnerability." oval:org.mitre.oval:def:6419 Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not properly handle argument validation for unspecified variables, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "HTML Component Handling Vulnerability." oval:org.mitre.oval:def:6484 Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly initialize unspecified functions within compressed audio files, which allows remote attackers to execute arbitrary code via (1) a crafted ... oval:org.mitre.oval:def:6506 Integer underflow in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows local users to gain privileges via a crafted application that triggers an incorrect truncation of a 64-bit integer to a 32-bit integer, aka "W ... oval:org.mitre.oval:def:6186 Integer overflow in the CryptoAPI component in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows man-in-the-middle attackers to spoof arbitrary SSL servers and other entities via ... oval:org.mitre.oval:def:6264 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold and SP1, and Server 2008 Gold does not properly validate data sent from user mode, which allows local users to gain privileges via a crafted PE .exe file that triggers a NULL pointer dereference during chain traver ... oval:org.mitre.oval:def:5842 The CryptoAPI component in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, as used by Internet Explorer and other applications, does not properly handle a '\0' character in a domain n ... oval:org.secpod.oval:def:2565 The host is missing an important security update according to Microsoft security bulletin, MS09-056. The update is required to fix spoofing vulnerabilities. The flaws are present in the Windows CryptoAPI, which fails to validate certificate names that contain null terminators and ASN.1 object identi ... oval:org.secpod.oval:def:2566 The host is missing an important security update according to Microsoft security bulletin, MS09-058. The update is required to fix remote privilege escalation vulnerabilities. The flaws are present in the Windows kernel, which fails to validate data within an executable and clean up exceptions under ... oval:org.mitre.oval:def:6510 The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0, 2.0 SP1, 2.0 SP2, 3.5, and 3.5 SP1, and Silverlight 2, does not properly handle interfaces, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted Silverlight applicat ... oval:org.secpod.oval:def:2640 The host is missing a critical security update according to Microsoft security bulletin, MS09-061. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft .NET Common Language Runtime (CLR), which fails to handle interfaces and verify the rules of ... oval:org.secpod.oval:def:2354 The host is missing a critical security update according to Microsoft security bulletin, MS09-050. The update is required to fix remote code execution vulnerabilities in Server Message Block Version 2 (SMBv2). The flaws are present in the Server Message Block Version 2, which fails handle a speciall ... oval:org.mitre.oval:def:5716 Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not properly validate .NET verifiable code, which allows remote attackers to obtain unintended access to stack memory, and execute arbitrary code, via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) ... oval:org.secpod.oval:def:2636 The host is missing a critical security update according to Microsoft security bulletin, MS09-047. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Windows Media Format, which fails to parse Advanced Systems Format (ASF) files and MPEG-1 Audio Layer 3 ... oval:org.mitre.oval:def:5531 Microsoft Windows Media Format Runtime 9.0, 9.5, and 11; and Microsoft Media Foundation on Windows Vista Gold, SP1, and SP2 and Server 2008; allows remote attackers to execute arbitrary code via an MP3 file with crafted metadata that triggers memory corruption, aka "Windows Media Playback Memory Cor ... oval:org.mitre.oval:def:6489 Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via an & (ampersand) character in a Proce ... oval:org.mitre.oval:def:6454 Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream header that triggers memory corruption, aka "Data Stream Header Corruption Vulnerability." oval:org.mitre.oval:def:6451 Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Fra ... oval:org.mitre.oval:def:6257 Microsoft Windows Media Format Runtime 9.0, 9.5, and 11 and Windows Media Services 9.1 and 2008 do not properly parse malformed headers in Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted (1) .asf, (2) .wmv, or (3) .wma file, aka "Windows Med ... oval:org.mitre.oval:def:6316 The JScript scripting engine 5.1, 5.6, 5.7, and 5.8 in JScript.dll in Microsoft Windows, as used in Internet Explorer, does not properly load decoded scripts into memory before execution, which allows remote attackers to execute arbitrary code via a crafted web site that triggers memory corruption, ... oval:org.secpod.oval:def:2561 The host is missing a critical security update according to Microsoft security bulletin, MS09-045. The update is required to fix remote code execution vulnerability. A flaw is present in JScript Scripting Engine, which fails to handle a specially crafted file or visited a specially crafted Web site ... oval:org.secpod.oval:def:2562 The host is missing a critical security update according to Microsoft security bulletin, MS09-049. The update is required to fix remote code execution vulnerability. A flaw is present in the Wireless LAN AutoConfig Service, which fails to handle specially crafted wireless frames. Successful exploita ... oval:org.secpod.oval:def:2556 The host is missing a critical security update according to Microsoft security bulletin, MS09-048. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Transmission Control Protocol/Internet Protocol (TCP/IP) processing, which fails to handle specially cr ... oval:org.mitre.oval:def:6389 Heap-based buffer overflow in the Wireless LAN AutoConfig Service (aka Wlansvc) in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a malformed wireless frame, aka "Wireless Frame Parsing Remote Code Execution Vulnerability ... oval:org.mitre.oval:def:6374 The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 does not properly manage state information, which allows remote attackers to execute arbitrary code by sending packets to a listening service, and thereby triggering misinterpretation of an unspecifi ... oval:org.mitre.oval:def:5965 Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to cause a denial of service (TCP outage) via a series of TCP sessions that have pending data and a (1) small or (2) zero receive window size, and remain in the ... oval:org.secpod.oval:def:2297 The host is missing a critical security update according to Microsoft security bulletin, MS09-038. The update is required to fix remote code execution vulnerabilities in Windows Media File Processing. The flaws are present in the Windows Media file processing, which fails to handle a specially craft ... oval:org.secpod.oval:def:2298 The host is missing a critical security update according to Microsoft security bulletin, MS09-055. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft Active Template Library (ATL) ActiveX Controls. Successful exploitation allows an attacker to ... oval:org.mitre.oval:def:7436 Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold ... oval:org.secpod.oval:def:2371 The host is missing an important security update according to Microsoft security bulletin, MS09-042. The update is required to fix remote code execution vulnerability. A flaw is present in the Windows Telnet service, which fails validate authentication replies and allows for the relay of credentials ... oval:org.mitre.oval:def:5708 The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via vectors related to erroneous free operations after reading a variant from a stream and deleti ... oval:org.mitre.oval:def:7581 The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClea ... oval:org.mitre.oval:def:6245 The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly re ... oval:org.mitre.oval:def:6289 The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClea ... oval:org.mitre.oval:def:6716 The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly re ... oval:org.mitre.oval:def:5412 Unspecified vulnerability in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a malformed header in a crafted AVI ... oval:org.mitre.oval:def:6329 Heap-based buffer overflow in the Microsoft Terminal Services Client ActiveX control running RDP 6.1 on Windows XP SP2, Vista SP1 or SP2, or Server 2008 Gold or SP2; or 5.2 or 6.1 on Windows XP SP3; allows remote attackers to execute arbitrary code via unspecified parameters to unknown methods, aka ... oval:org.mitre.oval:def:6302 The Telnet service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote Telnet servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, aka "Telnet Credential Reflection V ... oval:org.mitre.oval:def:5930 Integer overflow in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows allows remote attackers to execute arbitrary code on a Windows 2000 SP4 system via a crafted AVI file, or cause a denial of service on a Windows XP SP2 or SP3, Server 2003 SP2, Vista Gold, SP1, or ... oval:org.secpod.oval:def:2621 The host is missing a critical security update according to Microsoft security bulletin, MS09-037. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft Active Template Library (ATL) header. Components and controls built using ATL headers fails t ... oval:org.mitre.oval:def:6421 The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly re ... oval:org.secpod.oval:def:2642 The host is missing a critical security update according to Microsoft security bulletin, MS09-044. The update is required to fix remote code execution vulnerabilities. The flaws are present in Microsoft Remote Desktop Connection, which fails to processes specific parameters returned by the RDP serve ... oval:org.mitre.oval:def:5660 Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly handle attempts to access deleted obje ... oval:org.mitre.oval:def:5693 Heap-based buffer overflow in Microsoft Remote Desktop Connection (formerly Terminal Services Client) running RDP 5.0 through 6.1 on Windows, and Remote Desktop Connection Client for Mac 2.0, allows remote attackers to execute arbitrary code via unspecified parameters, aka "Remote Desktop Connection ... oval:org.secpod.oval:def:2375 The host is missing a critical security update according to Microsoft security bulletin, MS09-034. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Internet Explorer, which fails to handle a specially crafted Web page. Successful exploitation allows a ... oval:org.mitre.oval:def:6286 Double free vulnerability in the Workstation service in Microsoft Windows allows remote authenticated users to gain privileges via a crafted RPC message to a Windows XP SP2 or SP3 or Server 2003 SP2 system, or cause a denial of service via a crafted RPC message to a Vista Gold, SP1, or SP2 or Server ... oval:org.secpod.oval:def:2560 The host is missing a important security update according to Microsoft security bulletin, MS09-041. The update is required to fix privilege elevation vulnerability. The flaw is present in the Windows Workstation Service, which fails to handle a specially crafted RPC message. Successful exploitation ... oval:org.mitre.oval:def:5524 Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly handle table operations, which allows ... oval:org.mitre.oval:def:6072 Microsoft Internet Explorer 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly handle attempts to access deleted objects in memory ... oval:org.mitre.oval:def:5678 Integer overflow in the Embedded OpenType (EOT) Font Engine in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted name table, aka "Embedded OpenType Font Integer Overflow ... oval:org.mitre.oval:def:6308 Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code via frequent calls to the getElementsByTagName function combined with the creation of an object during reorderi ... oval:org.secpod.oval:def:2359 The host is missing a important security update according to Microsoft security bulletin, MS09-025. The update is required to fix elevation escalation vulnerabilities in windows. A flaw is present in the Windows kernel , which fails to handle specific kernel object. Successful exploitation could all ... oval:org.mitre.oval:def:6294 Use-after-free vulnerability in Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code by repeatedly adding HTML document nodes and calling event handlers, which trig ... oval:org.mitre.oval:def:6278 Microsoft Internet Explorer 5.01 SP4; 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not prevent HTML rendering of cached content, which allows remote attackers to bypass the Same Origin Policy via unspecified ve ... oval:org.mitre.oval:def:6260 Microsoft Internet Explorer 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not properly synchronize AJAX requests, which allows allows remote attackers to execute arbitrary code via a large number of concurrent, asynchr ... oval:org.mitre.oval:def:6295 Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by calling the setCapture method on a collection of crafted o ... oval:org.secpod.oval:def:2294 The host is missing a critical security update according to Microsoft security bulletin, MS09-022. The update is required to fix remote code execution vulnerability in Windows. A flaw is present in the Windows Print Spooler, which fails handle specially crafted RPC request. Successful exploitation c ... oval:org.mitre.oval:def:6206 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Desktop Vulnerability. ... oval:org.mitre.oval:def:6231 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate user-mode pointers in unspecified error conditions, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Pointer V ... oval:org.mitre.oval:def:5815 The Windows Printing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows local users to read arbitrary files via a crafted separator page, aka "Print Spooler Read File Vulnerability." oval:org.mitre.oval:def:5912 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate an argument to an unspecified system call, which allows local users to gain privileges via a crafted application, aka "Windows Driver Class Registration ... oval:org.mitre.oval:def:6149 Integer underflow in Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote HTTP servers to execute arbitrary code via crafted parameter values in a response, related to error handling, aka "Window ... oval:org.mitre.oval:def:6027 Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Vista Gold allows remote web servers to impersonate arbitrary https web sites by using DNS spoofing to "forward a connection" to a different https web site that has a valid certificate mat ... oval:org.mitre.oval:def:6193 The Windows Management Instrumentation (WMI) provider in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the L ... oval:org.mitre.oval:def:6202 The graphics device interface (GDI) implementation in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate input received from user mode, which allows remote attackers to execute arbitrary code via a crafted ... oval:org.secpod.oval:def:2557 The host is missing a critical security update according to Microsoft security bulletin, MS09-006. The update is required to fix remote code execution vulnerabilities. A flaw is present in the Windows kernel, which fails to handle specially crafted EMF or WMF image file. Successful exploitation coul ... oval:org.secpod.oval:def:2612 The host is missing a security update according to Microsoft security bulletin, MS09-007. The update is required to fix Secure Channel (aka SChannel) authentication component in Microsoft Windows platforms. When certificate authentication is used and does not properly validate the client's key excha ... oval:org.mitre.oval:def:6036 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate handles, which allows local users to gain privileges via a crafted application that triggers unspecified "actions," aka "Windows Kernel Handle Validation ... oval:org.secpod.oval:def:2641 The host is missing an Important security update according to Microsoft security bulletin, MS09-012. The update is required to fix elevation of privilege vulnerabilities. The flaws are present in the Microsoft Windows, which fails to address tokens requested by the Microsoft Distributed Transaction ... oval:org.mitre.oval:def:6011 The Secure Channel (aka SChannel) authentication component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, when certificate authentication is used, does not properly validate the client's key exchange data in Transport Layer Security (TLS) ... oval:org.mitre.oval:def:6081 Microsoft Internet Explorer 7, when XHTML strict mode is used, allows remote attackers to execute arbitrary code via the zoom style directive in conjunction with unspecified other directives in a malformed Cascading Style Sheets (CSS) stylesheet in a crafted HTML document, aka "CSS Memory Corruption ... oval:org.mitre.oval:def:6110 The search-ms protocol handler in Windows Explorer in Microsoft Windows Vista Gold and SP1 and Server 2008 uses untrusted parameter data obtained from incorrect parsing, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "Windows Search Parsing Vulnerability." oval:org.mitre.oval:def:5248 SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Trans2 request, related to "insufficien ... oval:org.secpod.oval:def:2361 The host is missing a critical security update according to Microsoft security bulletin, MS09-001. The update is required to fix remote code execution vulnerability in Microsoft Windows. A flaw is present in the Microsoft Server Message Block (SMB) Protocol, which fails handle specially crafted SMB ... oval:org.secpod.oval:def:2360 The host is missing a critical security update according to Microsoft security bulletin, MS09-002. The update is required to fix remote code execution vulnerability in Microsoft Windows Internet Explorer. A flaw is present in the Windows Internet Explorer, which fails to handle Cascading Style Sheet ... oval:org.secpod.oval:def:2996 The host is missing a critical security update according to Microsoft security bulletin, MS08-075. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Windows Search, which fails to handle a specially crafted search URL. Successful exploitation allows at ... oval:org.mitre.oval:def:5706 Microsoft Internet Explorer 7 sometimes attempts to access uninitialized memory locations, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, related to a WebDAV request for a file with a long name, aka "HTML Objects Memory Corruption ... oval:org.mitre.oval:def:5853 The Windows Search component in Microsoft Windows Vista Gold and SP1 and Server 2008 does not properly free memory during a save operation for a Windows Search file, which allows remote attackers to execute arbitrary code via a crafted saved-search file, aka "Windows Saved Search Vulnerability." oval:org.mitre.oval:def:5903 Microsoft Internet Explorer 7 sometimes attempts to access a deleted object, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Uninitialized Memory Corruption Vulnerability." oval:org.secpod.oval:def:3052 The host is missing a critical security update according to Microsoft security bulletin, MS08-073. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in Internet Explorer, which fails to handle a specially crafted Web page. Successful exploitation all ... oval:org.mitre.oval:def:6062 Heap-based buffer overflow in an API in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows context-dependent attackers to cause a denial of service or execute arbitrary code via a WMF file with a malformed file-size parameter, which ... oval:org.secpod.oval:def:2992 The host is missing a critical security update according to Microsoft security bulletin, MS08-071. The update is required to fix remote code execution vulnerabilities. The flaws are present in GDI, which fails to handle a specially crafted WMF image file. Successful exploitation allows attackers to ... oval:org.mitre.oval:def:5942 Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1, 9, and 2008 do not properly use the Service Principal Name (SPN) identifier when validating replies to authentication requests, which allows remote servers to execute arbitrary code via v ... oval:org.secpod.oval:def:3095 The host is missing an important security update according to Microsoft security bulletin, MS08-076. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in Windows Media Components, which fails to handle Service Principal Name (SPN) implementations and ... oval:org.mitre.oval:def:5984 Integer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a malformed header in a crafted WMF file, which triggers a buffer overflow, aka "GDI Integer Overflow Vulnerabilit ... oval:org.secpod.oval:def:2607 The host is missing an important security update according to Microsoft security bulletin, MS08-068. The update is required to fix remote code execution vulnerability. The flaw is present in Microsoft Server Message Block (SMB) Protocol, which allows an attacker to successfully exploit this vulnera ... oval:org.mitre.oval:def:6012 Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as demonstrated by backrush, aka "SMB Credential Refl ... oval:org.mitre.oval:def:5787 Buffer underflow in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a Server Message Block (SMB) request that contains a filename with a crafted length, aka "SMB Buffer Underflow Vulnerabil ... oval:org.mitre.oval:def:5343 Integer overflow in Memory Manager in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows local users to gain privileges via a crafted application that triggers an erroneous decrement of a variable, related to validation of parameters for Virtual Add ... oval:org.secpod.oval:def:2625 The host is missing an important security update according to Microsoft bulletin, MS08-063. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to handle sharing of files and folders. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:2658 The host is missing an important security update according to Microsoft security bulletin, MS08-064. The update is required to fix privilege escalation vulnerability. A flaw is present in Virtual Address Descriptor, which fails to handle a specially crafted application. Successful exploitation could ... oval:org.mitre.oval:def:13299 Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origin of web script, which allows remote attackers to bypass the intended cross-domain security policy and obtain sensitive information via a crafted HTML document, aka "Cross-Domain Information Disclosur ... oval:org.mitre.oval:def:12364 Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origin of web script, which allows remote attackers to bypass the intended cross-domain security policy, and execute arbitrary code or obtain sensitive information, via a crafted HTML document, aka "HTML E ... oval:org.mitre.oval:def:5902 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate window properties sent from a parent window to a child window during creation of a new window, which allows local users to gain privileges via a crafted a ... oval:org.secpod.oval:def:2633 The host is missing an important security update according to Microsoft bulletin, MS08-061. The update is required to fix a Windows kerne vulnerability. A flaw is present in Windows kernel, which improperly validating input passed from user mode to the kernel during the new window creation process. ... oval:org.mitre.oval:def:6010 Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows local users to gain privileges via a crafted application that makes system calls within multiple threads, aka "Windows Kernel Unhandled Exception ... oval:org.mitre.oval:def:5262 srv.sys in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via an SMB WRITE_ANDX packet with an offset that is ... oval:org.mitre.oval:def:5291 The setRequestHeader method of the XMLHttpRequest object in Microsoft Internet Explorer 5.01, 6, and 7 does not block dangerous HTTP request headers when certain 8-bit character sequences are appended to a header name, which allows remote attackers to (1) conduct HTTP request splitting and HTTP requ ... oval:org.mitre.oval:def:5437 Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, through Vista SP1, and Server 2008 allows local users to execute arbitrary code via unknown vectors related to improper input validation. NOTE: it was later reported that one affected function is ... oval:org.mitre.oval:def:5441 Heap-based buffer overflow in the CreateDIBPatternBrushPt function in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF or WMF image file with a malformed header that triggers an integer overflow, a ... oval:org.secpod.oval:def:2622 The host is missing a critical security update according to Microsoft security bulletin, MS08-021. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the application, which fails to properly process a malformed header or a malformed file name param ... oval:org.secpod.oval:def:2624 The host is missing a critical security update according to Microsoft bulletin, MS08-031. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the application, which fails to handle a specially crafted web page. Successful exploitation could allow at ... oval:org.mitre.oval:def:6044 srv.sys in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via an SMB WRITE_ANDX packet with an offset that is ... oval:org.mitre.oval:def:6041 Race condition in Microsoft Internet Explorer 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code or perform other actions upon a page transition, with the permissions of t ... oval:org.secpod.oval:def:2651 The host is missing an important security update according to Microsoft security bulletin, MS08-025. The update is required to fix privilege escalation vulnerability. A flaw is present in the Windows kernel, which fails to handle validation of inputs passed from user mode. Successful exploitation co ... oval:org.mitre.oval:def:6704 Use-after-free vulnerability in the Sb.SuperBuddy.1 ActiveX control (sb.dll) in America Online (AOL) 9.5.0.1 allows remote attackers to trigger memory corruption or possibly execute arbitrary code via a malformed argument to the SetSuperBuddy method. oval:org.mitre.oval:def:5396 Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, as demonstrated using the by property of an animateMotion SVG element, aka "Property Memory Corruption Vulnerabil ... oval:org.secpod.oval:def:2628 The host is missing a critical security update according to Microsoft bulletin, MS08-010. The update is required to fix multple remote code execution vulnerabilities. A flaw is present in the application, which fails to handle specially crafted Web page. Successful exploitation could allow attackers ... oval:org.mitre.oval:def:5457 The Embedded OpenType (EOT) Font Engine (T2EMBED.DLL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted name table in a data record that triggers an integer truncation ... oval:org.secpod.oval:def:2577 The host is missing a critical security update according to Microsoft security bulletin, MS09-029. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft Windows component, the Embedded OpenType (EOT) Font Engine, which fails to parse data records ... oval:org.secpod.oval:def:2653 The host is missing a critical security update according to Microsoft security bulletin, MS09-019. The update is required to fix Information Disclosure Vulnerability. A flaw is present in Internet Explorer, which fails to handle a specially crafted Web page. Successful exploitation could allow an at ... oval:org.secpod.oval:def:2631 The host is missing a critical security update according to Microsoft bulletin, MS08-058. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a crafted web page. Successful exploitation could allow attackers to execute arbitrary cod ... oval:org.secpod.oval:def:24876 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:24877 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:24878 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current u ... oval:org.secpod.oval:def:24879 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:24880 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:24882 The host is installed with Internet Explorer 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:24865 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:24859 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:24860 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:24861 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:24862 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:24863 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:24864 The host is installed with Internet Explorer 6, 7, 8, or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.mitre.oval:def:8267 Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerab ... oval:org.mitre.oval:def:8378 Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a diffe ... oval:org.mitre.oval:def:8464 The URL validation functionality in Microsoft Internet Explorer 5.01, 6, 6 SP1, 7 and 8, and the ShellExecute API function in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, does not properly process input parameters, which allows remote attackers to execute arbitrary local programs via a cra ... oval:org.mitre.oval:def:8491 Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a diffe ... oval:org.secpod.oval:def:2031 The host is missing a critical security update according to Microsoft security bulletin, MS10-002. The update is required to fix multiple vulnerabilities. Flaws are present in the Internet Explorer which fails to handle objects in memory, input parameters and HTML attributes. Successful exploitation ... oval:org.mitre.oval:def:8186 Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulner ... oval:org.mitre.oval:def:6835 Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code by accessing a ... oval:org.mitre.oval:def:7715 The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to leverage the "response-changing mechanism" to conduct cross-site scripting (XSS) attacks against web sites that have no inherent XSS vulnerabilities, related to the details of output encoding and improper modification of an H ... oval:org.mitre.oval:def:6281 Microsoft Internet Explorer 7 through 7.0.6000.16711 or iTunes before 12.6 allows remote attackers to cause a denial of service (unusable browser) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821. oval:org.mitre.oval:def:6069 Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in memory that was (1) ... oval:org.secpod.oval:def:2358 The host is missing moderate security update according to Microsoft security bulletin, MS09-015. The update is required to fix Blended Threat Vulnerability. A flaw is present in SearchPath function in Windows locates, which allows by convincing a user to download a specially crafted file to a specif ... oval:org.mitre.oval:def:6164 Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 does not properly handle transition errors in a request for one HTTP document followed by a request for a second HTTP docume ... oval:org.secpod.oval:def:2370 The host is missing a critical security update according to Microsoft security bulletin, MS09-014. The update is required to fix remote code execution vulnerabilities. A flaw is present in the Windows Internet Explorer, which fails to handle specially crafted Web page. Successful exploitation could ... oval:org.mitre.oval:def:5723 Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in memory tha ... oval:org.mitre.oval:def:5782 Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecognized content type, which allows remote attackers to place malware into the (1) Desktop directory on Windows or (2) Downloads directory on Mac OS X, and subsequently allows ... oval:org.mitre.oval:def:5320 Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008; and WinINet in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vis ... oval:org.mitre.oval:def:6233 Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008; and WinINet in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vis ... oval:org.mitre.oval:def:7569 Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008; and WinINet in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vis ... oval:org.mitre.oval:def:8509 Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecognized content type, which allows remote attackers to place malware into the (1) Desktop directory on Windows or (2) Downloads directory on Mac OS X, and subsequently allows ... oval:org.secpod.oval:def:2558 The host is missing a critical security update according to Microsoft security bulletin, MS09-013. The update is required to fix remote code execution vulnerability in Windows HTTP Services. A flaw is present in the Windows HTTP Services(WinHTTP), which fails handle http service file winhttp.dll. Su ... oval:org.mitre.oval:def:5604 Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to cause a denial of service (system hang) via a series of Pragmatic General Multicast (PGM) packets with invalid fragment options, aka the "PGM Malformed Fragment Vulnerability." oval:org.secpod.oval:def:2581 The host is missing a moderate security update according to Microsoft security bulletin, MS08-032. The update is required to fix remote code execution vulnerability. A flaw is present in the Microsoft Speech API, which fails handle a specially crafted Web page using Internet Explorer and has the Spe ... oval:org.mitre.oval:def:5489 A certain ActiveX control in sapi.dll (aka the Speech API) in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded soun ... oval:org.secpod.oval:def:2657 The host is missing an important security update according to Microsoft security bulletin, MS08-036. The update is required to fix denial of service vulnerability. A flaw is present in the Pragmatic General Multicast (PGM) protocol, which fails to handle PGM packets. Successful exploitation could al ... oval:org.mitre.oval:def:5314 The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses predictable DNS transaction IDs, which allows remote attackers to spoof DNS responses. oval:org.secpod.oval:def:2584 The host is missing an important security update according to Microsoft security bulletin, MS08-020. The update is required to fix spoofing attack vulnerability. A flaw is present in Windows DNS clients, which fails handle a specially crafted responses to DNS requests. Successful exploitation could ... oval:org.mitre.oval:def:6055 Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 200 ... oval:org.mitre.oval:def:6282 Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project ... oval:org.mitre.oval:def:5986 gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQ ... oval:org.mitre.oval:def:6004 Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital I ... oval:org.mitre.oval:def:6040 gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQ ... oval:org.secpod.oval:def:6200 The host is installed with Microsoft XML Core Services 3.0, 4.0, 5.0 or 6.0 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial o ... oval:org.secpod.oval:def:14317 The host is installed with Microsoft Office 2003 SP3 /2007 SP3 /2010 SP1, Windows, Visual Studio .NET 2003 SP1, Lync 2010, Lync Basic 2013 or Lync 2010 Attendee, and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to properly process crafted TrueTyp ... oval:org.secpod.oval:def:3339 The host is missing a critical security update according to Microsoft security bulletin, MS08-052. The update is required to fix remote code execution vulnerabilities. The flaws are present in Microsoft Windows GDI+, which fails handle a specially crafted image file or browsed a Web site that contai ... oval:org.mitre.oval:def:7214 The Uniscribe (aka new Unicode Script Processor) implementation in USP10.DLL in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2, and Microsoft Office XP SP3, 2003 SP3, and 2007 SP2, does not properly validate tables associated with malformed OpenTyp ... oval:org.secpod.oval:def:5627 The host is installed with Microsoft Office, Windows, .NET Framework, and Silverlight and is prone TrueType Font parsing vulnerability. A flaw is present in the applications, which fail to handle a specially crafted TrueType font file. Successful exploitation could allow remote attackers to install ... oval:org.secpod.oval:def:5628 The host is installed with Microsoft Office, Windows, and Silverlight and is prone TrueType Font parsing vulnerability. A flaw is present in the applications, which fails to handle a specially crafted TrueType font file. Successful exploitation could allow remote attackers to install programs, view, ... oval:org.mitre.oval:def:7286 Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; Microsoft Office XP SP3; Office 2003 SP3; and Office System 2007 SP1 and SP2 do not properly validate COM objects during instantiat ... oval:org.secpod.oval:def:5631 The host is installed with Microsoft Office, Windows and is prone GDI+ record type vulnerability. A flaw is present in the applications, which fail to handle a specially crafted EMF images. Successful exploitation could allow remote attackers to install programs, view, change, or delete data or crea ... oval:org.secpod.oval:def:16204 The host is installed with Microsoft Windows Vista, Windows Server 2008, Microsoft Office 2003 SP3, Office 2007 SP3, Office 2010 SP1/SP2, Lync 2010, Lync Basic 2013 or Lync 2010 Attendee, and is prone to a remote code execution vulnerability. The flaw is present in the graphics component, which fail ... oval:org.secpod.oval:def:8351 The host is installed with Microsoft XML Core Services 4.0, 5.0, 6.0 on Microsoft Windows or with Microsoft Groove Server 2007, Microsoft SharePoint Server 2007, Microsoft Expression Web 2, Microsoft Expression Web, Microsoft Office Compatibility Pack, Microsoft Word Viewer, Microsoft Office 2007, M ... oval:org.secpod.oval:def:25342 The host is installed with Microsoft Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which improperly handles custom action scripts ... oval:org.secpod.oval:def:25415 The host is installed with Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8 or 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which improperly handles specially crafted OpenType fonts. An attacker who successfully exploited ... oval:org.secpod.oval:def:25804 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, 10, Server 2012 or Server 2012 R2 and is prone to a mount manager elevation of privilege vulnerability. The flaw is present in the application, which fails to properly process ... oval:org.secpod.oval:def:25822 The host is missing an important security update according to Microsoft security bulletin, MS15-088. The update is required to fix an unsafe command line parameter passing vulnerability. A flaw is present in the application, which fails to properly handle unsafe command line parameters. Successful e ... oval:org.secpod.oval:def:25888 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current u ... oval:org.secpod.oval:def:25858 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Windows 10 or Server 2012 R2 and is prone to a security feature bypass vulnerability. A flaw is present in the application, which fails to properly validat ... oval:org.secpod.oval:def:25845 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Windows 10 or Server 2012 R2 and is prone to an ASLR security feature bypass vulnerability. A flaw is present in the application, which fails to properly i ... oval:org.secpod.oval:def:25846 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2, WIndows 10, Microsoft Office 2007 SP3 or 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 ... oval:org.secpod.oval:def:25851 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Windows 10 or Server 2012 R2 and is prone to an Onetype font parsing vulnerability. A flaw is present in the application, which fails to handle a crafted O ... oval:org.secpod.oval:def:25852 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Windows 10 or Server 2012 R2 and is prone to an Onetype font parsing vulnerability. A flaw is present in the application, which fails to handle a crafted O ... oval:org.secpod.oval:def:25854 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Windows 10 or Server 2012 R2 and is prone to an Onetype font parsing vulnerability. A flaw is present in the applications, which fail to handle a crafted O ... oval:org.secpod.oval:def:25836 The host is missing a critical security update according to Microsoft security bulletin, MS15-079. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute a ... oval:org.secpod.oval:def:25823 The host is installed with Microsoft Excel 2007, 2010, 2013, Powerpoint 2007, 2010, 2013, Visio 2007, 2010, 2013, Word 2007, 2010, 2013, Internet Explorer 7, 8, 9, 10 or 11, Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8, 8.1 or 10 and is prone to an unsafe command line p ... oval:org.secpod.oval:def:25824 The host is installed with Internet Explorer 7, 8, 9, 10, 11 or Microsoft Edge on Microsoft Windows 10 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle crafted data. Successful exploitation could allow attackers to execute arbitr ... oval:org.secpod.oval:def:25825 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to an ASLR bypass vulnerability. A flaw is present in the application, which fails to properly use ASLR security feature. Successful exploitation could allow attackers to bypass the Address Space Layout Randomization. oval:org.secpod.oval:def:25827 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to an edge memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the ... oval:org.secpod.oval:def:26559 The host is installed with Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to font driver elevation of privilege vulnerability. A flaw is present in the application, which fail to han ... oval:org.secpod.oval:def:26562 The host is installed with Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to a Win32k memory corruption vulnerability. A flaw is present in the application, which fails to properly h ... oval:org.secpod.oval:def:26561 The host is installed with Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to a Win32k memory corruption vulnerability. A flaw is present in the application, which fails to properly h ... oval:org.secpod.oval:def:26560 The host is installed with Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to a Win32k memory corruption vulnerability. A flaw is present in the application, which fails to properly h ... oval:org.secpod.oval:def:26556 The host is installed with Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to an opentype font parsing vulnerability. A flaw is present in the application, which fail to handle specia ... oval:org.secpod.oval:def:26558 The host is installed with Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to a Win32k memory corruption vulnerability. A flaw is present in the application, which fails to properly h ... oval:org.secpod.oval:def:26557 The host is installed with Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to a font driver elevation of privilege vulnerability. A flaw is present in the application, which fail to h ... oval:org.secpod.oval:def:29998 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to a kernel memory corruption vulnerability. A flaw is present in the Windows kernel, which fails to properly handle objects in mem ... oval:org.secpod.oval:def:26538 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, ... oval:org.secpod.oval:def:26537 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1 or Windows 10 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the applicatio ... oval:org.secpod.oval:def:26539 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to an integer overflow remote code execution vulnerability. A flaw is present i ... oval:org.secpod.oval:def:26540 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to a denial of service vulnerability. A flaw is present in the application, whi ... oval:org.secpod.oval:def:26542 The host is missing an important security update according to Microsoft security bulletin, MS15-102. The update is required to fix multiple elevation of privilege vulnerability. The flaws are present in the application, which fails to properly handle a crafted application. Successful exploitation co ... oval:org.secpod.oval:def:26536 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, ... oval:org.secpod.oval:def:26523 The host is installed with Microsoft Edge on Microsoft Windows 10 or Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly access objects in memory. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:26524 The host is installed with Microsoft Edge on Microsoft Windows 10 or Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly access objects in memory. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:26509 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curr ... oval:org.secpod.oval:def:26508 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curr ... oval:org.secpod.oval:def:26510 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curr ... oval:org.secpod.oval:def:26513 The host is installed with Microsoft Edge on Microsoft Windows 10 or Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly access objects in memory. Successful exploitation could allow attackers to execute arbit ... oval:org.secpod.oval:def:30000 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which improperly validates junctions in certain s ... oval:org.secpod.oval:def:30028 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which improperly discloses the contents of its memory. Successful exploitation could provide an attacker with information to further compromise the ... oval:org.secpod.oval:def:30026 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which does not properly validate permissions under specific conditions. Successful exploitation could allow attackers to run script with elevated ... oval:org.secpod.oval:def:30021 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as th ... oval:org.secpod.oval:def:30017 The host is installed with JScript and Vbscript 5.8 scripting engines and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the cu ... oval:org.secpod.oval:def:30018 The host is installed with JScript and Vbscript 5.7 or 5.8 scripting engines and is prone to an information disclosure vulnerability. A flaw is present in the applications, which improperly disclose the contents of its memory. Successful exploitation could provide an attacker with information to fur ... oval:org.secpod.oval:def:30014 The host is installed with JScript and Vbscript 5.7 or 5.8 scripting engines and is prone to memory corruption vulnerability. A flaw is present in the applications, which fail to handle objects in memory. An attacker who successfully exploited the vulnerabilities could gain the same user rights as t ... oval:org.secpod.oval:def:30015 The host is installed with JScript and Vbscript 5.7 or 5.8 scripting engines and is prone to an ASLR bypass vulnerability. A flaw is present in the applications, which fail to use the Address Space Layout Randomization (ASLR) security feature. Successful exploitation could allow attacker to more rel ... oval:org.secpod.oval:def:30016 The host is installed with JScript and Vbscript 5.7 or 5.8 scripting engines and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle objects in memory. An attacker who successfully exploited the vulnerabilities could gain the same user rights as ... oval:org.secpod.oval:def:30004 The host is installed with Microsoft Windows Vista, Server 2008, Windows 7, Server 2008 R2, Windows 8, 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitati ... oval:org.secpod.oval:def:30974 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012, Server 2012 R2 or Windows 10 and is prone to a security feature bypass vulnerability. The flaw is present in the application, which fails to properly validate perm ... oval:org.secpod.oval:def:30975 The host is installed with Microsoft Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel-mode driver, which fails to properly ... oval:org.secpod.oval:def:30972 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which makes a ca ... oval:org.secpod.oval:def:29999 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel, which fails to properly handle objects in memo ... oval:org.secpod.oval:def:30966 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, 10, Server 2012 or Server 2012 R2 and is prone to a security feature bypass vulnerability. A flaw is present in the Windows Kerberos, which fails to check the password change o ... oval:org.secpod.oval:def:31698 The host is installed with Microsoft Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Pragmatic General Multicast (PGM) protocol, ... oval:org.secpod.oval:def:30990 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a scripting engine memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same use ... oval:org.secpod.oval:def:30985 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as th ... oval:org.secpod.oval:def:30986 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as th ... oval:org.secpod.oval:def:30987 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as th ... oval:org.secpod.oval:def:30988 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the c ... oval:org.secpod.oval:def:30982 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as th ... oval:org.secpod.oval:def:30983 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as th ... oval:org.secpod.oval:def:30984 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as th ... oval:org.secpod.oval:def:30989 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the c ... oval:org.secpod.oval:def:30976 The host is installed with Microsoft Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel-mode driver, which fails to properly ... oval:org.secpod.oval:def:30977 The host is installed with Microsoft Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an information disclosure vulnerability. A flaw is present in the Windows kernel-mode driver, which fails to properly ... oval:org.secpod.oval:def:30978 The host is installed with Microsoft Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to a remote code execution vulnerability. A flaw is present in the Windows graphics memory, which fails to properly handl ... oval:org.secpod.oval:def:30979 The host is installed with Microsoft Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to a remote code execution vulnerability. A flaw is present in the Windows graphics memory, which fails to properly handl ... oval:org.secpod.oval:def:31003 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which discloses the contents of its memory. An attacker who successfully exploited this vulnerability could provide the attacker with information to ... oval:org.secpod.oval:def:31004 The host is installed with Microsoft Edge, Internet Explorer 9, 10 or 11 and is prone to an ASLR Bypass vulnerability. A flaw is present in the application, which fails to use the Address Space Layout Randomization (ASLR) security feature. An attacker who successfully exploited it could bypass the A ... oval:org.secpod.oval:def:31001 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the curr ... oval:org.secpod.oval:def:31002 The host is installed with Microsoft Edge, Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user ri ... oval:org.secpod.oval:def:31755 The host is installed with Microsoft Lync 2010, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft Lync Basic 2013, Microsoft Lync 2010 Attendee, Microsoft live meeting 2007, Microsoft Live Meeting 2007 Add-In, Microsoft Office 2007, Microsoft Office 2010 or Word V ... oval:org.secpod.oval:def:31748 The host is installed with Vbscript or JScript 5.7 or 5.8 scripting engines and is prone to an information disclosure vulnerability. A flaw is present in the application, which discloses the contents of its memory. Successful exploitation could allow attackers to compromise the users computer or dat ... oval:org.secpod.oval:def:31749 The host is installed with Vbscript or JScript 5.7 or 5.8 scripting engines and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. An attacker who successfully exploited the vulnerability could gain the same user rights as th ... oval:org.secpod.oval:def:31731 The host is installed with Microsoft Edge, Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user ri ... oval:org.secpod.oval:def:31737 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the curr ... oval:org.secpod.oval:def:31720 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a XSS filter bypass vulnerability. A flaw is present in the application, which fails to properly filter HTTP response data. An attacker who successfully exploited the vulnerabilities could cause script to run on another user ... oval:org.secpod.oval:def:31721 The host is installed with Microsoft Edge, Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user ... oval:org.secpod.oval:def:31719 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a XSS filter bypass vulnerability. A flaw is present in the application, which fails to properly filter HTTP response data. An attacker who successfully exploited the vulnerabilities could cause script to run on another user ... oval:org.secpod.oval:def:31716 The host is installed with Microsoft Edge, Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same u ... oval:org.secpod.oval:def:31717 The host is installed with Microsoft Edge, Internet Explorer 7, 8, 9, 10 or 11 and is prone to an ASLR bypass vulnerability. A flaw is present in the applications, which fail to properly access objects in memory. An attacker who successfully exploited it could bypass the Address Space Layout Randomi ... oval:org.secpod.oval:def:31718 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the c ... oval:org.secpod.oval:def:31701 The host is installed with Microsoft Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Microsoft Windows 8, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to ... oval:org.secpod.oval:def:31708 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012, Server 2012 R2 or Windows 10 and is prone to an elevation of kernel memory privilege vulnerability in Microsoft Windows. The flaw is present in the windows, which ... oval:org.secpod.oval:def:31705 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012, Server 2012 R2 or Windows 10 and is prone to an elevation of kernel memory privilege vulnerability in Microsoft Windows. The flaw is present in the windows, which ... oval:org.secpod.oval:def:31706 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012, Server 2012 R2 or Windows 10 and is prone to an elevation of kernel memory privilege vulnerability in Microsoft Windows. The flaw is present in the windows, which ... oval:org.secpod.oval:def:32585 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1 or Windows 10 and is prone to a remote code execution vulnerability. A flaw is present in the Windows kernel-mode driver, which fails to properly handle objects in memory. An attacker who succe ... oval:org.secpod.oval:def:32593 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fail to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as th ... oval:org.secpod.oval:def:32592 The host is installed with Vbscript or JScript 5.7 or 5.8 scripting engines and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted web page discloses the contents of its memory. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:32588 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel, which fails to properly handle objects in memo ... oval:org.secpod.oval:def:32589 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel, which fails to properly handle objects in memo ... oval:org.secpod.oval:def:32898 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could corrupt memory, execute arbitrary code i ... oval:org.secpod.oval:def:32868 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel, which fails to properly handle objects in memory. An atta ... oval:org.secpod.oval:def:32863 The host is installed with Microsoft Windows Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8.1 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the WebDAV, which fails to properly validate input. An attacker who ... oval:org.secpod.oval:def:32862 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to ... oval:org.secpod.oval:def:32911 The host is installed with Internet Explorer 9, 10 or 11 or Microsoft Edge and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted website or improperly accesses objects in memory. An attacker who successfully exploited this vulnerabilit ... oval:org.secpod.oval:def:32912 The host is installed with Internet Explorer 9, 10 or 11 or Microsoft Edge and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted website or improperly accesses objects in memory. An attacker who successfully exploited this vulnerabilit ... oval:org.secpod.oval:def:32900 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle cross-domain policies. Successfully exploitation allows remote attackers to access information from one domain and inj ... oval:org.secpod.oval:def:32902 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could corrupt memory, execute arbitrary code i ... oval:org.secpod.oval:def:32901 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle cross-domain policies. Successfully exploitation allows remote attackers to access information from one domain and inj ... oval:org.secpod.oval:def:32908 The host is installed with Internet Explorer 9, 10 or 11 or Microsoft Edge and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to properly parse HTTP responses. An attacker who successfully exploited this vulnerability could trick a user by redirecting them to ... oval:org.secpod.oval:def:32909 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could corrupt memory, execute arbitrary code i ... oval:org.secpod.oval:def:32904 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle Hyperlink Object Library. Successfully exploitation allows remote attackers to obtain information to further compromi ... oval:org.secpod.oval:def:32610 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows Server 2012 R2 or Windows 10 and is prone to remote code execution vulnerability via a crafted file. A flaw is present in t ... oval:org.secpod.oval:def:32611 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows Server 2012 R2 or Windows 10 and is prone to remote code execution vulnerability. A flaw is present in the system, which fa ... oval:org.secpod.oval:def:32609 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 R2 or Windows 10 and is prone to privilege escalation vulnerability. A flaw is present in the system, which fails to load DLL file p ... oval:org.secpod.oval:def:32918 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to a security bypass vulnerability. A flaw is present in the Windows, when Kerberos fails to check the password change of a user signing into ... oval:org.secpod.oval:def:32915 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to remote code execution vulnerability. A flaw is present in the Windows, which fails validates input before loading dynamic link library (DLL ... oval:org.secpod.oval:def:32916 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to remote code execution vulnerability. A flaw is present in the Windows, which fails validates input before loading dynamic link library (DLL ... oval:org.secpod.oval:def:33260 The host is installed with Microsoft Edge, Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successfully exploitation can corrupt memory in such a way that an attacker could execute arb ... oval:org.secpod.oval:def:33255 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successfully exploitation can corrupt memory in such a way that an attacker could execute arbitrary code in t ... oval:org.secpod.oval:def:33251 The host is installed with Microsoft Edge, Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successfully exploitation can corrupt memory in such a way that an attacker could execute arb ... oval:org.secpod.oval:def:33250 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successfully exploitation can corrupt memory in such a way that an attacker could execute arbitrary code in t ... oval:org.secpod.oval:def:33233 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:33232 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:33234 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:33231 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:33229 The host is installed with Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8.1 or 10 and is prone to a denial of service vulnerability. A flaw is present in the application, which improperly handles specially crafted document and specially crafted embedded OpenType fonts. An ... oval:org.secpod.oval:def:33225 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Secondary Logon Service in Microsoft Windows, which fails to properly man ... oval:org.secpod.oval:def:33228 The host is installed with Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8.1 or 10 and is prone to a remote code execution vulnerability. A flaw is present in the application, which improperly handles specially crafted fonts. An attacker who successfully exploited this vul ... oval:org.secpod.oval:def:33221 The host is installed with Microsoft Windows Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8.1 or Windows 10 and is prone to a remote code execution vulnerability. A flaw is present in the Windows OLE, which fails to properly validate user input. Success ... oval:org.secpod.oval:def:33223 The host is installed with Microsoft Windows Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8.1 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in USB Mass Storage, which fails to properly validate objects in memor ... oval:org.secpod.oval:def:33220 The host is installed with Microsoft Windows Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8.1 or Windows 10 and is prone to a remote code execution vulnerability. A flaw is present in the Windows OLE, which fails to properly validate user input. Success ... oval:org.secpod.oval:def:33811 The host is installed with Microsoft Edge, Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successfully exploitation can corrupt memory in such a way that an attacker could execute arb ... oval:org.secpod.oval:def:33808 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which does not properly handle JavaScript. Successfully exploitation allow an attacker to detect specific files on the user's computer, In web-based ... oval:org.secpod.oval:def:34341 The host is installed with Microsoft Edge, Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation can corrupt memory in such a way that an attacker could execute arbit ... oval:org.secpod.oval:def:34340 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user, If the current ... oval:org.secpod.oval:def:34338 The host is installed with Vbscript 5.7, Internet Explorer 7, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly handles JScript and VBScript engines render when handling objects in memory in Internet Explorer. Successful exploitatio ... oval:org.secpod.oval:def:35629 The host is installed with Vbscript 5.7, Internet Explorer 7, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in VBScript engine, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to gain the same user righ ... oval:org.secpod.oval:def:35627 The host is installed with Vbscript 5.7, Internet Explorer 7, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in VBScript engine, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to gain the same user righ ... oval:org.secpod.oval:def:35628 The host is installed with Vbscript 5.7, Internet Explorer 7, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in VBScript engine, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to gain the same user righ ... oval:org.secpod.oval:def:35625 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in VBScript engine, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to gain the same user rights as the current ... oval:org.secpod.oval:def:35626 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in VBScript engine, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to gain the same user rights as the current ... oval:org.secpod.oval:def:35621 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a XSS filter vulnerability. A flaw is present in the application, which improperly validate JavaScript under specific conditions in Internet Explorer. Successful exploitation allow attackers to run arbitrary code with medium-in ... oval:org.secpod.oval:def:35622 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in VBScript engine, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to gain the same user rights as the current ... oval:org.secpod.oval:def:35935 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user o ... oval:org.secpod.oval:def:35936 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to a spoofing vulnerability. A flaw is present in microsoft browser, which fails to properly parse HTTP content. Successful exploitation could allow attackers to gain the same user rights as the current user, if th ... oval:org.secpod.oval:def:35933 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user o ... oval:org.secpod.oval:def:35934 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user o ... oval:org.secpod.oval:def:35945 The host is installed with Vbscript 5.7, Internet Explorer 7, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in VBScript engine, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to corrupt memory, execute ... oval:org.secpod.oval:def:35942 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to a memory corruption vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of th ... oval:org.secpod.oval:def:35943 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to a memory corruption vulnerability. A flaw is present in applications, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to gain the same user rights a ... oval:org.secpod.oval:def:35938 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to an information disclosure vulnerability. A flaw is present in microsoft browser XSS filter, which fails to properly validate content under specific conditions. Successful exploitation could allow attackers to ru ... oval:org.secpod.oval:def:35939 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to a memory corruption vulnerability. A flaw is present in applications, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to gain the same user rights a ... oval:org.secpod.oval:def:36734 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to an information disclosure vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to obtain information to further comprom ... oval:org.secpod.oval:def:36733 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to an information disclosure vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to obtain information to further comprom ... oval:org.secpod.oval:def:36732 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to an information disclosure vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to obtain information to further comprom ... oval:org.secpod.oval:def:36729 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to a memory corruption vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of th ... oval:org.secpod.oval:def:37065 The host is installed with Internet Explorer 9, 10, 11 and is prone to a memory corruption vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user, if the current ... oval:org.secpod.oval:def:37064 The host is installed with Internet Explorer 9, 10, 11 or Microsoft Edge and is prone to a memory corruption vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current us ... oval:org.secpod.oval:def:37068 The host is installed with Internet Explorer 9, 10, 11 and is prone to a security feature bypass vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could entice users into clicking a link that directs them to the attacker's site ... oval:org.secpod.oval:def:37067 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to an information disclosure vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could obtain information to further compromise a target system ... oval:org.secpod.oval:def:37478 The host is installed with Internet Explorer 9, 10, 11 or edge and is prone to a memory corruption vulnerability. A flaw is present in the applications, which improperly handles objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user, if the ... oval:org.secpod.oval:def:37476 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in the Internet Messaging API, which fails to properly handle objects in memory. Successful exploitation could allow the attacker to test for the presence of files on d ... oval:org.secpod.oval:def:37475 The host is installed with Internet Explorer 9, 10, 11 or Microsoft Edge and is prone to an information disclosure vulnerability. A flaw is present in the applications, which improperly handles objects in memory. Successful exploitation could allow attackers to detect specific files on the user's co ... oval:org.secpod.oval:def:37481 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user, if the curre ... oval:org.secpod.oval:def:37480 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user, if the curre ... oval:org.secpod.oval:def:37485 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in Internet Explorer, which leaves credential data in memory. Successful exploitation could allow attackers to harvest credentials from a memory dump of the browser pro ... oval:org.secpod.oval:def:37946 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to a memory corruption vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to obtain information to further compromise th ... oval:org.secpod.oval:def:37945 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to a memory corruption vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to obtain information to further compromise th ... oval:org.secpod.oval:def:37944 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to an information disclosure vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to obtain information to further comprom ... oval:org.secpod.oval:def:37943 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to an information disclosure vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to obtain information to further comprom ... oval:org.secpod.oval:def:37942 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to an information disclosure vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to obtain information to further comprom ... oval:org.secpod.oval:def:38294 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Windows 10, Server 2012, Server 2016 or Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the Windows Uniscribe, which fails to properly h ... oval:org.secpod.oval:def:38311 The host is installed with Internet Explorer 9, 10, 11 or Edge and is prone to an information disclosure vulnerability. A flaw is present in the applications, which improperly handles objects in memory. Successful exploitation could allow attackers to obtain information to further compromise a targe ... oval:org.secpod.oval:def:38308 The host is installed with Internet Explorer 9, 10 or 11 is prone to a memory corruption vulnerability. A flaw is present in the applications, which improperly handles objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user, if the current us ... oval:org.secpod.oval:def:38309 The host is installed with Internet Explorer 9, 10, 11 or edge and is prone to a memory corruption vulnerability. A flaw is present in the applications, which improperly handles objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user, if the ... oval:org.secpod.oval:def:39413 The host is missing a critical security update according to Microsoft bulletin, MS17-006. The update is required to fix multiple vulnerabilities. The flaws are present in application, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to ex ... oval:org.secpod.oval:def:39308 The host is installed with Microsoft XML Core Services 3.0 in Microsoft Windows Server 2012, Windows server2012 R2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2016, Windows 10 or Windows 8.1 and is prone to an information Disclosure vulnerability. A flaw is present in the ... oval:org.secpod.oval:def:39455 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which improperly handles objects in memory. Successful exploitation could allow attackers to obtain information to further compromise a target syst ... oval:org.secpod.oval:def:39456 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which improperly handles objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:39457 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which improperly handles objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:39459 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in the Internet Messaging API, which fails to properly handle objects in memory. Successful exploitation could allow the attackers to obtain information to further comp ... oval:org.secpod.oval:def:39453 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which improperly handles objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:39449 The host is installed with Internet Explorer 9, 10, 11 or Microsoft Edge and is prone to an information disclosure vulnerability. A flaw is present in the applications, which improperly handles objects in memory. Successful exploitation could allow attackers to obtain information to further compromi ... oval:org.secpod.oval:def:41175 The host is installed with Microsoft malware protection engine before 1.1.13903.0 for Microsoft Windows Defender or Microsoft Security Essentials and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation ... oval:org.secpod.oval:def:26552 The host is installed with .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.0, 4.5, 4.5.1, 4.5.2 or 4.6 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to validate the number of objects in memory before copying those objects into an array. An attacker ... oval:org.secpod.oval:def:26553 The host is installed with .NET Framework 4.5, 4.5.1, 4.5.2 or 4.6 and is prone to a MVC denial of service vulnerability. A flaw is present in the application, which fails to handle certain specially crafted requests. An attacker who successfully exploited this vulnerability could send a small numbe ... oval:org.secpod.oval:def:33789 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 R2 or Windows 10 and is prone to SAM and LSAD downgrade vulnerability. A flaw is present in the Security Account Manager (SAM) and Local Securi ... oval:org.secpod.oval:def:25855 The host is installed with Microsoft Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2, Windows 10, .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, or 4.6 and is prone to an Onetype font parsing vulnerabilit ... oval:org.secpod.oval:def:34325 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Windows 10, Server 2012 or 2012 R2 and is prone to an use-after-free vulnerability. A flaw is present in the Windows GDI component, which fails to handle objects in memory. Succes ... oval:org.secpod.oval:def:34326 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Windows 10, Server 2012 or 2012 R2 and is prone to an use-after-free vulnerability. A flaw is present in the Windows GDI component, which fails to handle objects in memory. Succes ... oval:org.secpod.oval:def:34324 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Server 2012 or 2012 R2 and is prone to a memory corruption vulnerability. A flaw is present in the windows imaging component, which fails to handle objects in memory. Successful e ... oval:org.secpod.oval:def:25849 The host is installed with Microsoft Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2, Windows 10, .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, Office 2007 SP3 or 2010 SP2, Live Meeting 2007 Console ... oval:org.secpod.oval:def:25850 The host is installed with Microsoft Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2, Windows 10, .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, Office 2007 SP3 or 2010 SP2, Live Meeting 2007 Console ... oval:org.secpod.oval:def:34312 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle parsing of certain symbolic l ... oval:org.secpod.oval:def:34310 The host is installed with Microsoft Windows Vista, 7, 8.1, 10, Server 2008, 2008 R2, 2012 or 2012 R2 and is prone to a RPC network data representation engine elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle specially crafted Remote Procedure ... oval:org.secpod.oval:def:25819 The host is installed with Microsoft .NET Framework 4.6 on Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012, Server 2012 R2 or Windows 10 and is prone to a RyuJIT optimization elevation of privilege vulnerability. A flaw is present in the a ... oval:org.secpod.oval:def:25817 The host is installed with Microsoft .NET Framework 4.6 on Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012, Server 2012 R2 or Windows 10 and is prone to a RyuJIT optimization elevation of privilege vulnerability. A flaw is present in the a ... oval:org.secpod.oval:def:25820 The host is installed with Microsoft .NET Framework 4.6 on Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012, Server 2012 R2 or Windows 10 and is prone to a RyuJIT optimization elevation of privilege vulnerability. A flaw is present in the a ... oval:org.secpod.oval:def:31753 The host is installed with Microsoft Lync 2010, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft Lync Basic 2013, Microsoft Lync 2010 Attendee, Microsoft live meeting 2007, Microsoft Live Meeting 2007 Add-In, Microsoft Office 2007, Microsoft Office 2010, .NET Fra ... oval:org.secpod.oval:def:33967 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:33966 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:33965 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:33262 The host is installed with .NET Framework 2.0 SP2, 3.0, 3.5, 3.5.1, 4.5.2, 4.6 or 4.6.1 and is prone to a security feature bypass vulnerability. A flaw is present in the .NET Framework component, which does not properly validate certain elements of a signed XML document. Successful exploitation allo ... oval:org.secpod.oval:def:31010 The host is installed with .Net framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2 or 4.6 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle specially crafted XML files. An attacker who successfully exploited this vulnerability could ... oval:org.secpod.oval:def:31011 The host is installed with .Net framework 4, 4.5, 4.5.1, 4.5.2 or 4.6 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which improperly validates values in HTTP requests. An attacker who successfully exploited the vulnerability could leverage a vulnerabl ... oval:org.secpod.oval:def:31012 The host is installed with .Net framework 2.0 SP2, 3.5.1 and is prone to an ASLR bypass vulnerability. A flaw is present in the application, which does not properly implement the Address Space Layout Randomization (ASLR) security feature. An attacker who successfully exploited this vulnerability cou ... oval:org.secpod.oval:def:35572 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to a group policy elevation of privilege vulnerability. A flaw is present in the group policy, which fails to properly handle group po ... oval:org.secpod.oval:def:35588 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Server 2012, Server 2012 R2 or Windows 10 and is prone to an information disclosure vulnerability. A flaw is present in the windows graphics component, which fails to handle objec ... oval:org.secpod.oval:def:35589 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Server 2012, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the adobe type manager font driver, which fails to handle o ... oval:org.secpod.oval:def:35582 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:35583 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:35951 The host is installed with Microsoft Windows Vista, Windows 7, Windows 8.1, Windows 10, Windows Server 2008, Server 2008 R2, Server 2012 or Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful explo ... oval:org.secpod.oval:def:35952 The host is installed with Microsoft Windows Vista, Windows 7, Windows 8.1, Windows 10, Windows Server 2008, Server 2008 R2, Server 2012 or Server 2012 R2 and is prone to an elevation privilege vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploi ... oval:org.secpod.oval:def:35946 The host is installed with .NET Framework 2.0 SP2, 3.5.1, 4.5.2, 4.6 or 4.6.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which improperly parses XML input containing a reference to an external entity. Successful exploitation allows attackers to rea ... oval:org.secpod.oval:def:34354 The host is installed with Microsoft Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8.1 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle objects in memory and incorrectly ma ... oval:org.secpod.oval:def:34352 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:34353 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an information disclosure vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle memory addresses. ... oval:org.secpod.oval:def:34350 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:34351 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:34349 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:34343 The host is installed with Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1 or Windows 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted journal file. Successful exploitation allows attackers to execute an arbi ... oval:org.secpod.oval:def:34329 The host is installed with .NET Framework 2.0 SP2, 3.5.1, 4.5.2, 4.6 or 4.6.1 and is prone to a TLS/SSL information disclosure vulnerability. A flaw is present in the TLS/SSL protocol, which fails to properly handle an injection of unencrypted data into the secure channel and then man-in-the-middle ... oval:org.secpod.oval:def:34327 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Windows 10, Server 2012 or 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows GDI component, which improperly discloses the contents ... oval:org.secpod.oval:def:34328 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Windows 10, Server 2012 or 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows GDI component, which improperly discloses the contents ... oval:org.secpod.oval:def:35610 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows 8.1, Windows Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the microsoft server messag ... oval:org.secpod.oval:def:35620 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, where Web Proxy Auto Discovery (WPAD) protocol falls back to a vulnerable proxy discovery process. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:35615 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which improperly handle certain proxy discovery scen ... oval:org.secpod.oval:def:35865 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an information disclosure vulnerability. A flaw is present in the Windows GDI component, which improperly discloses kernel memory a ... oval:org.secpod.oval:def:35863 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:35861 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:35862 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:35860 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:36995 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Graphics Device Interface (GDI), which fails to properly ... oval:org.secpod.oval:def:36994 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an information disclosure vulnerability. A flaw is present in the Windows Graphics Device Interface (GDI), which fails to properly ... oval:org.secpod.oval:def:36992 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:37010 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle session objects. Successful e ... oval:org.secpod.oval:def:37009 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle session objects. Successful e ... oval:org.secpod.oval:def:37008 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle kernel API enforced permissio ... oval:org.secpod.oval:def:37007 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, where kernel API improperly allows a user to access sensitiv ... oval:org.secpod.oval:def:36743 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to a kerberos security feature bypass vulnerability. A flaw is present in the Windows Kerberos, which fails to properly handle a pas ... oval:org.secpod.oval:def:36736 The host is installed with Microsoft Windows Vista, 7, 8.1, 10, Server 2008, Server 2008 R2, Server 2012 or Server 2012 R2 Microsoft Lync 2010, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft Lync Basic 2013, Microsoft Lync 2010 Attendee, Microsoft live meeting ... oval:org.secpod.oval:def:36723 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:36722 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:36721 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:36720 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:37437 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:37435 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:37431 The host is installed with Vista SP2, Windows 7 SP1, Windows 8.1 or Windows 10 and is prone to an remote code execution vulnerability. A flaw is present in the Microsoft video control, which fails to properly handle objects in memory. Successful exploitation could allow attacker to run arbitrary cod ... oval:org.secpod.oval:def:37891 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Common Log File System Driver, which fails to properly ... oval:org.secpod.oval:def:37890 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Common Log File System Driver, which fails to properly ... oval:org.secpod.oval:def:37897 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Common Log File System Driver, which fails to properly ... oval:org.secpod.oval:def:37896 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Common Log File System Driver, which fails to properly ... oval:org.secpod.oval:def:37895 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Common Log File System Driver, which fails to properly ... oval:org.secpod.oval:def:37894 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Common Log File System Driver, which fails to properly ... oval:org.secpod.oval:def:37893 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Common Log File System Driver, which fails to properly ... oval:org.secpod.oval:def:37892 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Common Log File System Driver, which fails to properly ... oval:org.secpod.oval:def:37889 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Common Log File System Driver, which fails to properly ... oval:org.secpod.oval:def:37888 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Common Log File System Driver, which fails to properly ... oval:org.secpod.oval:def:37069 The host is installed with Internet Explorer 9, 10, 11 and is prone to a memory corruption vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user, if the current ... oval:org.secpod.oval:def:37053 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. An ... oval:org.secpod.oval:def:37049 The host is installed with Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows 10, Windows Server 2008 SP2,Windows Server 2008 R2 SP1, Windows Server 2012 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which imprope ... oval:org.secpod.oval:def:37441 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle session objects. Successful e ... oval:org.secpod.oval:def:37439 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:37438 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:37495 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2, Windows 10, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft lync 2013, lync 2010, live meeting console 2007, Microsoft Off ... oval:org.secpod.oval:def:37494 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2, Windows 10, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft lync 2013, lync 2010, live meeting console 2007, Microsoft Off ... oval:org.secpod.oval:def:37493 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to a remote code execution vulnerability. A flaw is present in the Windows Graphics Component, which fails to properly handle objects ... oval:org.secpod.oval:def:37492 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:37491 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2, Windows 10, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft lync 2013, lync 2010, live meeting console 2007, Microsoft Off ... oval:org.secpod.oval:def:37490 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2, Windows 10, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft lync 2013, lync 2010, live meeting console 2007, Microsoft Off ... oval:org.secpod.oval:def:37489 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2, Windows 10, .net framework 3.0, 4.6, 4.5 SP2, 3.5.1, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft lync 2013, lync 2010, ... oval:org.secpod.oval:def:37923 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows NTLM, which fails to properly handle NTLM password chan ... oval:org.secpod.oval:def:37922 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to a denial of service vulnerability. A flaw is present in the Windows Local Security Authority Subsystem Service (LSASS), which fai ... oval:org.secpod.oval:def:37920 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012, Server 2012 R2 or Server 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel-mode driver, which fails to properl ... oval:org.secpod.oval:def:37918 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012, Server 2012 R2 or Server 2016 and is prone to an information disclosure vulnerability. A flaw is present in the Windows Bowser.sys Kernel-Mode driver, which fails ... oval:org.secpod.oval:def:37917 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012, Server 2012 R2 or Server 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel-mode driver, which fails to properl ... oval:org.secpod.oval:def:37916 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012, Server 2012 R2 or Server 2016 and is prone to an information disclosure vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle spe ... oval:org.secpod.oval:def:37915 The host is installed with Vista SP2, Windows 7 SP1, Windows 8.1 or Windows 10 and is prone to a remote code execution vulnerability. A flaw is present in the Microsoft video control, which fails to properly handle objects in memory. Successful exploitation could allow attacker to run arbitrary code ... oval:org.secpod.oval:def:39409 Multiple information disclosure vulnerabilities exist in the way that the Color Management Module (ICM32.dll) handles objects in memory. These vulnerabilities allow an attacker to retrieve information to bypassusermode ASLR (Address Space Layout Randomization) on a targeted system. By itself, the in ... oval:org.secpod.oval:def:39400 An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete da ... oval:org.secpod.oval:def:39401 An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete da ... oval:org.secpod.oval:def:39402 An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete da ... oval:org.secpod.oval:def:39403 An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete da ... oval:org.secpod.oval:def:39404 An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could ... oval:org.secpod.oval:def:39405 An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could ... oval:org.secpod.oval:def:39406 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain informationto further compromise the user's system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:39114 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Server 2012, Server 2012 R2, Server 2016, or Windows 10 and is prone to an information disclosure vulnerability. A flaw is present in the windows GDI, which fails to handle a craf ... oval:org.secpod.oval:def:38292 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Windows 10, Server 2012, Server 2016 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows Common Log File System Driver, whi ... oval:org.secpod.oval:def:38296 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Server 2012, Server 2012 R2, Windows 10 or Server 2016 and is prone to a remote code execution vulnerability. A flaw is present in the windows GDI component, which improperly hand ... oval:org.secpod.oval:def:38320 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Windows 10, Server 2012, Server 2016 or Server 2012 R2 and is prone to an elevation of privilege Vulnerability. A flaw is present in the Windows kernel-mode driver, which fails to ... oval:org.secpod.oval:def:38319 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Windows 10, Server 2012, Server 2016 or Server 2012 R2 and is prone to an elevation of privilege Vulnerability. A flaw is present in the Microsoft Graphics Component, which fails ... oval:org.secpod.oval:def:38315 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012, Server 2012 R2 or Server 2016 and is prone to an information disclosure vulnerability. A flaw is present in the Windows Crypto Driver, which improperly handles ob ... oval:org.secpod.oval:def:38316 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012, Server 2012 R2 or Server 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Installer, which improperly sanitize input ... oval:org.secpod.oval:def:38333 The host is installed with .NET Framework 2.0 SP2, 3.5.1, 4.5.2, 4.6, 4.6.1 or 4.6.2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which improperly uses a developer-supplied key. Successful exploitation allows attackers to access information that shou ... oval:org.secpod.oval:def:37939 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Server 2012, Server 2012 R2 and 10 and is prone to an remote code execution vulnerability. A flaw is present in the specially crafted embedded fonts, which fails to properly hand ... oval:org.secpod.oval:def:37936 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Server 2012, Server 2012 R2 and 10 and is prone to an information disclosure vulnerability. A flaw is present in the ATMFD component, which fails to properly handle objects in mem ... oval:org.secpod.oval:def:37933 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the Windows image file loading functionality, which improperly handle ... oval:org.secpod.oval:def:37931 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows IME, which improperly handles DLL loading. Successful e ... oval:org.secpod.oval:def:39377 A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts ... oval:org.secpod.oval:def:39364 An elevation of privilege vulnerability exists when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:39356 An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions. An attacker who successfully exploited the vulnerability could run processes in an elevated context. To exploit the vulnerability, a locally authenticated attacker could run a specially crafte ... oval:org.secpod.oval:def:39357 An elevation of privilege vulnerability exists when Windows fails to check the length of a buffer prior to copying memory to it. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. To exploit the vulnerability, an attacker would first need ac ... oval:org.secpod.oval:def:39399 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39398 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system. There are multiple ways an attacker could exploit the vuln ... oval:org.secpod.oval:def:39321 An information disclosure vulnerability exists in the way Windows DirectShow handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a target system.In a web-based attack scenario, an attacker could host a website used to att ... oval:org.secpod.oval:def:39312 Remote code execution vulnerabilities exist in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited the vulnerabilities could gain the ability to execute code on the target server.To exploit the vulnerability, in most sit ... oval:org.secpod.oval:def:39313 Remote code execution vulnerabilities exist in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited the vulnerabilities could gain the ability to execute code on the target server.To exploit the vulnerability, in most sit ... oval:org.secpod.oval:def:39314 Remote code execution vulnerabilities exist in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited the vulnerabilities could gain the ability to execute code on the target server.To exploit the vulnerability, in most sit ... oval:org.secpod.oval:def:39315 Remote code execution vulnerabilities exist in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited the vulnerabilities could gain the ability to execute code on the target server.To exploit the vulnerability, in most sit ... oval:org.secpod.oval:def:39316 An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server. To exploi ... oval:org.secpod.oval:def:39317 Remote code execution vulnerabilities exist in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited the vulnerabilities could gain the ability to execute code on the target server.To exploit the vulnerability, in most sit ... oval:org.secpod.oval:def:39306 An elevation of privilege vulnerability exists when Microsoft IIS Server fails to properly sanitize a specially crafted request. An attacker who successfully exploited this vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the ... oval:org.secpod.oval:def:39780 A remote code execution vulnerability exists in the way that the VBScript engine, when rendered in Internet Explorer, handles objects in memory. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer ... oval:org.secpod.oval:def:39781 A Win32k information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log ... oval:org.secpod.oval:def:39841 An information disclosure vulnerability exists in Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacke ... oval:org.secpod.oval:def:39838 An elevation of privilege vulnerability exists when LDAP request buffer lengths are improperly calculated; In a remote attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to send malicious traffic to a Domain Controller. An attacker who successful ... oval:org.secpod.oval:def:16177 WinVerifyTrust Signature Validation Vulnerability. A flaw is present in the WinVerifyTrust function in the operating system, which fails to handle the Windows Authenticode signature verification for portable executable (PE) files. Successful exploitation could allow remote attackers to execute arbit ... |