Download
| Alert*
|
oval:org.secpod.oval:def:24849
The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to a Win32k null pointer dereference vulnerability. A flaw is present in the application, which fails to pro ... oval:org.secpod.oval:def:21558 The host is installed with Microsoft Windows Vista, Server 2008, Windows 7, Server 2008 R2, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle failed logon attempts. Successful ex ... oval:org.secpod.oval:def:21559 The host is missing an important update according to Microsoft Security bulletin, MS14-074. The update is required to fix a security bypass vulnerability. A flaw is present in the application, which fails to properly handle failed logon attempts. Successful exploitation could allow an attacker to by ... oval:org.secpod.oval:def:10947 The host is installed with .NET Framework 4.5 and is prone to authentication bypass vulnerability. A flaw is present in the application, which fails to create policy requirements for custom Windows Communication Foundation (WCF) endpoint authentication in certain situations involving passwords over ... oval:org.secpod.oval:def:10945 The host is missing an important security update according to Microsoft bulletin, MS13-040. The update is required to fix spoofing vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted XML file. Successful exploitation allows attackers to gain access ... oval:org.secpod.oval:def:10946 The host is installed with .NET Framework 2.0, 3.5, 3.5.1, 4.0 or 4.5 and is prone to spoofing vulnerability. A flaw is present in the application, which fails to check signatures in XML file. Successful exploitation allows attackers to make undetected changes to signed XML documents via unspecified ... oval:org.secpod.oval:def:23103 The host is installed with Microsoft Windows Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the OLE automation array, which fails to handle specially ... oval:org.secpod.oval:def:23102 The host is missing an critical security update according to Microsoft security bulletin, MS15-002. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to handle specially crafted packets. Successful exploitation could allow attacker ... oval:org.secpod.oval:def:24855 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to a Win32k Pool buffer overflow vulnerability. A flaw is present in the application, which fails to properl ... oval:org.secpod.oval:def:24856 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to a Win32k elevation of privilege vulnerability. A flaw is present in the application, which fails to prope ... oval:org.secpod.oval:def:24858 The host is missing an important security update according to Microsoft security bulletin, MS15-061. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly validate user input. Successful exploitation allows remote attackers to gain ... oval:org.secpod.oval:def:24853 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to a Win32k buffer overflow vulnerability. A flaw is present in the application, which fails to properly val ... oval:org.secpod.oval:def:25800 The host is installed with Microsoft Windows Vista SP2 or Windows Server 2008 SP2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly handles certain logging activities. Successful exploitation could allow attackers to take complete control of an ... oval:org.secpod.oval:def:25801 The host is missing an important security update according to Microsoft security bulletin, MS15-083. The update is required to fix a memory corruption vulnerability. A flaw is present in the application, which improperly handles certain logging activities. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:23759 The host is installed with Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8 or 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted file or website. Successful exploitation ... oval:org.secpod.oval:def:23758 The host is installed with Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8 or 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted file or website. Successful exploitation ... oval:org.secpod.oval:def:23757 The host is installed with Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8 or 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted file or website. Successful exploitation ... oval:org.secpod.oval:def:23756 The host is installed with Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8 or 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted file or website. Successful exploitation ... oval:org.secpod.oval:def:23755 The host is installed with Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8 or 8.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly read or display certain fonts. Successful exploitation could allow ... oval:org.secpod.oval:def:23754 The host is installed with Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8 or 8.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly manage memory when parsing fonts. Successful exploitation could allow at ... oval:org.secpod.oval:def:23762 The host is missing a critical security update according to Microsoft security bulletin, MS15-021. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted fonts. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:20770 The host is installed with Microsoft Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted application. An attacker wh ... oval:org.secpod.oval:def:24301 The host is installed with Microsoft Windows Vista, Server 2008, Windows 7, 2008 R2, Windows 8, 8.1, Server 2012 or Server 2012 R2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a specially crafted .msc file. Successful exploitation cou ... oval:org.secpod.oval:def:24302 The host is missing an important security update according to Microsoft Security bulletin, MS15-054. The update is required to fix a denial of service vulnerability. A flaw is present in the application, which fails to handle a specially crafted .msc file. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:18533 The host is installed with .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4.0, 4.5 or 4.5.1 and is prone to privilege escalation vulnerability. A flaw is present in the application, which fails to handles TypeFilterLevel checks for some malformed objects. Successful exploitation allows attacker to exe ... oval:org.secpod.oval:def:18532 The host is missing an important security update according to Microsoft bulletin, MS14-026. The update is required to fix multiple vulnerabilities. The flaw is present in the .NET Remoting implementation, which fails to handle a crafted website. Successful exploitation allows attacker to execute arb ... oval:org.secpod.oval:def:6709 The host is installed with Internet Explorer 6 through 9 and is prone to an asynchronous null object access remote code execution vulnerability. A flaw is present in the application, which fails to handle deleted objects in memory. Successful exploitation could allow attackers to execute arbitrary c ... oval:org.secpod.oval:def:6712 The host is missing a critical security update, according to Microsoft security bulletin MS12-052. The update is required to fix multiple vulnerabilities. A flaw is present in the application, which fails to handle deleted objects in memory. Successful exploitation could allow attackers to execute a ... oval:org.secpod.oval:def:6711 The host is installed with Internet Explorer 6 through 9 and is prone to a virtual function table corruption vulnerability. A flaw is present in the application, which fails to handle deleted objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6710 The host is installed with Internet Explorer 6 and 7 and is prone to a layout memory corruption vulnerability. A flaw is present in the application, which fails to handle deleted objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:21363 The host is missing an important security update according to Microsoft security bulletin, MS14-058. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle objects in memory and TrueType fonts. Successful exploitation could al ... oval:org.secpod.oval:def:21362 The host is installed with Microsoft Windows Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle TrueType ... oval:org.secpod.oval:def:24087 The host is missing a critical security update according to Microsoft security bulletin, MS15-035. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to process certain specially crafted Enhanced Metafile (EMF) image format files. S ... oval:org.secpod.oval:def:24086 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to process certain specially crafted Enhanced Metafile (EMF) image form ... oval:org.secpod.oval:def:20126 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails ... oval:org.secpod.oval:def:20127 The host is missing an critical security update according to Microsoft security bulletin, MS14-038. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a crafted journal file. Successful exploitation allows attacke ... oval:org.mitre.oval:def:7633 The extSetOwner function in the UfProxyBrowserCtrl ActiveX control (UfPBCtrl.dll) in Trend Micro Internet Security Pro 2010 allows remote attackers to execute arbitrary code via an invalid address that is dereferenced as a pointer. oval:org.secpod.oval:def:3433 The host is installed with Microsoft Time component and is prone to remote code execution vulnerability. A flaw is present in the application which is caused by a specially crafted Web page. Successful exploitation allows remote attacker gain user rights as the logged-on user. oval:org.secpod.oval:def:3434 The host is missing a critical security update according to Microsoft security bulletin, MS11-090. The update is required to fix remote code execution vulnerability. A flaw is present in Internet Explorer, which fails to handle a specially crafted web page. Successful exploitation could allow an at ... oval:org.secpod.oval:def:21554 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle proce ... oval:org.secpod.oval:def:21555 The host is missing a critical security update according to Microsoft bulletin, MS14-066. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle processing of specially crafted packets. Successful exploitation allows ... oval:org.secpod.oval:def:21549 The host is installed with Microsoft Windows Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle crafted OLE objects. Successful ... oval:org.secpod.oval:def:21547 The host is missing an critical security update according to Microsoft security bulletin, MS14-064. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to handle crafted OLE objects. Successful exploitation could allow attackers to r ... oval:org.secpod.oval:def:21548 The host is installed with Microsoft Windows Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the OLE automation array, which fails to handle crafted O ... oval:org.secpod.oval:def:21543 The host is installed with Microsoft XML Core Services 3.0 on Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, w ... oval:org.secpod.oval:def:21544 The host is missing a critical security update according to Microsoft bulletin, MS14-067. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which improperly parses XML content. Successful exploitation allows attackers to run arbitrary code and ... oval:org.secpod.oval:def:23760 The host is installed with Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8 or 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted file or website. Successful exploitation ... oval:org.secpod.oval:def:24296 The host is missing an critical security update according to Microsoft security bulletin, MS15-045. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a crafted journal file. Successful exploitation allows attacke ... oval:org.secpod.oval:def:24290 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails ... oval:org.secpod.oval:def:24291 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails ... oval:org.secpod.oval:def:24292 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails ... oval:org.secpod.oval:def:24293 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails ... oval:org.secpod.oval:def:24294 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails ... oval:org.secpod.oval:def:24295 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails ... oval:org.secpod.oval:def:23478 The host is missing an important security update according to Microsoft security bulletin, MS15-014. The update is required to fix a security feature bypass vulnerability. A flaw is present in the group policy application of security configuration policies that could cause group policy settings on a ... oval:org.secpod.oval:def:23477 The host is installed with Microsoft Windows Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to a security feature bypass vulnerability. A flaw is present in the group policy application of security configuration ... oval:org.secpod.oval:def:24847 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows kernel-mode driver, which fails ... oval:org.secpod.oval:def:25349 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel-mode driver, which fails ... oval:org.secpod.oval:def:25354 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8 or Server 2012 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel-mode driver, which fails to properly handle objects i ... oval:org.secpod.oval:def:25355 The host is missing an important security update according to Microsoft security bulletin, MS15-073. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted content. Successful exploitation allows remote attackers to install pro ... oval:org.secpod.oval:def:25350 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows kernel-mode driver, which fails ... oval:org.secpod.oval:def:25806 The host is installed with Microsoft XML Core Services 3.0 or Microsoft XML Core Services 6.0 on Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 or Microsoft XML Core Services 5.0 on Microsoft Office 2007 SP2, SP3 or Micr ... oval:org.secpod.oval:def:23745 The host is missing an important security update according to Microsoft security bulletin MS15-023. The update is required to fix multiple vulnerabilities. The flaws are present in the Windows Kernel-Mode driver, which fails to handle crafted vectors. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:23743 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows kernel-mode driver, which deref ... oval:org.secpod.oval:def:23753 The host is missing an important security update according to Microsoft security bulletin MS15-029. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle uninitialized memory when parsing certain, specially crafted ... oval:org.secpod.oval:def:23752 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle uninitialize ... oval:org.secpod.oval:def:23742 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows kernel-mode driver, which leaks ... oval:org.secpod.oval:def:23741 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows kernel-mode driver, which fails ... oval:org.secpod.oval:def:23761 The host is installed with Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8 or 8.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly read or display certain fonts. Successful exploitation could allow ... oval:org.secpod.oval:def:24285 The host is missing an important security update according to Microsoft bulletin, MS15-051. The update is required to fix multiple vulnerabilities. The flaws are present in the Windows kernel-mode driver, which leaks private address information during a function call or improperly handles objects in ... oval:org.secpod.oval:def:24280 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows kernel-mode driver, which leaks ... oval:org.secpod.oval:def:24281 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows kernel-mode driver, which leaks ... oval:org.secpod.oval:def:24282 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows kernel-mode driver, which leaks ... oval:org.secpod.oval:def:24283 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows kernel-mode driver, which leaks ... oval:org.secpod.oval:def:24284 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2 or Server 2008 SP2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel-mode driver, which improperly handles objects in memory. Successful exploitation allows remote attackers to exec ... oval:org.secpod.oval:def:24279 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows kernel-mode driver, which leaks ... oval:org.secpod.oval:def:24299 The host is installed with Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, Windows 7, 8, 8.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which allows the use of a weak Diffie-Hellman ephemeral (DFE) key length of 512 bits in an encrypte ... oval:org.secpod.oval:def:24300 The host is missing an important security update according to Microsoft security bulletin, MS15-055. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which allows the use of a weak Diffie-Hellman ephemeral (DFE) key length of 512 bits in an ... oval:org.secpod.oval:def:21367 The host is installed with Microsoft Windows Server 2003, Vista or Server 2008 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which is caused when the FASTFAT driver executes a function that results in a buffer under-allocation issue. Successful exploi ... oval:org.secpod.oval:def:21373 The host is installed with .Net framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1 or 4.5.2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly parse specially crafted internationalized resource identifiers resulting in memory corruption. Su ... oval:org.secpod.oval:def:21366 The host is missing a critical security update according to Microsoft security bulletin, MS14-063. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which is caused when the FASTFAT driver executes a function that results in a buffer under-a ... oval:org.secpod.oval:def:10741 The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbit ... oval:org.secpod.oval:def:10742 The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbit ... oval:org.secpod.oval:def:10743 The host is missing a critical security update according to Microsoft Security bulletin MS13-028. The update is required to fix multiple use-after-free vulnerabilities. The flaws are present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Succes ... oval:org.secpod.oval:def:21094 The host is missing a critical security update according to Microsoft bulletin, MS14-053. The update is required to fix a denial of service vulnerability. A flaw are present in the applications, which does not properly use a hash table for request data. Successful exploitation allows for an unauthen ... oval:org.secpod.oval:def:21095 The host is installed with .Net framework 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1 or 4.5.2 and is prone to denial of service vulnerability. A flaw are present in the applications, which does not properly use a hash table for request data. Successful exploitation allows for an unauthenti ... oval:org.secpod.oval:def:10847 The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation allows attackers to execute arbitrary cod ... oval:org.secpod.oval:def:21590 The host is installed with Internet Explorer 6, 7, 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19797 The host is installed with Microsoft Windows Vista, Server 2008, Windows 7, Windows 8, Windows Server 2012, Windows Server 2008 R2, Windows 8.1 or Windows Server 2012 R2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly processes special ... oval:org.secpod.oval:def:19798 The host is missing an important security update according to Microsoft bulletin MS14-031. The update is required to fix a denial of service vulnerability. A flaw is present in the application, which fails to properly processes specially crafted packets. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:23115 The host is missing a moderate security update according to Microsoft security bulletin, MS15-004. The update is required to fix a directory traversal elevation of privilege vulnerability. A flaw is present in the TS WebProxy Windows component, which fails to properly sanitize file paths. Successful ... oval:org.secpod.oval:def:23112 The host is installed with Microsoft Windows Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to a directory traversal elevation of privilege vulnerability. A flaw is present in the TS WebProxy Windows component, which fails to properly san ... oval:org.secpod.oval:def:33792 The host is installed with Microsoft Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2 or Windows 8.1 and is prone to an OLE Remote code execution vulnerability. A flaw is present in the application, which fails to properly validate user input. An attacker who succes ... oval:org.secpod.oval:def:33791 The host is missing an important security update according to Microsoft security bulletin, MS16-044. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to properly validate user input. An attacker who successfully exploited this vul ... oval:org.secpod.oval:def:21835 The host is missing a important security update according to Microsoft security advisory, 2905247. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a improper configuration of view state MAC. Successful exploitation al ... oval:org.secpod.oval:def:6016 The host is missing a critical security update according to Microsoft Security Advisory, 2718704. The update is required to fix spoofing vulnerability. A flaw is present in the application, which fails to properly handle authorization of digital certificates. Successful exploitation could allow atta ... oval:org.secpod.oval:def:6975 The host is missing a security update according to Microsoft security advisory, 2736233. The update is required to provide a security feature in IE, which prevents ActiveX control from ever being loaded by the Internet Explorer HTML-rendering engine. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:6736 The host is missing a critical security update according to Microsoft Security Advisory, 2661254. The update is required to fix spoofing vulnerability. A flaw is present in the application, which fails to properly handle certificates with RSA keys less than 1024 bits in length. Successful exploitati ... oval:org.secpod.oval:def:6408 The host is missing a critical security update according to Microsoft Security Advisory, 2728973. The update is required to fix spoofing vulnerability. A flaw is present in the application, which fails to handle CA certificates. Successful exploitation could allow attackers to use these certificates ... oval:org.secpod.oval:def:6409 The host is missing a critical security update according to Microsoft Security Advisory, 2719662. The update is required to fix remote code execution vulnerabilities. The flaws are present in the applications, which fail to handle gadgets at the Windows Sidebar. Successful exploitation could allow a ... oval:org.secpod.oval:def:4749 The host is missing a critical security update according to Microsoft Security Advisory, 2647518. The update is required to fix remote code execution vulnerability. A flaw is present in the application, which fails to prevent few ActiveX controls from being run in Internet Explorer. Successful explo ... oval:org.secpod.oval:def:5642 The host is missing a critical security update according to Microsoft Security Advisory, 2695962. The update is required to fix remote code execution vulnerability. A flaw is present in the application, which fails to prevent few ActiveX controls from being run in Internet Explorer. Successful explo ... oval:org.secpod.oval:def:24841 The host is installed with Microsoft Windows Vista, Windows 7, Windows 8, Windows Server 2008, Windows Server 2008 R2 or Windows Server 2012 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly validate user input. Successful exploita ... oval:org.secpod.oval:def:24842 The host is missing an important security update according to Microsoft security bulletin, MS15-063. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly validate user input. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:25356 The host is missing an important security update according to Microsoft security bulletin, MS15-069. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a specially crafted dynamic link library (DLL) file. Successful exploitation al ... oval:org.secpod.oval:def:25358 The host is installed with Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 and is prone to a dll planting remote code execution vulnerability. A flaw is present in the application, which fails to properly load crafted DLLs. Successful explo ... oval:org.secpod.oval:def:43962 Microsoft Internet Explorer is prone to a denial-of-service vulnerability. A flaw is present in internet explorer, which fails to handle some exceptional conditions. Successful exploits can allow attackers to hang the affected browser, resulting in denial-of-service conditions. oval:org.secpod.oval:def:24110 The host is installed with .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4.0, 4.5 or 4.5.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which improperly handles certain requests on systems that have custom error messages disabled. Successful exploitat ... oval:org.secpod.oval:def:24111 The host is missing an important security update according to Microsoft bulletin, MS15-041. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which improperly handles certain requests on systems that have custom error messages disabled. Succ ... oval:org.secpod.oval:def:23773 The host is installed with Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8, 8.1 and is prone to a WTS remote code execution vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow atta ... oval:org.secpod.oval:def:23772 The host is missing a critical security update according to Microsoft security bulletin, MS15-020. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle a crafted file. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:24339 The host is installed with Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 and is prone to an opentype font parsing vulnerability. A flaw is present in the applications, which fail to handle a crafted OpenType font. Successful exploitation could allow attackers to execute arbi ... oval:org.secpod.oval:def:21365 The host is installed with Microsoft Windows Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle crafted OLE objects. Successful ... oval:org.secpod.oval:def:21364 The host is missing an important security update according to Microsoft security bulletin, MS14-060. The update is required to fix remote code execution vulnerability. A flaw is present in the application, which fails to handle crafted OLE objects. Successful exploitation could allow attackers to ru ... oval:org.secpod.oval:def:10744 The host is missing an important security update according to Microsoft bulletin, MS13-032. The update is required to fix a denial of service vulnerability. A flaw is present in an application, which fails to handle a crafted query. Successful exploitation could allow attackers to cause memory consu ... oval:org.secpod.oval:def:10745 The host is installed with Microsoft Active Directory or Active Directory Application Mode (ADAM) or Active Directory Lightweight Directory Service (AD LDS) or Active Directory Services and is prone to a denial of service vulnerability. A flaw is present in an application, which fails to handle a cr ... oval:org.secpod.oval:def:25346 The host is installed with Microsoft Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an OLE elevation of privilege vulnerability. A flaw is present in the application, which fails to properly validate user inpu ... oval:org.secpod.oval:def:25347 The host is installed with Microsoft Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an OLE elevation of privilege vulnerability. A flaw is present in the application, which fails to properly validate user inpu ... oval:org.secpod.oval:def:25348 The host is missing an important security update according to Microsoft security bulletin, MS15-075. The update is required to fix a multiple elevation of privilege vulnerabilities. The flaws are present in the application, which fails to properly validate user input. An attacker who successfully ex ... oval:org.secpod.oval:def:25844 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1 or Server 2012 R2 and is prone to an Onetype font parsing vulnerability. A flaw is present in the application, which fails to handle a crafted OpenType font ... oval:org.secpod.oval:def:25847 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which terminates a process when a user logs ... oval:org.secpod.oval:def:25848 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1 or Server 2012 R2 and is prone to a security feature bypass vulnerability. A flaw is present in the Windows kernel-mode driver, which fails to properly vali ... oval:org.secpod.oval:def:25853 The host is installed with Microsoft Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2, .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 or 4.6 and is prone to an Onetype font parsing vulnerability. A flaw ... oval:org.secpod.oval:def:34314 The host is missing an important security update according to Microsoft security bulletin, MS16-059. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to handle a specially crafted Media Center link (.mcl) file that references mali ... oval:org.secpod.oval:def:34315 The host is installed with Windows Media Center on Microsoft Windows Vista, 7 or 8.1 and is prone to a remote Code Execution Vulnerability. A flaw is present in the application, which fails to handle a specially crafted Media Center link (.mcl) file that references malicious code. Successful exploit ... oval:org.secpod.oval:def:25814 The host is installed with Microsoft Windows Server 2008 R2, Server 2008, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to a remote desktop session host spoofing vulnerability. A flaw is present in the application, which fails to properly validate certi ... oval:org.secpod.oval:def:25816 The host is missing an important security update according to Microsoft security bulletin, MS15-082. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the application, which fails to properly validate certificates during authentication. Successful ... oval:org.secpod.oval:def:21565 The host is missing an important security update according to Microsoft bulletin, MS14-072. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle TypeFilterLevel checks for some malformed objects. Successful exploitation al ... oval:org.secpod.oval:def:21556 The host is installed with Microsoft Windows Vista, Server 2008, Windows 7, Server 2008 R2, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to validate permissions under specific conditio ... oval:org.secpod.oval:def:21557 The host is missing an important security update according to Microsoft security bulletin, MS14-071. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which fails to validate permissions under specific conditions. Successful exploitation cou ... oval:org.secpod.oval:def:21564 The host is installed with .NET Framework 1.1 SP1, 2.0 SP2, 3.5.1, 4.0, 4.5 or 4.5.1 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to handle TypeFilterLevel checks for some malformed objects. Successful exploitation allows attacker to execute ... oval:org.secpod.oval:def:18531 The host is missing an important security update according to Microsoft security bulletin, MS14-025. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle passwords being distributed by Active Directory. Successful ... oval:org.secpod.oval:def:18530 The host is installed with Microsoft Windows Vista, Server 2008, Windows 7, Server 2008 R2, Windows 8, Server 2012, Windows 8.1 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle passwords being distributed ... oval:org.secpod.oval:def:19801 The host is installed with Microsoft XML Core Services 3.0 on Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 or Microsoft XML Core Services 6.0 on Microsoft Windows Server 2003 SP2, Vista SP2, Server 200 ... oval:org.secpod.oval:def:19802 The host is missing an important security update according to Microsoft bulletin, MS14-033. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which is caused when Microsoft XML Core Services (MSXML) parses XML content and does not properly e ... oval:org.secpod.oval:def:20814 The host is installed with .Net framework 2.0, 3.0 or 3.5.1 and is prone to an security feature bypass vulnerability. A flaw is present in the application, which fails to handle a crafted web site. Successful exploitation could allow an attacker to bypass the Address Space Layout Randomization (ASLR ... oval:org.secpod.oval:def:20815 The host is missing an important security update according to Microsoft bulletin, MS14-046. The update is required to fix a security feature bypass vulnerability. A flaw is present in the application, which fails to handle a crafted web site. Successful exploitation could allow an attacker to bypass ... oval:org.secpod.oval:def:23099 The host is installed with Microsoft Windows Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an elevation of privilege vulnerability. A flaw is present in the WebDAV Kernel-Mode Driver, which fails to properly ... oval:org.secpod.oval:def:23098 The host is missing a moderate security update according to Microsoft security bulletin, MS15-008. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the WebDAV Kernel-Mode Driver, which fails to properly handle a specially crafted application. An attacker wh ... oval:org.secpod.oval:def:23105 The host is missing an important security update according to Microsoft security bulletin, MS15-005. The update is required to fix a security feature bypass vulnerability. A flaw is present in the application, which fails to fails to properly validate whether a domain-connected computer is connected ... oval:org.secpod.oval:def:23111 The host is missing an important security update according to Microsoft security bulletin, MS15-003. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which fails to validate user privileges to load registry hives. Successful exploitation co ... oval:org.secpod.oval:def:23110 The host is installed with Microsoft Windows Server 2003, Windows 7, 8, 8.1, Server 2008, 2008 R2, 2012 or 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to validate user privileges to load registry hives. Successful exploitation co ... oval:org.secpod.oval:def:23104 The host is installed with Microsoft Windows 7, 8, 8.1, Server 2008, 2008 R2, 2012 or 2012 R2 and is prone to a security feature bypass vulnerability. A flaw is present in the application, which fails to fails to properly validate whether a domain-connected computer is connected to the domain or to ... oval:org.secpod.oval:def:20092 The host is missing an important security update according to Microsoft bulletin MS14-041. The update is required to fix a elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle certain objects in memory. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:20093 The host is installed with DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1 or Windows Server 2012 R2 and is prone to a elevation of privilege vulnerability. A flaw is present in the application, which fails to ... oval:org.secpod.oval:def:20094 The host is installed with Microsoft Windows Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. S ... oval:org.secpod.oval:def:20095 The host is missing an important security update according to Microsoft security bulletin, MS14-039. The update is required to fix elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:21374 The host is installed with .Net framework 2.0 SP2 or 3.5.1 and is prone to a ASLR execution vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted content. Successful exploitation allows attacker to bypass the ASLR security feature. oval:org.secpod.oval:def:21375 The host is missing a critical security update according to Microsoft bulletin, MS14-057. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a specially crafted URI request containing international characters. Successful exploitati ... oval:org.secpod.oval:def:21372 The host is installed with .Net framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1 or 4.5.2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which inadvertently processes data prior to verification. Successful exploitation allows attacker to take complete cont ... oval:org.secpod.oval:def:21361 The host is installed with Microsoft Windows Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle objects ... oval:org.secpod.oval:def:18181 The host is missing an important security update according to Microsoft security bulletin, MS14-027. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle file association. Successful exploitation could allow attac ... oval:org.secpod.oval:def:18180 The host is installed with Windows Server 2003, Server 2008, Vista, Windows 7, Server 2008 R2, Server 2012, Windows 8.1 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle file association. Successful exploit ... oval:org.secpod.oval:def:33815 The host is installed with Microsoft .NET Framework 4.6 or .NET Framework 4.6.1 on Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1 or Server 2008 R2 SP1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly validate input bef ... oval:org.secpod.oval:def:33814 The host is missing a critical security update according to Microsoft security bulletin, MS16-041. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to properly validate input before loading libraries. An attacker who successfully ... oval:org.secpod.oval:def:25338 The host is installed with Microsoft Windows 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 and is prone to a RPC elevation of privilege vulnerability. A flaw is present in the application, which inadvertently allows DCE/RPC con ... oval:org.secpod.oval:def:25339 The host is missing an important security update according to Microsoft security bulletin, MS15-076. The update is required to fix a RPC elevation of privilege vulnerability. A flaw is present in the application, which inadvertently allows DCE/RPC connection reflection. An attacker who successfully ... oval:org.secpod.oval:def:25341 The host is missing an important security update according to Microsoft security bulletin, MS15-077. The update is required to fix a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. An attacker who successfully exploited this vu ... oval:org.secpod.oval:def:25344 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012, 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to process certain specially cr ... oval:org.secpod.oval:def:25345 The host is missing an important security update according to Microsoft security bulletin, MS15-072. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which fails to process certain specially crafted bitmap conversions. Successful exploitati ... oval:org.secpod.oval:def:25340 The host is installed with Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8 or 8.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. An attacker who successfully exploited this vu ... oval:org.secpod.oval:def:24082 The host is installed with Microsoft XML Core Services 3.0 in Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1 and is prone to a same origin policy SFB vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful ... oval:org.secpod.oval:def:24083 The host is missing an important security update according to Microsoft security bulletin, MS15-039. The update is required to fix a same origin policy SFB vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to access ... oval:org.secpod.oval:def:32914 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1 or Server 2008 R2 SP1 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel, which fails to properly handle objects in memory. Successful exploitation could run arbitrary code in kernel mo ... oval:org.secpod.oval:def:24107 The host is installed with Microsoft Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1 or Server 2012 R2 and is prone to a NtCreateTransactionManager type confusion vulnerability. A flaw is present in the application, which fails to properly validate ... oval:org.secpod.oval:def:24108 The host is missing an important security update according to Microsoft security bulletin, MS15-038. The update is required to fix an elevation of privilege vulnerabilities. The flaws are present in the application, which fails to properly validate and enforce impersonation levels. Successful exploi ... oval:org.secpod.oval:def:24109 The host is installed with Microsoft Server 2003, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1 or Server 2012 R2 and is prone to MS-DOS device name vulnerability. A flaw is present in the application, which fails to properly validate and enforce ... oval:org.secpod.oval:def:25810 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly validate and enforc ... oval:org.secpod.oval:def:34303 The host is missing an important security update according to Microsoft security bulletin, MS16-058. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to properly validate input before loading certain libraries. An attacker who suc ... oval:org.secpod.oval:def:34302 The host is installed with Microsoft Windows Vista or Server 2008 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly validate input before loading certain libraries. An attacker who successfully exploited this vulnerability could take ... oval:org.secpod.oval:def:25811 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which improperly allows certain registry in ... oval:org.secpod.oval:def:25812 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which improperly allows certain filesystem ... oval:org.secpod.oval:def:25813 The host is missing an important security update according to Microsoft bulletin, MS15-090. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a specially crafted application. An attacker who successfully exploited this vulnerabili ... oval:org.secpod.oval:def:21569 The host is installed with Microsoft Input method editor Japanese on Microsoft Windows Server 2003, Server 2008, Server 2008 R2 or Windows 7 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted file. Success ... oval:org.secpod.oval:def:21572 The host is missing a moderate security update according to Microsoft security bulletin, MS14-078. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted file. Successful exploitation could allow ... oval:org.secpod.oval:def:23777 The host is missing an important security update according to Microsoft bulletin, MS15-025. The update is required to fix an elevation of privilege vulnerability. A flaw is present in windows kernel, which fails to properly validate and enforce impersonation levels or improperly allows a user to mod ... oval:org.secpod.oval:def:23776 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. The flaw is present in the application, which exists in the way that Windows Registry Vir ... oval:org.secpod.oval:def:37930 The host is missing an important security update according to Microsoft security bulletin, MS16-139. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle Windows Kernel API. An attacker who successfully exploited ... oval:org.secpod.oval:def:37929 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1 or Server 2008 R2 SP1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle Windows Kernel API. An attacker who successfully exploited the vu ... oval:org.secpod.oval:def:23775 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1 and is prone to an elevation of privilege vulnerability. The flaw is present in the application, when Windows fails to properly validate and enforce impersonation levels. An at ... oval:org.secpod.oval:def:20773 The host is missing an important security update according to Microsoft security bulletin, MS14-049. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which improperly handles the repair of a previously installed application. Successful expl ... oval:org.secpod.oval:def:20768 The host is installed with Microsoft Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a crafted application. S ... oval:org.secpod.oval:def:21615 The host is installed with Microsoft Windows 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 and is prone to a remote elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a forged sign ... oval:org.secpod.oval:def:20769 The host is installed with Microsoft Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a crafted application. S ... oval:org.secpod.oval:def:21616 The host is missing a critical security update according to Microsoft security bulletin, MS14-068. The update is required to fix a remote elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a forged signature in a ticket. Successful exploitation could al ... oval:org.secpod.oval:def:20771 The host is missing an important security update according to Microsoft security bulletin, MS14-045. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle a crafted application. Successful exploitation could allow attackers t ... oval:org.secpod.oval:def:20772 The host is installed with Microsoft Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which improperly handles the repair of a previ ... oval:org.secpod.oval:def:24297 The host is installed with Windows Vista, 7, 8 or 8.1, Server 2008, 2008 R2, 2012 or 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which improperly verifies impersonation levels. Successful exploitation could allow attackers to gain elevated p ... oval:org.secpod.oval:def:24298 The host is missing an important security update according to Microsoft security bulletin, MS15-050. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which improperly verifies impersonation levels. Successful exploitation could allow attack ... oval:org.secpod.oval:def:24303 The host is installed with .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4.0, 4.5, 4.5.1 or 4.5.2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Forms, which improperly handle objects in memory. Successful exploitation allows attackers to take complete contr ... oval:org.secpod.oval:def:23492 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which improperly handles objects i ... oval:org.secpod.oval:def:23491 The host is missing an important security update according to Microsoft security bulletin MS15-010. The update is required to fix multiple vulnerabilities. The flaw is present in the Windows Kernel-Mode driver, which fails to handle crafted vectors. Successful exploitation could allow attackers to g ... oval:org.secpod.oval:def:23495 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 and is prone to a denial of service vulnerability. A flaw is present in the application, which improperly handles a malicious fil ... oval:org.secpod.oval:def:23494 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which improperly handles objects i ... oval:org.secpod.oval:def:20096 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1 or Windows Server 2012 R2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly validat ... oval:org.secpod.oval:def:20097 The host is missing an important security update according to Microsoft bulletin, MS14-040. The update is required to fix a privilege escalation vulnerability. The flaw is present in the application, which fails to properly validate user-mode input passed to kernel mode. Successful exploitation coul ... oval:org.secpod.oval:def:24854 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to a Microsoft Windows Kernel brush object use after free vulnerability. A flaw is present in the applicatio ... oval:org.secpod.oval:def:24845 The host is installed with Microsoft Windows Vista, Windows 7, Windows 8, Windows Server 2008, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 or Windows Server 2012 R2 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to properly access an o ... oval:org.secpod.oval:def:24846 The host is missing an important security update according to Microsoft security bulletin, MS15-060. The update is required to fix an use after free vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:24848 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to an use after free vulnerability. A flaw is present in the Windows kernel-mode driver, which fails to prop ... oval:org.secpod.oval:def:24850 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to a kernel bitmap handling use after free vulnerability. A flaw is present in the application, which fails ... oval:org.secpod.oval:def:24851 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to a Microsoft Windows station use after free vulnerability. A flaw is present in the application, which fai ... oval:org.secpod.oval:def:24852 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to a Microsoft Windows Kernel object use after free vulnerability. A flaw is present in the application, whi ... oval:org.secpod.oval:def:20775 The host is missing a critical security update according to Microsoft security bulletin, MS14-043. The update is required to fix an use after free vulnerability. A flaw is present in the application, which fails to specially crafted Microsoft Office file that invokes Windows Media Center resources. ... oval:org.secpod.oval:def:20774 The host is installed with Windows Media Center in Microsoft Windows Vista, 7, 8 or 8.1 and is prone to a CSyncBasePlayer use after free vulnerability. A flaw is present in the application, which fails to specially crafted Microsoft Office file that invokes Windows Media Center resources. Successful ... oval:org.secpod.oval:def:17389 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2008 R2, Windows Server 2003, Windows 7, Windows 8, Windows Server 2012, Windows 8.1 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which ... oval:org.secpod.oval:def:17388 The host is missing a critical security update according to Microsoft security bulletin, MS14-019. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which improperly restricts the path used for processing .bat and .cmd files. Successful exploi ... oval:org.secpod.oval:def:23774 The host is installed with Microsoft Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8, 8.1 and is prone to a DLL planting remote code execution vulnerability. A flaw is present in the application, which fails to properly handle loading of DLL files. Successful exploitation coul ... oval:org.secpod.oval:def:25808 The host is installed with Microsoft XML Core Services 3.0 or on Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 or Microsoft XML Core Services 5.0 on Microsoft Office 2007 SP2 and is prone to an information disclosure vu ... oval:org.secpod.oval:def:25809 The host is missing an important security update according to Microsoft security bulletin, MS15-084. The update is required to fix multiple information disclosure vulnerabilities. The flaws are present in the applications, which expose memory addresses not intended for public disclosure or explicitl ... oval:org.secpod.oval:def:25802 The host is installed with Microsoft Windows Vista, Server 2008, Windows Server 2008 R2, Windows 7, Windows 8, Windows 8.1, Windows Server 2012 or Windows Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle crafted data. ... oval:org.secpod.oval:def:25803 The host is missing an important security update according to Microsoft security bulletin, MS15-089. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to could ... oval:org.secpod.oval:def:25807 The host is installed with Microsoft XML Core Services 3.0 or on Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 or Microsoft XML Core Services 5.0 on Microsoft Office 2007 SP2 and is prone to an information disclosure vu ... oval:org.secpod.oval:def:23766 The host is missing an important security update according to Microsoft bulletin, MS15-031. The update is required to fix a security feature bypass vulnerability. A flaw is present in the application, that is caused by an issue in the TLS state machine whereby a client system accepts an RSA key with ... oval:org.secpod.oval:def:23765 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 and is prone to a security feature bypass vulnerability. A flaw is present in the application, that is caused by an issue in the ... oval:org.secpod.oval:def:24304 The host is installed with .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.0, 4.5, 4.5.1 or 4.5.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which improperly handle crafted XML data. Successful exploitation allows attackers to degrade the performance of a .NET-ena ... oval:org.secpod.oval:def:24305 The host is missing an important security update according to Microsoft bulletin, MS15-048. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle a specially crafted vectors. Successful exploitation could allow attackers to t ... oval:org.secpod.oval:def:21539 The host is missing a moderate security update according to Microsoft security bulletin, MS14-079. The update is required to fix denial of service vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted TrueType fonts. Successful exploitation could all ... oval:org.secpod.oval:def:21540 The host is installed with Microsoft Windows Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a specially c ... oval:org.secpod.oval:def:24843 The host is missing an critical security update according to Microsoft bulletin, MS15-057. The update is required to fix remote code execution vulnerability. A flaw is present in the application, which fails to handle crafted DataObject on a web site. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:24844 The host is installed with Microsoft Windows Media Player 9 through 12 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to handle crafted DataObject on a web site. Successful exploitation could allow attackers to execute arbitrary code on the aff ... oval:org.secpod.oval:def:5096 The host is installed with Microsoft Internet Explorer 6 through 8 and is prone to a VML style remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code ... oval:org.secpod.oval:def:1450 The host is installed with Microsoft Internet Explorer and is prone to memory corruption vulnerability. A flaw is present in the browser, which fails to access an object that has not been properly initialized or has been deleted. Successful exploitation could allow remote attackers to execute arbitr ... oval:org.secpod.oval:def:1451 The host is installed with Microsoft Internet Explorer and is prone to HTTP Redirect memory corruption vulnerability. A flaw is present in the browser, which fails to access an object that has not been properly initialized or has been deleted. Successful exploitation could allow remote attackers to ... oval:org.secpod.oval:def:1448 The host is installed with Microsoft Internet Explorer and is prone to drag and drop information disclosure vulnerability. A flaw is present in the browser, which fails to handle a crafted Web page. Successful exploitation could allow remote attackers to execute arbitrary code or gain sensitive info ... oval:org.secpod.oval:def:4137 The host is installed with Internet Explorer 6,7,8 or 9 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly perform copy-and-paste operations. Successful exploitation could allow attackers to read content from a different (1) domain ... oval:org.secpod.oval:def:4138 The host is installed with Internet Explorer 7,8 or 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle access to a deleted object. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:4136 The host is missing a critical security update according to Microsoft bulletin, MS12-010. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a specially crafted web page. Successful exploitation could allow attackers to execute arb ... oval:org.secpod.oval:def:4139 The host is installed with Internet Explorer 9 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle the creation and initialization of string objects. Successful exploitation could allow remote attackers to read data from arbit ... oval:org.secpod.oval:def:4140 The host is installed with Internet Explorer 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle access to a deleted object. Successful exploitation could allow remote attackers to execute arbitrary code. oval:org.secpod.oval:def:5094 The host is installed with Microsoft Internet Explorer 6 or 7 and is prone to an OnReadyStateChange remote code execution vulnerability. A flaw is present in the application, which fails to handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:5093 The host is installed with Microsoft Internet Explorer 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle objects in memory that have been deleted. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:5092 The host is installed with Microsoft Internet Explorer 6 through 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a crafted HTML document. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:5097 The host is missing a critical security update according to Microsoft security bulletin, MS12-023. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the application, which fails to properly handle malicious data. Successful exploitation could allo ... oval:org.secpod.oval:def:5095 The host is installed with Microsoft Internet Explorer 6 through 9 and is prone to a SelectAll remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code ... oval:org.secpod.oval:def:5586 The host is missing a critical security update according to Microsoft security bulletin, MS12-035. The update is required to fix a remote code execution vulnerability. The flaws are present in .NET Framework, which fail to handle a specially crafted webpage. Successful exploitation could allow remot ... oval:org.secpod.oval:def:5583 The host is missing an important security update according to Microsoft security bulletin, MS12-032. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to gain pr ... oval:org.secpod.oval:def:5589 The host is installed with Microsoft .Net Framework 1.1 SP1 or 2.0 SP2 or 3.0 SP2 or 3.5 SP1 or 3.5.1 or 4.0 and is prone to remote code execution vulnerability. A flaw is present in the Microsoft .NET Framework, which fails due to the improper serialization of untrusted input through partially trus ... oval:org.secpod.oval:def:5588 The host is installed with Microsoft .Net Framework 1.1 SP1 or 2.0 SP2 or 3.0 SP2 or 3.5 SP1 or 3.5.1 or 4.0 and is prone to remote code execution vulnerability. A flaw is present in the Microsoft .NET Framework, which fails due to the improper serialization of untrusted input. Successful exploitati ... oval:org.secpod.oval:def:5581 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2 or R2 SP1, or Windows 7 or SP1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly enforce firewall rules for outbound broadcast packets. Successful ... oval:org.secpod.oval:def:1199 The host is installed with Microsoft Internet Explorer and is prone to link properties handling memory corruption vulnerability. A flaw is present in the browser, which fails to handle link properties object. Successful exploitation could allow remote attackers to execute arbitrary code or gain sens ... oval:org.secpod.oval:def:5130 The host is missing an important security update according to Microsoft security bulletin, MS12-025. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to properly validate parameters when passing data to a function. Successful expl ... oval:org.secpod.oval:def:5129 The host is installed with Microsoft .NET Framework 1.1 SP1 or 2.0 SP2 or 3.5.1 or 4 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to properly validate parameters when passing data to a function. Successful exploitation allows remote attackers ... oval:org.secpod.oval:def:3431 The host is installed with Internet Explorer 6 or 7 or 8 or 9 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to properly handle Web pages. Successful exploitation allows attackers to to view content from a different domain or Internet Explorer ... oval:org.secpod.oval:def:3432 The host is missing an important security update according to Microsoft security bulletin, MS11-099. The update is required to fix information disclosure and remote code execution vulnerabilities. The flaws are present in the applications, which fail to properly handle XSS Filter and loading of libr ... oval:org.secpod.oval:def:1203 The host is installed with Microsoft Internet Explorer and is prone to time element memory corruption vulnerability. A flaw is present in the browser, which fails to access an object that has not been properly initialized or has been deleted. Successful exploitation could allow remote attackers to e ... oval:org.secpod.oval:def:1202 The host is installed with Microsoft Internet Explorer and is prone to drag and drop memory corruption vulnerability. A flaw is present in the browser, which fails to access an object that has not been properly initialized or has been deleted. Successful exploitation could allow remote attackers to ... oval:org.secpod.oval:def:1204 The host is installed with Microsoft Internet Explorer and is prone to DOM modification memory corruption vulnerability. A flaw is present in the browser, which fails to access an object that has not been properly initialized or has been deleted. Successful exploitation could allow remote attackers ... oval:org.secpod.oval:def:1206 The host is missing a Critical security update according to Microsoft security bulletin, MS11-052. The update is required to fix remote code execution vulnerability. A flaw is present in the way that Microsoft Internet Explorer 6/7/8 accesses an object that has not been correctly initialized or has ... oval:org.secpod.oval:def:1383 The host is missing a critical security update according to Microsoft security bulletin, MS10-041. The update is required to fix data tampering vulnerability. A flaw is present in the Microsoft .NET Framework, which allows data tampering of signed XML content without being detected. Successful explo ... oval:org.secpod.oval:def:1392 The host is missing a critical security update according to Microsoft security bulletin, MS11-053. The update is required to fix a remote code execution vulnerability. A flaw is present in in the Windows Bluetooth 2.1 Stack due to the way an object in memory is accessed when it has not been correctl ... oval:org.secpod.oval:def:1391 The host is installed with Windows Vista Sp1 or Sp2 or Windows 7 and is prone to a remote code execution vulnerability. A flaw is present in the Bluetooth 2.1 stack, due to the way an object in memory is accessed when it has not been correctly initialized or has been deleted. Successful exploitation ... oval:org.secpod.oval:def:6708 The host is installed with Javascript and Vbscript 5.8, Internet Explorer 8 or 9 scripting engines and is prone to remote code execution vulnerability. A flaw is present in the application which is caused when the scripting engines attempt to reallocate memory while decoding a script in order to run ... oval:org.secpod.oval:def:6707 The host is missing a critical security update according to Microsoft security bulletin, MS12-056. The update is required to fix remote code execution vulnerability in Javascript and Vbscript scripting engines. A flaw is present in the application which is caused when the scripting engines attempt t ... oval:org.secpod.oval:def:1524 The host is missing a Critical security update according to Microsoft security bulletin, MS11-046.. The update is required to fix a privilege escalation vulnerability. The flaw is present in the application, as it fails to validate input passed from the user mode to the kernel. Successful exploiatio ... oval:org.secpod.oval:def:1589 The host is missing a critical security update according to Microsoft security bulletin, MS10-065. The update is required to fix multiple vulnerability. Multiple flaws are present in the asp.dll in Internet Information Services (IIS) in Microsoft Windows, which is due to improper ASP implementation ... oval:org.secpod.oval:def:1197 The host is missing a Critical security update according to Microsoft security bulletin, MS11-048. The update is required to fix denial of service vulnerability. A flaw is present in SMB protocol software, which fails to handle crafted SMB requests. Successful exploitation could cause a user's syste ... oval:org.secpod.oval:def:1196 The host is installed with Microsoft Windows and is prone to denial of service vulnerability. A flaw is present in SMB protocol software, which fails to handle crafted SMB requests. Successful exploitation could cause a user's system to stop responding until manually restarted. oval:org.secpod.oval:def:1193 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to denial of service vulnerability. A flaw is present in distributed file system (DFS) client which fails to handle specially crafted DFS referral responses. Successful exploitat ... oval:org.secpod.oval:def:1214 The host is missing a critical security update according to Microsoft security bulletin, MS10-051. The update is required to fix a remote code execution vulnerability. The flaws are present in the Microsoft XML Core Services (MSXML) which fails to handle HTTP responses. Successful exploitation allow ... oval:org.secpod.oval:def:6994 The host is installed with Microsoft Internet Explorer 9 and is prone to an event listener use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6993 The host is installed with Microsoft Internet Explorer 8 or 9 and is prone to an onmove use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to an object that was not properly initialized or is deleted. Successful exploitat ... oval:org.secpod.oval:def:6992 The host is installed with Microsoft Internet Explorer 6 through 9 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6997 The host is missing a critical security update according to Microsoft security bulletin, MS12-063. The update is required to fix multiple use after free vulnerabilities. The flaws are present in the application, which fails to handle a crafted web site. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:6996 The host is installed with Microsoft Internet Explorer 6 through 8 and is prone to an cloneNode use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to exec ... oval:org.secpod.oval:def:6995 The host is installed with Microsoft Internet Explorer 9 and is prone to an layout use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:1381 The host is missing a critical security update according to Microsoft security bulletin, MS10-083. The update is required to fix remote code execution vulnerability. A flaw is present in the Windows Shell and WordPad in Microsoft Windows, which fails to validate COM objects during instantiation. Suc ... oval:org.mitre.oval:def:7602 Trend Micro Internet Security is installed oval:org.secpod.oval:def:1213 The host is missing a Critical security update according to Microsoft security bulletin, MS10-050. The update is required to fix remote code execution vulnerability. The flaw is present in the Windows Movie Maker which fails to handle specially crafted project files. Successful exploitation allows a ... oval:org.secpod.oval:def:1036 The host is missing an Important security update according to Microsoft security bulletin, MS11-011. The update is required to fix elevation of privilege vulnerability in Windows 7 or Windows Server 2003 or Windows Server 2008 or Windows Vista or Windows XP. A flaw is present in the Microsoft Window ... oval:org.secpod.oval:def:1044 The host is missing an critical security update according to Microsoft security bulletin, MS11-004. The update is required to fix a heap buffer overrun vulnerability in Microsoft FTP Service for Internet Information Services (IIS). A flaw is present in the TELNET_STREAM_CONTEXT::OnSendData function ... oval:org.secpod.oval:def:10777 The host is missing an important security update according to Microsoft security bulletin, MS13-029. The update is required to fix remote code execution vulnerability in Microsoft Windows Remote Desktop Client. A flaw is present in the application which fails to handle the specially crafted webpage. ... oval:org.secpod.oval:def:10778 The host is installed with Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Server 2008 R2 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to handle specially crafted webpage. Successful exploitation coul ... oval:org.secpod.oval:def:11705 The host is installed with Microsoft Internet Explorer 9 or 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:10948 The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbit ... oval:org.secpod.oval:def:10949 The host is installed with Microsoft Internet Explorer 8 or 9 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbitrary c ... oval:org.secpod.oval:def:10958 The host is missing a critical security update according to Microsoft Security bulletin MS13-037. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitati ... oval:org.secpod.oval:def:10950 The host is installed with Microsoft Internet Explorer 6 through 8 and is prone to JSON array information disclosure vulnerability. A flaw is present in the application, which fails to properly restrict data access by VBScript. Successful exploitation could allow attackers to perform cross-domain re ... oval:org.secpod.oval:def:10951 The host is installed with Microsoft Internet Explorer 9 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:10952 The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbit ... oval:org.secpod.oval:def:10953 The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbit ... oval:org.secpod.oval:def:10954 The host is installed with Microsoft Internet Explorer 6 or 7 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbitrary c ... oval:org.secpod.oval:def:10955 The host is installed with Microsoft Internet Explorer 8 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:10956 The host is installed with Microsoft Internet Explorer 9 or 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:10957 The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbit ... oval:org.secpod.oval:def:14192 The host is installed with Microsoft Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14193 The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14190 The host is installed with Microsoft Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a script while debugging a webpage. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14191 The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14194 The host is missing a critical security update according to Microsoft security bulletin, MS13-047. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle a deleted object in memory. Successful exploitation co ... oval:org.secpod.oval:def:14178 The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14179 The host is installed with Microsoft Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14176 The host is installed with Microsoft Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14177 The host is installed with Microsoft Internet Explorer 8 through 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14175 The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14187 The host is installed with Microsoft Internet Explorer 8 through 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14188 The host is installed with Microsoft Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14181 The host is installed with Microsoft Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14180 The host is installed with Microsoft Internet Explorer 7, 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14185 The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14186 The host is installed with Microsoft Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14183 The host is installed with Microsoft Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a deleted object in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:16775 The host is installed with Microsoft Internet Explorer 8 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a denial of se ... oval:org.secpod.oval:def:16774 The host is installed with Microsoft Internet Explorer 8 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a denial of se ... oval:org.secpod.oval:def:16773 The host is installed with Microsoft Internet Explorer 8 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a denial of se ... oval:org.secpod.oval:def:16772 The host is installed with Microsoft Internet Explorer 8 or 9 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a denial ... oval:org.secpod.oval:def:16779 The host is installed with Microsoft Internet Explorer 9 or 10 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a denial ... oval:org.secpod.oval:def:16778 The host is installed with Microsoft Internet Explorer 9 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a denial of se ... oval:org.secpod.oval:def:16776 The host is installed with Microsoft Internet Explorer 6, 7 or 8 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a deni ... oval:org.secpod.oval:def:39408 Multiple information disclosure vulnerabilities exist in the way that the Color Management Module (ICM32.dll) handles objects in memory. These vulnerabilities allow an attacker to retrieve information to bypassusermode ASLR (Address Space Layout Randomization) on a targeted system. By itself, the in ... oval:org.secpod.oval:def:16786 The host is missing a important security update according to Microsoft bulletin, MS14-009. The update is required to fix multiple vulnerabilities. The flaws are present in microsoft graphic component, which fails to handle a crafted website. Successful exploitation allows remote attackers to bypass ... oval:org.secpod.oval:def:16789 The host is installed with .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4.0, 4.5 or 4.5.1 and is prone to type traversal vulnerability. A flaw is present in the application, which improperly verifies that a method is safe for execution. Successful exploitation allows attacker to take complete contro ... oval:org.secpod.oval:def:16788 The host is installed with .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4.0, 4.5 or 4.5.1 and is prone to post request denial of service vulnerability. A flaw is present in the application, which improperly identifies stale or closed HTTP client connections. Successful exploitation allows attackers ... oval:org.secpod.oval:def:16753 The host is installed with Microsoft XML Core Services 3.0 on Microsoft Windows XP SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 and is prone to information disclosure vulnerability. A flaw is present in the applica ... oval:org.secpod.oval:def:16754 The host is missing an important security update according to Microsoft bulletin, MS14-005. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which is caused when Internet Explorer does not properly enforce cross-domain policies. Successful ... oval:org.secpod.oval:def:16768 The host is installed with Microsoft Internet Explorer 8, 9 or 10 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a den ... oval:org.secpod.oval:def:16766 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9 or 10 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause ... oval:org.secpod.oval:def:16758 The host is missing a critical security update according to Microsoft security bulletin, MS14-011. The update is required to fix a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbit ... oval:org.mitre.oval:def:12365 Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet Information Services (IIS), provides detailed error codes during decryption attempts, which allows remote attackers to decrypt and modify encrypted View State (aka __VIEWSTATE) ... oval:org.secpod.oval:def:15461 The host is installed with Internet Explorer 6, 7, 8, 9, or 10 and is prone to remote code execution vulnerability. The flaw is present in the application, which fails to properly handle an object in memory that has been deleted or has not been properly allocated. Successful exploitation allows atta ... oval:org.secpod.oval:def:16790 The host is installed with .NET Framework 2.0 SP2 or 3.5.1 and is prone to address space layout randomization vulnerability. A flaw is present in the application, which fails to handle ASLR security feature. Successful exploitation allows attacker to bypass the ASLR security feature. oval:org.secpod.oval:def:39419 A remote code execution vulnerability exists when Windows improperly validates input before loading dynamic link library (DLL) files. An attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete da ... oval:org.secpod.oval:def:15964 The host is installed with Microsoft Windows XP SP3, Server 2003 SP2, Vista Sp2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly ha ... oval:org.secpod.oval:def:15970 The host is missing a critical security update according to Microsoft security bulletin, MS13-089. The update is required to fix remote code execution vulnerability. The flaw is present in Windows GDI, which fails to handle a specially crafted Windows Write file in WordPad. Successful exploitation a ... oval:org.secpod.oval:def:584 The host is installed with Microsoft Windows and is prone to buffer overflow vulnerability. A flaw is present in BowserWriteErrorLogEntry function in Common Internet File System (CIFS) browser service in Mrxsmb.sys or bowser.sys, which fail to properly handle malicious browser election request packe ... oval:org.secpod.oval:def:15969 The host is installed with Microsoft Windows XP SP2, Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 or Windows Server 2012 R2 and is prone to remote code execution vulnerability. A flaw is prese ... oval:org.secpod.oval:def:15967 The host is missing an important security update according to Microsoft bulletin, MS13-095. The update is required to fix denial of service vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted X.509 certificate. Successful exploitation allows attack ... oval:org.mitre.oval:def:11574 Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka an "invalid flag reference" issue or "Uninitialized Memory Corruption Vulnerabilit ... oval:org.secpod.oval:def:15999 The host is missing a critical security update according to Microsoft bulletin, MS13-090. The update is required to fix remote code execution vulnerability. A flaw is present in the application, which fails to handle InformationCardSigninHelper Class ActiveX control. Successful exploitation allows a ... oval:org.secpod.oval:def:15982 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9 or 10 and is prone to a information disclosure vulnerability. The flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to bypass the Same Origin Policy and obtain sensit ... oval:org.secpod.oval:def:15983 The host is installed with Microsoft Internet Explorer 6, 7 or 8 and is prone to a information disclosure vulnerability. The flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to read content from a different domain or zone via craft ... oval:org.secpod.oval:def:15984 The host is installed with Microsoft Internet Explorer 6, 7, 8 or 9 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:15985 The host is installed with Microsoft Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:38616 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1 or Server 2008 R2 SP1 and is prone to a denial of service vulnerability. A flaw is present in the Windows Local Security Authority Subsystem Service, which improperly handles specially crafted authentication reque ... oval:org.secpod.oval:def:38617 The host is missing an important update according to Microsoft bulletin, MS17-004. The update is required to fix a denial of service vulnerability. A flaw is present in the Windows Local Security Authority Subsystem Service, which improperly handles specially crafted authentication request. An attac ... oval:org.secpod.oval:def:15998 The host is installed with Microsoft Windows XP SP3, Server 2003 SP2, Vista Sp2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to handle ... oval:org.secpod.oval:def:2353 The host is missing a important security update according to Microsoft security bulletin, MS09-026. The update is required to fix privilege escalation vulnerability. A flaw is present in the Windows RPC. The RPC Marshalling Engine fails to update its internal state appropriately. Successful exploita ... oval:org.mitre.oval:def:11994 Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability ... oval:org.secpod.oval:def:53 The host is installed with Microsoft Windows Fax Services Cover Page Editor and is prone to heap-based buffer overflow vulnerability. The flaw is present in the CDrawPoly::Serialize function in fxscover.exe. Successful exploitation allows remote attackers to execute arbitrary code via a long record ... oval:org.mitre.oval:def:11984 Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a diffe ... oval:org.secpod.oval:def:82 The host is installed with Microsoft FTP Service for Internet Information Services (IIS) and is prone to heap buffer overrun vulnerability.A flaw is present in the TELNET_STREAM_CONTEXT::OnSendData function in the FTP protocol handler (ftpsvc.dll), which fails to properly handle a crafted FTP reques ... oval:org.secpod.oval:def:90 The host is installed with Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2 and is prone to elevation of privilege vulnerability. A flaw is present in Microsoft Windows, which fails to handle proper interaction of drivers with the Windo ... oval:org.secpod.oval:def:16013 The host is installed with Microsoft Windows XP SP2, SP3, Server 2003 SP2, Vista SP1, SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to security feature bypass vulnerability. A flaw is present in the application, which fail ... oval:org.secpod.oval:def:16014 The host is missing an important security update according to Microsoft advisory, 2862152. The update is required to fix security feature bypass vulnerability. A flaw is present in the application, which fails to properly handle a DirectAccess server. Successful exploitation allows the attacker to s ... oval:org.secpod.oval:def:16494 The host is installed with Microsoft Internet Explorer 9 or 10 and is prone to use-after-free vulnerability. The flaw is present in Microsoft Internet Explorer 9 and 10, which fails to handle a crafted CSpliceTreeEngine::InsertSplice object in an HTML document. Successful exploitation allows remote ... oval:org.secpod.oval:def:14297 The host is installed with Microsoft Internet Explorer 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service via a craf ... oval:org.secpod.oval:def:14298 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9 or 10 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly process a HTML webpage. Successful exploitation could allow attackers to inject arbitrary web script or HTML via ... oval:org.secpod.oval:def:14291 The host is installed with Microsoft Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service via a ... oval:org.secpod.oval:def:14290 The host is installed with Microsoft Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service via a craf ... oval:org.secpod.oval:def:14295 The host is installed with Microsoft Internet Explorer 7, 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of servic ... oval:org.secpod.oval:def:14296 The host is installed with Microsoft Internet Explorer 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service v ... oval:org.secpod.oval:def:14293 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of ser ... oval:org.secpod.oval:def:14294 The host is installed with Microsoft Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service via ... oval:org.secpod.oval:def:31693 The host is installed with Windows Media Center on Microsoft Windows Vista, 7, 8 or 8.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a specially crafted Media Center link (.mcl) file that references malicious code. An attacker w ... oval:org.secpod.oval:def:31694 The host is installed with Windows Media Center on Microsoft Windows Vista, 7, 8 or 8.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a specially crafted Media Center link (.mcl) file that references malicious code. An attacker w ... oval:org.secpod.oval:def:31695 The host is missing an important security update according to Microsoft security bulletin, MS15-134. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the application, which fails to handle a specially crafted Media Center link (.mcl) file that re ... oval:org.secpod.oval:def:38295 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1 or Server 2008 R2 SP1 and is prone to an information disclosure vulnerability. A flaw is present in the windows GDI component, which improperly discloses the contents of its memory. An attacker who successfully ex ... oval:org.mitre.oval:def:12279 Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka an "invalid flag reference" issue or "Uninitialized Memory Corruption Vulnerabilit ... oval:org.secpod.oval:def:14288 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of ser ... oval:org.secpod.oval:def:14289 The host is installed with Microsoft Internet Explorer 7 or 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service via a ... oval:org.secpod.oval:def:14287 The host is installed with Microsoft Internet Explorer 6, 7, 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:14281 The host is missing a critical security update according to Microsoft security bulletin, MS13-055. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the application, which fails to properly handle crafted webpage. Successful exploitation could all ... oval:org.secpod.oval:def:14284 The host is installed with Microsoft Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service via a ... oval:org.secpod.oval:def:14285 The host is installed with Microsoft Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service via a craf ... oval:org.secpod.oval:def:14282 The host is installed with Microsoft Internet Explorer 7, 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a web script. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of ser ... oval:org.secpod.oval:def:14283 The host is installed with Microsoft Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly process a webpage. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service via ... oval:org.secpod.oval:def:699 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to null pointer de-reference vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation al ... oval:org.mitre.oval:def:12322 Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability. ... oval:org.secpod.oval:def:15642 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:15645 The host is installed with Microsoft Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:16977 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle obj ... oval:org.secpod.oval:def:15646 The host is installed with Microsoft Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:14313 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to a elevation of privilege vulnerability. The flaw is present in the application, which fails to properly handl ... oval:org.mitre.oval:def:11447 Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Cross-Domain Information Disclosure Vulnerability," a different vulnerability than C ... oval:org.secpod.oval:def:15651 The host is missing a critical security update according to Microsoft security bulletin, MS13-080. The update is required to fix multiple memory corruption vulnerabilities. The flaw are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to c ... oval:org.secpod.oval:def:16981 The host is missing a critical security update according to Microsoft bulletin MS14-013. The update is required to fix a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle specially crafted JPEG image files. Successful exploitation could allow attac ... oval:org.secpod.oval:def:14325 Microsoft .NET Framework 2.0 SP2, 3.5.1, 4 or 4.5 on 64-bit platforms and is prone to array allocation vulnerability. A flaw is present in the application, which fails to properly allocate arrays of structures. Successful exploitation allows attackers to execute arbitrary code. oval:org.secpod.oval:def:16988 The host is installed with Internet Explorer 6 through 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execut ... oval:org.secpod.oval:def:14326 The host is installed with Microsoft .NET Framework 2.0 SP2, 3.5.1, 4 or 4.5 and is prone to anonymous method injection vulnerability. A flaw is present in the application, which fails to properly check the permissions of objects that use reflection. Successful exploitation allows attackers to execu ... oval:org.secpod.oval:def:16987 The host is installed with Internet Explorer 6 through 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execut ... oval:org.secpod.oval:def:14324 The host is installed with Microsoft .NET Framework 2.0 SP2, 3.5.1, 4 or 4.5 and is prone to delegate serialization vulnerability. A flaw is present in the application, which fails to properly check the permissions of delegate objects. Successful exploitation allows attackers to execute arbitrary co ... oval:org.secpod.oval:def:16980 The host is installed with DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1 or Windows Server 2012 R2 and is prone to a memory corruption vulnerability. A flaw is ... oval:org.secpod.oval:def:15649 The host is installed with Microsoft Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:16979 The host is missing an important security update according to Microsoft security bulletin, MS14-015. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to di ... oval:org.secpod.oval:def:16978 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle obj ... oval:org.secpod.oval:def:14303 The host is missing a critical security update according to Microsoft security bulletin, MS13-057. The update is required to fix a remote code execution vulnerability. A flaw is present in the applications, which fail to handle crafted media files. Successful exploitation could allow attackers to ex ... oval:org.secpod.oval:def:14301 The host is installed with WMV video codec 9, Windows Media Format Runtime 9, 9.5, Windows Media Format Runtime 11, Windows Media Player 11 or 12 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to handle crafted media files. Successful exploit ... oval:org.secpod.oval:def:616 The host is missing a critical security update according to Microsoft Security Advisory, 2718704. The update is required to fix spoofing vulnerability. A flaw is present in the application, which fails to properly handle authorization of digital certificates. Successful exploitation could allow atta ... oval:org.mitre.oval:def:6227 The RPC Marshalling Engine (aka NDR) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly maintain its internal state, which allows remote attackers to overwrite arbitrary memory locations via a crafted RPC message that trigg ... oval:org.mitre.oval:def:11853 Race condition in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to an object in memory, aka "Race Condition Memory Corruption Vulnerability." oval:org.mitre.oval:def:11849 Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability." oval:org.mitre.oval:def:6287 The Windows Print Spooler in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows remote authenticated users to gain privileges via a crafted RPC message that triggers loading of a DLL file from an arbitrary directory, aka "Print Spooler L ... oval:org.mitre.oval:def:7127 Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and 7.5 allows remote attackers to cause a denial of service (daemon outage) via a crafted request, related to asp.dll, aka "IIS Repeated Parameter Request Denial of Service Vuln ... oval:org.mitre.oval:def:11832 Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Layout Memory Corruption Vulnerability." oval:org.secpod.oval:def:8180 The host is installed with Microsoft Windows XP SP2 or SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2 or R2 SP1, Windows 7 or SP1, Windows 8 or Windows Server 2012 and is prone to remote code execution vulnerability. A flaw is present in Windows DirectPlay, which fails ... oval:org.secpod.oval:def:8181 The host is missing an important security update according to Microsoft bulletin, MS12-082. The update is required to fix remote code execution vulnerability. A flaw is present in Windows DirectPlay, which fails to properly handle specially crafted office documents. Successful exploitation allows at ... oval:org.secpod.oval:def:8192 The host is installed with Windows XP, Windows Vista, Windows Server 2008,Windows Server 2008 R2, Windows Server 2003 or Windows 7 and is prone to remote code execution vulnerabilities. The flaws are present in the Windows kernel, which fails to handle a specially crafted TrueType font file. Success ... oval:org.secpod.oval:def:8193 The host is installed with Internet Explorer 6, 7, 8, 9 or 10 and is prone to an InjectHTMLStream use-after-free vulnerability. A flaw is present in the application, which fails to handle a deleted object. Successful exploitation could allow attackers to execute arbitrary code. oval:org.mitre.oval:def:7170 vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, allows user-assisted remote attackers to execute arbitrary code by referencing a (1) local pathname, (2) UNC share pathname, or (3) WebDAV server with a ... oval:org.secpod.oval:def:2047 The host is missing a critical security update according to Microsoft security bulletin, MS10-070. The update is required to fix information disclosure vulnerability. A flaw is present in ASP.NET (.Net Framework) encryption implementation in IIS, which fails to evaluate generated error codes during ... oval:org.secpod.oval:def:31750 The host is missing an important security update according to Microsoft security bulletin, MS15-126. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a crafted website. An attacker who successfully exploited the vulnerability cou ... oval:org.mitre.oval:def:7158 The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10. ... oval:org.secpod.oval:def:31730 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current u ... oval:org.secpod.oval:def:31732 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current u ... oval:org.secpod.oval:def:2034 The host is missing a critical security update according to Microsoft security bulletin, MS10-022. The update is required to fix remote code execution vulnerability. A flaw is present in VBScript engine, which fails to process WIndows help files in protected mode. User is forced to press the F1 key ... oval:org.secpod.oval:def:16188 The host is installed with Microsoft Internet Explorer 6, 7, 8 or 9 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to handle an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the current u ... oval:org.secpod.oval:def:15663 The host is installed with .Net framework 2.0, 3.5.1, 4.0 or 4.5 and is prone to an entity expansion vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:15664 The host is installed with .Net framework 2.0, 3.5.1, 4.0 or 4.5 and is prone to a JSON parsing vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:16994 The host is installed with Internet Explorer 8 through 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execu ... oval:org.secpod.oval:def:15661 The host is missing a critical security update, according to Microsoft bulletin MS13-082. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the application, which fails to handle crafted OpenType font (OTF) file. Successful exploitation could allo ... oval:org.secpod.oval:def:15662 The host is installed with .Net framework 3.0, 3.5.1, 4.0 or 4.5 and is prone to an openType font parsing vulnerability. A flaw is present in the application, which fails to handle a crafted OTF file. Successful exploitation could allow attackers to take complete control of an affected system. oval:org.secpod.oval:def:16992 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execute arbitrar ... oval:org.secpod.oval:def:16998 The host is installed with Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execute ar ... oval:org.secpod.oval:def:16991 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execute arb ... oval:org.secpod.oval:def:14327 The host is installed with Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, 4 or 4.5 and is prone to delegate reflection bypass vulnerability. A flaw is present in the application, which fails to properly check the permissions of objects that use reflection. Successful exploitation allows ... oval:org.secpod.oval:def:31722 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. oval:org.secpod.oval:def:31725 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. oval:org.secpod.oval:def:31728 The host is installed with Internet Explorer 7 or 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current u ... oval:org.secpod.oval:def:31729 The host is installed with Internet Explorer 7 or 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current u ... oval:org.secpod.oval:def:7328 The host is missing a critical security update according to Microsoft Security Advisory, 2749655. The update is required to fix compatibility issues. An issue is present in the specific digital certificates, which fail to handle proper timestamp attributes. This issue could adversely impact the abil ... oval:org.secpod.oval:def:31702 The host is installed with Microsoft Vista SP2, Server 2008 SP2, Windows 7 SP1 or Server 2008 R2 SP1and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly validate input before loading libraries. Successful exploitation could allow attack ... oval:org.mitre.oval:def:5850 Unspecified vulnerability in the Load method in the IPersistStreamInit interface in the Active Template Library (ATL), as used in the Microsoft Video ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 20 ... oval:org.secpod.oval:def:2585 The host is missing a critical security update according to Microsoft security bulletin, MS10-060. The update is required to fix code execution vulnerability. A flaw is present in the CLR Virtual Method (CLR) in Microsoft .NET Framework, which fails to handle interfaces and delegations to virtual me ... oval:org.mitre.oval:def:6363 Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold ... oval:org.secpod.oval:def:30025 The host is installed with Internet Explorer 8 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which does not properly validate permissions under specific conditions. Successful exploitation could allow attackers to run script with elevated privileges. oval:org.secpod.oval:def:16196 The host is installed with Microsoft Windows XP SP2, SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2, Server 2008 R2 SP2, Windows 7 SP1, Windows Server 2012 or Windows 8 and is prone to denial of service vulnerability. The flaw is present in the application, which fails to properly handle objects i ... oval:org.secpod.oval:def:16190 The host is installed with Microsoft Internet Explorer 7 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to handle an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:30013 The host is missing a critical security update according to Microsoft bulletin, MS15-108. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle objects in memory. An attacker who successfully exploited the vulnerabilities could gain t ... oval:org.secpod.oval:def:30005 The host is installed with Microsoft Windows Vista or Windows 7 and is prone to a Microsoft Tablet Input Band use-after-free vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to execute arbitrary code ... oval:org.mitre.oval:def:11730 Microsoft XML Core Services (aka MSXML) 3.0 does not properly handle HTTP responses, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted response, aka "Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption Vulnerability." oval:org.secpod.oval:def:14822 The host is installed with Internet Explorer 9 or 10 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:14823 The host is installed with Internet Explorer 6, 7, 8, 9 or 10 and is prone to cross-site-scripting (XSS) vulnerability. A flaw is present in the application, which fails to properly handle certain character sequences. Successful exploitation allows attackers to perform cross-site scripting attacks. oval:org.secpod.oval:def:14820 The host is installed with Internet Explorer 9 or 10 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:14821 The host is installed with Internet Explorer 9 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:2531 The host is installed with Microsoft Internet Explorer 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly access a dereference memory address. Successful exploitation could allow an attacker to execute arbitrary code. oval:org.secpod.oval:def:2534 The host is installed with Microsoft Internet Explorer 6,7,8 or 9 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to properly handle a virtual function table after it has been corrupted. Successful exploitation could allow an attacker to execu ... oval:org.secpod.oval:def:2533 The host is installed with Microsoft Internet Explorer 6,7,8 or 9 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to properly handle deleted elements. Successful exploitation could allow an attacker to execute arbitrary code. oval:org.secpod.oval:def:2535 The host is missing a critical security update according to MS11-081. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to handle specially crafted webpage. Successful exploitation could allow attackers to gain same us ... oval:org.secpod.oval:def:14819 The host is installed with Internet Explorer 8, 9 or 10 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:14814 The host is installed with Internet Explorer 7, 8, 9 or 10 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:14817 The host is installed with Internet Explorer 8 or 9 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:14818 The host is installed with Internet Explorer 8 or 9 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:14815 The host is installed with Internet Explorer 6, 7, 8, 9 or 10 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the current us ... oval:org.secpod.oval:def:14816 The host is installed with Internet Explorer 9 or 10 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:39379 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39370 A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts ... oval:org.secpod.oval:def:39371 A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts ... oval:org.secpod.oval:def:39372 A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts ... oval:org.secpod.oval:def:39373 A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts ... oval:org.secpod.oval:def:39374 A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts ... oval:org.secpod.oval:def:39375 A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts ... oval:org.secpod.oval:def:39376 A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts ... oval:org.mitre.oval:def:7297 The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, allows remote attackers to bypass the cross-site scripting ( ... oval:org.secpod.oval:def:39360 An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. A locally authenticated attacker could exploit this vulnerability by ... oval:org.secpod.oval:def:39359 An elevation of privilege vulnerability exists when the Windows Transaction Manager improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.In a local attack scenario, an attacker could exploit this vulnerability by r ... oval:org.secpod.oval:def:15399 The host is installed with Internet Explorer 9 or 10 and is prone to memory corruption vulnerability. The flaw is present in the application, which fails to properly handle crafted webpage. Successful exploitation allows attackers to execute arbitrary code and gain the user rights as the current use ... oval:org.secpod.oval:def:15397 The host is installed with Internet Explorer 7, 8, 9 or 10 and is prone to memory corruption vulnerability. The flaw is present in the application, which fails to properly handle crafted webpage. Successful exploitation allows attackers to execute arbitrary code and gain the user rights as the curre ... oval:org.secpod.oval:def:15398 The host is installed with Internet Explorer 6, 7 or 8 and is prone to memory corruption vulnerability. The flaw is present in the application, which fails to properly handle crafted webpage. Successful exploitation allows attackers to execute arbitrary code and gain the user rights as the current u ... oval:org.secpod.oval:def:15392 The host is missing a critical security update according to Microsoft bulletin, MS13-069. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly access an object in memory. Successful exploitation allows attackers to execute arbitrar ... oval:org.secpod.oval:def:15396 The host is installed with Internet Explorer 9 or 10 and is prone to memory corruption vulnerability. The flaw is present in the application, which fails to properly handle crafted webpage. Successful exploitation allows attackers to execute arbitrary code and gain the user rights as the current use ... oval:org.secpod.oval:def:15394 The host is installed with Internet Explorer 9 or 10 and is prone to memory corruption vulnerability. The flaw is present in the application, which fails to properly handle crafted webpage. Successful exploitation allows attackers to execute arbitrary code and gain the user rights as the current use ... oval:org.secpod.oval:def:39391 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39392 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39393 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39394 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39395 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39396 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39397 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39390 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39388 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39389 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39380 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39381 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39382 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39383 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39384 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39385 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39386 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39387 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39778 An elevation of privilege vulnerability exists in Windows when the Microsoft Graphics Component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or del ... oval:org.mitre.oval:def:12055 Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Cross-Domain Information Disclosure Vulnerability," a different vulnerability than C ... oval:org.mitre.oval:def:12033 The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP1, 2.0 SP2, 3.5, 3.5 SP1, and 3.5.1, and Microsoft Silverlight 2 and 3 before 3.0.50611.0 on Windows and before 3.0.41130.0 on Mac OS X, does not properly handle interfaces and delegations to virtual methods, which allows remote att ... oval:org.secpod.oval:def:16211 The host is missing a critical security update according to Microsoft security bulletin, MS13-099. The update is required to fix remote code execution vulnerability. The flaw is present in Microsoft Scripting Runtime Object Library, which fails to handle a website that hosts specially crafted conten ... oval:org.secpod.oval:def:16210 The host is installed with Microsoft Windows XP SP2, Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 or Windows Server 2012 R2 and is prone to use after free vulnerability. A flaw is present in th ... oval:org.mitre.oval:def:12011 Buffer overflow in Microsoft Windows Movie Maker (WMM) 2.1, 2.6, and 6.0 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted project file, aka "Movie Maker Memory Corruption Vulnerability." oval:org.secpod.oval:def:39320 The host is missing an important security update according to Microsoft security bulletin, MS17-020. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to discl ... oval:org.secpod.oval:def:39319 An information disclosure vulnerability exists in Windows when Windows DVD Maker fails to properly parse a specially crafted .msdvd file. An attacker who successfully exploited the vulnerability could obtain information to further compromise a target system.To exploit the vulnerability, an attacker ... oval:org.secpod.oval:def:30963 The host is missing an important security update according to Microsoft security bulletin, MS15-117. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly check the length of a buffer prior to copying memory into it. Succ ... oval:org.secpod.oval:def:30964 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1 or Windows 7 SP1 and is prone to a heap-based overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted jnt files. Successful exploitation allows a ... oval:org.secpod.oval:def:30965 The host is missing a critical security update according to Microsoft security bulletin, MS15-114. The update is required to fix a heap-based overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted jnt files. Successful exploitation allows attackers to ex ... oval:org.secpod.oval:def:30962 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1 or Windows 7 SP1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly check the length of a buffer prior to copying memory into it. Successful ... oval:org.secpod.oval:def:30968 The host is installed with Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, Windows 7, 8 or 8.1 and is prone to a tls triple handshake vulnerability. A flaw is present in the application, which fails to properly extend master secret binding support to all supported version of TLS. Successful e ... oval:org.secpod.oval:def:30969 The host is missing an important security update according to Microsoft security bulletin, MS15-121. The update is required to fix a tls triple handshake vulnerability. A flaw is present in the application, which fails to properly extend master secret binding support to all supported version of TLS. ... oval:org.secpod.oval:def:39812 The host missing security update for KB4014793. oval:org.secpod.oval:def:2626 The host is missing a critical security update according to bulletin, MS08-078. The update is required to fix multiple remote code execution vulnerabilities. The flaw are present in the application, which fails to handle a specially crafted Web page. Successful exploitation could allow remote code e ... oval:org.mitre.oval:def:6407 Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly process Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted audio file that uses th ... oval:org.secpod.oval:def:33236 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1 or Server 2008 R2 SP1 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows, which fails to properly sanitize handles in memory. An attacker who successfully exploited this vulnerability could ru ... oval:org.secpod.oval:def:15400 The host is installed with Internet Explorer 9 or 10 and is prone to memory corruption vulnerability. The flaw is present in the application, which fails to properly handle crafted webpage. Successful exploitation allows attackers to execute arbitrary code and gain the user rights as the current use ... oval:org.secpod.oval:def:15403 The host is installed with Internet Explorer 8 or 9 and is prone to memory corruption vulnerability. The flaw is present in the application, which fails to properly handle crafted webpage. Successful exploitation allows attackers to execute arbitrary code and gain the user rights as the current user ... oval:org.secpod.oval:def:15401 The host is installed with Internet Explorer 8, 9 or 10 and is prone to memory corruption vulnerability. The flaw is present in the application, which fails to properly handle crafted webpage. Successful exploitation allows attackers to execute arbitrary code and gain the user rights as the current ... oval:org.secpod.oval:def:15402 The host is installed with Internet Explorer 9 or 10 and is prone to memory corruption vulnerability. The flaw is present in the application, which fails to properly handle crafted webpage. Successful exploitation allows attackers to execute arbitrary code and gain the user rights as the current use ... oval:org.secpod.oval:def:26543 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1 or Windows Server 2012 R2 and is prone to a task file deletion elevation of privilege vulnerability. A flaw is present in the application, which fail ... oval:org.mitre.oval:def:5594 The operating system installed on the system is Microsoft Windows Vista x64 Edition Service Pack 2 oval:org.secpod.oval:def:26534 The host is installed with Windows Media Center on Microsoft Windows Vista, 7, 8 or 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a specially crafted Media Center link (.mcl) file that references malicious code. An attacker who ... oval:org.secpod.oval:def:26535 The host is missing an important security update according to Microsoft security bulletin, MS15-100. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to handle a specially crafted Media Center link (.mcl) file that references mali ... oval:org.secpod.oval:def:39834 The host is missing security update for KB4015380. oval:org.secpod.oval:def:39835 The host is missing security update for KB4015068. oval:org.secpod.oval:def:26519 The host is installed with Internet Explorer 8 and is prone to a scripting engine remote memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of ... oval:org.secpod.oval:def:26521 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the currently logged-in ... oval:org.secpod.oval:def:26520 The host is installed with Internet Explorer 7 or 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the currently logge ... oval:org.secpod.oval:def:39826 The host is installed with Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the JScript and VBScript engines render, which fails to properly handle objects in memory. Successful exploitation could allow the attackers to execute arbitrary code in the c ... oval:org.secpod.oval:def:39814 The host is missing security update for KB4015195. This security update resolves multiple vulnerabilities in Microsoft windows that could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:39815 The host is missing security update for KB4015067. This security update resolves multiple vulnerabilities in Microsoft windows that could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:39819 The host is missing security update for KB4014661. This security update resolves memory corruption vulnerability in Internet Explorer 9 that could allow the attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:7909 The host is installed with Microsoft Internet Information Services 7.0 or 7.5 and is prone to command injection vulnerability. A flaw is present in Internet Information Services (IIS), which fails to properly handle specially crafted FTP commands. Successful exploitation could allow information disc ... oval:org.secpod.oval:def:31006 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. oval:org.mitre.oval:def:6007 Use-after-free vulnerability in mshtml.dll in Microsoft Internet Explorer 5.01, 6, and 7 on Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a crafted XML document containing nested SPAN elements, as exploited ... oval:org.secpod.oval:def:7907 The host is missing a critical security update according to Microsoft security bulletin, MS12-073. The update is required to fix multiple vulnerabilities. The flaws are present in Internet Information Services (IIS), which fails to properly handle specially crafted FTP commands. Successful exploitat ... oval:org.mitre.oval:def:11606 The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer value as part of producing Timer ID values for the setTimeout and setInterval methods in VBScript and JScript, which allows remote attackers to obtain sensitive information about the heap memory addr ... oval:org.secpod.oval:def:33235 The host is missing an important security update according to Microsoft bulletin, MS16-031. The update is required to fix an elevation of privilege vulnerability. A flaw is present in windows, which fails to properly sanitize handles in memory, certain scenarios involving junction and mount-point cr ... oval:org.secpod.oval:def:9292 The host is installed with Internet Explorer 8 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9294 The host is installed with Internet Explorer 6, 7, 8, 9 or 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9295 The host is installed with Internet Explorer 6, 7, 8, 9 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:811 The host is installed with Microsoft Windows Vista or Server 2008/R2 or Windows 7 and is prone to security vulnerability. A flaw is present in the windows OS Loader which do not restrict certain inadequacies in boot process and allow unsigned binaries to be loaded. Successful exploitation which does ... oval:org.secpod.oval:def:33213 The host is installed with Microsoft Windows Vista SP2 or Windows Server 2008 SP2 and is prone to a remote code execution vulnerability. A flaw is present in the Windows, which fails to properly validate input before loading certain libraries. Successful exploitation could allow remote attackers to ... oval:org.secpod.oval:def:33212 The host is missing an important security update according to Microsoft security bulletin, MS16-025. The update is required to fix a remote code execution vulnerability. A flaw is present in the Windows, which fails to properly validate input before loading certain libraries. Successful exploitation ... oval:org.secpod.oval:def:9286 The host is installed with Internet Explorer 6, 7, 8 or 9 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9284 The host is installed with Internet Explorer 6, 7, 8, 9 or 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9285 The host is installed with Internet Explorer 6, 7, 8 or 9 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:16176 The host is missing an important security update according to Microsoft security bulletin, MS13-098. The updated is required to fix a signature validation vulnerability. The flaw is present in WinVerifyTrust in the operating system, which fails to handle signature. Successful exploitation could allo ... oval:org.secpod.oval:def:15980 The host is missing a critical security update according to Microsoft security bulletin, MS13-088. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:15986 The host is installed with Microsoft Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:15987 The host is installed with Microsoft Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:15990 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:15988 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:15989 The host is installed with Microsoft Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:15641 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:15650 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:16185 The host is installed with Microsoft Internet Explorer 7, 8, 9, 10 or 11 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to properly validate permissions. Successful exploitation allows attackers to gain elevation of privilege. oval:org.secpod.oval:def:16186 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to handle an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the c ... oval:org.secpod.oval:def:16777 The host is installed with Microsoft Internet Explorer 8, 9, 10 or 11 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a ... oval:org.secpod.oval:def:16771 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or c ... oval:org.secpod.oval:def:16770 The host is installed with Microsoft Internet Explorer 9, 10 or 11 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a de ... oval:org.secpod.oval:def:16769 The host is installed with Microsoft Internet Explorer 9, 10 or 11 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a de ... oval:org.secpod.oval:def:16785 The host is installed with Microsoft Internet Explorer 9, 10 or 11 and is prone to information disclosure vulnerability. A flaw is present in the application, which is caused when Internet Explorer does not properly enforce cross-domain policies. Successful exploitation allows attackers to view cont ... oval:org.secpod.oval:def:16783 The host is installed with Microsoft Internet Explorer 9, 10 or 11 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a de ... oval:org.secpod.oval:def:16782 The host is installed with Microsoft Internet Explorer 8, 9, 10 or 11 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a ... oval:org.secpod.oval:def:16781 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or c ... oval:org.secpod.oval:def:16780 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or c ... oval:org.secpod.oval:def:16757 The host is installed with VBScript engine 5.6, 5.7 or 5.8 or Microsoft Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitra ... oval:org.secpod.oval:def:16762 The host is missing a critical security update according to Microsoft bulletin, MS14-010. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle certain vectors related to memory. Successful exploitation allows attackers to execute arb ... oval:org.secpod.oval:def:16767 The host is installed with Microsoft Internet Explorer 9, 10 or 11 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or cause a de ... oval:org.secpod.oval:def:16765 The host is installed with Microsoft Internet Explorer 8, 9, 10 or 11 and is prone to elevation of privilege vulnerability.. A flaw is present in the application, which fails to properly properly validate permissions. Successful exploitation allows attackers to bypass the Mandatory Integrity Control ... oval:org.secpod.oval:def:16984 The host is installed with Internet Explorer 6 through 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execu ... oval:org.secpod.oval:def:16986 The host is installed with Internet Explorer 9 through 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execu ... oval:org.secpod.oval:def:16985 The host is installed with Internet Explorer 8 through 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execu ... oval:org.secpod.oval:def:16187 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to handle an object in memory. Successful exploitation allows attackers to execute arbitrary code in the context of the c ... oval:org.secpod.oval:def:17002 The host is missing a critical security update according to Microsoft security bulletin, MS14-012. The update is required to fix multiple memory corruption vulnerabilities.The flaws are present in the application, which fails to properly handle objects in memory. Successful exploitation could allow ... oval:org.secpod.oval:def:17001 The host is installed with Internet Explorer 8 through 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execu ... oval:org.secpod.oval:def:17000 The host is installed with Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execute ar ... oval:org.secpod.oval:def:16995 The host is installed with Internet Explorer 6 through 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execu ... oval:org.secpod.oval:def:16993 The host is installed with Internet Explorer 8 through 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execu ... oval:org.secpod.oval:def:16996 The host is installed with Internet Explorer 8 through 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execu ... oval:org.secpod.oval:def:16990 The host is installed with Internet Explorer 6 through 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user or execu ... oval:org.secpod.oval:def:16191 The host is missing a critical security update according to Microsoft bulletin, MS13-097. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly validate permissions and handle an object in memory. Successful exploitation allows atta ... oval:org.secpod.oval:def:19864 The host is installed with IE 6,7 or 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19861 The host is installed with IE 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:18542 The host is missing a critical security update according to Microsoft bulletin, MS14-029. The update is required to fix remote code execution vulnerability. The flaws are present in the application, which fails to handle certain vectors related to memory. Successful exploitation allows attackers to ... oval:org.secpod.oval:def:18541 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code ... oval:org.secpod.oval:def:18540 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code ... oval:org.secpod.oval:def:19812 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19814 The host is installed with IE 6,7,8,9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19815 The host is installed with IE 6,7,8,9,10 or 11 and is prone to a TLS server certificate renegotiation vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19810 The host is installed with IE 6,7,8,9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19811 The host is installed with IE 7,8,9,10 or 11 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19809 The host is installed with IE 6,7,8,9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19808 The host is missing a critical security update according to Microsoft security bulletin, MS14-035. The update is required to fix multiple vulnerabilities. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rig ... oval:org.secpod.oval:def:19846 The host is installed with IE 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19843 The host is installed with IE 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19858 The host is installed with IE 6 or 7 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19859 The host is installed with IE 6,7 or 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19824 The host is installed with IE 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19826 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19821 The host is installed with IE 8,9,10 or 11 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19822 The host is installed with IE 6,7,8,9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19817 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19818 The host is installed with IE 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19819 The host is installed with IE 6,7,8,9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19834 The host is installed with IE 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19836 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19837 The host is installed with IE 6,8,9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19830 The host is installed with IE 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19833 The host is installed with IE 7,8,9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19827 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19829 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:17394 The host is installed with Microsoft Internet Explorer 9 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:17393 The host is installed with Microsoft Internet Explorer 9 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:17392 The host is installed with Microsoft Internet Explorer 9 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:17397 The host is missing a critical security update according to Microsoft bulletin, MS14-018. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted website. Successful exploitation allows attacker to execute arbitrary code in the ... oval:org.secpod.oval:def:17396 The host is installed with Microsoft Internet Explorer 6, 7, 8 or 9 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:17395 The host is installed with Microsoft Internet Explorer 6 or 7 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation allows attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:17584 The host is installed with Microsoft Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the access of an object in memory. Successful exploitation allows attackers to execute arbitrary code or c ... oval:org.secpod.oval:def:17583 The host is missing a critical security update according to Microsoft bulletin, MS14-021. The update is required to fix memory corruption vulnerability. The flaws are present in the application, which fails to handle certain vectors related to memory. Successful exploitation allows attackers to exec ... oval:org.secpod.oval:def:19867 The host is installed with IE 8,9,10 or 11 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19865 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19842 The host is installed with IE 6,7,8,9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19844 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19840 The host is installed with IE 8,9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19839 The host is installed with IE 6,7,8,9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19856 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19857 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19850 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19851 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:19849 The host is installed with IE 6,7,8,9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:20059 The host is installed with IE 9,10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:20119 The host is installed with Internet Explorer 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20115 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20116 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20113 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20114 The host is installed with Internet Explorer 6, 7 or 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20122 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20123 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20120 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20108 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20107 The host is installed with Internet Explorer 6 or 7 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20104 The host is installed with Internet Explorer 7 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20105 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20102 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20103 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a Extended Validation (EV) certificate security feature bypass vulnerability. A flaw is present in the application , which force to prevent the use of wildcard certificates. Successful exploitation could allow attackers t ... oval:org.secpod.oval:def:20111 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20112 The host is installed with Internet Explorer 6 or 7 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20110 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20101 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20124 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20125 The host is missing a critical security update according to Microsoft bulletin, MS14-037. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly access objects in memory. Successful exploitation could allow attacker ... oval:org.secpod.oval:def:20798 The host is installed with Internet Explorer 7, 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20796 The host is installed with Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20787 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20790 The host is installed with Internet Explorer 8 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:21389 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:21390 The host is missing a critical security update according to Microsoft bulletin, MS14-056. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly access objects in memory or handle a crafted webpage. Successful exploitation could allo ... oval:org.secpod.oval:def:21379 The host is installed with Internet Explorer 6, 7, 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to elevate privileges in affected versions of Internet Explore ... oval:org.secpod.oval:def:21380 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to elevate privileges in affected versions of Internet Exp ... oval:org.secpod.oval:def:21388 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a ASLR bypass vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow an attacker to bypass the Address Space Layout Randomization (ASLR) security featur ... oval:org.secpod.oval:def:21385 The host is installed with Internet Explorer 6, 7 or 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to elevate privileges in affected versions of Internet Explorer. oval:org.secpod.oval:def:21386 The host is installed with Internet Explorer 6 or 7 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to elevate privileges in affected versions of Internet Explorer. oval:org.secpod.oval:def:21384 The host is installed with Internet Explorer 6 or 7 and is prone to a elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to elevate privileges in affected versions of Internet Explorer. oval:org.secpod.oval:def:21381 The host is installed with Internet Explorer 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to elevate privileges in affected versions of Internet Explorer. oval:org.secpod.oval:def:21376 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to elevate privileges in affected versions of Internet E ... oval:org.secpod.oval:def:21377 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to elevate privileges in affected versions of Internet E ... oval:org.secpod.oval:def:21050 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a information disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to detect anti-malware applications in use on a targe ... oval:org.secpod.oval:def:21057 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21058 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21055 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21056 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21053 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21054 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21051 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21052 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21083 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service. oval:org.secpod.oval:def:21086 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21087 The host is missing a critical security update according to Microsoft bulletin, MS14-052. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly access objects in memory or handle a crafted webpage. Successful exploitation could allo ... oval:org.secpod.oval:def:21084 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service. oval:org.secpod.oval:def:21085 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service. oval:org.secpod.oval:def:21070 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21078 The host is installed with Internet Explorer 6 through 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service. oval:org.secpod.oval:def:21075 The host is installed with Internet Explorer 6 through 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service. oval:org.secpod.oval:def:21059 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21060 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21061 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21068 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21069 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21066 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21067 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21064 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21065 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21062 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21063 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:21574 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21573 The host is missing a critical security update according to Microsoft bulletin, MS14-065. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly access objects in memory or to handle a crafted webpage. Successful exploitation could a ... oval:org.secpod.oval:def:21589 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21587 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a clipboard information disclosure vulnerability. A flaw is present in the application, which does not properly restrict access to the clipboard of a user who visits a website. Successful exploitation could allow attacker ... oval:org.secpod.oval:def:21588 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21578 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21579 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21576 The host is installed with Internet Explorer 8 or 9 and is prone to an ASLR Bypass vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow an attacker to more reliably predict the memory offsets of specific instructions in a g ... oval:org.secpod.oval:def:21577 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a cross-domain information disclosure vulnerability. A flaw is present in the application, which does not properly enforce cross-domain policies. Successful exploitation could allow an attacker to gain access to inform ... oval:org.secpod.oval:def:21584 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21581 The host is installed with Internet Explorer 9 or 10 and is prone to a cross-domain information disclosure vulnerability. A flaw is present in the application, which does not properly enforce cross-domain policies. Successful exploitation could allow an attacker to gain access to information in anot ... oval:org.secpod.oval:def:21582 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a cross-domain information disclosure vulnerability. A flaw is present in the application, which does not properly enforce cross-domain policies. Successful exploitation could allow an attacker to gain access to information ... oval:org.secpod.oval:def:21580 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21868 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to an XSS filter bypass vulnerability. A flaw is present in the application, which fails to handle a specially crafted content. An attacker who successfully exploited this vulnerability could cause script code to run on another ... oval:org.secpod.oval:def:21866 The host is installed with Internet Explorer 6, 7 or 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21867 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to an XSS filter bypass vulnerability. A flaw is present in the application, which fails to handle a specially crafted content. An attacker who successfully exploited this vulnerability could cause script code to run on another ... oval:org.secpod.oval:def:21864 The host is installed with Internet Explorer 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21862 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21871 The host is missing a critical security update according to Microsoft bulletin, MS14-080. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle a crafted website or crafted content. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:21870 The host is installed with VBScript engine 5.6, 5.7 or 5.8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21857 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21860 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:21861 The host is installed with Internet Explorer 6 or 7 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23508 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23505 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23504 The host is installed with Internet Explorer 6, 7, 8, 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23503 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23502 The host is installed with Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23511 The host is installed with Internet Explorer 6 or 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23510 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23500 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23539 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a cross-domain information disclosure vulnerability. A flaw is present in the application, which does not properly enforce cross-domain policies. Successful exploitation could allow an attacker to gain access to inform ... oval:org.secpod.oval:def:23538 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to use the Address Space Layout Randomization (ASLR) security feature, allowing an attacker to more reliably predict the memory offsets of spe ... oval:org.secpod.oval:def:23536 The host is installed with Internet Explorer 8 and is prone to an ASLR bypass vulnerability. A flaw is present in the application, which fails to use the Address Space Layout Randomization (ASLR) security feature, allowing an attacker to more reliably predict the memory offsets of specific instructi ... oval:org.secpod.oval:def:23534 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which does not properly validate permissions under specific conditions, potentially allowing script to be run with elevated privileges. Successful e ... oval:org.secpod.oval:def:23528 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23527 The host is installed with Internet Explorer 8 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23526 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23525 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23524 The host is installed with Internet Explorer 6, 7 or 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23523 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23532 The host is installed with Internet Explorer 6, 7, 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23530 The host is installed with Internet Explorer 6, 7 or 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23517 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23515 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23513 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23512 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23522 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23521 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23520 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23789 The host is missing a critical security update according to Microsoft bulletin, MS15-018. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle a specially crafted webpage. Successful exploitation could allow attackers to gai ... oval:org.secpod.oval:def:23788 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which does not properly enforce cross-domain policies. Successful exploitation could allow attackers to access information from one domain and ... oval:org.secpod.oval:def:23787 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which does not properly enforce cross-domain policies. Successful exploitation could allow attackers to access information from one domain and injec ... oval:org.secpod.oval:def:23791 The host is missing a critical security update according to Microsoft security bulletin, MS14-084. The update is required to fix a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the ... oval:org.secpod.oval:def:23790 The host is installed with VBScript engine 5.6, 5.7 or 5.8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23779 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23778 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23785 The host is installed with Internet Explorer 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23783 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23499 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:23498 The host is missing a critical security update according to Microsoft bulletin, MS15-009. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle a crafted website or objects in memory. Successful exploitation could allow attac ... oval:org.secpod.oval:def:24098 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to an ASLR bypass vulnerability. A flaw is present in the application, which does not use the Address Space Layout Randomization (ASLR) security feature. Successful exploitation could allow attackers to bypass the Address ... oval:org.secpod.oval:def:24090 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:24092 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:24095 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:24096 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:24088 The host is missing a critical security update according to Microsoft bulletin, MS15-032. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle a specially crafted webpage. Successful exploitation could allow attackers to gai ... oval:org.secpod.oval:def:24089 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user. oval:org.secpod.oval:def:24315 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:24316 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:24317 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which does not properly validate permissions under specific conditions. Successful exploitation could allow attackers to elevate privileges ... oval:org.secpod.oval:def:24318 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:24314 The host is missing a critical security update according to Microsoft bulletin, MS15-043. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle a specially crafted webpage. Successful exploitation could allow attackers to gai ... oval:org.secpod.oval:def:24337 The host is installed with JScript and Vbscript 5.6 or 5.7 or 5.8 scripting engines and is prone to ASLR bypass vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to execute remote code on a target system. oval:org.secpod.oval:def:24329 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:24330 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:24332 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:24335 The host is missing an important security update according to Microsoft bulletin, MS15-053. The update is required to fix ASLR bypass vulnerability. The flaws are present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to execute remote code ... oval:org.secpod.oval:def:24336 The host is installed with VBScript engine 5.6, 5.7 or 5.8 and is prone to a ASLR vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to execute remote code on a target system. oval:org.secpod.oval:def:24325 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current u ... oval:org.secpod.oval:def:24326 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a information disclosure vulnerability. A flaw is present in the application, which does not properly restrict access to the clipboard of a user who visits a website. Successful exploitation could allow attackers to colle ... oval:org.secpod.oval:def:24327 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current u ... oval:org.secpod.oval:def:24328 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:24331 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user ... oval:org.secpod.oval:def:25374 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:25375 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:25376 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:25377 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:25378 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:25379 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:25396 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:25397 The host is installed with Internet Explorer 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:25394 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:25395 The host is installed with Internet Explorer 8 or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:25385 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:25386 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:25387 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a XSS filter bypass vulnerability. A flaw is present in the application, which fails to handle a specially crafted content. Successful exploitation could allow malicious script to run in the wrong security context, leading t ... oval:org.secpod.oval:def:25388 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which does not properly handle cached image information. Successful exploitation could allow attackers to gain access to information about the us ... oval:org.secpod.oval:def:25380 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which does not properly handle requests for module resources. Successful exploitation could allow attackers to detect the existence of spec ... oval:org.secpod.oval:def:25381 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to an ASLR bypass vulnerability. A flaw is present in the application, which fails to handle the memory offsets of specific instructions in a given call stack. An attacker who successfully exploited this vulnerability cou ... oval:org.secpod.oval:def:25382 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:25383 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which does not properly enforce cross-domain policies. Successful exploitation could allow attackers to gain access to information in another domain ... oval:org.secpod.oval:def:25384 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:25404 The host is missing an critical security update according to Microsoft bulletin, MS15-066. The update is required to fix ASLR bypass vulnerability. The flaws are present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to execute remote code ... oval:org.secpod.oval:def:25401 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to an elevation of privilege Vulnerability. A flaw is present in the application, which does not properly validate permissions under specific conditions. An attacker who successfully exploited the vulnerability could elevate ... oval:org.secpod.oval:def:25402 The host is installed with Vbscript 5.6 or 5.7 or 5.8 scripting engines and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to execute remote code on a target system. oval:org.secpod.oval:def:25403 The host is missing a critical security update according to Microsoft security bulletin, MS15-065. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which improperly accesses objects in memory. Successful exploitation could allow atta ... oval:org.secpod.oval:def:25833 The host is installed with Internet Explorer 9 or 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user ... oval:org.secpod.oval:def:25834 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current ... oval:org.secpod.oval:def:25835 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current ... oval:org.secpod.oval:def:25826 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:25829 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curre ... oval:org.secpod.oval:def:26514 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curr ... oval:org.secpod.oval:def:26515 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curr ... oval:org.secpod.oval:def:26518 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the currently ... oval:org.secpod.oval:def:26517 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the currently ... oval:org.secpod.oval:def:31743 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a XSS filter bypass vulnerability. A flaw is present in the application, which does not properly enforce cross-domain policies. An attacker who successfully exploited this vulnerability could elevate privileges in affected vers ... oval:org.secpod.oval:def:31733 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as th ... oval:org.secpod.oval:def:32899 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could corrupt memory, execute arbitrary code in the cont ... oval:org.secpod.oval:def:33249 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successfully exploitation can corrupt memory in such a way that an attacker could execute arbitrary code in t ... oval:org.secpod.oval:def:33810 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successfully exploitation can corrupt memory in such a way that an attacker could execute arbitrary code in the context ... oval:org.secpod.oval:def:38310 The host is installed with Internet Explorer 9, 10 or 11 is prone to an information disclosure vulnerability. A flaw is present in the hyperlink object library, which improperly handles objects in memory. Successful exploitation could allow attackers to obtain information to further compromise a tar ... oval:org.secpod.oval:def:20801 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20800 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20795 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20786 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20785 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20793 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20792 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20777 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20778 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:20776 The host is missing a critical security update according to Microsoft bulletin, MS14-051. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly access objects in memory. Successful exploitation could allow attacker ... oval:org.secpod.oval:def:20783 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application , which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:1741 The host is missing an important security update according to Microsoft security bulletin, MS11-056. The update is required to fix elevation of privilege vulnerability in Windows Client/Server Run-time Subsystem. The flaw is present in Client/Server Run-time Subsystem (CSRSS), which fails to restric ... oval:org.secpod.oval:def:39758 A remote code execution vulnerability exists in the way that Microsoft Office and WordPad parse specially crafted files. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or creat ... oval:org.mitre.oval:def:6340 The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state t ... oval:org.secpod.oval:def:30020 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as th ... oval:org.secpod.oval:def:11229 The host is missing an important security update according to Microsoft security advisory (2820197). The update is required to fix a vulnerability, which prevents ActiveX control from being loaded by the Internet Explorer. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:1205 The host is installed with Microsoft Internet Explorer 6/7/8 and is prone to remote code execution vulnerability. A flaw is present in VML implementation which fails to open a specially crafted web page. Successful exploitation allows remote attackers to gain the same user rights as the logged-on us ... oval:org.secpod.oval:def:14209 The host is missing a security update according to Microsoft advisory, 2854544. The update is required to fix a update to improve cryptography and digital certificate handling in windows. The flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow ... oval:org.secpod.oval:def:32584 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or 2012 R2 and is prone to an ASLR bypass vulnerability. A flaw is present in the Windows graphics device interface, which fails to handle objects in memory. Succe ... oval:org.secpod.oval:def:32591 The host is missing a critical security update according to Microsoft security bulletin, MS16-003. The update is required to fix an information disclosure vulnerability. A flaw is present in the applications, which fail to properly access objects in memory. An attacker who successfully exploited the ... oval:org.secpod.oval:def:32614 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1 or Windows Server 2008 R2 SP1 and is prone to privilege escalation vulnerability. A flaw is present in the system, which fails to load DLL file. Successful exploitation could allow local attackers to gain ... oval:org.secpod.oval:def:34331 The host is missing an critical security update according to Microsoft security bulletin, MS16-053. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which improperly accesses objects in memory. Successful exploitation can corrupt mem ... oval:org.secpod.oval:def:35611 The host is missing a critical security update according to Microsoft security bulletin, MS16-069. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in VBScript engine, which improperly handles objects in memory in Internet Explorer. Successful exploitat ... oval:org.secpod.oval:def:35923 The host is missing a critical security update according to Microsoft bulletin, MS16-086. The update is required to fix memory corruption vulnerability. A flaw is present in application, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:35931 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a security feature bypass vulnerability. A flaw is present in Internet Explorer, which improperly handles URLs validation process in IE for restricted ports. Successful exploitation could allow attackers to trick a user to visi ... oval:org.secpod.oval:def:37006 The host is installed with Vista SP2, Server 2008 SP2, Server 2008 R2 SP1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle kernel API enforced permissions. An attacker who successfully exploited the vulnerability could impe ... oval:org.secpod.oval:def:37486 The host is missing an important security update according to Microsoft security bulletin, MS16-126. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle session objects and kernel API enforced permissions. Succes ... oval:org.secpod.oval:def:19803 The host is missing a critical security update according to Microsoft bulletin, MS14-036. The update is required to fix remote code execution vulnerabilities. The flaws are present in the applications, which fail to properly validate specially crafted image files. Successful exploitation allows atta ... oval:org.secpod.oval:def:19806 The host is installed with Microsoft Office 2010, 2007, Lync 2010, 2013, SP1, Lync Basic 2013, SP1 or Lync 2010 Attendee and is prone to remote code execution vulnerability. A flaw is present in the applications, which fail to properly handle specially crafted files in a way that corrupts memory. Su ... oval:org.secpod.oval:def:19807 The host is installed with Microsoft Office 2010, 2007, Lync 2010, 2013, SP1, Lync Basic 2013, SP1 or Lync 2010 Attendee and is prone to remote code execution vulnerability. A flaw is present in the applications, which fail to properly validate specially crafted files. Successful exploitation allows ... oval:org.secpod.oval:def:21875 The host is installed with Microsoft Windows Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an information disclosure vulnerability. A flaw is present in the Graphics Component, which improperly handles the de ... oval:org.secpod.oval:def:21874 The host is missing an important security update according to Microsoft bulletin, MS14-085. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which improperly handles the decoding of JPEG images in memory. Successful exploitation allows atta ... oval:org.secpod.oval:def:23481 The host is installed with Microsoft Windows Server 2003, Server 2008, Server 2008 R2, Server 2008 R2 IA64, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an information disclosure vulnerability. A flaw is present in the Graphics Component, which fail ... oval:org.secpod.oval:def:23482 The host is missing an important security update according to Microsoft security bulletin MS15-016. The update is required to fix an information disclosure vulnerability. A flaw is present in the Graphics Component, which fails to properly handle uninitialized memory when parsing certain, specially ... oval:org.secpod.oval:def:23764 The host is missing an important security update according to Microsoft security bulletin MS15-024. The update is required to fix an information disclosure vulnerability. A flaw is present which exists when Windows fails to properly handle uninitialized memory when parsing certain, specially crafted ... oval:org.secpod.oval:def:23763 The host is installed with Microsoft Windows Server 2003, Server 2008, Server 2008 R2, Server 2008 R2 IA64, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an information disclosure vulnerability. A flaw is present which exists when Windows fails to pr ... oval:org.secpod.oval:def:1223 The host is installed with Microsoft Internet Explorer and is prone to cookiejacking vulnerability. A flaw is present in the application, which fails to properly restrict cross-zone drag-and-drop actions. Successful exploitation allow user-assisted remote attackers to read cookie files. oval:org.secpod.oval:def:1762 The host is missing a Critical security update according to Microsoft security bulletin MS11-057. The update is required to fix multilple vulnerabilities. The flaws are present in the browser, which fails to access an object that has not been properly initialized or has been deleted. Successful expl ... oval:org.mitre.oval:def:6696 Stack-based buffer overflow in the UpdateFrameTitleForDocument method in the CFrameWnd class in mfc42.dll in the Microsoft Foundation Class (MFC) Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allo ... oval:org.secpod.oval:def:1388 The host is missing a critical security update according to Microsoft security bulletin, MS10-074. The update is required to fix stack-based buffer overflow vulnerability. A flaw is present in the 'UpdateFrameTitleForDocument' method in the CFrameWnd class in 'mfc42.dll' in the Microsoft Foundation ... oval:org.mitre.oval:def:6508 Stack consumption vulnerability in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows remote authenticated users to cause a denial of service (daemon crash) via a list (ls) -R command containing a wildcard that references a subdirectory, followed by a .. (dot dot ... oval:org.secpod.oval:def:2643 The host is missing an important security update according to Microsoft security bulletin, MS09-053. The update is required to fix remote code execution vulnerabilities. The flaws are present in the FTP Service in Microsoft Internet Information Services, which fails to handle the FTP Service list op ... oval:org.secpod.oval:def:23493 The host is installed with Microsoft Windows Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012 or Server 2012 R2 and is prone to a security feature bypass vulnerability. A flaw is present in the application, which fails to properly validate a ... oval:org.secpod.oval:def:23484 The host is missing a critical security update according to Microsoft bulletin, MS15-011. The update is required to fix a remote code execution vulnerability. The flaw is present in the Group Policy, which fails to handle files that originate from unfamiliar or untrusted sources. An attacker who suc ... oval:org.secpod.oval:def:23483 The host is installed with Microsoft Windows Server 2008, Server 2008 R2, Server 2008 R2 IA64, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to a remote code execution vulnerability. The flaw is present in the Group Policy, which fails to handle files t ... oval:org.secpod.oval:def:16983 The host is installed with Microsoft Active Directory or Active Directory Application Mode (ADAM) or Active Directory Lightweight Directory Service (AD LDS) or Active Directory Services and is prone to security bypass vulnerability. A flaw is present in an application, which fails to handle validati ... oval:org.secpod.oval:def:16982 The host is missing an important security update according to Microsoft bulletin, MS14-016. The update is required to fix a security bypass vulnerability. A flaw is present in an application, which fails to handle validation of user lockout state. Successful exploitation could allow attackers to cau ... oval:org.secpod.oval:def:15958 The host is installed with Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2 SP1, Windows 7 SP1, Windows 8 or Windows Server 2012 and is prone to an ancillary function driver information disclosure vulnerability. A flaw is present in the application, w ... oval:org.secpod.oval:def:15959 The host is missing an important security update according to Microsoft bulletin, MS13-093. The update is required to fix an ancillary function driver information disclosure vulnerability. A flaw is present in the application, which fails to properly copy data between kernel and user memory. Success ... oval:org.secpod.oval:def:15665 The host is missing a critical security update according to Microsoft bulletin, MS13-081. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle certain objects in memory and fails to properly parse certain elements. Successfu ... oval:org.secpod.oval:def:15671 The host is installed with Microsoft Windows XP SP2, SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2, Server 2008 R2 SP2, Windows 7 SP1, Windows Server 2012 or Windows 8 and is prone to remote code vulnerability. A flaw is present in the application, which fails to properly parse OpenType fonts. Su ... oval:org.secpod.oval:def:16195 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Server 2008 R2 SP2, Windows 7 SP1, Windows Server 2012 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploi ... oval:org.secpod.oval:def:16197 The host is missing a critical security update according to Microsoft bulletin, MS13-101. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle certain objects in memory. Successful exploitation allows local users to gain pri ... oval:org.secpod.oval:def:16201 The host is missing a critical security update according to Microsoft security bulletin, MS13-096. The update is required to fix a remote code execution vulnerability. The flaw is present in the graphics component in Microsoft Windows Vista, Windows Server 2008, Office 2003 SP3 /2007 SP3 /2010 SP1, ... oval:org.secpod.oval:def:15433 The host is missing an important security update according to Microsoft security bulletin MS13-079. The update is required to fix denial of service vulnerability. The flaw is present in the Active Directory Lightweight Directory Service (AD LDS), which fails to properly handle specially crafted quer ... oval:org.secpod.oval:def:15435 The host is installed with Microsoft Windows Vista, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to an denial of service vulnerability. The flaw is present in the Active Directory Lightweight Directory Service (AD LDS), which fails to properl ... oval:org.secpod.oval:def:15667 The host is installed with Microsoft Windows XP SP2, SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2, Server 2008 R2 SP2, Windows 7 SP1, Windows Server 2012 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle object ... oval:org.secpod.oval:def:15666 The host is installed with Microsoft Windows XP SP2, SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2, Server 2008 R2 SP2, Windows 7 SP1, Windows Server 2012 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle object ... oval:org.secpod.oval:def:15660 The host is missing a critical security update according to Microsoft Security bulletin, MS13-083. The update is required to fix a remote code execution vulnerability. A flaw is present in the the way that the Windows common control library (aka Comctl32.dll) handles allocating memory for data struc ... oval:org.secpod.oval:def:15659 The host is installed with Microsoft Windows XP, Microsoft Windows Server 2003, Microsoft Windows Vista, Microsoft Windows Server 2008, Microsoft Windows 7, Microsoft Windows Server 2008 R2, Microsoft Windows 8 or Microsoft Windows Server 2012 and is prone to remote code execution vulnerability. A f ... oval:org.secpod.oval:def:15670 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Server 2008 R2 SP2 or Windows 7 SP1 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation allows attackers to run a ... oval:org.secpod.oval:def:15425 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to an elevation of privilege vulnerability. The flaw is present in the Windows Kernel-Mode, which fails to proper ... oval:org.secpod.oval:def:15426 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to an elevation of privilege vulnerability. The flaw is present in the Windows Kernel-Mode, which fails to proper ... oval:org.secpod.oval:def:15423 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to an elevation of privilege vulnerability. The flaw is present in the Windows Kernel-Mode, which fails to proper ... oval:org.secpod.oval:def:15424 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to an elevation of privilege vulnerability. The flaw is present in the Windows Kernel-Mode, which fails to proper ... oval:org.secpod.oval:def:15419 The host is missing an important security update according to Microsoft security bulletin MS13-076. The update is required to fix multiple vulnerabilities. The flaws are present in the windows Kernel-Mode driver, which fails to properly handle objects in memory. Successful exploitation could allow a ... oval:org.secpod.oval:def:15421 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to an elevation of privilege vulnerability. The flaw is present in the Windows Kernel-Mode, which fails to proper ... oval:org.secpod.oval:def:15422 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to an elevation of privilege vulnerability. The flaw is present in the Windows Kernel-Mode, which fails to proper ... oval:org.secpod.oval:def:15420 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows 7, or Windows 8 and is prone to an elevation of privilege vulnerability. The flaw is present in the Windows Kernel-Mode, which fails to properly handle objects in ... oval:org.secpod.oval:def:14824 The host is installed with Internet Explorer 7, 8, 9 or 10 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation allows attackers to elevate the privileges of a process that is launched ... oval:org.secpod.oval:def:14825 The host is missing a critical security update according to Microsoft bulletin, MS13-059. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly access an object in memory. Successful exploitation allows attackers to execute arbitrar ... oval:org.secpod.oval:def:15407 The host is installed with Microsoft Windows XP, Windows Server 2003, Windows Vista or Windows Server 2008 and is prone to remote code execution vulnerability. The flaw is present in the Windows theme file (Themeui.dll), which fails to properly handle crafted Windows theme when user forced open the ... oval:org.secpod.oval:def:15406 The host is missing an important security update according to Microsoft security bulletin, MS13-071. The update is required to fix remote code execution vulnerability. The flaw is present in the Windows theme file (Themeui.dll), which fails to properly handle crafted Windows theme when user forced o ... oval:org.secpod.oval:def:14299 The host is installed with DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8 or Windows Server 2012 and is prone to a remote code execution vulnerability. A flaw is present in the application, whic ... oval:org.secpod.oval:def:14314 The host is missing an important security update according to Microsoft security bulletin MS13-053. The update is required to fix multiple vulnerabilities. The flaws are present in the windows kernel-mode driver, which fails to properly handle objects in memory. Successful exploitation could allow a ... oval:org.secpod.oval:def:14312 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to an elevation of privilege vulnerability. The flaw is present in the application, which fails to properly hand ... oval:org.secpod.oval:def:14300 The host is missing a critical security update according to Microsoft bulletin MS13-056. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to handle crafted GIF image files. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:14842 The host is installed with Microsoft Windows Vista, Server 2008, Windows 7, Windows 8, Windows Server 2012 or Windows Server 2008 R2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly allocate memory for incoming ICMPv6 packets. Successfu ... oval:org.secpod.oval:def:14843 The host is missing an important security update according to Microsoft advisory MS13-065. The update is required to fix a denial of service vulnerability. A flaw is present in the application which fails to properly allocate memory for incoming ICMPv6 packets. Successful exploitation could allow at ... oval:org.secpod.oval:def:14833 The host is installed with Microsoft Windows and is prone to a remote procedure call vulnerability. A flaw is present in the application, which fails to handle asynchronous RPC requests. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14834 The host is missing an important security update according to Microsoft bulletin MS13-062. The update is required to fix a remote procedure call vulnerability. A flaw is present in the application, which fails to handle asynchronous RPC requests. Successful exploitation could allow attackers to exec ... oval:org.secpod.oval:def:14310 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2 or Windows 7 and is prone to a elevation of privilege vulnerability. The flaw is present in the application, which fails to properly handle objects in memory. Successful ... oval:org.secpod.oval:def:14311 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2 or Windows 7 and is prone to a elevation of privilege vulnerability. The flaw is present in the application, which fails to properly handle objects in memory. Successful ... oval:org.secpod.oval:def:14315 The host is missing an important security update according to Microsoft security bulletin, MS13-054. The update is required to fix multiple vulnerabilities. The flaws are present in the Microsoft Office 2003 SP3 /2007 SP3 /2010 SP1, Windows, Visual Studio .NET 2003 SP1, Lync 2010, Lync Basic 2013 or ... oval:org.secpod.oval:def:14308 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to an elevation of privilege vulnerability. The flaw is present in the application, which fails to properly hand ... oval:org.secpod.oval:def:14309 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to an elevation of privilege vulnerability. The flaw is present in the application, which fails to properly hand ... oval:org.secpod.oval:def:14198 The host is missing an important security update according to Microsoft security bulletin MS13-049. The update is required to fix a denial of service vulnerability. A flaw is present in the application, which fails to properly handle packets during TCP connection. Successful exploitation could allow ... oval:org.secpod.oval:def:14199 The host is missing an important security update according to Microsoft security bulletin, MS13-050. The update is required to fix privilege escalation vulnerability in Microsoft Windows Print Spooler components. A flaw is present in the Windows print server which fails to validate a specially craft ... oval:org.secpod.oval:def:14197 The host is installed with Microsoft Windows Vista, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to a TCP/IP integer overflow vulnerability. A flaw is present in the application, which fails to properly handle packets during TCP connection. S ... oval:org.secpod.oval:def:14200 The host is installed with Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8 or Windows 2012 and is prone to a privilege escalation vulnerability. A flaw is present in the Windows Print Spooler components which fails to validate a specially crafted print job. Successfu ... oval:org.secpod.oval:def:14307 The host is installed with Microsoft Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to an elevation of privilege vulnerability. The flaw is present in the application, which fails to properly hand ... oval:org.secpod.oval:def:10969 The host is missing an important security update according to Microsoft security bulletin MS13-046. The update is required to fix a windows handle vulnerability. A flaw is present in the application which fails to properly handle deleted objects in memory. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:10966 The host is installed with Microsoft Windows Vista, Windows Server 2008 or R2 , Windows 7 SP1, Windows 8, Windows Server 2012 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could al ... oval:org.secpod.oval:def:10968 The host is installed with Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, R2, Windows 7, Windows 8, Windows Server 2012 and is prone to a windows handle vulnerability. A flaw is present in the application which fails to properly handle deleted objects in memory. Succe ... oval:org.secpod.oval:def:10729 The host is installed with Windows XP, Server 2003, Vista, or Server 2008 are prone to a CSRSS memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted application. Successful exploitation could allow attackers to gain privileges. oval:org.secpod.oval:def:10740 The host is missing an important security update according to Microsoft security bulletin MS13-031. The update is required to fix multiple race condition vulnerabilities. The flaws are present in the application, which fails to properly handle objects in memory. Successful exploitation could allow a ... oval:org.secpod.oval:def:10738 The host is installed with Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012 and is prone to a race condition vulnerability. A flaw is present in the application, which fails to properly handle objec ... oval:org.secpod.oval:def:10730 The host is missing an important security update according to Microsoft bulletin MS13-033. The update is required to fix a CSRSS memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted application. Successful exploitation could allow attackers to gain p ... oval:org.secpod.oval:def:10733 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, R2, Server 2012, Windows Vista, Windows 7 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation allows attack ... oval:org.secpod.oval:def:10734 The host is missing an important security update according to Microsoft security bulletin, MS13-036. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle certain vectors related to memory and crafted files. Successful exploitation al ... oval:org.secpod.oval:def:10736 The host is installed with Microsoft Windows Server 2008, R2, Server 2012, Windows Vista, Windows 7 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation allows attackers to gain eleva ... oval:org.secpod.oval:def:10737 The host is installed with Microsoft Windows Server 2008, R2, Windows Vista or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation allows attackers to gain elevated privileges and read ... oval:org.secpod.oval:def:10941 The host is installed with Internet Explorer 8 or 9 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle an object in memory that has been deleted or has not been properly allocated. Successful exploitation could allow attackers to execute arbi ... oval:org.secpod.oval:def:10942 The host is missing a critical security update according to Microsoft Security bulletin, MS13-038. The update is required to fix an use after free vulnerability. A flaw is present in the application, which fails to handle an object in memory that has been deleted or has not been properly allocated. ... oval:org.secpod.oval:def:9739 The host is missing an important security update according to MS bulletin, MS13-027 and is prone to an privilege escalation vulnerability. A flaw is present in the kernel-mode drivers, which fails to properly handle objects in memory. Successful exploitation could allow attackers to run arbitrary co ... oval:org.secpod.oval:def:9742 The host is installed with Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8 or Windows Server 2012 and is prone to a privilege escalation vulnerability. A flaw is present in the kernel-mode drivers, which fails to handle obje ... oval:org.secpod.oval:def:9741 The host is installed with Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8 or Windows Server 2012 and is prone to a privilege escalation vulnerability. A flaw is present in the kernel-mode drivers, which fails to handle obje ... oval:org.secpod.oval:def:9740 The host is installed with Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8 or Windows Server 2012 and is prone to a privilege escalation vulnerability. A flaw is present in the kernel-mode drivers, which fails to handle obje ... oval:org.secpod.oval:def:9711 The host is missing a critical security update according to Microsoft bulletin, MS13-012 and is prone to multiple use after free vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9719 The host is installed with Internet Explorer 8 and is prone to a CTreeNode use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9715 The host is installed with Internet Explorer 6,7,8,9 or 10 and is prone to a CCaret use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9717 The host is installed with Internet Explorer 6,7,8,9 or 10 and is prone to a GetMarkupPtr use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9716 The host is installed with Internet Explorer 8 and is prone to a CElement use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9718 The host is installed with Internet Explorer 6,7,8,9 or 10 and is prone to a use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9720 The host is installed with Internet Explorer 6,7,8,9 or 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9713 The host is installed with Internet Explorer 6,7,8,9 or 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9712 The host is installed with Internet Explorer 6,7,8,9 or 10 and is prone to an onresize use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9714 The host is installed with Internet Explorer 6,7,8,9 or 10 and is prone to a CMarkupBehaviorContext use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:14835 The host is installed with Windows Vista, Windows Server 2008, Windows 7 or Windows Server 2008 R2 and is prone to a ASLR security feature bypass vulnerability. The flaw is present in Windows Kernel, which fails to properly handle the implementation of Address Space Layout Randomization (ASLR). Succ ... oval:org.secpod.oval:def:14839 The host is missing an important security update according to Microsoft security bulletin MS13-063. The update is required to fix elevation of privilege vulnerability. The flaw is present in the Windows kernel, which fails to handle memory corruption condition in the NT Virtual DOS Machine (NTVDM).S ... oval:org.secpod.oval:def:9239 The host is missing an important security update according to Microsoft bulletin, MS13-017. The update is required to fix multiple elevation of privilege vulnerabilities. The flaws are present in the application, which is caused when the Windows kernel improperly handles objects in memory. Successfu ... oval:org.secpod.oval:def:9238 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, Windows 7 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel improperly handles objects ... oval:org.secpod.oval:def:9236 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, Windows 7 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel improperly handles objects ... oval:org.secpod.oval:def:9237 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, Windows 7 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel improperly handles objects ... oval:org.secpod.oval:def:9271 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9272 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9273 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles object ... oval:org.secpod.oval:def:9274 The host is missing an important security update according to Microsoft bulletin, MS13-016. The update is required to fix multiple elevation of privilege vulnerabilities. The flaws are present in the application, which is caused when the Windows kernel-mode driver improperly handles objects in memor ... oval:org.secpod.oval:def:9268 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9269 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9266 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9267 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9270 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9264 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9265 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9261 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9262 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9263 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9257 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9258 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9259 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9256 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9260 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9253 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9254 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9255 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9251 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9252 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9250 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9246 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9247 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9248 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9249 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver improperly handles objec ... oval:org.secpod.oval:def:9230 The host is missing a critical security update according to Microsoft Security bulletin, MS13-011. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to handle a specially crafted media file (such as an .mpg file), a Microsoft Offi ... oval:org.secpod.oval:def:9244 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, Windows 7, Server 2012 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver i ... oval:org.secpod.oval:def:9245 The host is installed with Microsoft Windows XP, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows Vista, Windows 7, Server 2012 or Windows 8 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when the Windows kernel-mode driver i ... oval:org.secpod.oval:def:9240 The host is installed with Microsoft Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8 or Windows Server 2012 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a connection termination sequence. Succ ... oval:org.secpod.oval:def:9241 The host is missing an important security update according to Microsoft security bulletin MS13-018. The update is required to fix a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a connection termination sequence. Successful exploitation could a ... oval:org.secpod.oval:def:9229 The host is installed with Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a specially crafted media file (such as an .mpg file), a Microsoft Office docume ... oval:org.secpod.oval:def:9280 The host is missing an important security update according to Microsoft bulletin, MS13-015. The update is required to fix privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle a web browser that can run XAML Browser Applications. Successful exploita ... oval:org.secpod.oval:def:9281 The host is installed with .NET Framework 2.0 or 3.5 or 3.5.1 or 4.0 or 4.5 and is prone to privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle permissions of a callback function. Successful exploitation allows attackers to take complete control o ... oval:org.secpod.oval:def:9290 The host is installed with Internet Explorer 9 or 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9291 The host is installed with Internet Explorer 8 or 9 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9297 The host is missing a critical security update according to Microsoft security bulletin, MS13-009. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:9293 The host is installed with Internet Explorer 9 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9296 The host is installed with Internet Explorer 6, 7, 8, 9 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9282 The host is missing a critical security update according to Microsoft security bulletin, MS13-010. The update is required to fix remote code execution vulnerability. A flaw is present in the microsoft implementation of Vector Markup Language, which fails to handle a specially crafted webpage. Succes ... oval:org.secpod.oval:def:9283 The host is installed with Internet Explorer 6 or 7 or 8 or 9 or 10 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to handle a specially crafted webpage. Successful exploitation could allow an attacker to gain the same user rights as the current us ... oval:org.secpod.oval:def:8333 The host is installed with Windows Vista, Windows Server 2008,Windows Server 2008 R2, Windows 7, Windows 8 or Windows Server 2012 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle window broadcast messages. Successful exploitat ... oval:org.secpod.oval:def:8334 The host is missing an important security update according to MS bulletin, MS13-005 and is prone to an privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle window broadcast messages. Successful exploitation could allow attackers to take complete co ... oval:org.secpod.oval:def:8335 The host is installed with Microsoft Windows Vista, Windows 7, Windows server 2008, Windows server 208 R2, Windows 8 or Windows server 2012 and is prone to security feature bypass vulnerability. A flaw is present in the application, which fails to properly handle SSL/TLS session version negotiation. ... oval:org.secpod.oval:def:8336 The host is missing an important security update according to Microsoft bulletin, MS13-006. The update is required to fix security feature bypass vulnerability. A flaw is present in the application, which fails to properly handle SSL/TLS session version negotiation. Successful exploitation allows at ... oval:org.secpod.oval:def:9287 The host is installed with Internet Explorer 7, 8, 9 or 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9288 The host is installed with Internet Explorer 9 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:9289 The host is installed with Internet Explorer 9 or 10 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:8339 The host is installed with Microsoft .NET Framework 2.0 SP2, 3.0, 3.5.1, 4 or 4.5 and is prone to S.DS.P buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle System.DirectoryServices.Protocols (S.DS.P) namespace method. Successful exploitation allows re ... oval:org.secpod.oval:def:8344 The host is missing an important security update according Microsoft bulletin MS13-007. The update is required to fix a denial of service vulnerability. A flaw is present in the applications, which fail to handle crafted HTTP requests. Successful exploitation could allow attackers to crash the servi ... oval:org.secpod.oval:def:8340 The host is installed with Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.0, 3.5.1, 4 or 4.5 and is prone to double construction vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation allows remote attackers to install programs, v ... oval:org.secpod.oval:def:8341 The host is missing an important security update according to Microsoft security bulletin, MS13-004. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle the vectors related to memory. Successful exploitation allows remote a ... oval:org.secpod.oval:def:8342 The host is installed with Microsoft .NET Framework 3.5 Service Pack 1, Microsoft .NET Framework 4 or Management OData IIS Extension and is prone to a denial of service vulnerability. A flaw is present in the applications, which fail to handle crafted HTTP requests. Successful exploitation could all ... oval:org.secpod.oval:def:8352 The host is missing a critical security update according to MS13-002. The update is required to fix multiple MSXML vulnerabilities. The flaws are present in the applications, which fail to properly handle XML content. Successful exploitation allows attackers to execute arbitrary code. oval:org.secpod.oval:def:8197 The host is missing a critical security update according to Microsoft security bulletin MS12-077. The update is required to fix multiple use-after-free vulnerabilities. The flaws are present in the application, which fails to handle a deleted object. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:8195 The host is installed with Internet Explorer 9 and is prone to an CMarkup use-after-free vulnerability. A flaw is present in the application, which fails to handle a deleted object. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:8196 The host is installed with Internet Explorer 9 or 10 and is prone to an improper ref counting use-after-free vulnerability. A flaw is present in the application, which fails to handle a deleted or improperly initialized object. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:8322 The host is installed with Internet Explorer 6, Internet Explorer 7 or Internet Explorer 8 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to properly handle object in memory. Successful exploitation could allow attackers to execute arbitrary co ... oval:org.secpod.oval:def:8321 The host is missing a critical security update according to Microsoft Security Bulletin, MS13-008. The update is required to fix remote code execution vulnerability. A flaw is present in the application, which fails to properly handle object in memory. Successful exploitation could allow attackers t ... oval:org.secpod.oval:def:8337 The host is installed with Microsoft .NET Framework 1.1 SP1 or 2.0 SP2 or 3.5.1 or 4 or 4.5 and is prone to WinForms buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a Windows Forms method. Successful exploitation allows remote attackers to install ... oval:org.secpod.oval:def:8338 The host is installed with Microsoft .NET Framework 1.1 SP1 or 2.0 SP2 or 3.0 or 4 and is prone to system drawing information disclosure vulnerability. A flaw is present in the application, which fails to properly handle pointers to unmanaged memory locations. Successful exploitation allows remote a ... oval:org.secpod.oval:def:8182 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2008 R2, Windows Server 2003 or Windows 7 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to parse filenames. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:8183 The host is missing a critical security update according to Microsoft security bulletin, MS12-081. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to parse filenames. Successful exploitation could allow attackers to execute arbit ... oval:org.secpod.oval:def:8190 The host is missing a critical security update according to Microsoft security bulletin, MS12-078. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Windows kernel, which fails to handle the objects in memory. Successful exploitation could allow remote ... oval:org.secpod.oval:def:8191 The host is installed with Windows XP, Windows Vista, Windows Server 2008,Windows Server 2008 R2, Windows Server 2003 or Windows 7 and is prone to remote code execution vulnerabilities. The flaws are present in the Windows kernel, which fails to handle a specially crafted OpenType font file. Success ... oval:org.secpod.oval:def:7927 The host is installed with Microsoft .NET Framework 2.0 SP2, 3.5.1, 4 or 4.5 and is prone to Web proxy auto-discovery vulnerability. A flaw is present in the applications, which is caused by a lack of validation when the .NET Framework acquires the default web proxy settings and executes JavaScript ... oval:org.secpod.oval:def:7928 The host is installed with Microsoft .NET Framework 4 or 4.5 and is prone to WPF reflection optimization vulnerability. A flaw is present in the applications, which fails to properly validate permissions of objects involved with reflection. Successful exploitation allows attackers to take complete c ... oval:org.secpod.oval:def:7929 The host is missing a critical security update according to Microsoft Security Bulletin, MS12-074. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle certain vectors and properly perform validations. Successful exploitation allows ... oval:org.secpod.oval:def:7906 The host is installed with Microsoft Internet Explorer 9 and is prone to use after free vulnerability. A flaw is present in the Internet Explorer, which fails to handle objects in memory. Successful exploitation allows an attacker to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:7903 The host is missing a critical security update according to Microsoft security bulletin, MS12-071. The update is required to fix use after free vulnerabilities. The flaws are present in the Internet Explorer, which fails to handle a specially crafted Web page. Successful exploitation allows an attac ... oval:org.secpod.oval:def:7931 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 or Windows 7 and is prone to privilege escalation vulnerability. A flaw is present in the Windows kernel, which fails to properly handle the objects in memory. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:7924 The host is installed with Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5.1 or 4 and is prone to reflection bypass vulnerability. A flaw is present in the applications, which fail to properly validate the permissions of objects performing reflection. Successful exploitation allows attackers to take ... oval:org.secpod.oval:def:7925 The host is installed with Microsoft .NET Framework 2.0 SP2 or 3.5.1 and is prone to Code access security info disclosure vulnerability. A flaw is present in the applications, which does not properly sanitize the output of a function when called from partially trusted code. Successful exploitation a ... oval:org.secpod.oval:def:7926 The host is installed with Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5.1 or 4 and is prone to untrusted search path vulnerability. A flaw is present in the applications, which is caused when Entity Framework, a .NET Framework component, incorrectly restricts the path used for loading external lib ... oval:org.secpod.oval:def:7905 The host is installed with Microsoft Internet Explorer 9 and is prone to use after free vulnerability. A flaw is present in the Internet Explorer, which fails to handle objects in memory. Successful exploitation allows an attacker to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:7930 The host is missing a critical security update according to Microsoft security bulletin, MS12-075. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Windows kernel, which fails to handle the webpage that embeds TrueType font files. Successful exploitat ... oval:org.secpod.oval:def:7311 The host is installed with Microsoft Windows XP, server 2003, server 2008, server 2008 R2, Vista or Windows 7 and is prone to integer overflow vulnerability. A flaw is present in the application, which is caused when the Windows kernel improperly handles objects in memory. Successful exploitation al ... oval:org.secpod.oval:def:7312 The host is missing an important security update according to Microsoft security bulletin, MS12-068. The update is required to fix integer overflow vulnerability. A flaw is present in the application, which is caused when the Windows kernel improperly handles objects in memory. Successful exploitati ... oval:org.secpod.oval:def:7077 The host is installed with Google Chrome before 22.0.1229.79 in Microsoft Windows 7 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle memory. Successful exploitation allows remote attackers to execute arbitrary code or cause a denia ... oval:org.secpod.oval:def:7920 The host is installed with Microsoft Windows XP SP2 or SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2 or R2 SP1, Windows 7 or SP1, windows 8, or windows server 2012 and is prone to integer underflow vulnerability. A flaw is present in the application, which fails to pro ... oval:org.secpod.oval:def:7921 The host is installed with Microsoft Windows XP SP2 or SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2 or R2 SP1, Windows 7 or SP1 and is prone to integer overflow vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted bri ... oval:org.secpod.oval:def:7922 The host is missing a critical security update according to Microsoft Security Bulletin, MS12-072. The update is required to fix integer overflow and underflow vulnerabilities. The flaws are present in the application, which fails to properly handle a specially crafted briefcase. Successful exploita ... oval:org.secpod.oval:def:7904 The host is installed with Microsoft Internet Explorer 9 and is prone to use after free vulnerability. A flaw is present in the Internet Explorer, which fails to handle objects in memory. Successful exploitation allows an attacker to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:6686 The host is missing an important security update according to Microsoft security bulletin, MS12-055. The update is required to fix multiple elevation of privilege vulnerabilities. The flaws are present in the application, which fails to handle objects in memory properly. Successful exploitation coul ... oval:org.secpod.oval:def:6685 The host is installed with Microsoft Windows XP SP2, SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, R2 SP1, Windows 7 Gold or SP1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle objects in memory prop ... oval:org.secpod.oval:def:6688 The host is installed with Microsoft Windows XP, Server 2003, Vista, Server 2008, Windows 7 or Server 2008 R2 and is prone to format string vulnerability. A flaw is present in the application, which fails to handle a specially crafted response. Successful exploitation allows attackers to take comple ... oval:org.secpod.oval:def:6687 The host is installed with Microsoft Windows XP, Server 2003, Vista, Server 2008, Windows 7 or Server 2008 R2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle a Remote Administration Protocol (RAP) response. Successful exploitation ... oval:org.secpod.oval:def:6691 The host is missing a critical security update according to Microsoft security bulletin, MS12-054. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle a Remote Administration Protocol (RAP) response. Successful exploitation ... oval:org.secpod.oval:def:6344 The host is missing an important security update according to Microsoft security bulletin, MS12-047. The update is required to fix multiple elevation of privilege vulnerabilities. The flaws are present in the application, which fails to properly validate parameters when creating a hook procedure. Su ... oval:org.secpod.oval:def:6343 The host is installed with Microsoft Windows XP SP2, SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, R2 SP1, Windows 7 Gold or SP1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly validate parameters ... oval:org.secpod.oval:def:6342 The host is installed with Microsoft Windows XP SP2, SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, R2 SP1, Windows 7 Gold or SP1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle specific keyboard layo ... oval:org.secpod.oval:def:6349 The host is installed with Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows Data Access Components (WDAC) 6.0 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to handle a crafted XML data that triggers access to an uninitiali ... oval:org.secpod.oval:def:6350 The host is missing a critical security update according to Microsoft security bulletin, MS12-045. The update is required to fix a remote code execution vulnerability. A flaw is present in the applications, which fail to handle a crafted XML data that triggers access to an uninitialized object in me ... oval:org.secpod.oval:def:6345 The host is missing an important security update according to Microsoft security bulletin, MS12-048. The update is required to fix remote code execution vulnerability. A flaw is present in the Windows Shell, which fails to handle a file or directory with a specially crafted name. Successful exploita ... oval:org.secpod.oval:def:6346 The host is installed with Microsoft Windows and is prone to command injection vulnerability. A flaw is present in the windows shell, which fails to handle file and directory names. Successful exploitation allows remote attackers to install programs, view, change or delete data or create new account ... oval:org.secpod.oval:def:6341 The host is missing a critical security update according to microsoft security bulletin, MS12-044. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the application, which fails to properly handle a deleted object. Successful exploitation could al ... oval:org.secpod.oval:def:6340 The host is installed with Microsoft Internet Explorer 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a deleted object. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6354 The host is missing an important security update according to Microsoft bulletin, MS12-049. The update is required to fix information disclosure vulnerability. A flaw is present in the application, which is caused by a design flaw in the TLS protocol when Cipher-block chaining (CBC) mode of operatio ... oval:org.secpod.oval:def:6353 The host is installed with Microsoft Windows and is prone to information disclosure vulnerability. A flaw is present in the application, which is caused by a design flaw in the TLS protocol when Cipher-block chaining (CBC) mode of operation is used. Successful exploitation allows attackers to decryp ... oval:org.secpod.oval:def:6339 The host is installed with Microsoft Internet Explorer 9 and is prone to a cached object remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a deleted object. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6036 The host is installed with Internet Explorer 6 through 8 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle an object that has been deleted. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6035 The host is installed with Internet Explorer 6 through 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle an object that has been deleted. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6048 The host is installed with Internet Explorer 6 through 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle an object that has been deleted. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6047 The host is installed with Internet Explorer 6 through 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle an object that has been deleted. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6046 The host is installed with Internet Explorer 6 through 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6045 The host is installed with Internet Explorer 8 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6049 The host is installed with Internet Explorer 6 through 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6044 The host is installed with Internet Explorer 8 and 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6043 The host is installed with Internet Explorer 7 through 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly create and initialize string data. Successful exploitation could allow attackers to obtain sensitive information from process ... oval:org.secpod.oval:def:6042 The host is installed with Internet Explorer 6 through 9 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle crafted character sequences with EUC-JP encoding. Successful exploitation could allow attackers to inject arbitrary web script or ... oval:org.secpod.oval:def:6051 The host is installed with Internet Explorer 6 through 9 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to block cross-domain scrolling events. Successful exploitation could allow attackers to read content from a different domain or zone. oval:org.secpod.oval:def:6050 The host is installed with Internet Explorer 8 or 9 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:6052 The host is missing a critical security update according to Microsoft security bulletin, MS12-037. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails sanitize malicious input. Successful exploitation could allow attackers to execute arbitrar ... oval:org.secpod.oval:def:6199 The host is missing a critical security update according to Microsoft security bulletin, MS12-043. The update is required to fix remote code execution vulnerability. A flaw is present in the applications, which fail to handle a specially crafted webpage. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:6029 The host is missing an important security update according to Microsoft bulletin, MS12-041. The update is required to fix elevation of privilege vulnerabilities. The flaws are present in the application, which fails to properly validate input passed from user mode. Successful exploitation allows att ... oval:org.secpod.oval:def:6033 The host is installed with Microsoft Windows XP or Windows Server 2003 or Windows Vista or Windows Server 2008 or R2 or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to properly validate input passed from user mode. Successful explo ... oval:org.secpod.oval:def:6032 The host is installed with Microsoft Windows XP or Windows Server 2003 or Windows Vista or Windows Server 2008 or R2 or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to properly validate input passed from user mode. Successful explo ... oval:org.secpod.oval:def:6031 The host is installed with Microsoft Windows XP or Windows Server 2003 or Windows Vista or Windows Server 2008 or R2 or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle TrueType font loading. Successful exploitation ... oval:org.secpod.oval:def:6026 The host is installed with Microsoft .Net framework 2.0 Sp2 or 3.5.1 or 4.0 or 4.5 Beta and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to properly execute a function pointer. Successful exploitation allows attackers to take complete control of ... oval:org.secpod.oval:def:6024 The host is missing a critical security update according to Microsoft bulletin, MS12-038. The update is required to fix remote code execution vulnerability. A flaw is present in the application, which fails to properly execute a function pointer. Successful exploitation allows attackers to take comp ... oval:org.secpod.oval:def:6037 The host is installed with Internet Explorer 8 and 9 or Microsoft Communicator 2007 R2 or Lync 2010 or Lync 2010 Attendee Microsoft InfoPath 2007 or 2010, Microsoft SharePoint Server 2007 or 2010, Microsoft SharePoint Foundation 2010, Microsoft SharePoint Services 3.0 or Microsoft Groove Server 2010 ... oval:org.secpod.oval:def:6034 The host is installed with Microsoft Windows XP or Windows Server 2003 or Windows Vista or Windows Server 2008 or R2 or Windows 7 and is prone to elevation of privilege vulnerability. A flaw is present in the application, which fails to properly validate input passed from user mode. Successful explo ... oval:org.secpod.oval:def:5102 The host is installed with Windows XP SP2 or SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, R2 SP1, Windows 7 or SP1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly validate the digest of a signed por ... oval:org.secpod.oval:def:5585 The host is installed with Windows Vista SP2 or Windows Server 2008 SP2 or 2008 R2 or 2008 R2 SP1 or Windows 7 or SP1 and is prone to a privilege escalation vulnerability. A flaw is present in Windows Partition Manager, which fails to handle a specially crafted application. Successful exploitation c ... oval:org.secpod.oval:def:5584 The host is missing an important security update according to Microsoft security bulletin, MS12-033. The update is required to fix privilege escalation vulnerability. A flaw is present in Windows Partition Manager, which fails to handle a specially crafted application. Successful exploitation could ... oval:org.secpod.oval:def:5103 The host is missing a critical security update according to Microsoft bulletin, MS12-024. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to properly validate the digest of a signed portable executable (PE) file. Successful explo ... oval:org.secpod.oval:def:6028 The host is installed with Microsoft Windows XP or Windows Server 2003 or Windows Vista or Windows Server 2008 or R2 or Windows 7 and is prone to remote code execution vulnerability. A flaw is present in the Remote Desktop Protocol, which fails to properly process RDP packets in memory. Successful e ... oval:org.secpod.oval:def:6027 The host is missing a critical security update according to MS12-036. The update is required to fix remote code execution vulnerability. A flaw is present in the application, which fails to handle specially crafted RDP packets. Successful exploitation allows remote attackers to take complete control ... oval:org.secpod.oval:def:5629 The host is installed with Microsoft .NET Framework 4 and is prone buffer allocation vulnerability. A flaw is present in the application, which fails to handle a specially crafted Microsoft .NET Framework application. Successful exploitation could allow remote attackers to install programs, view, ch ... oval:org.secpod.oval:def:5630 The host is installed with Microsoft .NET Framework 4 and is prone index comparison vulnerability. A flaw is present in the applications, which fails to handle WPF APIs. Successful exploitation could allow remote attackers to execute code or to elevate their user rights in any fashion. oval:org.secpod.oval:def:5634 The host is installed with Microsoft Windows and is prone privilege escalation vulnerability. A flaw is present in the application, which fails to handle the Windows kernel-mode driver. Successful exploitation could allow remote attackers to install programs, view, change, or delete data or create n ... oval:org.secpod.oval:def:5636 The host is installed with Microsoft Windows and is prone privilege escalation vulnerability. A flaw is present in the application, which fails to handle the Windows kernel-mode driver. Successful exploitation could allow remote attackers to install programs, view, change, or delete data or create n ... oval:org.secpod.oval:def:5635 The host is installed with Microsoft Windows and is prone privilege escalation vulnerability. A flaw is present in the application, which fails to handle the Windows kernel-mode driver. Successful exploitation could allow remote attackers to install programs, view, change, or delete data or create n ... oval:org.secpod.oval:def:4131 The host is installed with Microsoft Windows XP or Windows Server 2003 or Windows Server 2008 or Windows Vista or Windows 7 or Windows Server 2008 R2 and is prone to elevation of privilege vulnerability. A flaw is present in the applications, where the Windows kernel-mode driver does not properly ha ... oval:org.secpod.oval:def:4132 The host is missing a critical security update according to Microsoft security bulletin, MS12-008. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the applications, where the Windows kernel-mode driver fails to properly manage specific keyboard ... oval:org.secpod.oval:def:4146 The host is missing a critical security update according to Microsoft security bulletin, MS12-013. The update is required to fix remote code execution vulnerability. A flaw is present in Microsoft Windows C Run-Time Library, which fails to handle a specially crafted media file that is hosted on a we ... oval:org.secpod.oval:def:4147 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, R2 SP1, R2-IA64 and Windows 7, SP1 and is prone buffer overflow vulnerability. A flaw is present in the C Run-Time Library msvcrt.dll file, which fails to handle a specially crafted media file. Successful exploitati ... oval:org.secpod.oval:def:3726 The host is installed with Microsoft Windows XP or Windows Server 2003 or Windows Server 2008 or Windows Vista or Windows 7 or Windows Server 2008 R2 and is prone to remote code execution vulnerability. A flaw is present in the applications, which does not perform proper validation on input passed f ... oval:org.secpod.oval:def:4732 The host is missing an important security update according to Microsoft security bulletin, MS12-018. The update is required to fix a privilege escalation vulnerability. A flaw is present in the microsoft windows kernel-mode drivers, which fails to handle a specially crafted application. Successful e ... oval:org.secpod.oval:def:4736 The host is missing a critical security update according to MS12-020. The update is required to fix remote code execution and denial of service vulnerabilities. The flaws are present in the application, which fails to properly process malicious contents. Successful exploitation allows remote attacke ... oval:org.secpod.oval:def:4733 The host is installed with Windows kernel-mode driver and is prone postmessage function vulnerability. A flaw is present in the kernel-mode driver, which fails to handle PostMessage function. Successful exploitation could allow remote attackers to install programs, view, change, or delete data or cr ... oval:org.secpod.oval:def:4734 The host is installed with Microsoft Windows and is prone to remote code execution vulnerability. A flaw is present in the Remote Desktop Protocol, where it accesses an object in memory that has been improperly initialized or has been deleted. Successful exploitation allows remote attackers to take ... oval:org.secpod.oval:def:4737 The host is missing a moderate security update according to Microsoft security bulletin, MS12-019. The update is required to fix a denial of service vulnerability. A flaw is present in the windows DirectWrite, which fails to handle a specially crafted sequence of unicode characters. Successful explo ... oval:org.secpod.oval:def:4738 The host is installed with Windows DirectWrite and is prone denial of service vulnerability. A flaw is present in the DirectWrite application, which fails to handle a specially crafted sequence of unicode characters. Successful exploitation could allow remote attackers to cause a target application ... oval:org.secpod.oval:def:4133 The host is installed with Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, R2 SP1, Windows 7 Gold or SP1 on 64-bit platforms and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly validate ... oval:org.secpod.oval:def:4135 The host is missing an important security update according to Microsoft bulletin, MS12-009. The update is required to fix multiple privilege escalation vulnerabilities. The flaws are present in the application, which fails to properly validate user-mode input passed to kernel mode. Successful exploi ... oval:org.secpod.oval:def:4156 The host is missing a critical security update according to Microsoft security bulletin, MS12-016. The update is required to fix remote code execution vulnerabilities. The flaws are present in Microsoft .NET Framework and Microsoft Silverlight, which fails to handle a specially crafted web page usin ... oval:org.secpod.oval:def:4157 The host is installed with Microsoft .NET Framework 2.0 SP2, 3.5.1, 4.0 or Silverlight and is prone unmanaged objects vulnerability. A flaw is present in the applications, which fails to handle a specially crafted Microsoft .NET Framework application. Successful exploitation could allow remote attac ... oval:org.secpod.oval:def:4158 The host is installed with Microsoft .NET Framework 2.0 SP2, and 3.5.1 and is prone heap corruption vulnerability. A flaw is present in the Microsoft .NET Framework, which fails to handle calculation of buffer length while processing specially crafted input. Successful exploitation could allow remot ... oval:org.secpod.oval:def:3712 The host is installed is missing an important security update according to Microsoft security bulletin, ms12-003. The update is required to fix a privilege escalation vulnerability. A flaw is present in the application, which fails to handle the way that the CSRSS processes a sequence of specially c ... oval:org.secpod.oval:def:3711 The host is installed with Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle the way that the CSRSS processes a sequence of specially crafted Unicode char ... oval:org.secpod.oval:def:3716 The host is missing an important security update according to Microsoft security bulletin, MS12-005. The update is required to fix remote code execution vulnerability. A flaw is present in the in Microsoft Windows, which fails to handle a specially crafted Microsoft Office file containing a maliciou ... oval:org.secpod.oval:def:3717 The host is installed with Microsoft Windows and is prone to remote code execution vulnerability. A flaw is present in the application which is caused by the way that Windows Packager loads ClickOnce applications embedded in Microsoft Office files. Successful exploitation allows remote attacker to g ... oval:org.secpod.oval:def:3631 The host is installed with Microsoft .NET Framework 1.1 or 2.0 or 3.5 or 3.5.1 or 4.0 and is prone to an elevation of privilege vulnerability. A flaw is present in the applications, which fail to correctly authenticate specially crafted usernames. Successful exploitation allows remote authenticated ... oval:org.secpod.oval:def:3632 The host is installed with Microsoft .NET Framework 1.1 or 2.0 or 3.5 or 3.5.1 or 4.0 and is prone to an elevation of privilege vulnerability. A flaw is present in the applications, which fail to properly handle cached content when Forms Authentication is used with sliding expiry. Successful exploit ... oval:org.secpod.oval:def:3630 The host is installed with Microsoft .Net Framework 2.0 or 3.5 or 3.5.1 or 4.0 and is prone to open redirect vulnerability. A flaw is present in the applications, which fail to properly verify return URLs during the forms authentication process. Successful exploitation allows remote attackers to red ... oval:org.secpod.oval:def:3633 The host is missing a critical security update according to Microsoft security bulletin, MS11-100. The update is required to fix multiple elevation of privilege vulnerabilities. The flaws are present in the applications, which fail to properly handle the Forms Authentication feature in ASP.NET subsy ... oval:org.secpod.oval:def:3629 The host is installed with Microsoft .NET Framework 1.1 or 2.0 or 3.5 or 3.5.1 or 4.0 and is prone to denial of service vulnerability. A flaw is present in the applications, where ASP.NET fails to properly hash specially crafted requests and inserts that data into a hash table causing a hash collisi ... oval:org.secpod.oval:def:3713 The host is installed with Microsoft Windows and is prone to remote code execution vulnerability. A flaw is present in the application, which is caused when Windows Media Player fails to handle a specially crafted MIDI file. Successful exploitation allows attackers to run arbitrary code in the conte ... oval:org.secpod.oval:def:3714 The host is installed with Microsoft Windows and is prone to remote code execution vulnerability. A flaw is present in the application, which is caused when filters in DirectShow do not properly handle specially crafted media files. Successful exploitation allows attackers to run arbitrary code in t ... oval:org.secpod.oval:def:3715 The host is missing a critical security update according to Microsoft bulletin MS12-004. The update is required to fix remote code execution vulnerability. A flaw is present in the application, which fails to handle a specially crafted media files. Successful exploitation allows attackers to run ar ... oval:org.secpod.oval:def:3707 The host is installed with Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, or R2 SP1, Windows 7 Gold or SP1 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly load structured exception handling tabl ... oval:org.secpod.oval:def:3708 The host is missing an important security update according to Microsoft security bulletin, MS12-001. The update is required to fix a security bypass vulnerability. A flaw is present in the application, which fails to properly load structured exception handling tables. Successful exploitation could ... oval:org.secpod.oval:def:3435 The host is installed with Active Directory or Active Directory Application Mode (ADAM) or Active Directory Lightweight Directory Service (AD LDS) and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a crafted application when run by an a ... oval:org.secpod.oval:def:3436 The host is missing an important security update according to Microsoft bulletin, MS11-095.The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to handle a crafted application when run by an authenticated attacker. Successful exploita ... oval:org.secpod.oval:def:3415 The host is missing a critical security update according to Microsoft security bulletin, MS11-092. The update is required to fix remote code execution vulnerability. A flaw is present in Windows Media Player and Windows Media Center, which fails to handle a specially crafted Microsoft Digital Video ... oval:org.secpod.oval:def:3416 The host is installed with Windows Media Player and Windows Media Center and is prone to memory corruption vulnerability. A flaw is present in the application which is caused by a specially crafted Microsoft Digital Video Recording (.dvr-ms) file. Successful exploitation allows remote attacker to in ... oval:org.secpod.oval:def:3426 The host is missing an important security update according to Microsoft security bulletin, MS11-097. The update is required to fix elevation of privilege vulnerability. A flaw is present in the Client/Server Run-time Subsystem (CSRSS), which fails to properly validate permissions when a lower-integr ... oval:org.secpod.oval:def:3425 The host is installed with Microsoft Windows and is prone to elevation of privilege vulnerability. A flaw is present in the Client/Server Run-time Subsystem (CSRSS), which fails to properly validate permissions when a lower-integrity process communicates a device event message to a higher-integrity ... oval:org.secpod.oval:def:2721 The host is missing a critical security update according to Microsoft security bulletin, MS11-083. The update is required to fix a remote code execution vulnerability. A flaw is present in the applications, which fail to handle the processing of a continuous flow of specially crafted UDP packets to ... oval:org.secpod.oval:def:2720 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, or R2 SP1, or Windows 7 base or SP1 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fail to handle the processing of a continuous flow of specially crafted UDP packets ... oval:org.secpod.oval:def:2717 The host is missing an important security update according to Microsoft security bulletin, MS11-086. The update is required to fix elevation of privilege vulnerability. A flaw is present in the application, which is caused when Active Directory is configured to use LDAPS and fails to validate the re ... oval:org.secpod.oval:def:2714 The host is missing an important security update according to Microsoft security bulletin, MS11-085. The update is required to fix remote code execution vulnerability. A flaw is present in the Windows Mail and Windows Meeting Space, which fails to handle a specially crafted dynamic link library (DLL ... oval:org.secpod.oval:def:2716 The host is installed with Active Directory or Active Directory Application Mode (ADAM) or Active Directory Lightweight Directory Service (AD LDS) and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when Active Directory is configured to use LD ... oval:org.secpod.oval:def:2715 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, R2 SP1, R2-IA64 and Windows 7, SP1 and is prone remote code execution vulnerability. A flaw is present in the Windows Mail and Windows Meeting Space, which fails to handle a specially crafted dynamic link library (D ... oval:org.secpod.oval:def:3422 The host is missing a critical security update according to Microsoft security bulletin, MS11-087. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to handle a specially crafted TrueType font file. Successful exploitation could al ... oval:org.secpod.oval:def:3421 The host is installed with Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows Server 2008 R2, Windows 7 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to handle a specially crafted TrueType font file. Successful expl ... oval:org.secpod.oval:def:2520 The host is missing an important security update according to Microsoft security bulletin, MS11-077. The update is required to fix remote code execution vulnerabilities. The flaws are present in Microsoft Windows, which fails to handle a specially crafted font file (such as a .fon file) in a network ... oval:org.secpod.oval:def:2524 The host is installed with Windows kernel-mode drivers and is prone to elevation of privilege vulnerability. A flaw is present in the application which is caused by improper handling of kernel-mode driver objects. Successful exploitation allows attacker to execute arbitrary code and take complete co ... oval:org.secpod.oval:def:2544 The host is installed with Microsoft Windows Vista SP1 or SP2 or Windows Media Center TV Pack or Microsoft Windows 7 or Microsoft Windows 7 SP1 and is prone to remote code execution vulnerability. A flaw is present in the application which fails to properly restrict the path used when loading extern ... oval:org.secpod.oval:def:2546 The host is missing an important security update according to Microsoft security bulletin, MS11-076. The update is required to fix remote code execution vulnerability. A flaw is present in the application which fails to properly restrict the path used when loading external libraries. Successful expl ... oval:org.secpod.oval:def:2521 The host is installed with Windows kernel-mode drivers and is prone to null pointer de-reference vulnerability. A flaw is present in the application which is caused by kernel-mode drivers improper validation of data supplied from user mode to kernel mode. Successful exploitation allows attacker to e ... oval:org.secpod.oval:def:2523 The host is installed with Windows kernel and is prone to remote code execution vulnerability. A flaw is present in the application which is caused by improper handling of a specially crafted .fon font file. Successful exploitation allows attacker to execute arbitrary code and take complete control ... oval:org.secpod.oval:def:2522 The host is installed with Microsoft Windows and is prone to denial of service vulnerability. A flaw is present in the application which is caused by a specially crafted TrueType font file . Successful exploitation allows attacker to stop system responding and take control over affected system. oval:org.secpod.oval:def:2251 The host is installed with components which are prone to remote code execution vulnerability. Flaws are present in the Windows components, which fails to handle legitimate rich test format files, text files and .doc files present in the same network directory as a specially crafted dynamic link libr ... oval:org.secpod.oval:def:2252 The host is missing an important security update according to Microsoft security bulletin, MS11-071. The update is required to fix a remote code execution vulnerability.Flaws are present in the Windows components, which fails to handle legitimate rich test format files, text files and .doc files pre ... oval:org.secpod.oval:def:2536 The host is missing a important security update according to Microsoft security bulletin, MS11-075. The update is required to fix a remote code execution vulnerability. A flaw is present in the Microsoft Active Accessibility component, which fails to handle specially crafted dynamic link library fil ... oval:org.secpod.oval:def:2537 The host is installed with Microsoft Active Accessibility component and is prone to a remote code execution vulnerability. A flaw is present in the Microsoft Active Accessibility component, which fails to handle specially crafted dynamic link library file present in the same network directory. Succe ... oval:org.secpod.oval:def:1755 The host is missing a moderatesecurity update according to Microsoft security bulletin, MS11-069. The update is required to fix an information disclosure vulnerability. A flaw is present in the applications which fails to properly validate the trust level within the System.Net.Sockets namespace. Suc ... oval:org.secpod.oval:def:1754 The host is installed with Microsoft .NET Framework 2.0 SP2 or 3.5.1 SP1 or 4.0 and is prone to information disclosure vulnerability. A flaw is present in the applications which fails to properly validate the trust level within the System.Net.Sockets namespace. Successful exploitation allows attacke ... oval:org.secpod.oval:def:1749 The host is missing a moderate security update according to Microsoft security bulletin, MS11-068. The update is required to fix a denial of service vulnerability. A flaw is present in operating system, the way Windows Kernel accesses a specially crafted file on the network share or a web site. Succ ... oval:org.secpod.oval:def:1735 The host is missing an important security update according to microsoft bulletin MS11-066. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which fails to handle special characters within a specially crafted URI. Successful exploitation cou ... oval:org.secpod.oval:def:1748 The host Microsoft Windows is prone to denial of service vulnerability. A flaw is present in the operating system, which fails to handle a specially crafted file on network share or web site. Successful exploitation allows remote attackers to create denial of service conditions. oval:org.secpod.oval:def:1408 The host is missing an Important security update according to Microsoft security bulletin, MS11-054. The update is required to fix elevation of privilege vulnerability in Windows 7 or Windows Server 2003 or Windows Server 2008 or Windows Vista or Windows XP. A flaw is present in windows Kernel-mode ... oval:org.secpod.oval:def:1404 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to null pointer de-reference vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage pointers to kernel-mode driver objects. Successful exp ... oval:org.secpod.oval:def:1407 The host is installed with Windows Vista, Windows Server 2008 and Windows 7 and is prone to null pointer de-reference vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage pointers to kernel-mode driver objects. Successful exploitation allows attackers to run ... oval:org.secpod.oval:def:1406 The host is installed with Windows Vista, Windows Server 2008 and Windows 7 and is prone to null pointer de-reference vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage pointers to kernel-mode driver objects. Successful exploitation allows attackers to run ... oval:org.secpod.oval:def:1740 The host is installed with Microsoft Windows XP or Windows server 2003 or Windows server 2008 or Windows Vista or Windows 7 or Windows server 2008 R2 and is prone to elevation of privilege vulnerability. A flaw is present in Client/Server Run-time Subsystem (CSRSS) which fails to restrict the arbitr ... oval:org.secpod.oval:def:1742 The host is installed with Windows Vista, Window 7, Windows 7 SP1, Windows Server 2008, Windows Server 2008 R2 or Windows Server 2008 R2 SP1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle specially crafted ICMP messages. Successful expl ... oval:org.secpod.oval:def:1744 The host is missing an important security update according to Microsoft bulletin MS11-064. The update is required to fix multiple denial of service vulnerabilities. A flaw is present in the application, which fails to handle specially crafted ICMP messages. Successful exploitation allows attackers t ... oval:org.secpod.oval:def:1739 The host is missing an important security update according to Microsoft security bulletin, MS11-056. The update is required to fix elevation of privilege vulnerability in Windows Client/Server Run-time Subsystem. The flaw is present in Client/Server Run-time Subsystem (CSRSS), which fails to restric ... oval:org.secpod.oval:def:1738 The host is installed with Microsoft Windows XP or Windows server 2003 or Windows server 2008 or Windows Vista or Windows 7 or Windows server 2008 R2 and is prone to elevation of privilege vulnerability. A flaw is present in Client/Server Run-time Subsystem (CSRSS) which fails to restrict the arbitr ... oval:org.secpod.oval:def:1399 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to null pointer de-reference vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage pointers to kernel-mode driver objects. Successful exp ... oval:org.secpod.oval:def:1401 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:1400 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to null pointer de-reference vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage pointers to kernel-mode driver objects. Successful exp ... oval:org.secpod.oval:def:1403 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:1402 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:1395 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:1394 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:1397 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:1396 The host is installed with Windows Vista, Windows Server 2008 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attackers to run arbitrary code in kern ... oval:org.secpod.oval:def:1398 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:1393 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:1410 The host is installed with Microsoft Windows XP or Windows server 2003 or Windows server 2008 or Windows Vista or Windows 7 or Windows server 2008 R2 and is prone to memory corruption vulnerability. A flaw is present in Client/Server Run-time Subsystem (CSRSS) where a NULL pointer is passed without ... oval:org.secpod.oval:def:1412 The host is installed with Microsoft Windows XP or Windows server 2003 or Windows server 2008 or Windows Vista or Windows 7 or Windows server 2008 R2 and is prone to elevation of privilege vulnerability. A flaw is present in Client/Server Run-time Subsystem (CSRSS) that is caused by an integer overf ... oval:org.secpod.oval:def:1411 The host is installed with Microsoft Windows XP or Windows server 2003 or Windows server 2008 or Windows Vista and is prone to elevation of privilege vulnerability. A flaw is present in Client/Server Run-time Subsystem (CSRSS) that is caused when user input is used as an index for an array without f ... oval:org.secpod.oval:def:1414 The host is missing an important security update according to Microsoft security bulletin, MS11-056. The update is required to fix elevation of privilege vulnerability in Windows Client/Server Run-time Subsystem. A flaw is present in Client/Server Run-time Subsystem (CSRSS) that is caused by an inte ... oval:org.secpod.oval:def:1409 The host is installed with Microsoft Windows XP or Windows server 2003 or Windows server 2008 or Windows Vista or Windows 7 or Windows server 2008 R2 and is prone to elevation of privilege vulnerability. A flaw is present in Client/Server Run-time Subsystem (CSRSS) that is caused by a memory corrupt ... oval:org.secpod.oval:def:2723 The host is missing a Critical security update according to Microsoft security bulletin, MS11-037. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, as it fails to handle the way that MHTML interprets MIME-formatted requests for content that ... oval:org.secpod.oval:def:1198 The host is missing a Critical security update according to Microsoft security bulletin MS11-050. The update is required to fix multilple vulnerabilities. The flaws are present in the browser, which fails to access an object that has not been properly initialized or has been deleted. Successful expl ... oval:org.secpod.oval:def:1177 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to denial of service vulnerability. A flaw is present in distributed file system (DFS) client which fails to specially crafted DFS referral responses. Successful exploitation all ... oval:org.secpod.oval:def:1176 The host is installed with Windows XP x64, Windows Vista x64, Windows Server 2008 x64, Windows Server 2003 x64 and Windows 7 x64 and is prone to remote code execution vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly parse specially crafted OpenType fonts on x64 ... oval:org.secpod.oval:def:1179 The host is installed with Windows XP or Windows Vista or Windows Server 2008 or Windows Server 2003 or Windows 7 and is prone to denial of service vulnerability. A flaw is present in distributed file system (DFS) client which fails to specially crafted DFS referral responses. Successful exploitatio ... oval:org.secpod.oval:def:1180 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in Microsoft Server Message Block which does not properly handle specially crafted SMB responses. Successful exploitation allow ... oval:org.secpod.oval:def:1181 The host is missing a Critical security update according to Microsoft security bulletin, MS11-043. The update is required to fix remote code execution vulnerability. A flaw is present in Microsoft Server Message Block which does not properly handle specially crafted SMB responses. Successful exploit ... oval:org.secpod.oval:def:1168 The host is installed with Microsoft Windows XP SP2 or SP3, Windows Server 2003 SP2, Windows Vista SP1 or SP2, Windows Server 2008 and SP2 or Windows 7 and is prone to an information disclosure vulnerability. A flaw is present in the MHTML implementation which fails to open a specially crafted URL. ... oval:org.secpod.oval:def:1355 The host is missing a critical security update according to Microsoft security bulletin, MS11-041. The update is required to fix remote code execution vulnerability in Microsoft Windows x64. A flaw is present in the windows Kernel-mode drivers which does not properly parse specially crafted OpenType ... oval:org.secpod.oval:def:691 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:1170 The host is missing a Critical security update according to Microsoft security bulletin, MS11-038. The update is required to fix remote code execution vulnerability. A flaw is present in the application which fails to handle specially crafted request. Successful exploitation allows remote attackers ... oval:org.secpod.oval:def:1183 The host is missing a Critical security update according to Microsoft security bulletin, MS11-044. The update is required to fix remote code execution vulnerability in Microsoft .NET Framework on Windows 7 or Windows Server 2003 or Windows Server 2008 or Windows Vista or Windows XP. The flaw is pres ... oval:org.secpod.oval:def:1182 The host is installed with Microsoft .NET Framework and is prone to remote code execution vulnerability. A flaw is present in the JIT compiler when IsJITOptimizerDisabled is false, which fails to handle expressions related to null strings. Successful exploitation allows an attacker to install progra ... oval:org.secpod.oval:def:1169 The host is installed with Microsoft Windows XP SP3, Microsoft Windows Server 2003 XP2, Windows Server 2008 SP1 or SP2 and is prone to remote code execution vulnerability. A flaw is present in the application which fails to handle specially crafted request. Successful exploitation allows remote atta ... oval:org.secpod.oval:def:1201 The host is installed with Microsoft Internet Explorer and is prone information disclosure vulnerability. A flaw is present in the browser, which fails to handle a crafted Web page. Successful exploitation could allow remote attackers to execute arbitrary code or gain sensitive information. oval:org.secpod.oval:def:823 The host is missing an Important security update according to Microsoft security bulletin, MS11-034. The update is required to fix multiple privilege escalation vulnerabilities in Microsoft Windows. The flaws are present in Windows Kernel-mode drivers related to managing driver objects. Successful e ... oval:org.secpod.oval:def:690 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:688 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:687 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:689 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:686 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:684 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:683 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:685 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:703 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to null pointer de-reference vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation al ... oval:org.secpod.oval:def:702 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to null pointer de-reference vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation al ... oval:org.secpod.oval:def:697 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to null pointer de-reference vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation al ... oval:org.secpod.oval:def:696 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to null pointer de-reference vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation al ... oval:org.secpod.oval:def:698 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to null pointer de-reference vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation al ... oval:org.secpod.oval:def:701 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to null pointer de-reference vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation al ... oval:org.secpod.oval:def:700 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to null pointer de-reference vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation al ... oval:org.secpod.oval:def:695 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to null pointer de-reference vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation al ... oval:org.secpod.oval:def:694 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to null pointer de-reference vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation al ... oval:org.secpod.oval:def:693 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to null pointer de-reference vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation al ... oval:org.secpod.oval:def:682 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:681 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:680 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:677 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:679 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:678 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:821 The host is missing a Critical security update according to Microsoft security bulletin, MS11-018. The update is required to fix multiple remote code execution vulnerabilities in Microsoft Internet Explorer. The flaws are present in the browser, which fails to implement appropriate memory protection ... oval:org.secpod.oval:def:993 The host is missing an critical security update according to Microsoft security bulletin, MS11-033. The update is required to fix remote code execution vulnerability in Javascript and Vbscript scripting engines. A flaw is present in the application which is caused when the scripting engines attempt ... oval:org.secpod.oval:def:675 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:674 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:676 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to use after free vulnerability. A flaw is present in windows Kernel-mode drivers which does not properly manage kernel-mode driver objects. Successful exploitation allows attack ... oval:org.secpod.oval:def:715 The host is installed with Javascript and Vbscript 5.6 or 5.7 or 5.8 scripting engines and is prone to remote code execution vulnerability. A flaw is present in the application which is caused when the scripting engines attempt to reallocate memory while decoding a script in order to run it, an inte ... oval:org.secpod.oval:def:994 The host is missing a critical security update according to Microsoft security bulletin, MS11-029. The update is required to fix remote code execution vulnerability in Microsoft Windows. A flaw is present in DNS client service which does not properly handle specially crafted LLMNR queries. Successfu ... oval:org.secpod.oval:def:995 The host is missing a critical security update according to Microsoft security bulletin, MS11-029. The update is required to fix remote code execution vulnerability in Microsoft Windows. A flaw is present in GDI+ which does not properly handle integer calculations. Successful exploitation allows att ... oval:org.secpod.oval:def:1041 The host is missing a Critical security update according to Microsoft security bulletin, MS11-020. The update is required to fix remote code execution vulnerability in Microsoft Windows. A flaw is present in the SMB Transaction parsing, which fails to handle specially created SMB packets. Successful ... oval:org.secpod.oval:def:1040 The host is missing a Critical security update according to Microsoft security bulletin, MS11-019. The update is required to fix remote code execution vulnerability in Microsoft Windows. The flaws are present in the SMB Client Could which fails to handle specially crafted SMB response to a client-in ... oval:org.secpod.oval:def:664 The host is installed with Microsoft Windows and is prone to remote code execution vulnerability. A flaw is present in windows SMB client which fails to validate specially crafted SMB responses. Successful exploitation could allow an attacker to gain complete control of the system. oval:org.secpod.oval:def:663 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Office XP is prone to remote code execution vulnerability. A flaw is present in GDI+ which does not properly handle integer calculations. Successful exploitation allows attackers to run remote code exe ... oval:org.secpod.oval:def:660 The host is installed with Microsoft Windows and is prone to remote code execution vulnerability. A flaw is present in SMB Transaction parsing, which fails to handle specially created SMB packets. Successful exploitation could allow an attacker to take the complete control of the system. oval:org.secpod.oval:def:656 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Windows 7 and is prone to remote code execution vulnerability. A flaw is present in DNS client service which does not properly handle specially crafted LLMNR queries. Successful exploitation allows att ... oval:org.secpod.oval:def:992 The host is missing a Critical security update according to Microsoft security bulletin, MS11-032. The update is required to fix remote code execution vulnerability in Windows 7 or Windows Server 2003 or Windows Server 2008 or Windows Vista or Windows XP. A flaw is present in the OpenType Font (OTF) ... oval:org.secpod.oval:def:991 The host is missing an important security update according to Microsoft security bulletin, MS11-024. The update is required to fix multiple remote code execution vulnerabilities. Flaws are present in the application, whci fails to handle malicious Fax Cover Page (.cov) files. Successful exploitation ... oval:org.secpod.oval:def:1039 The host is missing a Critical security update according to Microsoft security bulletin, MS11-015. The update is required to fix remote code execution vulnerability in Microsoft Windows Media Player/Windows Media Center and DirectShow. A flaw is present in the application which fails to handle a spe ... oval:org.secpod.oval:def:659 The host is installed with Microsoft Windows and is prone to remote code execution vulnerability. A flaw is present in Windows Fax cover page editor, which fails to parse specially created fax cover pages. Successful exploitation could remote code execution. oval:org.secpod.oval:def:658 The host is installed with Windows 7 or Windows Server 2003 or Windows Server 2008 or Windows Vista or Windows XP and is prone to remote code execution vulnerability. A flaw is present in the OpenType Font (OTF) driver which fails to properly parse specially crafted OpenType fonts. Successful exploi ... oval:org.secpod.oval:def:299 The host is installed with Microsoft Windows and is prone to arbitrary code execution Vulnerability. A flaw is present in Microsoft DirectShow which incorrectly restricts the path used for loading external libraries. Successful exploitation allows remote attcker to take complete control of an affect ... oval:org.secpod.oval:def:298 The host is installed with Microsoft Windows Media Player/Windows Media Center and is prone to remote code execution vulnerability. A flaw is present in the application which gives error when parsing ".dvr-ms" media files. Successful exploitation allows remote attacker to execute arbitrary code in t ... oval:org.secpod.oval:def:714 The host is installed with Microsoft .NET Framework and is prone to remote code execution vulnerability. A flaw is present in x86 JIT compiler, which fails to compiling certain function calls. Successful exploitation could allow remote attackers to corrupt the stack and execute remote code. oval:org.secpod.oval:def:990 The host is missing an Important security update according to Microsoft security bulletin, MS11-017. The update is required to fix remote code execution vulnerability in Microsoft Windows Remote Desktop Client. A flaw is present in the application which fails to handle the loading of DLL files. Succ ... oval:org.secpod.oval:def:1049 The host is missing a critical security update according to Microsoft security bulletin, MS11-003. The update is required to fix memory corruption vulnerability in Microsoft Internet Explorer. A flaw is present in the application, which fails to properly handle memory access. Successful exploitation ... oval:org.secpod.oval:def:297 The host is installed with Microsoft Remote Desktop client and is prone to remote code execution vulnerability. A flaw is present in the application which fails to handle the loading of DLL files. Successful exploitation could allow an attacker to execute arbitrary code on the remote system. oval:org.secpod.oval:def:101 A privilege escalation vulnerability is present in Windows kernel-mode drivers. A flaw is present in the driver, which fails to validate data passed from user mode to kernel mode. Successful exploitation could allow an attacker to gain additional privileges and execute arbitrary code. oval:org.secpod.oval:def:100 A privilege escalation vulnerability is present in Windows kernel-mode drivers. A flaw is present in the driver, which fails to validate data passed from user mode to kernel mode. Successful exploitation could allow an attacker to gain additional privileges and execute arbitrary code. oval:org.secpod.oval:def:85 The host is installed with OpenType Compact Font Format (CFF) driver and is prone to remote code execution vulnerability. A flaw is present in the driver which fails to properly parse specially crafted OpenType fonts. Successful exploitation allows an attacker to run arbitrary code in kernel mode an ... oval:org.secpod.oval:def:99 A privilege escalation vulnerability is present in Windows kernel-mode drivers. A flaw is present in the driver, which fails to validate data passed from user mode to kernel mode. Successful exploitation could allow an attacker to gain additional privileges and execute arbitrary code. oval:org.secpod.oval:def:98 A privilege escalation vulnerability is present in Windows kernel-mode drivers. A flaw is present in the driver, which fails to validate data passed from user mode to kernel mode. Successful exploitation could allow an attacker to gain additional privileges and execute arbitrary code. oval:org.secpod.oval:def:1032 The host is missing a Critical security update according to Microsoft security bulletin, MS11-007. The update is required to fix remote code execution vulnerability in Windows OpenType Compact Font Format (CFF) driver. A flaw is present in the the driver which fails to properly parse specially craft ... oval:org.secpod.oval:def:1037 The host is missing an Important security update according to Microsoft security bulletin, MS11-012. The update is required to fix elevation of privilege vulnerability in Microsoft Windows. A flaw is present in the windows kernel-mode drivers which fails to validate data passed from user mode to ker ... oval:org.mitre.oval:def:12411 Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code, possibly via a large CacheSize property that triggers an integer ... oval:org.secpod.oval:def:996 The host is missing an important security update according to Microsoft security bulletin, MS11-026. The update is required to fix information disclosure vulnerability. A flaw is present in MHTML implementation which fails to properly handle MIME format in a request for content blocks in a document. ... oval:org.secpod.oval:def:97 A privilege escalation vulnerability is present in Windows kernel-mode drivers. A flaw is present in the driver, which fails to validate data passed from user mode to kernel mode. Successful exploitation could allow an attacker to gain additional privileges and execute arbitrary code. oval:org.secpod.oval:def:1048 The host is missing a critical security update according to Microsoft security bulletin, MS11-002. The update is required to fix remote code execution vulnerability in Microsoft Windows. A flaw is present in MDAC and WDAC which fails to properly validate string length and memory allocation. Successf ... oval:org.mitre.oval:def:12333 Integer signedness error in the SQLConnectW function in an ODBC API (odbc32.dll) in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, allows remote attackers to execute arbitrary code via a long string in the Data Source Name (DSN) and a crafted ... oval:org.secpod.oval:def:287 The host is installed with Microsoft Windows XP SP2 or SP3, Windows Server 2003 SP2, Windows Vista SP1 or SP2, Windows Server 2008 and SP2 or Windows 7 and is prone to information disclosure vulnerability. A flaw is present in MHTML implementation which fails to properly handle MIME format in a requ ... oval:org.secpod.oval:def:7 Buffer overflow in an ODBC API in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, allows remote attackers to execute arbitrary code via a long string in the Data Source Name (DSN) argument, aka "DSN Overflow Vulnerability." oval:org.secpod.oval:def:8 Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code via a crafted web site, aka "ADO Record Memory Vulnerability." oval:org.secpod.oval:def:84 The host is installed with Microsoft Graphics Rendering Engine and is prone to stack-based buffer overflow vulnerability. A flaw is present in the "CreateSizedDIBSECTION()" function within the "shimgvw.dll" module, which fails to properly parse a malformed thumbnail image. Successful exploitation co ... oval:org.secpod.oval:def:1046 The host is missing an critical security update according to Microsoft security bulletin, MS11-006. The update is required to fix stack-based buffer overflow vulnerability. A flaw is present in the "CreateSizedDIBSECTION()" function within the "shimgvw.dll" module, which fails to properly parse a ma ... oval:org.mitre.oval:def:12250 Untrusted search path vulnerability in Microsoft Windows Movie Maker (WMM) 2.6 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a Movie Maker (MSWMM) file, aka "Insecure Library Loading Vulnerability." oval:org.mitre.oval:def:12235 Untrusted search path vulnerability in Windows Media Encoder 9 on Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated ... oval:org.mitre.oval:def:12323 The Consent User Interface (UI) in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly handle an unspecified registry-key value, which allows local users with SeImpersonatePrivilege rights to gain privileges via a crafted application, aka "Cons ... oval:org.secpod.oval:def:1273 The host is missing a critical security update according to Microsoft security bulletin, MS10-100. The update is required to fix local privilege escalation vulnerability. A flaw is present in the Consent User Interface (UI) in User Account Control (UAC), which fails to handle an unspecified registry ... oval:org.mitre.oval:def:11671 Stack-based buffer overflow in the CreateSizedDIBSECTION function in shimgvw.dll in the Windows Shell graphics processor (aka graphics rendering engine) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary ... oval:org.secpod.oval:def:1353 The host is missing a critical security update according to Microsoft security bulletin, MS10-093. The update is required to fix remote code execution vulnerability. A flaw is present in the Object Linking and Embedding (OLE) Control Extension files in Windows Movie Maker, which fails to handle spec ... oval:org.secpod.oval:def:1354 The host is missing a critical security update according to Microsoft security bulletin, MS10-094. The update is required to fix code execution vulnerability. A flaw is present in the Microsoft Windows Media Encoder, which fails to load dynamic-link libraries such as wmerrorDAN.dll, wininetDAN.dll. ... oval:org.mitre.oval:def:12357 The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly perform array indexing, which allows local users to gain privileges via a crafted OpenType font, aka "OpenTyp ... oval:org.mitre.oval:def:12280 The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a crafted CMAP table in an OpenType font, aka "OpenType CMAP Table Vulnerability." oval:org.mitre.oval:def:12329 Double free vulnerability in the OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a crafted OpenType font, aka "OpenType Font Double Free ... oval:org.mitre.oval:def:12317 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly link driver objects, which allows local users to gain privileges via a crafted application that trigge ... oval:org.mitre.oval:def:11762 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly allocate memory for copies from user mode, which allows local users to gain privileges via a crafted a ... oval:org.secpod.oval:def:1270 The host is missing a critical security update according to Microsoft security bulletin, MS10-098. The update is required to fix multiple vulnerabilities. Flaws are present in the Win32k.sys in the kernel-mode drivers, which fails to allocate memory when copying data from user mode. Successful explo ... oval:org.secpod.oval:def:1351 The host is missing a critical security update according to Microsoft security bulletin, MS10-091. The update is required to fix multiple vulnerabilities. Multiple flaws are present in the OpenType Font (OTF) driver, which fails to parse specially crafted OpenType fonts. Successful exploitation coul ... oval:org.mitre.oval:def:11959 Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold and SP2, and Windows 7 allows local users to gain privileges via a crafted application, aka "Win32k Double Free Vulnera ... oval:org.mitre.oval:def:12252 Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via vectors related to improper memory allocation for copies fr ... oval:org.mitre.oval:def:12304 The Windows Task Scheduler in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the security context of scheduled tasks, which allows local users to gain privileges via a crafted application, aka "Task Scheduler Vulnerability." NOTE ... oval:org.secpod.oval:def:1561 The host is missing a critical security update according to Microsoft security bulletin, MS10-090. The update is required to fix multiple vulnerabilities. Multiple flaws are present in the Internet Explorer, which fails to handle objects in memory and script. Successful exploitation could allow an a ... oval:org.mitre.oval:def:12194 Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a crafted application, aka "Win32k PFE Pointer Do ... oval:org.mitre.oval:def:12204 Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability." oval:org.secpod.oval:def:1352 The host is missing a critical security update according to Microsoft security bulletin, MS10-092. The update is required to fix privilege escalation vulnerability. A flaw is present in the Microsoft Windows Task Scheduler, which fails to validate whether scheduled tasks run within the intended secu ... oval:org.mitre.oval:def:6928 Microsoft Internet Explorer 6 through 8 does not properly restrict script access to content from a different (1) domain or (2) zone, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Cross-Domain Information Disclosure Vulnerability." oval:org.mitre.oval:def:7410 Microsoft Internet Explorer 6 through 8 does not properly handle unspecified special characters in Cascading Style Sheets (CSS) documents, which allows remote attackers to obtain sensitive information from a different (1) domain or (2) zone via a crafted web site, aka "CSS Special Character Informat ... oval:org.mitre.oval:def:7417 The implementation of HTML content creation in Microsoft Internet Explorer 6 through 8 does not remove the Anchor element during pasting and editing, which might allow remote attackers to obtain sensitive deleted information by visiting a web page, aka "Anchor Element Information Disclosure Vulnerab ... oval:org.mitre.oval:def:7482 mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code via a crafted Microsoft Office document that causes the HtmlDlgHelper class destructor to access uninitialized memory, aka "Uninitialized Memory Corruption Vulnerability." oval:org.mitre.oval:def:6832 Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory in certain circumstances involving use of Microsoft Word to read Word documents, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, ... oval:org.mitre.oval:def:6684 Use-after-free vulnerability in the Media Player Network Sharing Service in Microsoft Windows Vista SP1 and SP2 and Windows 7 allows remote attackers to execute arbitrary code via a crafted Real Time Streaming Protocol (RTSP) packet, aka "RTSP Use After Free Vulnerability." oval:org.mitre.oval:def:7637 Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attackers to inject arbitrary web script or HTML via unspecified vec ... oval:org.mitre.oval:def:6806 The Secure Channel (aka SChannel) security package in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when IIS 7.x is used, does not properly process client certificates during SSL and TLS handshakes, which allows remote attackers to cause a denial of servi ... oval:org.mitre.oval:def:6824 The JIT compiler in Microsoft .NET Framework 4.0 on 64-bit platforms does not properly perform optimizations, which allows remote attackers to execute arbitrary code via a crafted .NET application that triggers memory corruption, aka ".NET Framework x64 JIT Compiler Vulnerability." oval:org.secpod.oval:def:1376 The host is missing a critical security update according to Microsoft security bulletin, MS10-085. The update is required to fix denial of service vulnerability. A flaw is present in the SChannel security package in Microsoft Windows, which fails to validate a specially crafted packet message sent v ... oval:org.secpod.oval:def:1384 The host is missing a critical security update according to Microsoft security bulletin, MS10-077. The update is required to fix remote code execution vulnerability. A flaw is present in the .NET Framework, which is due to an unspecified error in the JIT compiler while optimizing code. Successful ex ... oval:org.secpod.oval:def:1389 The host is missing a critical security update according to Microsoft security bulletin, MS10-075. The update is required to fix use-after-free vulnerability. A flaw is present in the wmpnetwk.exe in Media Player Network Sharing Service, which fails to handle specially crafted RTSP packets. Successf ... oval:org.secpod.oval:def:1390 The host is missing a critical security update according to Microsoft security bulletin, MS10-076. The update is required to fix integer overflow vulnerability. A flaw is present in the Embedded OpenType (EOT) Font Engine (t2embed.dll) in Microsoft Windows, which fails to parse 'hdmx' records in an ... oval:org.secpod.oval:def:1456 The host is missing a critical security update according to Microsoft security bulletin, MS10-081. The update is required to fix heap-based buffer overflow vulnerability. A flaw is present in the common control library (Comctl32.dll) in Microsoft Windows, which fails to handle messages passed from a ... oval:org.secpod.oval:def:1520 The host is missing a critical security update according to Microsoft security bulletin, MS10-073. The update is required to fix privilege escalation vulnerability. A flaw is present in the Win32k.sys in Kernel-Mode drivers in the Microsoft Windows, which fails to load keyboard layouts from disk or ... oval:org.mitre.oval:def:7514 The kernel-mode drivers in Microsoft Windows XP SP3 do not properly perform indexing of a function-pointer table during the loading of keyboard layouts from disk, which allows local users to gain privileges via a crafted application, as demonstrated in the wild in July 2010 by the Stuxnet worm, aka ... oval:org.mitre.oval:def:6653 Microsoft Windows Media Player (WMP) 9 through 12 does not properly deallocate objects during a browser reload action, which allows user-assisted remote attackers to execute arbitrary code via crafted media content referenced in an HTML document, aka "Windows Media Player Memory Corruption Vulnerabi ... oval:org.mitre.oval:def:7272 Heap-based buffer overflow in Comctl32.dll (aka the common control library) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when a third-party SVG viewer is used, allows remote attackers to execute arbitra ... oval:org.mitre.oval:def:12085 The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly manage a window class, which allows local users to gain privileges by creating a window, then using (1) the SetWindowL ... oval:org.mitre.oval:def:6881 Integer overflow in the Embedded OpenType (EOT) Font Engine in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to execute arbitrary code via a crafted table in an embedded font, aka "Em ... oval:org.mitre.oval:def:6889 Microsoft Internet Explorer 6 and 7 on Windows XP and Vista does not prevent script from simulating user interaction with the AutoComplete feature, which allows remote attackers to obtain sensitive form information via a crafted web site, aka "AutoComplete Information Disclosure Vulnerability." oval:org.secpod.oval:def:1380 The host is missing a critical security update according to Microsoft security bulletin, MS10-082. The update is required to fix remote code execution vulnerability. A flaw is present in the Microsoft Windows Media Player (WMP), which fails to deallocate objects during a browser reload action. Succe ... oval:org.mitre.oval:def:12352 Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windows Address Book in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a Trojan horse wab32res.dll fi ... oval:org.mitre.oval:def:7120 Heap-based buffer overflow in the Local Security Authority Subsystem Service (LSASS), as used in Active Directory in Microsoft Windows Server 2003 SP2 and Windows Server 2008 Gold, SP2, and R2; Active Directory Application Mode (ADAM) in Windows XP SP2 and SP3 and Windows Server 2003 SP2; and Active ... oval:org.secpod.oval:def:2064 The host is missing a critical security update according to Microsoft security bulletin, MS10-062. The update is required to fix code execution vulnerability. A flaw is present in the MPEG-4 codec in the Windows Media codecs in Microsoft Windows, which fails to handle crafted media content with MPEG ... oval:org.secpod.oval:def:2079 The host is missing a critical security update according to Microsoft security bulletin, MS10-068. The update is required to fix heap-based buffer overflow vulnerability. A flaw is present in the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows, which fails to validate malform ... oval:org.secpod.oval:def:1272 The host is missing a critical security update according to Microsoft security bulletin, MS10-096. The update is required to fix remote code execution vulnerability. A flaw is present in the wab.exe in Windows Address Book, which fails to load dynamic-link libraries. Successful exploitation could al ... oval:org.secpod.oval:def:1726 The host is missing a critical security update according to Microsoft security bulletin, MS10-061. The update is required to fix code execution vulnerability. A flaw is present in the Print Spooler service in Microsoft Windows, which fails to validate spooler access permissions when printer sharing ... oval:org.mitre.oval:def:7318 The MPEG-4 codec in the Windows Media codecs in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 does not properly handle crafted media content with MPEG-4 video encoding, which allows remote attackers to execute arbitrary code via a file in an unspe ... oval:org.mitre.oval:def:7358 The Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when printer sharing is enabled, does not properly validate spooler access permissions, which allows remote attackers to create fil ... oval:org.secpod.oval:def:1043 The host is missing an important security update according to Microsoft security bulletin, MS11-001. The update is required to fix untrusted search path vulnerability in Microsoft Windows. A flaw is present in the Windows Backup Manager which passes an insufficiently qualified path when loading an e ... oval:org.mitre.oval:def:12273 Untrusted search path vulnerability in the BitLocker Drive Encryption API, as used in sdclt.exe in Backup Manager in Microsoft Windows Vista SP1 and SP2, allows local users to gain privileges via a Trojan horse fveapi.dll file in the current working directory, as demonstrated by a directory that con ... oval:org.mitre.oval:def:11426 The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the length of strings in the registry, which allows local users to gain privileges or cause a denial of service (memory corruption) via vectors in ... oval:org.secpod.oval:def:1587 The host is missing a critical security update according to Microsoft security bulletin, MS10-055. The update is required to fix code execution vulnerability. A flaw is present in the Cinepak Codec in Microsoft Windows, which fails to handle a specially crafted media file or streaming content from a ... oval:org.mitre.oval:def:11773 The Cinepak codec in Microsoft Windows XP SP2 and SP3, Windows Vista SP1 and SP2, and Windows 7 does not properly decompress media files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Cinepak Codec Decompression Vulnerability." oval:org.mitre.oval:def:12082 The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 has incorrect ACLs on its registry keys, which allows local users to gain privileges via vectors involving a named pipe and impersonation, aka "Tracing Registry Key ACL Vulne ... oval:org.secpod.oval:def:6 Untrusted search path vulnerability in the Microsoft Vista BitLocker Drive Encryption API allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse fveapi.dll that is located in the same folder as a .wbcat file. oval:org.secpod.oval:def:1725 The host is missing a critical security update according to Microsoft security bulletin, MS10-059. The update is required to fix privilege escalation vulnerability. A flaw is present in the Tracing Feature for Services in Microsoft Windows, which fails to process specially crafted long strings from ... oval:org.mitre.oval:def:11106 The SMB Server in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate fields in an SMB request, which allows remote attackers to execute arbitrary code via a crafted SMB packet, aka "SMB ... oval:org.secpod.oval:def:1575 The host is missing a critical security update according to Microsoft security bulletin, MS10-054. The update is required to fix code execution vulnerabilities. Multiple flaws are present in the SMB Server in Microsoft Windows, which fails to validate fields in a SMB request. Successful exploitation ... oval:org.mitre.oval:def:12072 Stack consumption vulnerability in the SMB Server in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to cause a denial of service (system hang) via a malformed SMBv2 compounded request, aka "SMB Stack Exhaustion Vulnerability." oval:org.mitre.oval:def:12015 The SMB Server in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate an internal variable in an SMB packet, which allows remote attackers to cause a denial of service (system hang) via a crafted (1) SMBv1 or (2) SMBv2 packet, aka "SMB ... oval:org.mitre.oval:def:12006 The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 do not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted applic ... oval:org.mitre.oval:def:11663 The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly validate pseudo-handle values in callback parameters during window creation, which allows local ... oval:org.secpod.oval:def:1375 The host is missing a critical security update according to Microsoft security bulletin, MS10-048. The update is required to fix privilege escalation vulnerabilities. Flaws are present in the Windows Kernel-Mode Drivers, which fails to validate specially crafted applications. Successful exploitatio ... oval:org.mitre.oval:def:11044 Double free vulnerability in the kernel in Microsoft Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2, allows local users to gain privileges via a crafted application, related to object initialization during error handling, aka "Windows Kernel Double Free Vulnerability." oval:org.mitre.oval:def:11020 The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly validate an unspecified system-call argument, which allows local users to cause a denial of serv ... oval:org.mitre.oval:def:11845 The TCP/IP stack in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly handle malformed IPv6 packets, which allows remote attackers to cause a denial of service (system hang) via multiple crafted packets, aka "IPv6 Memory Corruption Vulnerabil ... oval:org.mitre.oval:def:11789 The kernel in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate ACLs on kernel objects, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Improper Validation Vulnerability." oval:org.secpod.oval:def:1268 The host is missing a critical security update according to Microsoft security bulletin, MS10-047. The update is required to fix privilege escalation vulnerabilities. Flaws are present in the Windows Kernel, which fails to initialize and validate kernel objects while handling certain errors. Success ... oval:org.secpod.oval:def:1724 The host is missing a critical security update according to Microsoft security bulletin, MS10-058. The update is required to fix multiple vulnerabilities. Multiple flaws are present in the TCP/IP stack in Microsoft Windows, which fails to handle malformed IPv6 packets. Successful exploitation could ... oval:org.mitre.oval:def:11564 Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file, which is not properly handled during icon display in Windows Explore ... oval:org.mitre.oval:def:7406 Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, related to the CStyleSheet object and a free of the root container, aka "Memory Corrupti ... oval:org.mitre.oval:def:11954 Microsoft Internet Explorer 6, 7, and 8 does not properly determine the origin of script code, which allows remote attackers to execute script in an unintended domain or security zone, and obtain sensitive information, via unspecified vectors, aka "Event Handler Cross-Domain Vulnerability." oval:org.secpod.oval:def:3297 The host is missing a critical security update according to Microsoft security bulletin, MS10-033. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft Windows Media Decompression, which fails to parse a crafted media file or streaming content. ... oval:org.mitre.oval:def:7517 Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media Format Runtime 9, 9.5, and 11; Media Encoder 9; and the Asycfilt.dll COM component allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "Media Decompression Vulnerability." oval:org.mitre.oval:def:12215 Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2 and Server 2008 Gold and SP2 allows local users to gain privileges or cause a denial of service (system crash) by using a large number of calls to the NtUserCheckAccessForIntegrityLevel function to trigger ... oval:org.secpod.oval:def:1216 The host is missing a Critical security update according to Microsoft security bulletin, MS10-053. The update is required to fix multiple vulnerabilities. Flaws are present in the Internet Explorer which fails to properly access an object that has not been correctly initialized or has been deleted.. ... oval:org.secpod.oval:def:1378 The host is missing a Critical security update according to Microsoft security bulletin, MS10-046. The update is required to fix remote code execution vulnerability. A flaw is present in the Windows Shell, which fails to parse a malicious shortcut file and executes a malicious code when the operatin ... oval:org.secpod.oval:def:2669 The host is missing a critical security update according to Microsoft security bulletin, MS10-035. The update is required to fix multiple vulnerabilities. Flaws are present in the Internet Explorer, which fails to handle objects in memory, sanitize HTML scripts and improper data caching. Successful ... oval:org.mitre.oval:def:7492 Unspecified vulnerability in the Microsoft Internet Explorer 8 Developer Tools ActiveX control in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 and R2, and Windows 7 allows remote attackers to execute arbitrary code via un ... oval:org.secpod.oval:def:1447 The host is missing a critical security update according to Microsoft security bulletin, MS10-032. The update is required to fix privilege escalation vulnerabilities. Flaws are present in the Windows kernel-mode drivers, which fails to validate callback parameter and the way it provides outlines of ... oval:org.secpod.oval:def:1047 The host is missing an critical security update according to Microsoft security bulletin, MS11-027. The update is required to fix remote code execution vulnerability in Microsoft Internet Explorer. The flaws are present in the application which fails to handle memory corruption, an input validation. ... oval:org.secpod.oval:def:1990 The host is missing a critical security update according to Microsoft security bulletin, MS10-034. The update is required to fix remote code execution vulnerability. A flaw is present in the activex control iedvtool.dll and max3activex.dll, which fails to handle specially crafted Web page. Successfu ... oval:org.mitre.oval:def:6686 The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability ... oval:org.mitre.oval:def:7124 The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerabilit ... oval:org.mitre.oval:def:7609 The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 "do not properly validate changes in certain kernel objects," which allows local users to execute arbitrary code via vectors related to Device ... oval:org.mitre.oval:def:7283 The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 allows local users to execute arbitrary code via vectors related to "glyph outline information" and TrueType fonts, ... oval:org.mitre.oval:def:7324 Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability." oval:org.mitre.oval:def:6948 The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 "do not properly validate all callback parameters when creating a new window," which allows local users to execute ... oval:org.secpod.oval:def:1523 The host is missing a Critical security update according to Microsoft security bulletin, MS10-040. The update is required to fix remote code execution vulnerability. A flaw is present in the Internet Information Services (IIS), which fails to validate a specially crafted HTTP request. Successful exp ... oval:org.mitre.oval:def:6677 Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPath 2003 SP3, 2007 SP1, and 2007 SP2; Office SharePoint Server 2007 SP1 and SP2; SharePoint Services 3.0 SP1 and SP2; and Internet Explorer 8 allows remote attackers to inject arbitrary web script or H ... oval:org.mitre.oval:def:7149 Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when Extended Protection for Authentication is enabled, allows remote authenticated users to execute arbitrary code via unknown vectors related to "token checking" that trigger memory corruption, aka "IIS Authentication Memory Corruption ... oval:org.secpod.oval:def:1457 The host is missing a critical security update according to Microsoft security bulletin, MS10-029. The update is required to fix address spoofing vulnerability. A flaw is present in the ISATAP Component, which fails to check the inner packet's IPv6 source address in a tunneled ISATAP packets. Succes ... oval:org.mitre.oval:def:7012 The kernel in Microsoft Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, does not properly handle unspecified exceptions, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Exception Handler Vulnerability." oval:org.mitre.oval:def:7072 Unspecified vulnerability in the Windows OpenType Compact Font Format (CFF) driver in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users to execute arbitrary code via unknown vectors related to improper validation ... oval:org.mitre.oval:def:7574 Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to bypass intended IPv4 source-address restrictions via a mismatched IPv6 source address in a tunneled ISATAP packet, aka "ISATAP IPv6 Source Address Spoofing Vulnerabilit ... oval:org.secpod.oval:def:1585 The host is missing a critical security update according to Microsoft security bulletin, MS10-021. The update is required to fix privilege escalation vulnerabilities. Flaws are present in the Windows Kernel, which fails to validate specially crafted applications like the creation of symbolic links o ... oval:org.secpod.oval:def:2048 The host is missing a critical security update according to Microsoft security bulletin, MS10-019. The update is required to fix remote code execution vulnerabilities. Flaws are present in the Windows cabinet file viewer shell extension and authenticode signature verification used for portable execu ... oval:org.secpod.oval:def:2033 The host is missing a critical security update according to Microsoft security bulletin, MS10-030. The update is required to fix remote code execution vulnerability. Flaws are present in Outlook Express and Windows Mail, which fails to handle a specially crafted mail responses. Successful exploitati ... oval:org.mitre.oval:def:6734 Integer overflow in inetcomm.dll in Microsoft Outlook Express 5.5 SP2, 6, and 6 SP1; Windows Live Mail on Windows XP SP2 and SP3, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; and Windows Mail on Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and ... oval:org.mitre.oval:def:6886 The Authenticode Signature verification functionality in cabview.dll in Cabinet File Viewer Shell Extension 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does no ... oval:org.secpod.oval:def:1382 The host is missing a critical security update according to Microsoft security bulletin, MS10-037. The update is required to fix privilege escalation vulnerability. A flaw is present in the Windows OpenType Compact Font Format (CFF) driver, which fails to validate a specially crafted CFF font. Succ ... oval:org.mitre.oval:def:6918 The SMB client in Microsoft Windows Server 2003 SP2, Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2 allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and reboot) via a crafted SMB transaction response t ... oval:org.mitre.oval:def:7441 Multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to execute arbitrary code via a crafted AVI file, aka "MPEG Layer-3 Audio Decoder Stack ... oval:org.secpod.oval:def:1988 The host is missing a critical security update according to Microsoft security bulletin, MS10-026. The update is required to fix remote code execution vulnerability. A flaw is present in the MPEG Layer-3 audio codecs, which fails to decode a specially crafted AVI file containing an MPEG Layer-3 audi ... oval:org.secpod.oval:def:1584 The host is missing a critical security update according to Microsoft security bulletin, MS10-020. The update is required to fix remote code execution vulnerabilities. Flaws are present in the Windows SMB Client, which fails to handle a specially crafted SMB response sent to a client-initiated SMB r ... oval:org.mitre.oval:def:7129 The SMB client in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly allocate memory for SMB responses, which allows remote SMB servers and man-in-the-middle attackers t ... oval:org.mitre.oval:def:6787 The WinVerifyTrust function in Authenticode Signature Verification 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly use unspecified fields in a fi ... oval:org.mitre.oval:def:6770 The kernel in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly translate a registry key's virtual path to its real path, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Virtual Pa ... oval:org.mitre.oval:def:7840 Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 does not properly handle unspecified "encoding strings," which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site, aka "Post Encoding Information Disclosure Vulnerability." oval:org.mitre.oval:def:8302 Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulner ... oval:org.mitre.oval:def:8446 Use-after-free vulnerability in the Peer Objects component (aka iepeers.dll) in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010, ak ... oval:org.secpod.oval:def:2032 The host is missing a critical security update according to Microsoft security bulletin, MS10-018. The update is required to fix multiple vulnerabilities. Flaws are present in the Internet Explorer, which fails to verify the origin of scripts and handle objects in memory and improper validation of l ... oval:org.mitre.oval:def:8532 Microsoft Internet Explorer 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, leading to memory corruption, aka "HTML Rendering Memory Corruption Vulnerability." oval:org.mitre.oval:def:8554 Microsoft Internet Explorer 6, 6 SP1, and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerabi ... oval:org.mitre.oval:def:8553 Cross-domain vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 allows user-assisted remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted HTML document in a situation where the client user drags one browser window across another ... oval:org.mitre.oval:def:6814 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not properly validate a registry-key argument to an unspecified system call, which allows local users to cause a denial of service (reboot) via a crafted application ... oval:org.mitre.oval:def:7722 Use-after-free vulnerability in mstime.dll in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via vectors related to the TIME2 behavior, the CTimeAction object, and destruction of markup, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability." oval:org.mitre.oval:def:7774 Race condition in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Race Condition Memory Corruption Vulnerability." oval:org.secpod.oval:def:1987 The host is missing a critical security update according to Microsoft security bulletin, MS10-016. The update is required to fix remote code execution vulnerability. A flaw is present in the Windows Movie Maker, which fails to handle a specially crafted movie maker or microsoft producer project file ... oval:org.mitre.oval:def:8595 Buffer overflow in Microsoft Windows Movie Maker 2.1, 2.6, and 6.0, and Microsoft Producer 2003, allows remote attackers to execute arbitrary code via a crafted project (.MSWMM) file, aka "Movie Maker and Producer Buffer Overflow Vulnerability." oval:org.mitre.oval:def:8424 The Microsoft Data Analyzer ActiveX control (aka the Office Excel ActiveX control for Data Analysis) in max3activex.dll in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote ... oval:org.mitre.oval:def:8400 The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when a custom network driver is used, does not properly handle local fragmentation of Encapsulating Security Payload (ESP) over UDP packets, which allows remote attackers to execute arbitrary code v ... oval:org.mitre.oval:def:8449 The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows remote attackers to cause a denial of service (system hang) via crafted packets with malformed TCP selective acknowledgement (SACK) values, aka "TCP/IP Selective Acknowledgement Vulnerability. ... oval:org.secpod.oval:def:1565 The host is missing a critical security update according to Microsoft security bulletin, MS10-013. The update is required to fix remote code execution vulnerability. A flaw is present in Microsoft DirectShow, which fails to parse a specially crafted AVI file before opening it. Successful exploitatio ... oval:org.mitre.oval:def:8478 The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when IPv6 is enabled, does not properly perform bounds checking on ICMPv6 Router Advertisement packets, which allows remote attackers to execute arbitrary code via crafted packets, aka "ICMPv6 Route ... oval:org.secpod.oval:def:2030 The host is missing a critical security update according to Microsoft security bulletin, MS10-008. The update is required to fix remote code execution vulnerability. A flaw is present in the activex control max3activex.dll, which fails to handle specially crafted Web page. Successful exploitation al ... oval:org.secpod.oval:def:2036 The host is missing a critical security update according to Microsoft security bulletin, MS10-009. The update is required to fix remote code execution vulnerabilities. Flaws are present in the Windows TCP/IP implementation, which fails to handle specially crafted ICMPv6 packets. Successful exploitat ... oval:org.mitre.oval:def:8064 Heap-based buffer overflow in DirectShow in Microsoft DirectX, as used in the AVI Filter on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2, and in Quartz on Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 ... oval:org.mitre.oval:def:8516 The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when IPv6 is enabled, does not properly perform bounds checking on ICMPv6 Route Information packets, which allows remote attackers to execute arbitrary code via crafted packets, aka "ICMPv6 Route In ... oval:org.mitre.oval:def:8314 The SMB implementation in the Server service in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate the share and servername fields in SMB packets, which allows ... oval:org.mitre.oval:def:8438 The SMB implementation in the Server service in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate request fields, which allows remote authenticated users to ex ... oval:org.secpod.oval:def:2035 The host is missing a critical security update according to Microsoft security bulletin, MS10-012. The update is required to fix remote code execution vulnerabilities. A flaw is present in the SMB Server, which fails to validate crafted SMB requests. Successful exploitation could allow an attacker t ... oval:org.mitre.oval:def:8524 Multiple race conditions in the SMB implementation in the Server service in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allow remote attackers to cause a denial of service (system hang) via a crafted (1) SMBv1 or (2) SMBv2 Negotiate packet, aka "S ... oval:org.mitre.oval:def:7751 The SMB implementation in the Server service in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not use a sufficient source of entropy, which allows remote attackers to obtain acc ... oval:org.mitre.oval:def:8298 Race condition in the SMB client implementation in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code, and in the SMB client implementation in Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows local us ... oval:org.secpod.oval:def:1568 The host is missing a critical security update according to Microsoft security bulletin, MS10-006. The update is required to fix code execution vulnerabilities. Flaws are present in the SMB Client in Microsoft Windows, which fails to validate crafted response from SMB servers and man-in-the-middle a ... oval:org.mitre.oval:def:7145 Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prevent rendering of non-HTML local files as HTML documents, which allows remote attackers to bypass intended access restrictions and read arbitrary files via vectors involving JavaScript exploit code that constructs a reference to a ... oval:org.mitre.oval:def:8344 The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly val ... oval:org.mitre.oval:def:8324 Integer overflow in the Embedded OpenType (EOT) Font Engine (t2embed.dll) in Microsoft Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code via compr ... oval:org.mitre.oval:def:8392 Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows local users to gain privileges via a crafted application, aka "Windows Kernel Double Free Vulnerability." oval:org.secpod.oval:def:1224 The host is missing a Critical security update according to Microsoft security bulletin, MS10-001. The update is required to fix remote code execution vulnerability. A flaw is present in the OpenType (EOT) Font Client which fails to properly parse specially crafted EOT fonts. Successful exploitation ... oval:org.secpod.oval:def:1727 The host is missing a critical security update according to Microsoft security bulletin, MS10-015. The update is required to fix privilege escalation vulnerabilities. Flaws are present in the Windows Kernel, which fails to handle certain exceptions. Successful exploitation could allow an attacker t ... oval:org.secpod.oval:def:2286 The host is missing a critical security update according to Microsoft security bulletin, MS09-071. The update is required to fix remote code execution vulnerabilities. Flaws are present in the Microsoft Internet Authentication Service, which fails to validates authentication requests by PEAP clients ... oval:org.mitre.oval:def:6063 The Internet Authentication Service (IAS) in Microsoft Windows Vista SP2 and Server 2008 SP2 does not properly validate MS-CHAP v2 Protected Extensible Authentication Protocol (PEAP) authentication requests, which allows remote attackers to execute arbitrary code via crafted structures in a malforme ... oval:org.mitre.oval:def:6519 Microsoft Internet Explorer 7 and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability." oval:org.mitre.oval:def:6570 Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a diffe ... oval:org.secpod.oval:def:2513 The host is missing an critical security update according to Microsoft security bulletin, MS09-072. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the Internet Explorer, which fails to handle objects in memory. Successful exploitation allows an att ... oval:org.mitre.oval:def:6382 Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a diffe ... oval:org.mitre.oval:def:6079 The Web Services on Devices API (WSDAPI) in Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 does not properly process the headers of WSD messages, which allows remote attackers to execute arbitrary code via a crafted (1) message or (2) response, aka "Web Services on Devices API Memory ... oval:org.secpod.oval:def:2283 The host is missing a critical security update according to Microsoft security bulletin, MS09-063. The update is required to fix remote code execution vulnerability. A flaw is present in the Web Services on Devices Application Programming Interface (WSDAPI), which fails to process headers in WSD mes ... oval:org.secpod.oval:def:2244 The host is missing a critical security update according to Microsoft security bulletin, MS09-065. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Windows kernel, which fails to validate the argument passed to the system call and input passed from us ... oval:org.mitre.oval:def:6277 The Graphics Device Interface (GDI) in win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, ak ... oval:org.mitre.oval:def:6381 Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory that (1) were not properly initialized or (2) are deleted, which allows remote attackers to execute arbitrary code via vectors involving a call to the getElementsByTagName method for the STYLE tag name, selection of the s ... oval:org.mitre.oval:def:6190 Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulner ... oval:org.mitre.oval:def:5766 Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulner ... oval:org.secpod.oval:def:2514 The host is missing a critical security update according to Microsoft security bulletin, MS09-054. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Internet Explorer, which fails to handle a specially crafted Web page. Successful exploitation allows a ... oval:org.mitre.oval:def:6336 Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC do not properly process the command value in an SMB Multi-Protocol Negotiate Request packet, which allows remote attackers to execute arbitrary code via a crafted SMBv2 packet to the Server service, aka "S ... oval:org.mitre.oval:def:5588 win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not correctly validate an argument to an unspecified system call, which allows local users to gain privileges via a crafted application that triggers a ... oval:org.secpod.oval:def:2296 The host is missing an important security update according to Microsoft security bulletin, MS09-059. The update is required to fix denial of service vulnerability. A flaw is present in the Microsoft Windows Local Security Authority Subsystem Service (LSASS), which fails handle malformed packets duri ... oval:org.mitre.oval:def:6263 Integer underflow in the NTLM authentication feature in the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to cause a denia ... oval:org.secpod.oval:def:2635 The host is missing a critical security update according to Microsoft security bulletin, MS09-051. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Windows Media Runtime, which fails to process ASF files and initialize functions in compressed audio fi ... oval:org.mitre.oval:def:5595 Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 do not properly validate fields in SMBv2 packets, which allows remote attackers to cause a denial of service (infinite loop and system hang) via a crafted packet to the Server service, aka "SMBv2 Infinite Loop Vulnerability." oval:org.mitre.oval:def:6419 Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not properly handle argument validation for unspecified variables, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "HTML Component Handling Vulnerability." oval:org.mitre.oval:def:6484 Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly initialize unspecified functions within compressed audio files, which allows remote attackers to execute arbitrary code via (1) a crafted ... oval:org.mitre.oval:def:6506 Integer underflow in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows local users to gain privileges via a crafted application that triggers an incorrect truncation of a 64-bit integer to a 32-bit integer, aka "W ... oval:org.mitre.oval:def:6186 Integer overflow in the CryptoAPI component in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows man-in-the-middle attackers to spoof arbitrary SSL servers and other entities via ... oval:org.mitre.oval:def:6264 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold and SP1, and Server 2008 Gold does not properly validate data sent from user mode, which allows local users to gain privileges via a crafted PE .exe file that triggers a NULL pointer dereference during chain traver ... oval:org.mitre.oval:def:5842 The CryptoAPI component in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, as used by Internet Explorer and other applications, does not properly handle a '\0' character in a domain n ... oval:org.secpod.oval:def:2565 The host is missing an important security update according to Microsoft security bulletin, MS09-056. The update is required to fix spoofing vulnerabilities. The flaws are present in the Windows CryptoAPI, which fails to validate certificate names that contain null terminators and ASN.1 object identi ... oval:org.secpod.oval:def:2566 The host is missing an important security update according to Microsoft security bulletin, MS09-058. The update is required to fix remote privilege escalation vulnerabilities. The flaws are present in the Windows kernel, which fails to validate data within an executable and clean up exceptions under ... oval:org.mitre.oval:def:6510 The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0, 2.0 SP1, 2.0 SP2, 3.5, and 3.5 SP1, and Silverlight 2, does not properly handle interfaces, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted Silverlight applicat ... oval:org.secpod.oval:def:2640 The host is missing a critical security update according to Microsoft security bulletin, MS09-061. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft .NET Common Language Runtime (CLR), which fails to handle interfaces and verify the rules of ... oval:org.secpod.oval:def:2354 The host is missing a critical security update according to Microsoft security bulletin, MS09-050. The update is required to fix remote code execution vulnerabilities in Server Message Block Version 2 (SMBv2). The flaws are present in the Server Message Block Version 2, which fails handle a speciall ... oval:org.mitre.oval:def:5716 Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not properly validate .NET verifiable code, which allows remote attackers to obtain unintended access to stack memory, and execute arbitrary code, via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) ... oval:org.secpod.oval:def:2636 The host is missing a critical security update according to Microsoft security bulletin, MS09-047. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Windows Media Format, which fails to parse Advanced Systems Format (ASF) files and MPEG-1 Audio Layer 3 ... oval:org.mitre.oval:def:5531 Microsoft Windows Media Format Runtime 9.0, 9.5, and 11; and Microsoft Media Foundation on Windows Vista Gold, SP1, and SP2 and Server 2008; allows remote attackers to execute arbitrary code via an MP3 file with crafted metadata that triggers memory corruption, aka "Windows Media Playback Memory Cor ... oval:org.mitre.oval:def:6489 Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via an & (ampersand) character in a Proce ... oval:org.mitre.oval:def:6454 Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream header that triggers memory corruption, aka "Data Stream Header Corruption Vulnerability." oval:org.mitre.oval:def:6451 Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Fra ... oval:org.mitre.oval:def:6257 Microsoft Windows Media Format Runtime 9.0, 9.5, and 11 and Windows Media Services 9.1 and 2008 do not properly parse malformed headers in Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted (1) .asf, (2) .wmv, or (3) .wma file, aka "Windows Med ... oval:org.mitre.oval:def:6316 The JScript scripting engine 5.1, 5.6, 5.7, and 5.8 in JScript.dll in Microsoft Windows, as used in Internet Explorer, does not properly load decoded scripts into memory before execution, which allows remote attackers to execute arbitrary code via a crafted web site that triggers memory corruption, ... oval:org.secpod.oval:def:2561 The host is missing a critical security update according to Microsoft security bulletin, MS09-045. The update is required to fix remote code execution vulnerability. A flaw is present in JScript Scripting Engine, which fails to handle a specially crafted file or visited a specially crafted Web site ... oval:org.secpod.oval:def:2562 The host is missing a critical security update according to Microsoft security bulletin, MS09-049. The update is required to fix remote code execution vulnerability. A flaw is present in the Wireless LAN AutoConfig Service, which fails to handle specially crafted wireless frames. Successful exploita ... oval:org.secpod.oval:def:2556 The host is missing a critical security update according to Microsoft security bulletin, MS09-048. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Transmission Control Protocol/Internet Protocol (TCP/IP) processing, which fails to handle specially cr ... oval:org.mitre.oval:def:6389 Heap-based buffer overflow in the Wireless LAN AutoConfig Service (aka Wlansvc) in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a malformed wireless frame, aka "Wireless Frame Parsing Remote Code Execution Vulnerability ... oval:org.mitre.oval:def:6374 The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 does not properly manage state information, which allows remote attackers to execute arbitrary code by sending packets to a listening service, and thereby triggering misinterpretation of an unspecifi ... oval:org.mitre.oval:def:5965 Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to cause a denial of service (TCP outage) via a series of TCP sessions that have pending data and a (1) small or (2) zero receive window size, and remain in the ... oval:org.secpod.oval:def:2297 The host is missing a critical security update according to Microsoft security bulletin, MS09-038. The update is required to fix remote code execution vulnerabilities in Windows Media File Processing. The flaws are present in the Windows Media file processing, which fails to handle a specially craft ... oval:org.secpod.oval:def:2298 The host is missing a critical security update according to Microsoft security bulletin, MS09-055. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft Active Template Library (ATL) ActiveX Controls. Successful exploitation allows an attacker to ... oval:org.mitre.oval:def:7436 Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold ... oval:org.secpod.oval:def:2371 The host is missing an important security update according to Microsoft security bulletin, MS09-042. The update is required to fix remote code execution vulnerability. A flaw is present in the Windows Telnet service, which fails validate authentication replies and allows for the relay of credentials ... oval:org.mitre.oval:def:5708 The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via vectors related to erroneous free operations after reading a variant from a stream and deleti ... oval:org.mitre.oval:def:7581 The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClea ... oval:org.mitre.oval:def:6245 The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly re ... oval:org.mitre.oval:def:6289 The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClea ... oval:org.mitre.oval:def:6716 The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly re ... oval:org.mitre.oval:def:5412 Unspecified vulnerability in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a malformed header in a crafted AVI ... oval:org.mitre.oval:def:6329 Heap-based buffer overflow in the Microsoft Terminal Services Client ActiveX control running RDP 6.1 on Windows XP SP2, Vista SP1 or SP2, or Server 2008 Gold or SP2; or 5.2 or 6.1 on Windows XP SP3; allows remote attackers to execute arbitrary code via unspecified parameters to unknown methods, aka ... oval:org.mitre.oval:def:6302 The Telnet service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote Telnet servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, aka "Telnet Credential Reflection V ... oval:org.mitre.oval:def:5930 Integer overflow in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows allows remote attackers to execute arbitrary code on a Windows 2000 SP4 system via a crafted AVI file, or cause a denial of service on a Windows XP SP2 or SP3, Server 2003 SP2, Vista Gold, SP1, or ... oval:org.secpod.oval:def:2621 The host is missing a critical security update according to Microsoft security bulletin, MS09-037. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft Active Template Library (ATL) header. Components and controls built using ATL headers fails t ... oval:org.mitre.oval:def:6421 The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly re ... oval:org.secpod.oval:def:2642 The host is missing a critical security update according to Microsoft security bulletin, MS09-044. The update is required to fix remote code execution vulnerabilities. The flaws are present in Microsoft Remote Desktop Connection, which fails to processes specific parameters returned by the RDP serve ... oval:org.mitre.oval:def:5660 Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly handle attempts to access deleted obje ... oval:org.mitre.oval:def:5693 Heap-based buffer overflow in Microsoft Remote Desktop Connection (formerly Terminal Services Client) running RDP 5.0 through 6.1 on Windows, and Remote Desktop Connection Client for Mac 2.0, allows remote attackers to execute arbitrary code via unspecified parameters, aka "Remote Desktop Connection ... oval:org.secpod.oval:def:2375 The host is missing a critical security update according to Microsoft security bulletin, MS09-034. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Internet Explorer, which fails to handle a specially crafted Web page. Successful exploitation allows a ... oval:org.mitre.oval:def:6286 Double free vulnerability in the Workstation service in Microsoft Windows allows remote authenticated users to gain privileges via a crafted RPC message to a Windows XP SP2 or SP3 or Server 2003 SP2 system, or cause a denial of service via a crafted RPC message to a Vista Gold, SP1, or SP2 or Server ... oval:org.secpod.oval:def:2560 The host is missing a important security update according to Microsoft security bulletin, MS09-041. The update is required to fix privilege elevation vulnerability. The flaw is present in the Windows Workstation Service, which fails to handle a specially crafted RPC message. Successful exploitation ... oval:org.mitre.oval:def:5524 Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly handle table operations, which allows ... oval:org.mitre.oval:def:6072 Microsoft Internet Explorer 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly handle attempts to access deleted objects in memory ... oval:org.mitre.oval:def:5678 Integer overflow in the Embedded OpenType (EOT) Font Engine in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted name table, aka "Embedded OpenType Font Integer Overflow ... oval:org.mitre.oval:def:6308 Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code via frequent calls to the getElementsByTagName function combined with the creation of an object during reorderi ... oval:org.secpod.oval:def:2359 The host is missing a important security update according to Microsoft security bulletin, MS09-025. The update is required to fix elevation escalation vulnerabilities in windows. A flaw is present in the Windows kernel , which fails to handle specific kernel object. Successful exploitation could all ... oval:org.mitre.oval:def:6294 Use-after-free vulnerability in Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code by repeatedly adding HTML document nodes and calling event handlers, which trig ... oval:org.mitre.oval:def:6278 Microsoft Internet Explorer 5.01 SP4; 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not prevent HTML rendering of cached content, which allows remote attackers to bypass the Same Origin Policy via unspecified ve ... oval:org.mitre.oval:def:6260 Microsoft Internet Explorer 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not properly synchronize AJAX requests, which allows allows remote attackers to execute arbitrary code via a large number of concurrent, asynchr ... oval:org.mitre.oval:def:6295 Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by calling the setCapture method on a collection of crafted o ... oval:org.secpod.oval:def:2294 The host is missing a critical security update according to Microsoft security bulletin, MS09-022. The update is required to fix remote code execution vulnerability in Windows. A flaw is present in the Windows Print Spooler, which fails handle specially crafted RPC request. Successful exploitation c ... oval:org.mitre.oval:def:6206 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Desktop Vulnerability. ... oval:org.mitre.oval:def:6231 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate user-mode pointers in unspecified error conditions, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Pointer V ... oval:org.mitre.oval:def:5815 The Windows Printing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows local users to read arbitrary files via a crafted separator page, aka "Print Spooler Read File Vulnerability." oval:org.mitre.oval:def:5912 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate an argument to an unspecified system call, which allows local users to gain privileges via a crafted application, aka "Windows Driver Class Registration ... oval:org.mitre.oval:def:6041 Race condition in Microsoft Internet Explorer 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code or perform other actions upon a page transition, with the permissions of t ... oval:org.secpod.oval:def:1455 The host is missing a critical security update according to Microsoft security bulletin, MS10-071. The update is required to fix multiple vulnerabilities. Multiple flaws are present in Microsoft Internet Explorer, which fails to handle unspecified special characters in CSS documents. Successful expl ... oval:org.mitre.oval:def:7059 Use-after-free vulnerability in the CAttrArray::PrivateFind function in mshtml.dll in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code by setting an unspecified property of a stylesheet object, aka "Uninitialized Memory Corruption Vulnerability." oval:org.mitre.oval:def:5457 The Embedded OpenType (EOT) Font Engine (T2EMBED.DLL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted name table in a data record that triggers an integer truncation ... oval:org.secpod.oval:def:2577 The host is missing a critical security update according to Microsoft security bulletin, MS09-029. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft Windows component, the Embedded OpenType (EOT) Font Engine, which fails to parse data records ... oval:org.mitre.oval:def:6244 Microsoft Internet Explorer 8 for Windows XP SP2 and SP3; 8 for Server 2003 SP2; 8 for Vista Gold, SP1, and SP2; and 8 for Server 2008 SP2 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via "malformed row property references" that trigger an acces ... oval:org.secpod.oval:def:2653 The host is missing a critical security update according to Microsoft security bulletin, MS09-019. The update is required to fix Information Disclosure Vulnerability. A flaw is present in Internet Explorer, which fails to handle a specially crafted Web page. Successful exploitation could allow an at ... oval:org.secpod.oval:def:24876 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:24877 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:24878 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current u ... oval:org.secpod.oval:def:24879 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:24880 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:24882 The host is installed with Internet Explorer 8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:24883 The host is missing a critical security update according to Microsoft security bulletin, MS15-066. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which improperly accesses objects in memory. Successful exploitation could allow atta ... oval:org.secpod.oval:def:24865 The host is installed with Internet Explorer 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:24859 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:24860 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:24861 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:24862 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:24863 The host is installed with Internet Explorer 6, 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curren ... oval:org.secpod.oval:def:24864 The host is installed with Internet Explorer 6, 7, 8, or 9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.mitre.oval:def:8267 Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerab ... oval:org.mitre.oval:def:8378 Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a diffe ... oval:org.mitre.oval:def:8464 The URL validation functionality in Microsoft Internet Explorer 5.01, 6, 6 SP1, 7 and 8, and the ShellExecute API function in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, does not properly process input parameters, which allows remote attackers to execute arbitrary local programs via a cra ... oval:org.mitre.oval:def:8491 Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a diffe ... oval:org.secpod.oval:def:2031 The host is missing a critical security update according to Microsoft security bulletin, MS10-002. The update is required to fix multiple vulnerabilities. Flaws are present in the Internet Explorer which fails to handle objects in memory, input parameters and HTML attributes. Successful exploitation ... oval:org.mitre.oval:def:8186 Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulner ... oval:org.mitre.oval:def:6835 Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code by accessing a ... oval:org.mitre.oval:def:7715 The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to leverage the "response-changing mechanism" to conduct cross-site scripting (XSS) attacks against web sites that have no inherent XSS vulnerabilities, related to the details of output encoding and improper modification of an H ... oval:org.secpod.oval:def:1245 The host is missing a critical security update according to Microsoft security bulletin, MS10-049. The update is required to fix remote code execution vulnerabilities. Flaws are present in the the Secure Channel (SChannel) which fails to validate a malformed certificate request message sent by the s ... oval:org.secpod.oval:def:6200 The host is installed with Microsoft XML Core Services 3.0, 4.0, 5.0 or 6.0 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial o ... oval:org.secpod.oval:def:2040 The host is missing a critical security update according to Microsoft security bulletin, MS10-063. The update is required to fix code execution vulnerability. A flaw is present in the Unicode Script Processor implementation in USP10.DLL in Microsoft Windows, which is due to two array-indexing errors ... oval:org.mitre.oval:def:7214 The Uniscribe (aka new Unicode Script Processor) implementation in USP10.DLL in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2, and Microsoft Office XP SP3, 2003 SP3, and 2007 SP2, does not properly validate tables associated with malformed OpenTyp ... oval:org.mitre.oval:def:7286 Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; Microsoft Office XP SP3; Office 2003 SP3; and Office System 2007 SP1 and SP2 do not properly validate COM objects during instantiat ... oval:org.secpod.oval:def:5631 The host is installed with Microsoft Office, Windows and is prone GDI+ record type vulnerability. A flaw is present in the applications, which fail to handle a specially crafted EMF images. Successful exploitation could allow remote attackers to install programs, view, change, or delete data or crea ... oval:org.secpod.oval:def:16204 The host is installed with Microsoft Windows Vista, Windows Server 2008, Microsoft Office 2003 SP3, Office 2007 SP3, Office 2010 SP1/SP2, Lync 2010, Lync Basic 2013 or Lync 2010 Attendee, and is prone to a remote code execution vulnerability. The flaw is present in the graphics component, which fail ... oval:org.secpod.oval:def:8348 The host is installed with Microsoft XML Core Services 5.0, 6.0 on Microsoft Windows or with Microsoft Groove Server 2007, Microsoft SharePoint Server 2007, Microsoft Expression Web 2, Microsoft Expression Web, Microsoft Office Compatibility Pack, Microsoft Word Viewer, Microsoft Office 2007, or Mic ... oval:org.secpod.oval:def:8351 The host is installed with Microsoft XML Core Services 4.0, 5.0, 6.0 on Microsoft Windows or with Microsoft Groove Server 2007, Microsoft SharePoint Server 2007, Microsoft Expression Web 2, Microsoft Expression Web, Microsoft Office Compatibility Pack, Microsoft Word Viewer, Microsoft Office 2007, M ... oval:org.secpod.oval:def:25822 The host is missing an important security update according to Microsoft security bulletin, MS15-088. The update is required to fix an unsafe command line parameter passing vulnerability. A flaw is present in the application, which fails to properly handle unsafe command line parameters. Successful e ... oval:org.secpod.oval:def:25888 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current u ... oval:org.secpod.oval:def:25889 The host is missing a critical security update according to Microsoft security bulletin, MS15-093. The update is required to fix a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation could allow attackers to exec ... oval:org.secpod.oval:def:25836 The host is missing a critical security update according to Microsoft security bulletin, MS15-079. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute a ... oval:org.secpod.oval:def:25823 The host is installed with Microsoft Excel 2007, 2010, 2013, Powerpoint 2007, 2010, 2013, Visio 2007, 2010, 2013, Word 2007, 2010, 2013, Internet Explorer 7, 8, 9, 10 or 11, Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8, 8.1 or 10 and is prone to an unsafe command line p ... oval:org.secpod.oval:def:25824 The host is installed with Internet Explorer 7, 8, 9, 10, 11 or Microsoft Edge on Microsoft Windows 10 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle crafted data. Successful exploitation could allow attackers to execute arbitr ... oval:org.secpod.oval:def:25825 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to an ASLR bypass vulnerability. A flaw is present in the application, which fails to properly use ASLR security feature. Successful exploitation could allow attackers to bypass the Address Space Layout Randomization. oval:org.secpod.oval:def:25827 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to an edge memory corruption vulnerability. A flaw is present in the application, which fails to properly access an object in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the ... oval:org.secpod.oval:def:26523 The host is installed with Microsoft Edge on Microsoft Windows 10 or Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly access objects in memory. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:26522 The host is missing a critical security update according to Microsoft security bulletin, MS15-094. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle a specially crafted webpage. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:26524 The host is installed with Microsoft Edge on Microsoft Windows 10 or Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly access objects in memory. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:26509 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curr ... oval:org.secpod.oval:def:26508 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curr ... oval:org.secpod.oval:def:26510 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the curr ... oval:org.secpod.oval:def:26513 The host is installed with Microsoft Edge on Microsoft Windows 10 or Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly access objects in memory. Successful exploitation could allow attackers to execute arbit ... oval:org.secpod.oval:def:30028 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which improperly discloses the contents of its memory. Successful exploitation could provide an attacker with information to further compromise the ... oval:org.secpod.oval:def:30026 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which does not properly validate permissions under specific conditions. Successful exploitation could allow attackers to run script with elevated ... oval:org.secpod.oval:def:30021 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as th ... oval:org.secpod.oval:def:30017 The host is installed with JScript and Vbscript 5.8 scripting engines and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the cu ... oval:org.secpod.oval:def:30018 The host is installed with JScript and Vbscript 5.7 or 5.8 scripting engines and is prone to an information disclosure vulnerability. A flaw is present in the applications, which improperly disclose the contents of its memory. Successful exploitation could provide an attacker with information to fur ... oval:org.secpod.oval:def:30019 The host is missing a critical security update according to Microsoft bulletin, MS15-106. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities ... oval:org.secpod.oval:def:30014 The host is installed with JScript and Vbscript 5.7 or 5.8 scripting engines and is prone to memory corruption vulnerability. A flaw is present in the applications, which fail to handle objects in memory. An attacker who successfully exploited the vulnerabilities could gain the same user rights as t ... oval:org.secpod.oval:def:30015 The host is installed with JScript and Vbscript 5.7 or 5.8 scripting engines and is prone to an ASLR bypass vulnerability. A flaw is present in the applications, which fail to use the Address Space Layout Randomization (ASLR) security feature. Successful exploitation could allow attacker to more rel ... oval:org.secpod.oval:def:30016 The host is installed with JScript and Vbscript 5.7 or 5.8 scripting engines and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle objects in memory. An attacker who successfully exploited the vulnerabilities could gain the same user rights as ... oval:org.secpod.oval:def:30990 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a scripting engine memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same use ... oval:org.secpod.oval:def:30985 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as th ... oval:org.secpod.oval:def:30986 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as th ... oval:org.secpod.oval:def:30987 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as th ... oval:org.secpod.oval:def:30988 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the c ... oval:org.secpod.oval:def:30982 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as th ... oval:org.secpod.oval:def:30983 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as th ... oval:org.secpod.oval:def:30984 The host is installed with Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as th ... oval:org.secpod.oval:def:30989 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the c ... oval:org.secpod.oval:def:31007 The host is missing a critical security update according to Microsoft security bulletin, MS15-112. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to exec ... oval:org.secpod.oval:def:31003 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which discloses the contents of its memory. An attacker who successfully exploited this vulnerability could provide the attacker with information to ... oval:org.secpod.oval:def:31004 The host is installed with Microsoft Edge, Internet Explorer 9, 10 or 11 and is prone to an ASLR Bypass vulnerability. A flaw is present in the application, which fails to use the Address Space Layout Randomization (ASLR) security feature. An attacker who successfully exploited it could bypass the A ... oval:org.secpod.oval:def:31001 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the curr ... oval:org.secpod.oval:def:31002 The host is installed with Microsoft Edge, Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user ri ... oval:org.secpod.oval:def:31751 The host is missing a critical security update according to Microsoft security bulletin, MS15-124. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle a specially crafted webpage. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:31748 The host is installed with Vbscript or JScript 5.7 or 5.8 scripting engines and is prone to an information disclosure vulnerability. A flaw is present in the application, which discloses the contents of its memory. Successful exploitation could allow attackers to compromise the users computer or dat ... oval:org.secpod.oval:def:31749 The host is installed with Vbscript or JScript 5.7 or 5.8 scripting engines and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. An attacker who successfully exploited the vulnerability could gain the same user rights as th ... oval:org.secpod.oval:def:31731 The host is installed with Microsoft Edge, Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user ri ... oval:org.secpod.oval:def:31737 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the curr ... oval:org.secpod.oval:def:31720 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a XSS filter bypass vulnerability. A flaw is present in the application, which fails to properly filter HTTP response data. An attacker who successfully exploited the vulnerabilities could cause script to run on another user ... oval:org.secpod.oval:def:31721 The host is installed with Microsoft Edge, Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user ... oval:org.secpod.oval:def:31719 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a XSS filter bypass vulnerability. A flaw is present in the application, which fails to properly filter HTTP response data. An attacker who successfully exploited the vulnerabilities could cause script to run on another user ... oval:org.secpod.oval:def:31716 The host is installed with Microsoft Edge, Internet Explorer 7, 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same u ... oval:org.secpod.oval:def:31717 The host is installed with Microsoft Edge, Internet Explorer 7, 8, 9, 10 or 11 and is prone to an ASLR bypass vulnerability. A flaw is present in the applications, which fail to properly access objects in memory. An attacker who successfully exploited it could bypass the Address Space Layout Randomi ... oval:org.secpod.oval:def:31718 The host is installed with Internet Explorer 8, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the c ... oval:org.secpod.oval:def:32590 The host is missing a critical security update according to Microsoft security bulletin, MS16-001. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted web page discloses the contents of its memory. Successful ex ... oval:org.secpod.oval:def:32593 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fail to properly access objects in memory. An attacker who successfully exploited these vulnerabilities could gain the same user rights as th ... oval:org.secpod.oval:def:32592 The host is installed with Vbscript or JScript 5.7 or 5.8 scripting engines and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted web page discloses the contents of its memory. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:32898 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could corrupt memory, execute arbitrary code i ... oval:org.secpod.oval:def:32897 The host is missing a critical security update according to Microsoft security bulletin, MS16-009. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to corr ... oval:org.secpod.oval:def:32911 The host is installed with Internet Explorer 9, 10 or 11 or Microsoft Edge and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted website or improperly accesses objects in memory. An attacker who successfully exploited this vulnerabilit ... oval:org.secpod.oval:def:32912 The host is installed with Internet Explorer 9, 10 or 11 or Microsoft Edge and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted website or improperly accesses objects in memory. An attacker who successfully exploited this vulnerabilit ... oval:org.secpod.oval:def:32900 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle cross-domain policies. Successfully exploitation allows remote attackers to access information from one domain and inj ... oval:org.secpod.oval:def:32902 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could corrupt memory, execute arbitrary code i ... oval:org.secpod.oval:def:32901 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle cross-domain policies. Successfully exploitation allows remote attackers to access information from one domain and inj ... oval:org.secpod.oval:def:32908 The host is installed with Internet Explorer 9, 10 or 11 or Microsoft Edge and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to properly parse HTTP responses. An attacker who successfully exploited this vulnerability could trick a user by redirecting them to ... oval:org.secpod.oval:def:32909 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could corrupt memory, execute arbitrary code i ... oval:org.secpod.oval:def:32904 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle Hyperlink Object Library. Successfully exploitation allows remote attackers to obtain information to further compromi ... oval:org.secpod.oval:def:32915 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to remote code execution vulnerability. A flaw is present in the Windows, which fails validates input before loading dynamic link library (DLL ... oval:org.secpod.oval:def:33260 The host is installed with Microsoft Edge, Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successfully exploitation can corrupt memory in such a way that an attacker could execute arb ... oval:org.secpod.oval:def:33255 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successfully exploitation can corrupt memory in such a way that an attacker could execute arbitrary code in t ... oval:org.secpod.oval:def:33251 The host is installed with Microsoft Edge, Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successfully exploitation can corrupt memory in such a way that an attacker could execute arb ... oval:org.secpod.oval:def:33250 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successfully exploitation can corrupt memory in such a way that an attacker could execute arbitrary code in t ... oval:org.secpod.oval:def:33241 The host is missing a critical security update according to Microsoft security bulletin, MS16-023. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which improperly accesses objects in memory. Successfully exploitation can corrupt me ... oval:org.secpod.oval:def:33798 The host is installed with Microsoft XML Core Services 3.0 in Microsoft Windows Server 2012, Windows server2012 R2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 10 or Windows 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, wh ... oval:org.secpod.oval:def:33797 The host is missing a critical security update according to Microsoft security bulletin, MS16-040. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to handle parser while processing user input. Successful exploitation could allow ... oval:org.secpod.oval:def:33813 The host is missing a critical security update according to Microsoft security bulletin, MS16-037. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which improperly accesses objects in memory. Successfully exploitation can corrupt me ... oval:org.secpod.oval:def:33811 The host is installed with Microsoft Edge, Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successfully exploitation can corrupt memory in such a way that an attacker could execute arb ... oval:org.secpod.oval:def:33808 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which does not properly handle JavaScript. Successfully exploitation allow an attacker to detect specific files on the user's computer, In web-based ... oval:org.secpod.oval:def:34341 The host is installed with Microsoft Edge, Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly accesses objects in memory. Successful exploitation can corrupt memory in such a way that an attacker could execute arbit ... oval:org.secpod.oval:def:34340 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly handle objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user, If the current ... oval:org.secpod.oval:def:34338 The host is installed with Vbscript 5.7, Internet Explorer 7, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly handles JScript and VBScript engines render when handling objects in memory in Internet Explorer. Successful exploitatio ... oval:org.secpod.oval:def:34333 The host is missing an critical security update according to Microsoft security bulletin, MS16-051. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which improperly accesses objects in memory. Successful exploitation can corrupt memory in such a way ... oval:org.secpod.oval:def:35629 The host is installed with Vbscript 5.7, Internet Explorer 7, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in VBScript engine, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to gain the same user righ ... oval:org.secpod.oval:def:35627 The host is installed with Vbscript 5.7, Internet Explorer 7, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in VBScript engine, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to gain the same user righ ... oval:org.secpod.oval:def:35628 The host is installed with Vbscript 5.7, Internet Explorer 7, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in VBScript engine, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to gain the same user righ ... oval:org.secpod.oval:def:35625 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in VBScript engine, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to gain the same user rights as the current ... oval:org.secpod.oval:def:35626 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in VBScript engine, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to gain the same user rights as the current ... oval:org.secpod.oval:def:35621 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a XSS filter vulnerability. A flaw is present in the application, which improperly validate JavaScript under specific conditions in Internet Explorer. Successful exploitation allow attackers to run arbitrary code with medium-in ... oval:org.secpod.oval:def:35622 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in VBScript engine, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to gain the same user rights as the current ... oval:org.secpod.oval:def:35925 The host is missing a critical security update according to Microsoft bulletin, MS16-084. The update is required to fix multiple vulnerabilities. The flaws are present in application, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to ga ... oval:org.secpod.oval:def:35935 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user o ... oval:org.secpod.oval:def:35936 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to a spoofing vulnerability. A flaw is present in microsoft browser, which fails to properly parse HTTP content. Successful exploitation could allow attackers to gain the same user rights as the current user, if th ... oval:org.secpod.oval:def:35933 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user o ... oval:org.secpod.oval:def:35934 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user o ... oval:org.secpod.oval:def:35945 The host is installed with Vbscript 5.7, Internet Explorer 7, 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in VBScript engine, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to corrupt memory, execute ... oval:org.secpod.oval:def:35942 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to a memory corruption vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of th ... oval:org.secpod.oval:def:35943 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to a memory corruption vulnerability. A flaw is present in applications, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to gain the same user rights a ... oval:org.secpod.oval:def:35938 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to an information disclosure vulnerability. A flaw is present in microsoft browser XSS filter, which fails to properly validate content under specific conditions. Successful exploitation could allow attackers to ru ... oval:org.secpod.oval:def:35939 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to a memory corruption vulnerability. A flaw is present in applications, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to gain the same user rights a ... oval:org.secpod.oval:def:36735 The host is missing a critical security update according to Microsoft bulletin, MS16-095. The update is required to fix multiple vulnerabilities. The flaws are present in application, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to ga ... oval:org.secpod.oval:def:36734 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to an information disclosure vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to obtain information to further comprom ... oval:org.secpod.oval:def:36733 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to an information disclosure vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to obtain information to further comprom ... oval:org.secpod.oval:def:36732 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to an information disclosure vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to obtain information to further comprom ... oval:org.secpod.oval:def:36729 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to a memory corruption vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of th ... oval:org.secpod.oval:def:37065 The host is installed with Internet Explorer 9, 10, 11 and is prone to a memory corruption vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user, if the current ... oval:org.secpod.oval:def:37064 The host is installed with Internet Explorer 9, 10, 11 or Microsoft Edge and is prone to a memory corruption vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current us ... oval:org.secpod.oval:def:37068 The host is installed with Internet Explorer 9, 10, 11 and is prone to a security feature bypass vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could entice users into clicking a link that directs them to the attacker's site ... oval:org.secpod.oval:def:37067 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to an information disclosure vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could obtain information to further compromise a target system ... oval:org.secpod.oval:def:37478 The host is installed with Internet Explorer 9, 10, 11 or edge and is prone to a memory corruption vulnerability. A flaw is present in the applications, which improperly handles objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user, if the ... oval:org.secpod.oval:def:37476 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in the Internet Messaging API, which fails to properly handle objects in memory. Successful exploitation could allow the attacker to test for the presence of files on d ... oval:org.secpod.oval:def:37475 The host is installed with Internet Explorer 9, 10, 11 or Microsoft Edge and is prone to an information disclosure vulnerability. A flaw is present in the applications, which improperly handles objects in memory. Successful exploitation could allow attackers to detect specific files on the user's co ... oval:org.secpod.oval:def:37481 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user, if the curre ... oval:org.secpod.oval:def:37480 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user, if the curre ... oval:org.secpod.oval:def:37488 The host is missing a critical security update according to Microsoft bulletin, MS16-118. The update is required to fix multiple vulnerabilities. The flaws are present in application, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to ga ... oval:org.secpod.oval:def:37485 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in Internet Explorer, which leaves credential data in memory. Successful exploitation could allow attackers to harvest credentials from a memory dump of the browser pro ... oval:org.secpod.oval:def:37946 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to a memory corruption vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to obtain information to further compromise th ... oval:org.secpod.oval:def:37945 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to a memory corruption vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to obtain information to further compromise th ... oval:org.secpod.oval:def:37944 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to an information disclosure vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to obtain information to further comprom ... oval:org.secpod.oval:def:37943 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to an information disclosure vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to obtain information to further comprom ... oval:org.secpod.oval:def:37942 The host is installed with Internet Explorer 9, 10, 11 or Microsoft edge and is prone to an information disclosure vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to obtain information to further comprom ... oval:org.secpod.oval:def:38294 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Windows 10, Server 2012, Server 2016 or Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the Windows Uniscribe, which fails to properly h ... oval:org.secpod.oval:def:38311 The host is installed with Internet Explorer 9, 10, 11 or Edge and is prone to an information disclosure vulnerability. A flaw is present in the applications, which improperly handles objects in memory. Successful exploitation could allow attackers to obtain information to further compromise a targe ... oval:org.secpod.oval:def:38314 The host is missing a critical security update according to Microsoft bulletin, MS16-144. The update is required to fix multiple vulnerabilities. The flaws are present in application, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to ga ... oval:org.secpod.oval:def:38308 The host is installed with Internet Explorer 9, 10 or 11 is prone to a memory corruption vulnerability. A flaw is present in the applications, which improperly handles objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user, if the current us ... oval:org.secpod.oval:def:38309 The host is installed with Internet Explorer 9, 10, 11 or edge and is prone to a memory corruption vulnerability. A flaw is present in the applications, which improperly handles objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user, if the ... oval:org.secpod.oval:def:37958 The host is missing a critical security update according to Microsoft bulletin, MS16-142. The update is required to fix multiple vulnerabilities. The flaws are present in application, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to ga ... oval:org.secpod.oval:def:39413 The host is missing a critical security update according to Microsoft bulletin, MS17-006. The update is required to fix multiple vulnerabilities. The flaws are present in application, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to ex ... oval:org.secpod.oval:def:39308 The host is installed with Microsoft XML Core Services 3.0 in Microsoft Windows Server 2012, Windows server2012 R2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2016, Windows 10 or Windows 8.1 and is prone to an information Disclosure vulnerability. A flaw is present in the ... oval:org.secpod.oval:def:39309 The host is missing a critical security update according to Microsoft security bulletin, MS17-022. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attack ... oval:org.secpod.oval:def:39455 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which improperly handles objects in memory. Successful exploitation could allow attackers to obtain information to further compromise a target syst ... oval:org.secpod.oval:def:39456 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which improperly handles objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:39457 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which improperly handles objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:39459 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an information disclosure vulnerability. A flaw is present in the Internet Messaging API, which fails to properly handle objects in memory. Successful exploitation could allow the attackers to obtain information to further comp ... oval:org.secpod.oval:def:39453 The host is installed with Internet Explorer 9, 10 or 11 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which improperly handles objects in memory. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. oval:org.secpod.oval:def:39449 The host is installed with Internet Explorer 9, 10, 11 or Microsoft Edge and is prone to an information disclosure vulnerability. A flaw is present in the applications, which improperly handles objects in memory. Successful exploitation could allow attackers to obtain information to further compromi ... oval:org.secpod.oval:def:26552 The host is installed with .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.0, 4.5, 4.5.1, 4.5.2 or 4.6 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to validate the number of objects in memory before copying those objects into an array. An attacker ... oval:org.secpod.oval:def:26554 The host is missing an important security update according to Microsoft bulletin, MS15-101. The update is required to fix multiple elevation of privilege vulnerabilities. The flaws are present in the application, which improperly optimizes certain parameters resulting in a code generation error. An ... oval:org.secpod.oval:def:26553 The host is installed with .NET Framework 4.5, 4.5.1, 4.5.2 or 4.6 and is prone to a MVC denial of service vulnerability. A flaw is present in the application, which fails to handle certain specially crafted requests. An attacker who successfully exploited this vulnerability could send a small numbe ... oval:org.secpod.oval:def:33790 The host is missing a important security update according to Microsoft security bulletin, MS16-047. The update is required to fix SAM and LSAD downgrade vulnerability. A flaw is present in the Security Account Manager (SAM) and Local Security Authority (Domain Policy) (LSAD) remote protocols, which ... oval:org.secpod.oval:def:33789 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 R2 or Windows 10 and is prone to SAM and LSAD downgrade vulnerability. A flaw is present in the Security Account Manager (SAM) and Local Securi ... oval:org.secpod.oval:def:25855 The host is installed with Microsoft Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2, Windows 10, .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, or 4.6 and is prone to an Onetype font parsing vulnerabilit ... oval:org.secpod.oval:def:34325 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Windows 10, Server 2012 or 2012 R2 and is prone to an use-after-free vulnerability. A flaw is present in the Windows GDI component, which fails to handle objects in memory. Succes ... oval:org.secpod.oval:def:34326 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Windows 10, Server 2012 or 2012 R2 and is prone to an use-after-free vulnerability. A flaw is present in the Windows GDI component, which fails to handle objects in memory. Succes ... oval:org.secpod.oval:def:34323 The host is missing an critical security update according to Microsoft security bulletin, MS16-055. The update is required to fix multiple vulnerabilities. A flaw is present in the Windows graphics component, which fails to handle objects in memory. Successful exploitation could allow attackers to o ... oval:org.secpod.oval:def:34324 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Server 2012 or 2012 R2 and is prone to a memory corruption vulnerability. A flaw is present in the windows imaging component, which fails to handle objects in memory. Successful e ... oval:org.secpod.oval:def:34312 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle parsing of certain symbolic l ... oval:org.secpod.oval:def:34313 The host is missing an important security update according to Microsoft security bulletin, MS16-060. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle parsing of certain symbolic links. Successful exploitation ... oval:org.secpod.oval:def:34310 The host is installed with Microsoft Windows Vista, 7, 8.1, 10, Server 2008, 2008 R2, 2012 or 2012 R2 and is prone to a RPC network data representation engine elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle specially crafted Remote Procedure ... oval:org.secpod.oval:def:34311 The host is missing an important security update according to Microsoft security bulletin, MS16-061. The update is required to fix a RPC network data representation engine elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle specially crafted Rem ... oval:org.secpod.oval:def:25819 The host is installed with Microsoft .NET Framework 4.6 on Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012, Server 2012 R2 or Windows 10 and is prone to a RyuJIT optimization elevation of privilege vulnerability. A flaw is present in the a ... oval:org.secpod.oval:def:25817 The host is installed with Microsoft .NET Framework 4.6 on Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012, Server 2012 R2 or Windows 10 and is prone to a RyuJIT optimization elevation of privilege vulnerability. A flaw is present in the a ... oval:org.secpod.oval:def:25820 The host is installed with Microsoft .NET Framework 4.6 on Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012, Server 2012 R2 or Windows 10 and is prone to a RyuJIT optimization elevation of privilege vulnerability. A flaw is present in the a ... oval:org.secpod.oval:def:25821 The host is missing a important security update according to Microsoft bulletin, MS15-092. The update is required to fix multiple elevation of privilege vulnerabilities. The flaws are present in the application, which improperly optimizes certain parameters resulting in a code generation error. An a ... oval:org.secpod.oval:def:33967 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:33966 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:33965 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:33262 The host is installed with .NET Framework 2.0 SP2, 3.0, 3.5, 3.5.1, 4.5.2, 4.6 or 4.6.1 and is prone to a security feature bypass vulnerability. A flaw is present in the .NET Framework component, which does not properly validate certain elements of a signed XML document. Successful exploitation allo ... oval:org.secpod.oval:def:33261 The host is missing a important security update according to Microsoft security bulletin, MS16-035. The update is required to fix a security feature bypass vulnerability. The flaw is present in the .NET Framework, which does not properly validate certain elements of a signed XML document. Successful ... oval:org.secpod.oval:def:31010 The host is installed with .Net framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2 or 4.6 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle specially crafted XML files. An attacker who successfully exploited this vulnerability could ... oval:org.secpod.oval:def:31011 The host is installed with .Net framework 4, 4.5, 4.5.1, 4.5.2 or 4.6 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which improperly validates values in HTTP requests. An attacker who successfully exploited the vulnerability could leverage a vulnerabl ... oval:org.secpod.oval:def:31012 The host is installed with .Net framework 2.0 SP2, 3.5.1 and is prone to an ASLR bypass vulnerability. A flaw is present in the application, which does not properly implement the Address Space Layout Randomization (ASLR) security feature. An attacker who successfully exploited this vulnerability cou ... oval:org.secpod.oval:def:31013 The host is missing an important security update according to Microsoft bulletin, MS15-118. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted vectors. An attacker who successfully exploited this vulnerability could take co ... oval:org.secpod.oval:def:35571 The host is missing an important security update according to Microsoft security bulletin, MS16-072. The update is required to fix a group policy elevation of privilege vulnerability. A flaw is present in the group policy, which fails to properly handle group policy updates process. An attacker who ... oval:org.secpod.oval:def:35572 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to a group policy elevation of privilege vulnerability. A flaw is present in the group policy, which fails to properly handle group po ... oval:org.secpod.oval:def:35581 The host is missing an important security update according to Microsoft security bulletin, MS16-073. The update is required to fix multiple vulnerabilities. The flaws are present in the Windows, which fails to properly handle objects in memory and memory addresses. An attacker who successfully explo ... oval:org.secpod.oval:def:35588 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Server 2012, Server 2012 R2 or Windows 10 and is prone to an information disclosure vulnerability. A flaw is present in the windows graphics component, which fails to handle objec ... oval:org.secpod.oval:def:35589 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Server 2012, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the adobe type manager font driver, which fails to handle o ... oval:org.secpod.oval:def:35587 The host is missing a critical security update according to Microsoft security bulletin, MS16-074. The update is required to fix multiple vulnerabilities. The flaws are present in the windows graphics component, which fails to handle objects in memory. Successful exploitation could allow attackers t ... oval:org.secpod.oval:def:35582 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:35583 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:35953 The host is missing a critical security update according to Microsoft security bulletin, MS16-087. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:35951 The host is installed with Microsoft Windows Vista, Windows 7, Windows 8.1, Windows 10, Windows Server 2008, Server 2008 R2, Server 2012 or Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful explo ... oval:org.secpod.oval:def:35952 The host is installed with Microsoft Windows Vista, Windows 7, Windows 8.1, Windows 10, Windows Server 2008, Server 2008 R2, Server 2012 or Server 2012 R2 and is prone to an elevation privilege vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploi ... oval:org.secpod.oval:def:35946 The host is installed with .NET Framework 2.0 SP2, 3.5.1, 4.5.2, 4.6 or 4.6.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which improperly parses XML input containing a reference to an external entity. Successful exploitation allows attackers to rea ... oval:org.secpod.oval:def:35947 The host is missing an important security update according to Microsoft security bulletin, MS16-091. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which improperly parses XML input containing a reference to an external entity. Successful ... oval:org.secpod.oval:def:34356 The host is missing an important security update according to Microsoft security bulletin, MS16-062. The update is required to fix multiple vulnerabilities. A flaw is present in the Windows, which fails to properly handle objects in memory and memory addresses. An attacker who successfully exploited ... oval:org.secpod.oval:def:34354 The host is installed with Microsoft Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8.1 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle objects in memory and incorrectly ma ... oval:org.secpod.oval:def:34352 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:34353 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an information disclosure vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle memory addresses. ... oval:org.secpod.oval:def:34350 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:34351 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:34349 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:34343 The host is installed with Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1 or Windows 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted journal file. Successful exploitation allows attackers to execute an arbi ... oval:org.secpod.oval:def:34342 The host is missing a critical security update according to Microsoft security bulletin, MS16-056. The update is required to fix a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted journal file. Successful exploitation allows attackers to ... oval:org.secpod.oval:def:34330 The host is missing an critical security update according to Microsoft security bulletin, MS16-065. The update is required to fix a TLS/SSL information disclosure vulnerability. A flaw is present in the TLS/SSL protocol, which fails to properly handle an injection of unencrypted data into the secure ... oval:org.secpod.oval:def:34329 The host is installed with .NET Framework 2.0 SP2, 3.5.1, 4.5.2, 4.6 or 4.6.1 and is prone to a TLS/SSL information disclosure vulnerability. A flaw is present in the TLS/SSL protocol, which fails to properly handle an injection of unencrypted data into the secure channel and then man-in-the-middle ... oval:org.secpod.oval:def:34327 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Windows 10, Server 2012 or 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows GDI component, which improperly discloses the contents ... oval:org.secpod.oval:def:34328 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Windows 10, Server 2012 or 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows GDI component, which improperly discloses the contents ... oval:org.secpod.oval:def:35610 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows 8.1, Windows Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the microsoft server messag ... oval:org.secpod.oval:def:35609 The host is missing an important security update according to Microsoft security bulletin, MS16-075. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the microsoft server message block, which fails to handle authentication request intended for another servi ... oval:org.secpod.oval:def:35620 The host is installed with Internet Explorer 9, 10 or 11 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, where Web Proxy Auto Discovery (WPAD) protocol falls back to a vulnerable proxy discovery process. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:35614 The host is missing an important security update according to Microsoft security bulletin, MS16-077. The update is required to fix multiple elevation of privilege vulnerabilities. The flaws are present in the application, which improperly handle certain proxy discovery scenarios using the Web Proxy ... oval:org.secpod.oval:def:35615 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which improperly handle certain proxy discovery scen ... oval:org.secpod.oval:def:35613 The host is missing a critical security update according to Microsoft security bulletin, MS16-063. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle objects in memory or Web Proxy Auto Discovery (WPAD) protocol. Successful exploit ... oval:org.secpod.oval:def:35865 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an information disclosure vulnerability. A flaw is present in the Windows GDI component, which improperly discloses kernel memory a ... oval:org.secpod.oval:def:35866 The host is missing an important security update according to Microsoft bulletin, MS16-090. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which improperly handles kernel memory. An attacker who successfully exploited these vulnerabilities could obt ... oval:org.secpod.oval:def:35863 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:35861 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:35862 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:35860 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:39333 The host is missing a critical security update according to Microsoft security bulletin, MS17-008. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:39334 A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause ... oval:org.secpod.oval:def:39330 A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as ... oval:org.secpod.oval:def:39331 A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as ... oval:org.secpod.oval:def:39332 An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that ... oval:org.secpod.oval:def:39328 A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as ... oval:org.secpod.oval:def:39329 A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause ... oval:org.secpod.oval:def:36997 The host is missing an important security update according to Microsoft bulletin, MS16-098. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which improperly handles kernel memory. An attacker who successfully exploited these vulnerabilities could obt ... oval:org.secpod.oval:def:36995 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Graphics Device Interface (GDI), which fails to properly ... oval:org.secpod.oval:def:36994 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an information disclosure vulnerability. A flaw is present in the Windows Graphics Device Interface (GDI), which fails to properly ... oval:org.secpod.oval:def:36992 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:37011 The host is missing an important security update according to Microsoft security bulletin, MS16-111. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle session objects and kernel API enforced permissions. Succes ... oval:org.secpod.oval:def:37010 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle session objects. Successful e ... oval:org.secpod.oval:def:37009 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle session objects. Successful e ... oval:org.secpod.oval:def:37008 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle kernel API enforced permissio ... oval:org.secpod.oval:def:37007 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, where kernel API improperly allows a user to access sensitiv ... oval:org.secpod.oval:def:36743 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to a kerberos security feature bypass vulnerability. A flaw is present in the Windows Kerberos, which fails to properly handle a pas ... oval:org.secpod.oval:def:36742 The host is missing an important security update according to Microsoft security bulletin, MS16-101. The update is required to fix multiple vulnerabilities. The flaws are present in the Windows Kerberos, which fails to properly handle a password change request and falls back to NT LAN Manager (NTLM) ... oval:org.secpod.oval:def:36723 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:36722 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:36721 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:36720 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:36719 The host is missing an important security update according to Microsoft bulletin, MS16-098. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which improperly handles kernel memory. An attacker who successfully exploited these vulnerabilities could obt ... oval:org.secpod.oval:def:37437 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:37435 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:37432 The host is missing a critical security update according to Microsoft security bulletin, MS16-122. The update is required to fix a remote code execution vulnerability. A flaw is present in the Microsoft video control, which fails to properly handle objects in memory. Successful exploitation could al ... oval:org.secpod.oval:def:37431 The host is installed with Vista SP2, Windows 7 SP1, Windows 8.1 or Windows 10 and is prone to an remote code execution vulnerability. A flaw is present in the Microsoft video control, which fails to properly handle objects in memory. Successful exploitation could allow attacker to run arbitrary cod ... oval:org.secpod.oval:def:37891 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Common Log File System Driver, which fails to properly ... oval:org.secpod.oval:def:37890 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Common Log File System Driver, which fails to properly ... oval:org.secpod.oval:def:37898 The host is missing an important security update according to Microsoft security bulletin, MS16-134. The update is required to fix multiple elevation of privilege vulnerabilities. The flaws are present in the Windows Common Log File System Driver, which fails to properly handle objects in memory. An ... oval:org.secpod.oval:def:37897 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Common Log File System Driver, which fails to properly ... oval:org.secpod.oval:def:37896 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Common Log File System Driver, which fails to properly ... oval:org.secpod.oval:def:37895 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Common Log File System Driver, which fails to properly ... oval:org.secpod.oval:def:37894 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Common Log File System Driver, which fails to properly ... oval:org.secpod.oval:def:37893 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Common Log File System Driver, which fails to properly ... oval:org.secpod.oval:def:37892 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Common Log File System Driver, which fails to properly ... oval:org.secpod.oval:def:37889 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Common Log File System Driver, which fails to properly ... oval:org.secpod.oval:def:37888 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Common Log File System Driver, which fails to properly ... oval:org.secpod.oval:def:37072 The host is missing an critical security update according to Microsoft security bulletin, MS16-116. The update is required to fix a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to run arb ... oval:org.secpod.oval:def:37071 The host is missing a critical security update according to Microsoft bulletin, MS16-104. The update is required to fix multiple vulnerabilities. The flaws are present in application, which improperly handles objects in memory in Internet Explorer. Successful exploitation could allow attackers to ga ... oval:org.secpod.oval:def:37069 The host is installed with Internet Explorer 9, 10, 11 and is prone to a memory corruption vulnerability. A flaw is present in Internet Explorer, which improperly handles objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user, if the current ... oval:org.secpod.oval:def:37055 The host is missing an important security update according to Microsoft bulletin, MS16-110. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted vectors. An attacker who successfully exploited this vulnerability coul ... oval:org.secpod.oval:def:37053 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. An ... oval:org.secpod.oval:def:37050 The host is missing an important security update according to Microsoft security bulletin, MS16-114. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which improperly handles crafted packets. Successful exploitation could allow attackers to e ... oval:org.secpod.oval:def:37049 The host is installed with Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows 10, Windows Server 2008 SP2,Windows Server 2008 R2 SP1, Windows Server 2012 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which imprope ... oval:org.secpod.oval:def:37440 The host is missing a critical security update according to Microsoft security bulletin, MS16-123. The update is required to fix multiple elevation of privilege vulnerabilities. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. An attacker who successfully ex ... oval:org.secpod.oval:def:37445 The host is missing an important security update according to Microsoft security bulletin, MS16-124. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle session objects and kernel API enforced permissions. Succes ... oval:org.secpod.oval:def:37441 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle session objects. Successful e ... oval:org.secpod.oval:def:37439 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:37438 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:37493 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to a remote code execution vulnerability. A flaw is present in the Windows Graphics Component, which fails to properly handle objects ... oval:org.secpod.oval:def:37492 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:37925 The host is missing an important security update according to Microsoft security bulletin, MS16-137. The update is required to fix multiple vulnerability. A flaw is present in the application, which fails to properly handle crafted vectors. An attacker who successfully exploited this vulnerability c ... oval:org.secpod.oval:def:37923 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows NTLM, which fails to properly handle NTLM password chan ... oval:org.secpod.oval:def:37922 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to a denial of service vulnerability. A flaw is present in the Windows Local Security Authority Subsystem Service (LSASS), which fai ... oval:org.secpod.oval:def:37921 The host is missing an important security update according to Microsoft security bulletin, MS16-135. The update is required to fix multiple vulnerabilities. The flaws are present in the Windows Kernel-mode driver, which fails to properly handle a specially crafted application. An attacker who succes ... oval:org.secpod.oval:def:37920 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012, Server 2012 R2 or Server 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel-mode driver, which fails to properl ... oval:org.secpod.oval:def:37918 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012, Server 2012 R2 or Server 2016 and is prone to an information disclosure vulnerability. A flaw is present in the Windows Bowser.sys Kernel-Mode driver, which fails ... oval:org.secpod.oval:def:37917 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012, Server 2012 R2 or Server 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel-mode driver, which fails to properl ... oval:org.secpod.oval:def:37916 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012, Server 2012 R2 or Server 2016 and is prone to an information disclosure vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle spe ... oval:org.secpod.oval:def:37915 The host is installed with Vista SP2, Windows 7 SP1, Windows 8.1 or Windows 10 and is prone to a remote code execution vulnerability. A flaw is present in the Microsoft video control, which fails to properly handle objects in memory. Successful exploitation could allow attacker to run arbitrary code ... oval:org.secpod.oval:def:37914 The host is missing an important security update according to Microsoft security bulletin, MS16-131. The update is required to fix remote code execution vulnerability. A flaw is present in the Microsoft Video Control, which fails to properly handle objects in memory. Successful exploitation could al ... oval:org.secpod.oval:def:39409 Multiple information disclosure vulnerabilities exist in the way that the Color Management Module (ICM32.dll) handles objects in memory. These vulnerabilities allow an attacker to retrieve information to bypassusermode ASLR (Address Space Layout Randomization) on a targeted system. By itself, the in ... oval:org.secpod.oval:def:39400 An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete da ... oval:org.secpod.oval:def:39401 An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete da ... oval:org.secpod.oval:def:39402 An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete da ... oval:org.secpod.oval:def:39403 An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete da ... oval:org.secpod.oval:def:39405 An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could ... oval:org.secpod.oval:def:39114 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Server 2012, Server 2012 R2, Server 2016, or Windows 10 and is prone to an information disclosure vulnerability. A flaw is present in the windows GDI, which fails to handle a craf ... oval:org.secpod.oval:def:38291 The host is missing an important security update according to Microsoft security bulletin, MS16-153. The update is required to fix an information disclosure vulnerability. A flaw is present in the Windows Common Log File System Driver, which fails to properly handle objects in memory. An attacker wh ... oval:org.secpod.oval:def:38292 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Windows 10, Server 2012, Server 2016 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Windows Common Log File System Driver, whi ... oval:org.secpod.oval:def:38293 The host is missing an important security update according to Microsoft security bulletin, MS16-147. The update is required to fix a remote code execution vulnerability. A flaw is present in the Windows Uniscribe, which fails to properly handle objects in memory. An attacker who successfully exploit ... oval:org.secpod.oval:def:38296 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Server 2012, Server 2012 R2, Windows 10 or Server 2016 and is prone to a remote code execution vulnerability. A flaw is present in the windows GDI component, which improperly hand ... oval:org.secpod.oval:def:38298 The host is missing an critical security update according to Microsoft bulletin, MS16-146. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted website. Successful exploitation could allow remote code execution. oval:org.secpod.oval:def:38320 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Windows 10, Server 2012, Server 2016 or Server 2012 R2 and is prone to an elevation of privilege Vulnerability. A flaw is present in the Windows kernel-mode driver, which fails to ... oval:org.secpod.oval:def:38318 The host is missing an important security update according to Microsoft security bulletin, MS16-151. The update is required to fix multiple vulnerabilities. The flaws are present in the Windows Kernel-mode driver, which fails to properly handle a specially crafted application. An attacker who succes ... oval:org.secpod.oval:def:38319 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Windows 10, Server 2012, Server 2016 or Server 2012 R2 and is prone to an elevation of privilege Vulnerability. A flaw is present in the Microsoft Graphics Component, which fails ... oval:org.secpod.oval:def:38315 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012, Server 2012 R2 or Server 2016 and is prone to an information disclosure vulnerability. A flaw is present in the Windows Crypto Driver, which improperly handles ob ... oval:org.secpod.oval:def:38316 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012, Server 2012 R2 or Server 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Installer, which improperly sanitize input ... oval:org.secpod.oval:def:38317 The host is missing an important security update according to Microsoft bulletin, MS16-149. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted application. Successful exploitation could allow elevation of privileg ... oval:org.secpod.oval:def:38333 The host is installed with .NET Framework 2.0 SP2, 3.5.1, 4.5.2, 4.6, 4.6.1 or 4.6.2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which improperly uses a developer-supplied key. Successful exploitation allows attackers to access information that shou ... oval:org.secpod.oval:def:38335 The host is missing an important security update according to Microsoft bulletin, MS16-155. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which improperly uses a developer-supplied key. Successful exploitation allows attackers to access ... oval:org.secpod.oval:def:37939 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Server 2012, Server 2012 R2 and 10 and is prone to an remote code execution vulnerability. A flaw is present in the specially crafted embedded fonts, which fails to properly hand ... oval:org.secpod.oval:def:37936 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Server 2012, Server 2012 R2 and 10 and is prone to an information disclosure vulnerability. A flaw is present in the ATMFD component, which fails to properly handle objects in mem ... oval:org.secpod.oval:def:37935 The host is missing an important security update according to Microsoft security bulletin, MS16-132. The update is required to fix multiple vulnerabilities. The flaws are present in the Microsoft Graphics component, which fails to properly handle a specially crafted object in memory. An attacker who ... oval:org.secpod.oval:def:37934 The host is missing a critical security update according to Microsoft security bulletin, MS16-130. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle specially crafted application. Successful exploitation could allow attac ... oval:org.secpod.oval:def:37933 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the Windows image file loading functionality, which improperly handle ... oval:org.secpod.oval:def:37931 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows IME, which improperly handles DLL loading. Successful e ... oval:org.secpod.oval:def:39377 A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts ... oval:org.secpod.oval:def:39378 The host is missing a critical security update according to Microsoft security bulletin, MS17-011. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:39364 An elevation of privilege vulnerability exists when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:39365 The host is missing an important security update according to Microsoft security bulletin, MS17-018. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted application. Successful exploitation could allow attackers to take comp ... oval:org.secpod.oval:def:39356 An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions. An attacker who successfully exploited the vulnerability could run processes in an elevated context. To exploit the vulnerability, a locally authenticated attacker could run a specially crafte ... oval:org.secpod.oval:def:39357 An elevation of privilege vulnerability exists when Windows fails to check the length of a buffer prior to copying memory to it. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. To exploit the vulnerability, an attacker would first need ac ... oval:org.secpod.oval:def:39358 The host is missing an important security update according to Microsoft security bulletin, MS17-017. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted application. Successful exploitation could allow attackers to escalate ... oval:org.secpod.oval:def:39399 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ... oval:org.secpod.oval:def:39398 An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system. There are multiple ways an attacker could exploit the vuln ... oval:org.secpod.oval:def:39322 The host is missing an important security update according to Microsoft security bulletin, MS17-021. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to discl ... oval:org.secpod.oval:def:39321 An information disclosure vulnerability exists in the way Windows DirectShow handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a target system.In a web-based attack scenario, an attacker could host a website used to att ... oval:org.secpod.oval:def:39312 Remote code execution vulnerabilities exist in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited the vulnerabilities could gain the ability to execute code on the target server.To exploit the vulnerability, in most sit ... oval:org.secpod.oval:def:39313 Remote code execution vulnerabilities exist in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited the vulnerabilities could gain the ability to execute code on the target server.To exploit the vulnerability, in most sit ... oval:org.secpod.oval:def:39314 Remote code execution vulnerabilities exist in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited the vulnerabilities could gain the ability to execute code on the target server.To exploit the vulnerability, in most sit ... oval:org.secpod.oval:def:39315 Remote code execution vulnerabilities exist in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited the vulnerabilities could gain the ability to execute code on the target server.To exploit the vulnerability, in most sit ... oval:org.secpod.oval:def:39316 An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server. To exploi ... oval:org.secpod.oval:def:39317 Remote code execution vulnerabilities exist in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited the vulnerabilities could gain the ability to execute code on the target server.To exploit the vulnerability, in most sit ... oval:org.secpod.oval:def:39318 The host is missing a critical security update according to Microsoft security bulletin, MS17-010. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fails to handle crafted data. Successful exploitation could allow attackers to gain the ability ... oval:org.secpod.oval:def:39306 An elevation of privilege vulnerability exists when Microsoft IIS Server fails to properly sanitize a specially crafted request. An attacker who successfully exploited this vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the ... oval:org.secpod.oval:def:39307 The host is missing an important security update according to Microsoft security bulletin, MS17-016. The update is required to fix an XSS elevation of privilege vulnerability. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:39421 The host is missing a critical security update according to Microsoft security bulletin, MS17-012. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute a ... oval:org.secpod.oval:def:39780 A remote code execution vulnerability exists in the way that the VBScript engine, when rendered in Internet Explorer, handles objects in memory. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer ... oval:org.secpod.oval:def:39781 A Win32k information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log ... oval:org.secpod.oval:def:39841 An information disclosure vulnerability exists in Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacke ... oval:org.secpod.oval:def:39838 An elevation of privilege vulnerability exists when LDAP request buffer lengths are improperly calculated; In a remote attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to send malicious traffic to a Domain Controller. An attacker who successful ... oval:org.secpod.oval:def:16177 WinVerifyTrust Signature Validation Vulnerability. A flaw is present in the WinVerifyTrust function in the operating system, which fails to handle the Windows Authenticode signature verification for portable executable (PE) files. Successful exploitation could allow remote attackers to execute arbit ... oval:org.mitre.oval:def:7315 The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple C ... oval:org.secpod.oval:def:5624 The host is missing an important security update according to Microsoft security bulletin, MS12-034. The update is required to fix multiple vulnerabilities. The flaws are present in the Microsoft Office, Windows, .NET Framework, and Silverlight, which fail to handle a specially crafted document or a ... oval:org.secpod.oval:def:14317 The host is installed with Microsoft Office 2003 SP3 /2007 SP3 /2010 SP1, Windows, Visual Studio .NET 2003 SP1, Lync 2010, Lync Basic 2013 or Lync 2010 Attendee, and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to properly process crafted TrueTyp ... oval:org.secpod.oval:def:14328 The host is installed with Microsoft .NET Framework 2.0 SP2, 3.5.1, 4 or 4.5 or Silverlight 5 before 5.1.20513.0 and is prone to array access violation vulnerability. A flaw is present in the applications, which fail to properly prevent changes to data in multidimensional arrays of structures. Succe ... oval:org.secpod.oval:def:24338 The host is installed with Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, Silverlight 5 or Silverlight 5 Developer Runtime and is prone to a truetype f ... oval:org.secpod.oval:def:25846 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2, WIndows 10, Microsoft Office 2007 SP3 or 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 ... oval:org.secpod.oval:def:25849 The host is installed with Microsoft Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2, Windows 10, .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, Office 2007 SP3 or 2010 SP2, Live Meeting 2007 Console ... oval:org.secpod.oval:def:25850 The host is installed with Microsoft Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2, Windows 10, .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, Office 2007 SP3 or 2010 SP2, Live Meeting 2007 Console ... oval:org.secpod.oval:def:25856 The host is installed with Microsoft Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2, .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, Office 2007 SP3 or 2010 SP2, Live Meeting 2007 Console, Lync 2010, ... oval:org.secpod.oval:def:25857 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2, .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, Office 2007 SP3 or 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 ... oval:org.secpod.oval:def:5627 The host is installed with Microsoft Office, Windows, .NET Framework, and Silverlight and is prone TrueType Font parsing vulnerability. A flaw is present in the applications, which fail to handle a specially crafted TrueType font file. Successful exploitation could allow remote attackers to install ... oval:org.secpod.oval:def:5628 The host is installed with Microsoft Office, Windows, and Silverlight and is prone TrueType Font parsing vulnerability. A flaw is present in the applications, which fails to handle a specially crafted TrueType font file. Successful exploitation could allow remote attackers to install programs, view, ... oval:org.secpod.oval:def:1171 The host is installed with Microsoft .Net framework 2.0 SP1 or 2.0 SP2 or 3.5 or 3.5 SP1 or 4.0 or Microsoft Silverlight 4 and is prone to remote code execution vulnerability. A flaw is present in the applications which is caused when the .NET Framework or Microsoft Silverlight improperly validate a ... oval:org.secpod.oval:def:1172 The host is missing an critical security update according to Microsoft security bulletin, MS11-039. The update is required to fix remote code execution vulnerability in Microsoft .Net framework and Microsoft Silverlight. A flaw is present in the applications which is caused when the .NET Framework a ... oval:org.secpod.oval:def:25859 The host is missing a critical security update according to Microsoft security bulletin, MS15-080. The update is required fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle a crafted TrueType fonts or OneType fonts. Successful exploitation could allow attac ... oval:org.secpod.oval:def:2548 The host is installed with Microsoft .NET Framework or Microsoft Silverlight and is prone to a remote code execution vulnerability. Flaws are present in the Microsoft ASP.NET and Microsoft Silverlight, which fails to handle specially crafted web pages. Successful exploitation could allow attackers t ... oval:org.secpod.oval:def:2547 The host is missing a critical security update according to Microsoft security bulletin, MS11-078. The update is required to fix a remote code execution vulnerability. Flaws are present in the Microsoft .NET Framework and Microsoft Silverlight, which fails to handle specially crafted web pages by a ... oval:org.secpod.oval:def:14322 The host is missing a critical security update according to Microsoft bulletin, ms13-052. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle certain vectors and improper validations. Successful exploitation allows attacker ... oval:org.secpod.oval:def:24340 The host is missing a critical security update according to Microsoft security bulletin, MS15-044. The update is required fix multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to handle a crafted TrueType or OpenType font. Successful exploitation c ... oval:org.secpod.oval:def:3718 The host is installed with Microsoft Windows and is prone to information disclosure vulnerability. A flaw is present in the application, which is caused by a design flaw in the SSL and TLS protocols when Cipher-block chaining (CBC) mode of operation is used. Successful exploitation allows attackers ... oval:org.secpod.oval:def:3719 The host is missing an important security update according to Microsoft bulletin MS12-006. The update is required to fix information disclosure vulnerability. A flaw is present in the application, which is caused by a design flaw in the SSL and TLS protocols when Cipher-block chaining (CBC) mode of ... oval:org.secpod.oval:def:32861 The host is missing a critical security update according to Microsoft security bulletin, MS16-013. The update is required to fix a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted journal file. Successful exploitation allows attackers to ... oval:org.secpod.oval:def:32867 The host is missing a important security update according to Microsoft security bulletin, MS16-018. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the Windows kernel, which fails to handle specific kernel objects in memory. Successful exploitation could a ... oval:org.secpod.oval:def:32868 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel, which fails to properly handle objects in memory. An atta ... oval:org.secpod.oval:def:32863 The host is installed with Microsoft Windows Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8.1 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the WebDAV, which fails to properly validate input. An attacker who ... oval:org.secpod.oval:def:32862 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to ... oval:org.secpod.oval:def:32864 The host is missing an important security update according to Microsoft security bulletin, MS16-016. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the WebDAV, which fails to properly validate input. An attacker who successfully exploited this vulnerabili ... oval:org.secpod.oval:def:26559 The host is installed with Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to font driver elevation of privilege vulnerability. A flaw is present in the application, which fail to han ... oval:org.secpod.oval:def:26562 The host is installed with Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to a Win32k memory corruption vulnerability. A flaw is present in the application, which fails to properly h ... oval:org.secpod.oval:def:26561 The host is installed with Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to a Win32k memory corruption vulnerability. A flaw is present in the application, which fails to properly h ... oval:org.secpod.oval:def:26560 The host is installed with Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to a Win32k memory corruption vulnerability. A flaw is present in the application, which fails to properly h ... oval:org.secpod.oval:def:26556 The host is installed with Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to an opentype font parsing vulnerability. A flaw is present in the application, which fail to handle specia ... oval:org.secpod.oval:def:26558 The host is installed with Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to a Win32k memory corruption vulnerability. A flaw is present in the application, which fails to properly h ... oval:org.secpod.oval:def:26557 The host is installed with Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to a font driver elevation of privilege vulnerability. A flaw is present in the application, which fail to h ... oval:org.secpod.oval:def:25342 The host is installed with Microsoft Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which improperly handles custom action scripts ... oval:org.secpod.oval:def:25343 The host is missing an important security update according to Microsoft security bulletin, MS15-074. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which improperly handles custom action scripts. Successful exploitation could allow attack ... oval:org.secpod.oval:def:32913 The host is missing a critical security update according to Microsoft security bulletin, MS16-014. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the Microsoft Windows, which fails to properly handle crafted file. Successful exploitation could ... oval:org.secpod.oval:def:32918 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to a security bypass vulnerability. A flaw is present in the Windows, when Kerberos fails to check the password change of a user signing into ... oval:org.secpod.oval:def:32916 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to remote code execution vulnerability. A flaw is present in the Windows, which fails validates input before loading dynamic link library (DLL ... oval:org.secpod.oval:def:25858 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Windows 10 or Server 2012 R2 and is prone to a security feature bypass vulnerability. A flaw is present in the application, which fails to properly validat ... oval:org.secpod.oval:def:25415 The host is installed with Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8 or 8.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which improperly handles specially crafted OpenType fonts. An attacker who successfully exploited ... oval:org.secpod.oval:def:25416 The host is missing a critical security update according to Microsoft security bulletin, MS15-078. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which improperly handles specially crafted OpenType fonts. An attacker who successfully exploi ... oval:org.secpod.oval:def:32586 The host is missing an critical security update according to Microsoft security bulletin, MS16-005. The update is required to fix a remote code execution vulnerability. A flaw is present in the Windows Kernel-Mode drivers, which fails to handle objects in memory. Successful exploitation could allow ... oval:org.secpod.oval:def:32585 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1 or Windows 10 and is prone to a remote code execution vulnerability. A flaw is present in the Windows kernel-mode driver, which fails to properly handle objects in memory. An attacker who succe ... oval:org.secpod.oval:def:25804 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, 10, Server 2012 or Server 2012 R2 and is prone to a mount manager elevation of privilege vulnerability. The flaw is present in the application, which fails to properly process ... oval:org.secpod.oval:def:25805 The host is missing an important security update according to Microsoft security bulletin, MS15-085. The update is required to fix a mount manager elevation of privilege vulnerability. The flaw is present in the application, which fails to properly process symbolic links. Successful exploitation cou ... oval:org.secpod.oval:def:31698 The host is installed with Microsoft Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Pragmatic General Multicast (PGM) protocol, ... oval:org.secpod.oval:def:31699 The host is missing an important security update according to Microsoft security bulletin, MS15-133. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the Windows Pragmatic General Multicast (PGM) protocol, which fails to properly handle freed memory content ... oval:org.secpod.oval:def:25845 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Windows 10 or Server 2012 R2 and is prone to an ASLR security feature bypass vulnerability. A flaw is present in the application, which fails to properly i ... oval:org.secpod.oval:def:25851 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Windows 10 or Server 2012 R2 and is prone to an Onetype font parsing vulnerability. A flaw is present in the application, which fails to handle a crafted O ... oval:org.secpod.oval:def:25852 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Windows 10 or Server 2012 R2 and is prone to an Onetype font parsing vulnerability. A flaw is present in the application, which fails to handle a crafted O ... oval:org.secpod.oval:def:25854 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Windows 10 or Server 2012 R2 and is prone to an Onetype font parsing vulnerability. A flaw is present in the applications, which fail to handle a crafted O ... oval:org.secpod.oval:def:32588 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel, which fails to properly handle objects in memo ... oval:org.secpod.oval:def:32587 The host is missing an important security update according to Microsoft bulletin, MS16-008. The update is required to fix multiple vulnerabilities. The flaws are present in windows kernel, which fails to properly handle objects in memory, certain scenarios involving junction and mount-point creation ... oval:org.secpod.oval:def:32589 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel, which fails to properly handle objects in memo ... oval:org.secpod.oval:def:32610 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows Server 2012 R2 or Windows 10 and is prone to remote code execution vulnerability via a crafted file. A flaw is present in t ... oval:org.secpod.oval:def:32611 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows Server 2012 R2 or Windows 10 and is prone to remote code execution vulnerability. A flaw is present in the system, which fa ... oval:org.secpod.oval:def:32609 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 R2 or Windows 10 and is prone to privilege escalation vulnerability. A flaw is present in the system, which fails to load DLL file p ... oval:org.secpod.oval:def:32608 The host is missing an important security update according to Microsoft security bulletin, MS16-007. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the operation system, which fail to load DLL files while processing. An attacker who successfull ... oval:org.secpod.oval:def:30000 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which improperly validates junctions in certain s ... oval:org.secpod.oval:def:31701 The host is installed with Microsoft Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Microsoft Windows 8, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to ... oval:org.secpod.oval:def:31703 The host is missing an important security update according to Microsoft security bulletin, MS15-132. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the application, which fails to properly validate input before loading libraries. Successful exp ... oval:org.secpod.oval:def:31708 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012, Server 2012 R2 or Windows 10 and is prone to an elevation of kernel memory privilege vulnerability in Microsoft Windows. The flaw is present in the windows, which ... oval:org.secpod.oval:def:31705 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012, Server 2012 R2 or Windows 10 and is prone to an elevation of kernel memory privilege vulnerability in Microsoft Windows. The flaw is present in the windows, which ... oval:org.secpod.oval:def:31706 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012, Server 2012 R2 or Windows 10 and is prone to an elevation of kernel memory privilege vulnerability in Microsoft Windows. The flaw is present in the windows, which ... oval:org.secpod.oval:def:31707 The host is missing a important security update according to Microsoft security bulletin, MS15-135. The update is required to fix multiple vulnerabilities. The flaws are present in the windows, which fails to handle kernel memory objects. Successful exploitation could allow attackers to run arbitrar ... oval:org.secpod.oval:def:30003 The host is missing a critical security update according to Microsoft security bulletin, MS15-109. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted toolbar object. Successful exploitation cou ... oval:org.secpod.oval:def:30004 The host is installed with Microsoft Windows Vista, Server 2008, Windows 7, Server 2008 R2, Windows 8, 8.1, 10, Server 2012 or Server 2012 R2 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitati ... oval:org.secpod.oval:def:30981 The host is missing a critical security update according to Microsoft security bulletin, MS15-115. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute a ... oval:org.secpod.oval:def:30974 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, Server 2012, Server 2012 R2 or Windows 10 and is prone to a security feature bypass vulnerability. The flaw is present in the application, which fails to properly validate perm ... oval:org.secpod.oval:def:29997 The host is missing an important security update according to Microsoft bulletin, MS15-111. The update is required to fix multiple vulnerabilities. The flaws are present in windows kernel, which fails to properly handle objects in memory, certain scenarios involving junction and mount-point creation ... oval:org.secpod.oval:def:30975 The host is installed with Microsoft Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel-mode driver, which fails to properly ... oval:org.secpod.oval:def:30976 The host is installed with Microsoft Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel-mode driver, which fails to properly ... oval:org.secpod.oval:def:30977 The host is installed with Microsoft Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an information disclosure vulnerability. A flaw is present in the Windows kernel-mode driver, which fails to properly ... oval:org.secpod.oval:def:29998 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to a kernel memory corruption vulnerability. A flaw is present in the Windows kernel, which fails to properly handle objects in mem ... oval:org.secpod.oval:def:30972 The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which makes a ca ... oval:org.secpod.oval:def:29999 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel, which fails to properly handle objects in memo ... oval:org.secpod.oval:def:30973 The host is missing an important security update according to Microsoft security bulletin, MS15-119. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which makes a call to a memory address without verifying that the address is valid. Succes ... oval:org.secpod.oval:def:30978 The host is installed with Microsoft Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to a remote code execution vulnerability. A flaw is present in the Windows graphics memory, which fails to properly handl ... oval:org.secpod.oval:def:30979 The host is installed with Microsoft Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to a remote code execution vulnerability. A flaw is present in the Windows graphics memory, which fails to properly handl ... oval:org.secpod.oval:def:30966 The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, 8.1, 10, Server 2012 or Server 2012 R2 and is prone to a security feature bypass vulnerability. A flaw is present in the Windows Kerberos, which fails to check the password change o ... oval:org.secpod.oval:def:30967 The host is missing an important security update according to Microsoft security bulletin, MS15-122. The update is required to fix a security feature bypass vulnerability. A flaw is present in the Windows Kerberos, which fails to check the password change of a user signing into a workstation. An att ... oval:org.secpod.oval:def:26538 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, ... oval:org.secpod.oval:def:26537 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1 or Windows 10 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the applicatio ... oval:org.secpod.oval:def:26539 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to an integer overflow remote code execution vulnerability. A flaw is present i ... oval:org.secpod.oval:def:26541 The host is missing a critical security update according to Microsoft security bulletin, MS15-098. The updated is required to fix multiple remote code execution vulnerabilities. The flaws are present in the application, which fails to properly handle a crafted journal file. Successful exploitation a ... oval:org.secpod.oval:def:26540 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to a denial of service vulnerability. A flaw is present in the application, whi ... oval:org.secpod.oval:def:26542 The host is missing an important security update according to Microsoft security bulletin, MS15-102. The update is required to fix multiple elevation of privilege vulnerability. The flaws are present in the application, which fails to properly handle a crafted application. Successful exploitation co ... oval:org.secpod.oval:def:26536 The host is installed with Windows journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, Windows 8.1, Windows 10 or Windows Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the application, ... oval:org.secpod.oval:def:33233 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:33232 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:33234 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:33231 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Windows Kernel, which fails to properly handle objects in memory. ... oval:org.secpod.oval:def:33230 The host is missing a important security update according to Microsoft security bulletin, MS16-034. The update is required to fix multiple elevation of privilege vulnerabilities. The flaws are present in the Windows Kernel, which fails to handle specific Kernel objects in memory. Successful exploita ... oval:org.secpod.oval:def:33229 The host is installed with Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8.1 or 10 and is prone to a denial of service vulnerability. A flaw is present in the application, which improperly handles specially crafted document and specially crafted embedded OpenType fonts. An ... oval:org.secpod.oval:def:33226 The host is missing a important security update according to Microsoft security bulletin, MS16-032. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the Secondary Logon Service in Microsoft Windows, which fails to properly manage request handles in memory. ... oval:org.secpod.oval:def:33225 The host is installed with Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in the Secondary Logon Service in Microsoft Windows, which fails to properly man ... oval:org.secpod.oval:def:33228 The host is installed with Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8.1 or 10 and is prone to a remote code execution vulnerability. A flaw is present in the application, which improperly handles specially crafted fonts. An attacker who successfully exploited this vul ... oval:org.secpod.oval:def:33227 The host is missing a important security update according to Microsoft security bulletin, MS16-026. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which improperly handles specially crafted fonts. An attacker who successfully exploited this vulnerab ... oval:org.secpod.oval:def:33222 The host is missing an important security update according to Microsoft security bulletin, MS16-030. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Windows OLE, which fails to properly validate user input. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:33221 The host is installed with Microsoft Windows Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8.1 or Windows 10 and is prone to a remote code execution vulnerability. A flaw is present in the Windows OLE, which fails to properly validate user input. Success ... oval:org.secpod.oval:def:33224 The host is missing an important security update according to Microsoft security bulletin, MS16-033. The update is required to fix an elevation of privilege vulnerability. A flaw is present in USB Mass Storage, which fails to properly validate objects in memory. Successful exploitation could allow a ... oval:org.secpod.oval:def:33223 The host is installed with Microsoft Windows Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8.1 or Windows 10 and is prone to an elevation of privilege vulnerability. A flaw is present in USB Mass Storage, which fails to properly validate objects in memor ... oval:org.secpod.oval:def:33220 The host is installed with Microsoft Windows Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8.1 or Windows 10 and is prone to a remote code execution vulnerability. A flaw is present in the Windows OLE, which fails to properly validate user input. Success ... oval:org.secpod.oval:def:26555 The host is missing a critical security update according to Microsoft security bulletin, MS15-097. The update is required to multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to handle a specially crafted document. Successful exploitation could all ... oval:org.secpod.oval:def:26564 The host is installed with Windows Vista SP2, Windows Server 2008 SP2, Microsoft Lync 2010, Microsoft Lync Basic 2013, Skype For Business 2016, Microsoft Lync 2010 Attendee, Microsoft live meeting 2007, Microsoft Office 2007, Microsoft Office 2010 and is prone to a graphics component buffer overflow ... oval:org.secpod.oval:def:31753 The host is installed with Microsoft Lync 2010, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft Lync Basic 2013, Microsoft Lync 2010 Attendee, Microsoft live meeting 2007, Microsoft Live Meeting 2007 Add-In, Microsoft Office 2007, Microsoft Office 2010, .NET Fra ... oval:org.secpod.oval:def:31755 The host is installed with Microsoft Lync 2010, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft Lync Basic 2013, Microsoft Lync 2010 Attendee, Microsoft live meeting 2007, Microsoft Live Meeting 2007 Add-In, Microsoft Office 2007, Microsoft Office 2010 or Word V ... oval:org.secpod.oval:def:31756 The host is installed with Microsoft Lync 2010, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft Lync Basic 2013, Microsoft Lync 2010 Attendee, Microsoft live meeting 2007, Microsoft Live Meeting 2007 Add-In, Microsoft Office 2007, Microsoft Office 2010 or Word V ... oval:org.secpod.oval:def:31757 The host is missing a critical security update according to Microsoft security bulletin, MS15-128. The update is required to fix graphics memory corruption vulnerabilities. The flaws are present in the Windows font library, which improperly handles specially crafted embedded fonts. An attacker who s ... oval:org.secpod.oval:def:33963 The host is missing a critical security update according to Microsoft security bulletin, MS16-039. The update is required to fix multiple vulnerabilities. The flaws are present in the Windows font library, which improperly handles specially crafted embedded fonts. An attacker who successfully exploi ... oval:org.secpod.oval:def:33964 The host is installed with Microsoft Lync 2010, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft Lync Basic 2013, Microsoft Lync 2010 Attendee, .NET Framework 3.0 SP2, 3.5, 3.5.1, Microsoft live meeting 2007, Microsoft Live Meeting 2007 Add-In, Microsoft Office 2 ... oval:org.secpod.oval:def:36736 The host is installed with Microsoft Windows Vista, 7, 8.1, 10, Server 2008, Server 2008 R2, Server 2012 or Server 2012 R2 Microsoft Lync 2010, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft Lync Basic 2013, Microsoft Lync 2010 Attendee, Microsoft live meeting ... oval:org.secpod.oval:def:36737 The host is installed with Microsoft Windows Vista, 7, Server 2008, Server 2008 R2, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft Lync 2010, Microsoft Lync Basic 2013, Microsoft Lync 2010 Attendee, Microsoft live meeting 2007, Microsoft Live Meeting 2007 Add-I ... oval:org.secpod.oval:def:36738 The host is installed with Microsoft Windows Vista, 7, Server 2008, Server 2008 R2, Microsoft Lync 2010, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft Lync Basic 2013, Microsoft Lync 2010 Attendee, Microsoft live meeting 2007, Microsoft Live Meeting 2007 Add-I ... oval:org.secpod.oval:def:36739 The host is missing a critical security update according to Microsoft security bulletin, MS16-097. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the Windows font library, which improperly handles specially crafted embedded fonts. Successful ex ... oval:org.secpod.oval:def:37489 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2, Windows 10, .net framework 3.0, 4.6, 4.5 SP2, 3.5.1, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft lync 2013, lync 2010, ... oval:org.secpod.oval:def:37490 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2, Windows 10, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft lync 2013, lync 2010, live meeting console 2007, Microsoft Off ... oval:org.secpod.oval:def:37491 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2, Windows 10, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft lync 2013, lync 2010, live meeting console 2007, Microsoft Off ... oval:org.secpod.oval:def:37494 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2, Windows 10, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft lync 2013, lync 2010, live meeting console 2007, Microsoft Off ... oval:org.secpod.oval:def:37495 The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2, Windows 10, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft lync 2013, lync 2010, live meeting console 2007, Microsoft Off ... oval:org.secpod.oval:def:37496 The host is missing an critical security update according to Microsoft bulletin, MS16-120. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which improperly handles GDI components. An attacker who successfully exploited these vulnerabilities could ob ... oval:org.secpod.oval:def:39404 An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could ... oval:org.secpod.oval:def:39406 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain informationto further compromise the user's system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:39407 A remote code execution vulnerability exists due to the way the Windows Graphics Component handles objects in memory. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create n ... oval:org.secpod.oval:def:39411 The host is missing an critical security update according to Microsoft bulletin, MS17-013. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which improperly handles GDI components. An attacker who successfully exploited these vulnerabilities could ex ... |
