TO SUBSCRIBE, UNSUBSCRIBE, OR CHANGE YOUR SUBSCRIPTION, go to:
http://www.dragonsoft.com/english/epaper/
DragonSoft Vulnerability and Threat Knowledge Base:
http://vdb.dragonsoft.com/
Contents:
* 34 Reported Vulnerabilities
* Sort by Risk
-------------------------------------------------
Date Reported: 2008/04/09
Name: MS08-025:Windows Kernel Privilege Escalation Vulnerability-2003
Risk: High
CVSS Base Score: 5.6
Category: MS HotFix
Affect OS: Windows 2003
Description: http://vdb.dragonsoft.com/detail.php?id=3234
Date Reported: 2008/04/09
Name: MS08-025:Windows Kernel Privilege Escalation Vulnerability-XP
Risk: High
CVSS Base Score: 5.6
Category: MS HotFix
Affect OS: Windows XP
Description: http://vdb.dragonsoft.com/detail.php?id=3233
Date Reported: 2008/04/09
Name: MS08-025:Windows Kernel Privilege Escalation Vulnerability-2000
Risk: High
CVSS Base Score: 5.6
Category: MS HotFix
Affect OS: Windows 2000
Description: http://vdb.dragonsoft.com/detail.php?id=3232
Date Reported: 2008/04/09
Name: MS08-023:MS IE ActiveX Control Remote Code Execution Vulnerability-2003
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2003
Description: http://vdb.dragonsoft.com/detail.php?id=3228
Date Reported: 2008/04/09
Name: MS08-023:MS IE ActiveX Control Remote Code Execution Vulnerability-XP
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows XP
Description: http://vdb.dragonsoft.com/detail.php?id=3227
Date Reported: 2008/04/09
Name: MS08-023:MS IE ActiveX Control Remote Code Execution Vulnerability-2000
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2000
Description: http://vdb.dragonsoft.com/detail.php?id=3226
Date Reported: 2008/04/09
Name: MS08-022:Microsoft VBScript and JScript Scripting Engines Remote Code Execution Vulnerability-2003
Risk: High
CVSS Base Score: 7
Category: MS HotFix
Affect OS: Windows 2003
Description: http://vdb.dragonsoft.com/detail.php?id=3225
Date Reported: 2008/04/09
Name: MS08-022:Microsoft VBScript and JScript Scripting Engines Remote Code Execution Vulnerability-XP
Risk: High
CVSS Base Score: 7
Category: MS HotFix
Affect OS: Windows XP
Description: http://vdb.dragonsoft.com/detail.php?id=3224
Date Reported: 2008/04/09
Name: MS08-022:Microsoft VBScript and JScript Scripting Engines Remote Code Execution Vulnerability-2000
Risk: High
CVSS Base Score: 7
Category: MS HotFix
Affect OS: Windows 2000
Description: http://vdb.dragonsoft.com/detail.php?id=3223
Date Reported: 2006/06/14
Name: MS06-023:Microsoft JScript Memory Corruption Vulnerability-2003
Risk: High
CVSS Base Score: 7
Category: MS HotFix
Affect OS: Windows 2003
Description: http://vdb.dragonsoft.com/detail.php?id=2582
Date Reported: 2006/06/14
Name: MS06-023:Microsoft JScript Memory Corruption Vulnerability-XP
Risk: High
CVSS Base Score: 7
Category: MS HotFix
Affect OS: Windows XP
Description: http://vdb.dragonsoft.com/detail.php?id=2581
Date Reported: 2006/06/14
Name: MS06-023:Microsoft JScript Memory Corruption Vulnerability-2000
Risk: High
CVSS Base Score: 7
Category: MS HotFix
Affect OS: Windows 2000
Description: http://vdb.dragonsoft.com/detail.php?id=2580
Date Reported: 2008/04/09
Name: MS08-024:MS IE Data Streams Remote Memory Corruption Vulnerability-2003
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2003
Description: http://vdb.dragonsoft.com/detail.php?id=3231
Date Reported: 2008/04/09
Name: MS08-024:MS IE Data Streams Remote Memory Corruption Vulnerability-XP
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows XP
Description: http://vdb.dragonsoft.com/detail.php?id=3230
Date Reported: 2008/04/09
Name: MS08-024:MS IE Data Streams Remote Memory Corruption Vulnerability-2000
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2000
Description: http://vdb.dragonsoft.com/detail.php?id=3229
Date Reported: 2008/04/09
Name: MS08-021:Windows GDI Metafiles Stack Overflow Vulnerability-2003
Risk: High
CVSS Base Score: 7
Category: MS HotFix
Affect OS: Windows 2003
Description: http://vdb.dragonsoft.com/detail.php?id=3222
Date Reported: 2008/04/09
Name: MS08-021:Windows GDI Metafiles Stack Overflow Vulnerability-XP
Risk: High
CVSS Base Score: 7
Category: MS HotFix
Affect OS: Windows XP
Description: http://vdb.dragonsoft.com/detail.php?id=3221
Date Reported: 2008/04/09
Name: MS08-021:Windows GDI Metafiles Stack Overflow Vulnerability-2000
Risk: High
CVSS Base Score: 7
Category: MS HotFix
Affect OS: Windows 2000
Description: http://vdb.dragonsoft.com/detail.php?id=3220
Date Reported: 2008/04/09
Name: MS08-021:Windows GDI Metafiles Heap Overflow Vulnerability-2003
Risk: High
CVSS Base Score: 7
Category: MS HotFix
Affect OS: Windows 2003
Description: http://vdb.dragonsoft.com/detail.php?id=3219
Date Reported: 2008/04/09
Name: MS08-021:Windows GDI Metafiles Heap Overflow Vulnerability-XP
Risk: High
CVSS Base Score: 7
Category: MS HotFix
Affect OS: Windows XP
Description: http://vdb.dragonsoft.com/detail.php?id=3218
Date Reported: 2008/04/09
Name: MS08-021:Windows GDI Metafiles Heap Overflow Vulnerability-2000
Risk: High
CVSS Base Score: 7
Category: MS HotFix
Affect OS: Windows 2000
Description: http://vdb.dragonsoft.com/detail.php?id=3217
Date Reported: 2008/02/13
Name: MS08-010:MS IE Argument Handling Remote Memory Corruption Vulnerability-2003
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2003
Description: http://vdb.dragonsoft.com/detail.php?id=3197
Date Reported: 2008/02/13
Name: MS08-010:MS IE Argument Handling Remote Memory Corruption Vulnerability-2000
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2000
Description: http://vdb.dragonsoft.com/detail.php?id=3195
Date Reported: 2008/02/13
Name: MS08-010:MS IE Property Method Remote Memory Corruption Vulnerability-2003
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2003
Description: http://vdb.dragonsoft.com/detail.php?id=3194
Date Reported: 2008/02/13
Name: MS08-010:MS IE Property Method Remote Memory Corruption Vulnerability-XP
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows XP
Description: http://vdb.dragonsoft.com/detail.php?id=3193
Date Reported: 2008/02/13
Name: MS08-010:MS IE Property Method Remote Memory Corruption Vulnerability-2000
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2000
Description: http://vdb.dragonsoft.com/detail.php?id=3192
Date Reported: 2008/02/13
Name: MS08-010:MS IE HTML Rendering Remote Memory Corruption Vulnerability-2003
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2003
Description: http://vdb.dragonsoft.com/detail.php?id=3191
Date Reported: 2008/02/13
Name: MS08-010:MS IE HTML Rendering Remote Memory Corruption Vulnerability-XP
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows XP
Description: http://vdb.dragonsoft.com/detail.php?id=3190
Date Reported: 2008/02/13
Name: MS08-010:MS IE HTML Rendering Remote Memory Corruption Vulnerability-2000
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2000
Description: http://vdb.dragonsoft.com/detail.php?id=3189
Date Reported: 2008/04/07
Name: OpenSSH ForceCommand Command Execution Vulnerability
Risk: High
CVSS Base Score: 4.3
Category: SSH Servers
Affect OS: UNIX
Description: http://vdb.dragonsoft.com/detail.php?id=3213
Date Reported: 2008/04/09
Name: MS08-020:Windows DNS Client Spoofing Vulnerability-2003
Risk: Medium
CVSS Base Score: 3.7
Category: MS HotFix
Affect OS: Windows 2003
Description: http://vdb.dragonsoft.com/detail.php?id=3216
Date Reported: 2008/04/09
Name: MS08-020:Windows DNS Client Spoofing Vulnerability-XP
Risk: Medium
CVSS Base Score: 3.7
Category: MS HotFix
Affect OS: Windows XP
Description: http://vdb.dragonsoft.com/detail.php?id=3215
Date Reported: 2008/04/09
Name: MS08-020:Windows DNS Client Spoofing Vulnerability-2000
Risk: Medium
CVSS Base Score: 3.7
Category: MS HotFix
Affect OS: Windows 2000
Description: http://vdb.dragonsoft.com/detail.php?id=3214
Date Reported: 2008/04/07
Name: phpMyAdmin Session Data Information Disclosure Vulnerability
Risk: Low
CVSS Base Score: 2.1
Category: CGI Scripts
Affect OS: Windows, UNIX
Description: http://vdb.dragonsoft.com/detail.php?id=3212
-------------------------------------------------
Risk:
High: Allow immediate remote, or local access or immediate execution of code or commands,
with unauthorized privileges, and bypassing security on firewalls.
Medium: Potential of granting access or allowing code execution by means of complex or
lengthy exploit procedures. Examples are cross-site scripting, man-in-the-middle
attacks, SQL injection, denial of service, information disclosure.
Low: deny service or provide non-system information that could be used to formulate
structured attacks on a target, but not directly gain unauthorized access.
-------------------------------------------------
Copyright (c) DragonSoft Security Associates, Inc. All rights reserved
Permission is hereby granted for the electronic redistribution of this document.
It is not to be edited or altered in any way without the express written consent of the DragonSoft Security Associates. If you wish to reprint the whole or any part of this document in any other medium excluding electronic media, please email alert@dragonsoft.com for permission.
Disclaimer: The information in the database may change without notice.
Use of this information constitutes acceptance for use in an AS IS condition.
There are NO warranties with regard to this information, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Please send suggestions, updates, and comments to: DragonSoft vdb_adm@dragonsoft.com of DragonSoft Security Associates, Inc.
About DragonSoft Security Associates:
DragonSoft Security Associates is a leading developer in Taiwan for network security software and an active contributor to network security education.
Founded in 2002, DragonSoft offers vulnerability management solutions, including vulnerability assessment, System Security Management and intrusion prevention.
DragonSoft Security Associates, Inc. http://www.dragonsoft.com/
Taipei: 4F-8, No 351, Sec.2, Chun-Sun Road, Chun-Ho City, Taiwan 235 R.O.C
Tel. +886-2-8221-5408 Fax. +886-2-8221-5476
Hsinchu: 6F, No. 30, Lane 607, Sec. 1, Guangfu Rd., Hsinchu, Taiwan 300 R.O.C
Tel. +886-3-5630989 Fax. +886-3-5797758
http://www.dragonsoft.com/english/epaper/
DragonSoft Vulnerability and Threat Knowledge Base:
http://vdb.dragonsoft.com/
Contents:
* 34 Reported Vulnerabilities
* Sort by Risk
-------------------------------------------------
Date Reported: 2008/04/09
Name: MS08-025:Windows Kernel Privilege Escalation Vulnerability-2003
Risk: High
CVSS Base Score: 5.6
Category: MS HotFix
Affect OS: Windows 2003
Description: http://vdb.dragonsoft.com/detail.php?id=3234
Date Reported: 2008/04/09
Name: MS08-025:Windows Kernel Privilege Escalation Vulnerability-XP
Risk: High
CVSS Base Score: 5.6
Category: MS HotFix
Affect OS: Windows XP
Description: http://vdb.dragonsoft.com/detail.php?id=3233
Date Reported: 2008/04/09
Name: MS08-025:Windows Kernel Privilege Escalation Vulnerability-2000
Risk: High
CVSS Base Score: 5.6
Category: MS HotFix
Affect OS: Windows 2000
Description: http://vdb.dragonsoft.com/detail.php?id=3232
Date Reported: 2008/04/09
Name: MS08-023:MS IE ActiveX Control Remote Code Execution Vulnerability-2003
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2003
Description: http://vdb.dragonsoft.com/detail.php?id=3228
Date Reported: 2008/04/09
Name: MS08-023:MS IE ActiveX Control Remote Code Execution Vulnerability-XP
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows XP
Description: http://vdb.dragonsoft.com/detail.php?id=3227
Date Reported: 2008/04/09
Name: MS08-023:MS IE ActiveX Control Remote Code Execution Vulnerability-2000
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2000
Description: http://vdb.dragonsoft.com/detail.php?id=3226
Date Reported: 2008/04/09
Name: MS08-022:Microsoft VBScript and JScript Scripting Engines Remote Code Execution Vulnerability-2003
Risk: High
CVSS Base Score: 7
Category: MS HotFix
Affect OS: Windows 2003
Description: http://vdb.dragonsoft.com/detail.php?id=3225
Date Reported: 2008/04/09
Name: MS08-022:Microsoft VBScript and JScript Scripting Engines Remote Code Execution Vulnerability-XP
Risk: High
CVSS Base Score: 7
Category: MS HotFix
Affect OS: Windows XP
Description: http://vdb.dragonsoft.com/detail.php?id=3224
Date Reported: 2008/04/09
Name: MS08-022:Microsoft VBScript and JScript Scripting Engines Remote Code Execution Vulnerability-2000
Risk: High
CVSS Base Score: 7
Category: MS HotFix
Affect OS: Windows 2000
Description: http://vdb.dragonsoft.com/detail.php?id=3223
Date Reported: 2006/06/14
Name: MS06-023:Microsoft JScript Memory Corruption Vulnerability-2003
Risk: High
CVSS Base Score: 7
Category: MS HotFix
Affect OS: Windows 2003
Description: http://vdb.dragonsoft.com/detail.php?id=2582
Date Reported: 2006/06/14
Name: MS06-023:Microsoft JScript Memory Corruption Vulnerability-XP
Risk: High
CVSS Base Score: 7
Category: MS HotFix
Affect OS: Windows XP
Description: http://vdb.dragonsoft.com/detail.php?id=2581
Date Reported: 2006/06/14
Name: MS06-023:Microsoft JScript Memory Corruption Vulnerability-2000
Risk: High
CVSS Base Score: 7
Category: MS HotFix
Affect OS: Windows 2000
Description: http://vdb.dragonsoft.com/detail.php?id=2580
Date Reported: 2008/04/09
Name: MS08-024:MS IE Data Streams Remote Memory Corruption Vulnerability-2003
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2003
Description: http://vdb.dragonsoft.com/detail.php?id=3231
Date Reported: 2008/04/09
Name: MS08-024:MS IE Data Streams Remote Memory Corruption Vulnerability-XP
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows XP
Description: http://vdb.dragonsoft.com/detail.php?id=3230
Date Reported: 2008/04/09
Name: MS08-024:MS IE Data Streams Remote Memory Corruption Vulnerability-2000
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2000
Description: http://vdb.dragonsoft.com/detail.php?id=3229
Date Reported: 2008/04/09
Name: MS08-021:Windows GDI Metafiles Stack Overflow Vulnerability-2003
Risk: High
CVSS Base Score: 7
Category: MS HotFix
Affect OS: Windows 2003
Description: http://vdb.dragonsoft.com/detail.php?id=3222
Date Reported: 2008/04/09
Name: MS08-021:Windows GDI Metafiles Stack Overflow Vulnerability-XP
Risk: High
CVSS Base Score: 7
Category: MS HotFix
Affect OS: Windows XP
Description: http://vdb.dragonsoft.com/detail.php?id=3221
Date Reported: 2008/04/09
Name: MS08-021:Windows GDI Metafiles Stack Overflow Vulnerability-2000
Risk: High
CVSS Base Score: 7
Category: MS HotFix
Affect OS: Windows 2000
Description: http://vdb.dragonsoft.com/detail.php?id=3220
Date Reported: 2008/04/09
Name: MS08-021:Windows GDI Metafiles Heap Overflow Vulnerability-2003
Risk: High
CVSS Base Score: 7
Category: MS HotFix
Affect OS: Windows 2003
Description: http://vdb.dragonsoft.com/detail.php?id=3219
Date Reported: 2008/04/09
Name: MS08-021:Windows GDI Metafiles Heap Overflow Vulnerability-XP
Risk: High
CVSS Base Score: 7
Category: MS HotFix
Affect OS: Windows XP
Description: http://vdb.dragonsoft.com/detail.php?id=3218
Date Reported: 2008/04/09
Name: MS08-021:Windows GDI Metafiles Heap Overflow Vulnerability-2000
Risk: High
CVSS Base Score: 7
Category: MS HotFix
Affect OS: Windows 2000
Description: http://vdb.dragonsoft.com/detail.php?id=3217
Date Reported: 2008/02/13
Name: MS08-010:MS IE Argument Handling Remote Memory Corruption Vulnerability-2003
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2003
Description: http://vdb.dragonsoft.com/detail.php?id=3197
Date Reported: 2008/02/13
Name: MS08-010:MS IE Argument Handling Remote Memory Corruption Vulnerability-2000
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2000
Description: http://vdb.dragonsoft.com/detail.php?id=3195
Date Reported: 2008/02/13
Name: MS08-010:MS IE Property Method Remote Memory Corruption Vulnerability-2003
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2003
Description: http://vdb.dragonsoft.com/detail.php?id=3194
Date Reported: 2008/02/13
Name: MS08-010:MS IE Property Method Remote Memory Corruption Vulnerability-XP
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows XP
Description: http://vdb.dragonsoft.com/detail.php?id=3193
Date Reported: 2008/02/13
Name: MS08-010:MS IE Property Method Remote Memory Corruption Vulnerability-2000
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2000
Description: http://vdb.dragonsoft.com/detail.php?id=3192
Date Reported: 2008/02/13
Name: MS08-010:MS IE HTML Rendering Remote Memory Corruption Vulnerability-2003
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2003
Description: http://vdb.dragonsoft.com/detail.php?id=3191
Date Reported: 2008/02/13
Name: MS08-010:MS IE HTML Rendering Remote Memory Corruption Vulnerability-XP
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows XP
Description: http://vdb.dragonsoft.com/detail.php?id=3190
Date Reported: 2008/02/13
Name: MS08-010:MS IE HTML Rendering Remote Memory Corruption Vulnerability-2000
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2000
Description: http://vdb.dragonsoft.com/detail.php?id=3189
Date Reported: 2008/04/07
Name: OpenSSH ForceCommand Command Execution Vulnerability
Risk: High
CVSS Base Score: 4.3
Category: SSH Servers
Affect OS: UNIX
Description: http://vdb.dragonsoft.com/detail.php?id=3213
Date Reported: 2008/04/09
Name: MS08-020:Windows DNS Client Spoofing Vulnerability-2003
Risk: Medium
CVSS Base Score: 3.7
Category: MS HotFix
Affect OS: Windows 2003
Description: http://vdb.dragonsoft.com/detail.php?id=3216
Date Reported: 2008/04/09
Name: MS08-020:Windows DNS Client Spoofing Vulnerability-XP
Risk: Medium
CVSS Base Score: 3.7
Category: MS HotFix
Affect OS: Windows XP
Description: http://vdb.dragonsoft.com/detail.php?id=3215
Date Reported: 2008/04/09
Name: MS08-020:Windows DNS Client Spoofing Vulnerability-2000
Risk: Medium
CVSS Base Score: 3.7
Category: MS HotFix
Affect OS: Windows 2000
Description: http://vdb.dragonsoft.com/detail.php?id=3214
Date Reported: 2008/04/07
Name: phpMyAdmin Session Data Information Disclosure Vulnerability
Risk: Low
CVSS Base Score: 2.1
Category: CGI Scripts
Affect OS: Windows, UNIX
Description: http://vdb.dragonsoft.com/detail.php?id=3212
-------------------------------------------------
Risk:
High: Allow immediate remote, or local access or immediate execution of code or commands,
with unauthorized privileges, and bypassing security on firewalls.
Medium: Potential of granting access or allowing code execution by means of complex or
lengthy exploit procedures. Examples are cross-site scripting, man-in-the-middle
attacks, SQL injection, denial of service, information disclosure.
Low: deny service or provide non-system information that could be used to formulate
structured attacks on a target, but not directly gain unauthorized access.
-------------------------------------------------
Copyright (c) DragonSoft Security Associates, Inc. All rights reserved
Permission is hereby granted for the electronic redistribution of this document.
It is not to be edited or altered in any way without the express written consent of the DragonSoft Security Associates. If you wish to reprint the whole or any part of this document in any other medium excluding electronic media, please email alert@dragonsoft.com for permission.
Disclaimer: The information in the database may change without notice.
Use of this information constitutes acceptance for use in an AS IS condition.
There are NO warranties with regard to this information, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Please send suggestions, updates, and comments to: DragonSoft vdb_adm@dragonsoft.com of DragonSoft Security Associates, Inc.
About DragonSoft Security Associates:
DragonSoft Security Associates is a leading developer in Taiwan for network security software and an active contributor to network security education.
Founded in 2002, DragonSoft offers vulnerability management solutions, including vulnerability assessment, System Security Management and intrusion prevention.
DragonSoft Security Associates, Inc. http://www.dragonsoft.com/
Taipei: 4F-8, No 351, Sec.2, Chun-Sun Road, Chun-Ho City, Taiwan 235 R.O.C
Tel. +886-2-8221-5408 Fax. +886-2-8221-5476
Hsinchu: 6F, No. 30, Lane 607, Sec. 1, Guangfu Rd., Hsinchu, Taiwan 300 R.O.C
Tel. +886-3-5630989 Fax. +886-3-5797758
全站熱搜
留言列表