http://www.dragonsoft.com.tw/epaper/
DragonSoft (Chinese/English) Vulnerability and Threat Knowledge Base:
http://vdb.dragonsoft.com/
Contents:
* 69 Reported Vulnerabilities
* Sort by Risk
-------------------------------------------------
Date Reported: 2008/10/15
Name: MS08-063:Windows SMB Buffer Underflow Code Execution Vulnerability-2003
Risk: High
CVSS Base Score: 7.2
Category: MS HotFix
Affect OS: Windows 2003
Description (English): http://vdb.dragonsoft.com/detail.php?id=3381
Date Reported: 2008/10/15
Name: MS08-063:Windows SMB Buffer Underflow Code Execution Vulnerability-XP
Risk: High
CVSS Base Score: 7.2
Category: MS HotFix
Affect OS: Windows XP
Description (English): http://vdb.dragonsoft.com/detail.php?id=3380
Date Reported: 2008/10/15
Name: MS08-063:Windows SMB Buffer Underflow Code Execution Vulnerability-2000
Risk: High
CVSS Base Score: 7.2
Category: MS HotFix
Affect OS: Windows 2000
Description (English): http://vdb.dragonsoft.com/detail.php?id=3379
Date Reported: 2008/10/15
Name: MS08-061:Windows Kernel Memory Corruption Local Privilege Escalation Vulnerability-2003
Risk: High
CVSS Base Score: 5.6
Category: MS HotFix
Affect OS: Windows 2003
Description (English): http://vdb.dragonsoft.com/detail.php?id=3375
Date Reported: 2008/10/15
Name: MS08-061:Windows Kernel Memory Corruption Local Privilege Escalation Vulnerability-XP
Risk: High
CVSS Base Score: 5.6
Category: MS HotFix
Affect OS: Windows XP
Description (English): http://vdb.dragonsoft.com/detail.php?id=3374
Date Reported: 2008/10/15
Name: MS08-061:Windows Kernel Memory Corruption Local Privilege Escalation Vulnerability-2000
Risk: High
CVSS Base Score: 5.6
Category: MS HotFix
Affect OS: Windows 2000
Description (English): http://vdb.dragonsoft.com/detail.php?id=3373
Date Reported: 2008/10/15
Name: MS08-061:Windows Kernel Unhandled Exception Local Privilege Escalation Vulnerability-2003
Risk: High
CVSS Base Score: 5.6
Category: MS HotFix
Affect OS: Windows 2003
Description (English): http://vdb.dragonsoft.com/detail.php?id=3372
Date Reported: 2008/10/15
Name: MS08-061:Windows Kernel Unhandled Exception Local Privilege Escalation Vulnerability-XP
Risk: High
CVSS Base Score: 5.6
Category: MS HotFix
Affect OS: Windows XP
Description (English): http://vdb.dragonsoft.com/detail.php?id=3371
Date Reported: 2008/10/15
Name: MS08-061:Windows Kernel Unhandled Exception Local Privilege Escalation Vulnerability-2000
Risk: High
CVSS Base Score: 5.6
Category: MS HotFix
Affect OS: Windows 2000
Description (English): http://vdb.dragonsoft.com/detail.php?id=3370
Date Reported: 2008/10/15
Name: MS08-061:Windows Kernel Local Privilege Escalation Vulnerability-2003
Risk: High
CVSS Base Score: 5.6
Category: MS HotFix
Affect OS: Windows 2003
Description (English): http://vdb.dragonsoft.com/detail.php?id=3369
Date Reported: 2008/10/15
Name: MS08-061:Windows Kernel Local Privilege Escalation Vulnerability-XP
Risk: High
CVSS Base Score: 5.6
Category: MS HotFix
Affect OS: Windows XP
Description (English): http://vdb.dragonsoft.com/detail.php?id=3368
Date Reported: 2008/10/15
Name: MS08-061:Windows Kernel Local Privilege Escalation Vulnerability-2000
Risk: High
CVSS Base Score: 5.6
Category: MS HotFix
Affect OS: Windows 2000
Description (English): http://vdb.dragonsoft.com/detail.php?id=3367
Date Reported: 2008/10/15
Name: MS08-058:MS IE HTML Objects Memory Corruption Vulnerability-2003
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2003
Description (English): http://vdb.dragonsoft.com/detail.php?id=3365
Date Reported: 2008/10/15
Name: MS08-058:MS IE HTML Objects Memory Corruption Vulnerability-XP
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows XP
Description (English): http://vdb.dragonsoft.com/detail.php?id=3364
Date Reported: 2008/10/15
Name: MS08-058:MS IE HTML Objects Memory Corruption Vulnerability-2000
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2000
Description (English): http://vdb.dragonsoft.com/detail.php?id=3363
Date Reported: 2008/10/15
Name: MS08-058:MS IE Uninitialized Memory Corruption Vulnerability-2003
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2003
Description (English): http://vdb.dragonsoft.com/detail.php?id=3362
Date Reported: 2008/10/15
Name: MS08-058:MS IE Uninitialized Memory Corruption Vulnerability-XP
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows XP
Description (English): http://vdb.dragonsoft.com/detail.php?id=3361
Date Reported: 2008/10/15
Name: MS08-058:MS IE Uninitialized Memory Corruption Vulnerability-2000
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2000
Description (English): http://vdb.dragonsoft.com/detail.php?id=3360
Date Reported: 2008/10/15
Name: MS08-058:MS IE Event Handling Cross Domain Security Bypass Vulnerability-XP
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows XP
Description (English): http://vdb.dragonsoft.com/detail.php?id=3356
Date Reported: 2008/10/15
Name: MS08-058:MS IE Event Handling Cross Domain Security Bypass Vulnerability-2003
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2003
Description (English): http://vdb.dragonsoft.com/detail.php?id=3355
Date Reported: 2008/10/15
Name: MS08-058:MS IE Event Handling Cross Domain Security Bypass Vulnerability-2000
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2000
Description (English): http://vdb.dragonsoft.com/detail.php?id=3354
Date Reported: 2008/10/15
Name: MS08-058:MS IE HTML Element Cross Domain Security Bypass Vulnerability-2003
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2003
Description (English): http://vdb.dragonsoft.com/detail.php?id=3353
Date Reported: 2008/10/15
Name: MS08-058:MS IE HTML Element Cross Domain Security Bypass Vulnerability-XP
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows XP
Description (English): http://vdb.dragonsoft.com/detail.php?id=3352
Date Reported: 2008/10/15
Name: MS08-058:MS IE HTML Element Cross Domain Security Bypass Vulnerability-2000
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2000
Description (English): http://vdb.dragonsoft.com/detail.php?id=3351
Date Reported: 2008/04/09
Name: MS08-025:Windows Kernel Privilege Escalation Vulnerability-2003
Risk: High
CVSS Base Score: 5.6
Category: MS HotFix
Affect OS: Windows 2003
Description (English): http://vdb.dragonsoft.com/detail.php?id=3234
Date Reported: 2008/04/09
Name: MS08-025:Windows Kernel Privilege Escalation Vulnerability-XP
Risk: High
CVSS Base Score: 5.6
Category: MS HotFix
Affect OS: Windows XP
Description (English): http://vdb.dragonsoft.com/detail.php?id=3233
Date Reported: 2008/04/09
Name: MS08-025:Windows Kernel Privilege Escalation Vulnerability-2000
Risk: High
CVSS Base Score: 5.6
Category: MS HotFix
Affect OS: Windows 2000
Description (English): http://vdb.dragonsoft.com/detail.php?id=3232
Date Reported: 2008/10/15
Name: MS08-066:Windows AFD Driver Local Privilege Escalation Vulnerability-2003
Risk: High
CVSS Base Score: 9
Category: MS HotFix
Affect OS: Windows 2003
Description (English): http://vdb.dragonsoft.com/detail.php?id=3386
Date Reported: 2008/10/15
Name: MS08-066:Windows AFD Driver Local Privilege Escalation Vulnerability-XP
Risk: High
CVSS Base Score: 9
Category: MS HotFix
Affect OS: Windows XP
Description (English): http://vdb.dragonsoft.com/detail.php?id=3385
Date Reported: 2008/10/15
Name: MS08-065:Windows Message Queuing Service RPC Query Heap Corruption Vulnerability-2000
Risk: High
CVSS Base Score: 9
Category: MS HotFix
Affect OS: Windows 2000
Description (English): http://vdb.dragonsoft.com/detail.php?id=3384
Date Reported: 2008/08/12
Name: MS08-045:MS IE HTML Component Handling Memory Corruption Vulnerability-2003
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2003
Description (English): http://vdb.dragonsoft.com/detail.php?id=3318
Date Reported: 2008/08/12
Name: MS08-045:MS IE HTML Component Handling Memory Corruption Vulnerability-XP
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows XP
Description (English): http://vdb.dragonsoft.com/detail.php?id=3317
Date Reported: 2008/08/12
Name: MS08-045:MS IE HTML Component Handling Memory Corruption Vulnerability-2000
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2000
Description (English): http://vdb.dragonsoft.com/detail.php?id=3316
Date Reported: 2008/08/12
Name: MS08-045:MS IE HTML Objects Memory Corruption Vulnerability 3-2003
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2003
Description (English): http://vdb.dragonsoft.com/detail.php?id=3315
Date Reported: 2008/08/12
Name: MS08-045:MS IE HTML Objects Memory Corruption Vulnerability 3-XP
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows XP
Description (English): http://vdb.dragonsoft.com/detail.php?id=3314
Date Reported: 2008/08/12
Name: MS08-045:MS IE HTML Objects Memory Corruption Vulnerability 3-2000
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2000
Description (English): http://vdb.dragonsoft.com/detail.php?id=3313
Date Reported: 2008/08/12
Name: MS08-045:MS IE HTML Objects Memory Corruption Vulnerability 2-2003
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2003
Description (English): http://vdb.dragonsoft.com/detail.php?id=3312
Date Reported: 2008/08/12
Name: MS08-045:MS IE HTML Objects Memory Corruption Vulnerability 2-XP
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows XP
Description (English): http://vdb.dragonsoft.com/detail.php?id=3311
Date Reported: 2008/08/12
Name: MS08-045:MS IE HTML Objects Memory Corruption Vulnerability 2-2000
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2000
Description (English): http://vdb.dragonsoft.com/detail.php?id=3310
Date Reported: 2008/08/12
Name: MS08-045:MS IE Uninitialized Memory Corruption Vulnerability-2003
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2003
Description (English): http://vdb.dragonsoft.com/detail.php?id=3309
Date Reported: 2008/08/12
Name: MS08-045:MS IE Uninitialized Memory Corruption Vulnerability-XP
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows XP
Description (English): http://vdb.dragonsoft.com/detail.php?id=3308
Date Reported: 2008/08/12
Name: MS08-045:MS IE Uninitialized Memory Corruption Vulnerability-2000
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2000
Description (English): http://vdb.dragonsoft.com/detail.php?id=3307
Date Reported: 2008/08/12
Name: MS08-045:MS IE CreateTextRange.text Code Execution Vulnerability-2003
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2003
Description (English): http://vdb.dragonsoft.com/detail.php?id=3306
Date Reported: 2008/08/12
Name: MS08-045:MS IE CreateTextRange.text Code Execution Vulnerability-XP
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows XP
Description (English): http://vdb.dragonsoft.com/detail.php?id=3305
Date Reported: 2008/08/12
Name: MS08-045:MS IE HTML Objects Memory Corruption Vulnerability-2003
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2003
Description (English): http://vdb.dragonsoft.com/detail.php?id=3303
Date Reported: 2008/08/12
Name: MS08-045:MS IE HTML Objects Memory Corruption Vulnerability-XP
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows XP
Description (English): http://vdb.dragonsoft.com/detail.php?id=3302
Date Reported: 2008/08/12
Name: MS08-045:MS IE HTML Objects Memory Corruption Vulnerability-2000
Risk: High
CVSS Base Score: 9.3
Category: MS HotFix
Affect OS: Windows 2000
Description (English): http://vdb.dragonsoft.com/detail.php?id=3301
Date Reported: 2007/12/12
Name: MS07-065:Windows Message Queuing Buffer Overflow Vulnerability-2000
Risk: High
CVSS Base Score: 9
Category: MS HotFix
Affect OS: Windows 2000
Description (English): http://vdb.dragonsoft.com/detail.php?id=3129
Date Reported: 2008/10/15
Name: MS08-062:MS IIS Internet Printing Service Integer Overflow Vulnerability-2003
Risk: High
CVSS Base Score: 6.2
Category: Web Servers
Affect OS: Windows 2003
Description (English): http://vdb.dragonsoft.com/detail.php?id=3378
Date Reported: 2008/10/15
Name: MS08-062:MS IIS Internet Printing Service Integer Overflow Vulnerability-XP
Risk: High
CVSS Base Score: 6.2
Category: Web Servers
Affect OS: Windows XP
Description (English): http://vdb.dragonsoft.com/detail.php?id=3377
Date Reported: 2008/10/15
Name: MS08-062:MS IIS Internet Printing Service Integer Overflow Vulnerability-2000
Risk: High
CVSS Base Score: 6.2
Category: Web Servers
Affect OS: Windows 2000
Description (English): http://vdb.dragonsoft.com/detail.php?id=3376
Date Reported: 2008/10/15
Name: MS08-064:Windows VAD Local Privilege Escalation Vulnerability-2003
Risk: Medium
CVSS Base Score: 5.6
Category: MS HotFix
Affect OS: Windows 2003
Description (English): http://vdb.dragonsoft.com/detail.php?id=3383
Date Reported: 2008/10/15
Name: MS08-064:Windows VAD Local Privilege Escalation Vulnerability-XP
Risk: Medium
CVSS Base Score: 5.6
Category: MS HotFix
Affect OS: Windows XP
Description (English): http://vdb.dragonsoft.com/detail.php?id=3382
Date Reported: 2008/10/15
Name: MS08-035:Windows Active Directory LDAP Request Handling Remote Code Execution Vulnerability-2000
Risk: Medium
CVSS Base Score: 6.8
Category: MS HotFix
Affect OS: Windows 2000
Description (English): http://vdb.dragonsoft.com/detail.php?id=3366
Date Reported: 2008/10/15
Name: MS08-058:MS IE Cross Domain Information Disclosure Vulnerability-2003
Risk: Medium
CVSS Base Score: 7.1
Category: MS HotFix
Affect OS: Windows 2003
Description (English): http://vdb.dragonsoft.com/detail.php?id=3359
Date Reported: 2008/10/15
Name: MS08-058:MS IE Cross Domain Information Disclosure Vulnerability-XP
Risk: Medium
CVSS Base Score: 7.1
Category: MS HotFix
Affect OS: Windows XP
Description (English): http://vdb.dragonsoft.com/detail.php?id=3358
Date Reported: 2008/10/15
Name: MS08-058:MS IE Cross Domain Information Disclosure Vulnerability-2000
Risk: Medium
CVSS Base Score: 7.1
Category: MS HotFix
Affect OS: Windows 2000
Description (English): http://vdb.dragonsoft.com/detail.php?id=3357
Date Reported: 2008/10/15
Name: MS08-058:MS IE Location Cross Domain Security Bypass Vulnerability-2003
Risk: Medium
CVSS Base Score: 6.8
Category: MS HotFix
Affect OS: Windows 2003
Description (English): http://vdb.dragonsoft.com/detail.php?id=3350
Date Reported: 2008/10/15
Name: MS08-058:MS IE Location Cross Domain Security Bypass Vulnerability-XP
Risk: Medium
CVSS Base Score: 6.8
Category: MS HotFix
Affect OS: Windows XP
Description (English): http://vdb.dragonsoft.com/detail.php?id=3349
Date Reported: 2008/10/15
Name: MS08-058:MS IE Location Cross Domain Security Bypass Vulnerability-2000
Risk: Medium
CVSS Base Score: 6.8
Category: MS HotFix
Affect OS: Windows 2000
Description (English): http://vdb.dragonsoft.com/detail.php?id=3348
Date Reported: 2008/09/22
Name: IBM DB2 Multiple Vulnerabilities-Fixpack17
Risk: Medium
CVSS Base Score: 7.5
Category: IBM DB2
Affect OS: Windows, UNIX
Description (English): http://vdb.dragonsoft.com/detail.php?id=3347
Date Reported: 2007/04/27
Name: MS07-022:Windows VDM Privilege Escalation Vulnerability-2003
Risk: Medium
CVSS Base Score: 5.6
Category: MS HotFix
Affect OS: Windows 2003
Description (English): http://vdb.dragonsoft.com/detail.php?id=2991
Date Reported: 2007/04/27
Name: MS07-022:Windows VDM Privilege Escalation Vulnerability-XP
Risk: Medium
CVSS Base Score: 5.6
Category: MS HotFix
Affect OS: Windows XP
Description (English): http://vdb.dragonsoft.com/detail.php?id=2990
Date Reported: 2008/06/11
Name: MS08-035:Windows Active Directory LDAP Request Validation Remote DoS Vulnerability-2000
Risk: Low
CVSS Base Score: 6.8
Category: MS HotFix
Affect OS: Windows 2000
Description (English): http://vdb.dragonsoft.com/detail.php?id=3268
Date Reported: 2006/10/11
Name: MS06-063:Windows SMB Rename Remote DoS Vulnerability-2003
Risk: Low
CVSS Base Score: 4.2
Category: MS HotFix
Affect OS: Windows 2003
Description (English): http://vdb.dragonsoft.com/detail.php?id=2785
Date Reported: 2006/10/11
Name: MS06-063:Windows SMB Rename Remote DoS Vulnerability-XP
Risk: Low
CVSS Base Score: 4.2
Category: MS HotFix
Affect OS: Windows XP
Description (English): http://vdb.dragonsoft.com/detail.php?id=2784
Date Reported: 2006/10/11
Name: MS06-063:Windows SMB Rename Remote DoS Vulnerability-2000
Risk: Low
CVSS Base Score: 4.2
Category: MS HotFix
Affect OS: Windows 2000
Description (English): http://vdb.dragonsoft.com/detail.php?id=2783
Date Reported: 2006/08/16
Name: MS06-063:Windows SMB PIPE Remote DoS Vulnerability-XP
Risk: Low
CVSS Base Score: 2.3
Category: MS HotFix
Affect OS: Windows XP
Description (English): http://vdb.dragonsoft.com/detail.php?id=2723
Date Reported: 2006/08/16
Name: MS06-063:Windows SMB PIPE Remote DoS Vulnerability-2000
Risk: Low
CVSS Base Score: 2.3
Category: MS HotFix
Affect OS: Windows 2000
Description (English): http://vdb.dragonsoft.com/detail.php?id=2722
-------------------------------------------------
Risk:
High: Allow immediate remote, or local access or immediate execution of code or commands,
with unauthorized privileges, and bypassing security on firewalls.
Medium: Potential of granting access or allowing code execution by means of complex or
lengthy exploit procedures. Examples are cross-site scripting, man-in-the-middle
attacks, SQL injection, denial of service, information disclosure.
Low: deny service or provide non-system information that could be used to formulate
structured attacks on a target, but not directly gain unauthorized access.
-------------------------------------------------
Copyright (c) DragonSoft Security Associates, Inc. All rights reserved
Permission is hereby granted for the electronic redistribution of this document.
It is not to be edited or altered in any way without the express written consent
of the DragonSoft Security Associates. If you wish to reprint the whole or any
part of this document in any other medium excluding electronic media, please email
alert@dragonsoft.com for permission.
Disclaimer: The information in the database may change without notice.
Use of this information constitutes acceptance for use in an AS IS condition.
There are NO warranties with regard to this information, implied or otherwise,
with regard to this information or its use. Any use of this information is at
the user's risk. In no event shall the author/distributor be held liable for any
damages whatsoever arising out of or in connection with the use or spread of this information.
Please send suggestions, updates, and comments to: DragonSoft
vdb_adm@dragonsoft.com of DragonSoft Security Associates, Inc.
About DragonSoft Security Associates:
DragonSoft Security Associates is a leading developer in Taiwan for network security software
and an active contributor to network security education.
Founded in 2002, DragonSoft offers vulnerability management solutions, including
vulnerability assessment, System Security Management and intrusion prevention.
DragonSoft Security Associates, Inc. http://www.dragonsoft.com/
Taipei: 9F, No 351, Sec.2, Chun-Sun Road, Chun-Ho City, Taiwan 235
Tel. +886-2-8221-5408 Fax. +886-2-8221-5476
Hsinchu: 5F, No. 30, Lane 607, Sec. 1, Guangfu Rd., Hsinchu, Taiwan 300
Tel. +886-3-5630989 Fax. +886-3-5797758
