The OVAL Repository5.62015-09-03T07:26:13.261-04:00OpenType font driver vulnerability - CVE-2015-2426 (MS15-078)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "OpenType Font Driver Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-2414 (MS15-065)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to obtain sensitive browsing-history information via vectors related to image caching, aka "Internet Explorer Information Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer elevation of privilege vulnerability - CVE-2015-2402 (MS15-065)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWindows installer EoP vulnerability - CVE-2015-2371 (MS15-074)Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaThe Windows Installer service in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a custom action script associated with a .msi package, aka "Windows Installer EoP Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer information disclosure vulnerability - CVE-2015-2413 (MS15-065)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to determine the existence of local files via a crafted module-resource request, aka "Internet Explorer Information Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDHyper-V system data structure vulnerability - CVE-2015-2362 (MS15-068)Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2008Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly initialize guest OS system data structures, which allows guest OS users to execute arbitrary code on the host OS by leveraging guest OS privileges, aka "Hyper-V System Data Structure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-2389 (MS15-065)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1733 and CVE-2015-2411.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDHyper-V buffer overflow vulnerability - CVE-2015-2361 (MS15-068)Microsoft Windows 8.1Microsoft Windows Server 2012 R2Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 does not properly initialize guest OS system data structures, which allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (buffer overflow) by leveraging guest OS privileges, aka "Hyper-V Buffer Overflow Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWin32k information disclosure vulnerability - CVE-2015-2381 (MS15-073)Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from kernel memory via a crafted application, aka "Win32k Information Disclosure Vulnerability," a different vulnerability than CVE-2015-2382.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-2422 (MS15-065)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2385, CVE-2015-2390, CVE-2015-2397, CVE-2015-2404, and CVE-2015-2406.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-2404 (MS15-065)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2385, CVE-2015-2390, CVE-2015-2397, CVE-2015-2406, and CVE-2015-2422.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer ASLR bypass vulnerability - CVE-2015-2421 (MS15-065)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDATMFD.DLL Memory corruption vulnerability - CVE-2015-2387 (MS15-077)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2ATMFD.DLL in the Adobe Type Manager Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "ATMFD.DLL Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWindows RPC elevation of privilege vulnerability - CVE-2015-2370 (MS15-076)Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows VistaThe authentication implementation in the RPC subsystem in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not prevent DCE/RPC connection reflection, which allows local users to gain privileges via a crafted application, aka "Windows RPC Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-2397 (MS15-065)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2385, CVE-2015-2390, CVE-2015-2404, CVE-2015-2406, and CVE-2015-2422.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDJscript9 Memory corruption vulnerability - CVE-2015-2419 (MS15-065)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 10Microsoft Internet Explorer 11JScript 9 in Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "JScript9 Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-2425 (MS15-065)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2383 and CVE-2015-2384.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1729 (MS15-065)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-2408 (MS15-065)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1767 and CVE-2015-2401.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWindows DLL remote code execution vulnerability - CVE-2015-2368 (MS15-069)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8.1Microsoft Windows Server 2012 R2Untrusted search path vulnerability in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Windows DLL Remote Code Execution Vulnerability."SecPod TeamDRAFTMaria MikhnoINTERIMINTERIMInternet Explorer memory corruption vulnerability - CVE-2015-2385 (MS15-065)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2390, CVE-2015-2397, CVE-2015-2404, CVE-2015-2406, and CVE-2015-2422.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-2411 (MS15-065)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1733 and CVE-2015-2389.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDOLE Elevation of privilege vulnerability - CVE-2015-2417 (MS15-075)Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaOLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via crafted input, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "OLE Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-2416.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-2383 (MS15-065)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2384 and CVE-2015-2425.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-2412 (MS15-065)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to read arbitrary local files via a crafted pathname, aka "Internet Explorer Information Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWin32k elevation of privilege vulnerability - CVE-2015-2365 (MS15-073)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer elevation of privilege vulnerability - CVE-2015-1743 (MS15-056)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1748.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWin32k Null pointer dereference vulnerability - CVE-2015-1721 (MS15-061)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1The kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via a crafted application, aka "Win32k Null Pointer Dereference Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer elevation of privilege vulnerability - CVE-2015-1739 (MS15-056)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWin32k information disclosure vulnerability - CVE-2015-2382 (MS15-073)Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from kernel memory via a crafted application, aka "Win32k Information Disclosure Vulnerability," a different vulnerability than CVE-2015-2381.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWin32k elevation of privilege vulnerability - CVE-2015-2366 (MS15-073)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Windows Kernel Object use after free vulnerability - CVE-2015-1724 (MS15-061)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Microsoft Windows Kernel Object Use After Free Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1740 (MS15-056)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1735, CVE-2015-1744, CVE-2015-1745, and CVE-2015-1766.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1742 (MS15-056)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1732, CVE-2015-1747, CVE-2015-1750, and CVE-2015-1753.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Windows Kernel use after free vulnerability – CVE-2015-1720 (MS15-061)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Microsoft Windows Kernel Use After Free Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDExchange Cross-Site Request Forgery vulnerability - CVE-2015-1771 (MS15-064)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Exchange Server 2013Cross-site request forgery (CSRF) vulnerability in the web applications in Microsoft Exchange Server 2013 SP1 and Cumulative Update 8 allows remote attackers to hijack the authentication of arbitrary users, aka "Exchange Cross-Site Request Forgery Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1735 (MS15-056)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1740, CVE-2015-1744, CVE-2015-1745, and CVE-2015-1766.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Windows Kernel information disclosure vulnerability – CVE-2015-1719 (MS15-061)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1The kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to obtain sensitive information from kernel memory via a crafted application, aka "Microsoft Windows Kernel Information Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-2410 (MS15-065)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to determine the existence of local files via a crafted stylesheet, aka "Internet Explorer Information Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1766 (MS15-056)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1735, CVE-2015-1740, CVE-2015-1744, and CVE-2015-1745.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer XSS filter bypass vulnerability - CVE-2015-2398 (MS15-065)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a crafted attribute of an element in an HTML document, aka "Internet Explorer XSS Filter Bypass Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Windows Station use after free vulnerability - CVE-2015-1723 (MS15-061)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Microsoft Windows Station Use After Free Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1753 (MS15-056)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1732, CVE-2015-1742, CVE-2015-1747, and CVE-2015-1750.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1747 (MS15-056)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1732, CVE-2015-1742, CVE-2015-1750, and CVE-2015-1753.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWin32k Pool buffer overflow vulnerability - CVE-2015-1727 (MS15-061)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Buffer overflow in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Win32k Pool Buffer Overflow Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1732 (MS15-056)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1742, CVE-2015-1747, CVE-2015-1750, and CVE-2015-1753.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer ASLR bypass vulnerability - CVE-2015-1685 (MS15-043)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1767 (MS15-065)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2401 and CVE-2015-2408.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer elevation of privilege vulnerability - CVE-2015-1748 (MS15-056)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1743.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft windows kernel memory disclosure vulnerability - CVE-2015-1676 (MS15-051)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR protection mechanism via a crafted function call, aka "Microsoft Windows Kernel Memory Disclosure Vulnerability," a different vulnerability than CVE-2015-1677, CVE-2015-1678, CVE-2015-1679, and CVE-2015-1680.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1658 (MS15-043)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1706, CVE-2015-1711, CVE-2015-1717, and CVE-2015-1718.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWin32k elevation of privilege vulnerability - CVE-2015-2360 (MS15-061)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1717 (MS15-043)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1658, CVE-2015-1706, CVE-2015-1711, and CVE-2015-1718.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDOLE Elevation of privilege vulnerability - CVE-2015-2416 (MS15-075)Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaOLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via crafted input, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "OLE Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-2417.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1709 (MS15-043)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDElevation of privilege vulnerability in Netlogon - CVE-2015-2374 (MS15-071)Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2003Microsoft Windows Server 2012 R2Microsoft Windows Server 2012The Netlogon service in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2 does not properly implement domain-controller communication, which allows remote attackers to discover credentials by leveraging certain PDC access and spoofing the BDC role in a PDC communication channel, aka "Elevation of Privilege Vulnerability in Netlogon."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1705 (MS15-043)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1689.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWindows forms elevation of privilege vulnerability - CVE-2015-1673 (MS15-048)Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows VistaMicrosoft .NET Framework 1.1Microsoft .NET Framework 2.0Microsoft .NET Framework 3.5Microsoft .NET Framework 3.5.1Microsoft .NET Framework 4.0Microsoft .NET Framework 4.5Microsoft .NET Framework 4.5.1Microsoft .NET Framework 4.5.2The Windows Forms (aka WinForms) libraries in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 allow user-assisted remote attackers to execute arbitrary code via a crafted partial-trust application, aka "Windows Forms Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMINTERIMInternet Explorer memory corruption vulnerability - CVE-2015-1755 (MS15-056)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1731, CVE-2015-1736, and CVE-2015-1737.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDVBScript Memory corruption vulnerability - CVE-2015-2372 (MS15-065 and MS15-066)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft VBScript 5.6Microsoft VBScript 5.7Microsoft VBScript 5.8vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWindows Journal remote code execution vulnerability - CVE-2015-1699 (MS15-045)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Windows Journal Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-1675, CVE-2015-1695, CVE-2015-1696, CVE-2015-1697, and CVE-2015-1698.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDService control manager elevation of privilege vulnerability - CVE-2015-1702 (MS15-050)Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2008Microsoft Windows Server 2003Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows VistaMicrosoft Windows Server 2008 R2The Service Control Manager (SCM) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "Service Control Manager Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDExchange HTML injection vulnerability - CVE-2015-2359 (MS15-064)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Exchange Server 2013Cross-site scripting (XSS) vulnerability in the web applications in Microsoft Exchange Server 2013 Cumulative Update 8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Exchange HTML Injection Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft SharePoint page content vulnerabilities – CVE-2015-1700 (MS15-047)Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft SharePoint Server 2007Microsoft SharePoint Server 2010Microsoft SharePoint Foundation 2010Microsoft SharePoint Foundation 2013Microsoft SharePoint Server 2007 SP3, SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, and SharePoint Foundation 2013 SP1 allow remote authenticated users to execute arbitrary code via crafted page content, aka "Microsoft SharePoint Page Content Vulnerabilities."SecPod TeamDRAFTKumarswamy SINTERIMACCEPTEDACCEPTEDMicrosoft Office SharePoint Server 2007 is installed.Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Office SharePoint Server 2007Microsoft Office SharePoint Server 2007 is installed.Robert L. HollisDRAFTINTERIMACCEPTEDJonathan BakerINTERIMACCEPTEDDavid RothenbergINTERIMACCEPTEDINTERIMDragos PrisacaACCEPTEDChandan SINTERIMACCEPTEDEvgeniy PavlovINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1718 (MS15-043)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1658, CVE-2015-1706, CVE-2015-1711, and CVE-2015-1717.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1668 (MS15-032)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1736 (MS15-056)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1731, CVE-2015-1737, and CVE-2015-1755.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft windows kernel memory disclosure vulnerability - CVE-2015-1677 (MS15-051)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR protection mechanism via a crafted function call, aka "Microsoft Windows Kernel Memory Disclosure Vulnerability," a different vulnerability than CVE-2015-1676, CVE-2015-1678, CVE-2015-1679, and CVE-2015-1680.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDVBScript memory corruption vulnerability - CVE-2015-1684 (MS15-043 and MS15-053)Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2VBScript 5.6VBScript 5.7VBScript 5.8Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11VBScript.dll in the Microsoft VBScript 5.6 through 5.8 engine, as used in Internet Explorer 8 through 11 and other products, allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript ASLR Bypass."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDNETLOGON spoofing vulnerability - CVE-2015-0005 (MS15-027)Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2003Microsoft Windows Server 2012 R2Microsoft Windows Server 2012The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, aka "NETLOGON Spoofing Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1666 (MS15-032)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1652.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1744 (MS15-056)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1735, CVE-2015-1740, CVE-2015-1745, and CVE-2015-1766.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDRemote desktop protocol (RDP) denial of service vulnerability - CVE-2015-0079 (MS15-030)Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 7Microsoft Windows 8.1Microsoft Windows Server 2012 R2The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to cause a denial of service (memory consumption and RDP outage) by establishing many RDP sessions that do not properly free allocated memory, aka "Remote Desktop Protocol (RDP) Denial of Service Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1624 (MS15-018)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-2406 (MS15-065)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2385, CVE-2015-2390, CVE-2015-2397, CVE-2015-2404, and CVE-2015-2422.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDNtCreateTransactionManager type confusion vulnerability - CVE-2015-1643 (MS15-038)Microsoft Windows 7Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows Server 2012Microsoft Windows 8Microsoft Windows Server 2012 R2Microsoft Windows 8.1Microsoft Windows Server 2003 R2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "NtCreateTransactionManager Type Confusion Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer elevation of privilege vulnerability - CVE-2015-1713 (MS15-043)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer clipboard information disclosure vulnerability - CVE-2015-1692 (MS15-043)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 7Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 7 through 11 allows user-assisted remote attackers to read the clipboard contents via crafted web script, aka "Internet Explorer Clipboard Information Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer ASLR bypass vulnerability - CVE-2015-1661 (MS15-032)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1733 (MS15-065)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2389 and CVE-2015-2411.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDRegistry virtualization elevation of privilege vulnerability - CVE-2015-0073 (MS15-025)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2The Windows Registry Virtualization feature in the kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly restrict changes to virtual stores, which allows local users to gain privileges via a crafted application, aka "Registry Virtualization Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer elevation of privilege vulnerability - CVE-2015-1704 (MS15-043)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1703.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWin32k elevation of privilege vulnerability - CVE-2015-0078 (MS15-023)Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate the token of a calling thread, which allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDOWA modified canary parameter cross site scripting vulnerability - CVE-2015-1628 (MS15-026)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Exchange Server 2013Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to inject arbitrary web script or HTML via a crafted X-OWA-Canary cookie in an AD.RecipientType.User action, aka "OWA Modified Canary Parameter Cross Site Scripting Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft windows kernel memory disclosure vulnerability - CVE-2015-1680 (MS15-051)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR protection mechanism via a crafted function call, aka "Microsoft Windows Kernel Memory Disclosure Vulnerability," a different vulnerability than CVE-2015-1676, CVE-2015-1677, CVE-2015-1678, and CVE-2015-1679.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDAdobe font driver remote code execution vulnerability - CVE-2015-0088 (MS15-021)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "Adobe Font Driver Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-0090, CVE-2015-0091, CVE-2015-0092, and CVE-2015-0093.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Windows Kernel Bitmap handling use after free vulnerability - CVE-2015-1722 (MS15-061)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Microsoft Windows Kernel Bitmap Handling Use After Free Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-2390 (MS15-065)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2385, CVE-2015-2397, CVE-2015-2404, CVE-2015-2406, and CVE-2015-2422.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft windows kernel memory disclosure vulnerability - CVE-2015-0077 (MS15-023)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly initialize function buffers, which allows local users to obtain sensitive information from kernel memory, and possibly bypass the ASLR protection mechanism, via a crafted application, aka "Microsoft Windows Kernel Memory Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDVBScript memory corruption vulnerability - CVE-2015-0032 (MS15-019)Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows Server 2003Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2VBScript 5.8VBScript 5.7VBScript 5.6Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 8 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1662 (MS15-032)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1659 and CVE-2015-1665.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1626 (MS15-018)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0056 and CVE-2015-1623.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDTask scheduler security feature bypass vulnerability - CVE-2015-0084 (MS15-028)Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Windows Server 2008Microsoft Windows Server 2008 R2The Task Scheduler in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels, which allows local users to bypass intended restrictions on launching executable files via a crafted task, aka "Task Scheduler Security Feature Bypass Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDAdobe font driver remote code execution vulnerability - CVE-2015-0092 (MS15-021)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "Adobe Font Driver Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-0088, CVE-2015-0090, CVE-2015-0091, and CVE-2015-0093.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDAdobe font driver remote code execution vulnerability - CVE-2015-0090 (MS15-021)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "Adobe Font Driver Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-0088, CVE-2015-0091, CVE-2015-0092, and CVE-2015-0093.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1737 (MS15-056)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1731, CVE-2015-1736, and CVE-2015-1755.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-0056 (MS15-018)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1623 and CVE-2015-1626.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDGroup Policy security feature bypass vulnerability - CVE-2015-0009 (MS15-014)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1The Group Policy Security Configuration policy implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows man-in-the-middle attackers to disable a signing requirement and trigger a revert-to-default action by spoofing domain-controller responses, aka "Group Policy Security Feature Bypass Vulnerability."SecPod TeamDRAFTKumarswamy SINTERIMACCEPTEDACCEPTEDWindows create process elevation of privilege vulnerability - CVE-2015-0062 (MS15-015)Microsoft Windows Server 2008 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to gain privileges via a crafted application that leverages incorrect impersonation handling in a process that uses the SeAssignPrimaryTokenPrivilege privilege, aka "Windows Create Process Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft schannel remote code execution vulnerability - CVE-2015-0003 (MS15-010)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDKumarswamy SINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1622 (MS15-018)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1689 (MS15-043)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1705.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-0038 (MS15-009)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0042 and CVE-2015-0046.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDExchangeDLP cross site scripting vulnerability - CVE-2015-1629 (MS15-026)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Exchange Server 2013Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "ExchangeDLP Cross Site Scripting Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDVBScript and JScript ASLR bypass vulnerability - CVE-2015-1686 (MS15-043 and MS15-053)Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2JScript 5.6JScript 5.7JScript 5.8VBScript 5.6VBScript 5.7VBScript 5.8Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11The Microsoft (1) VBScript 5.6 through 5.8 and (2) JScript 5.6 through 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript and JScript ASLR Bypass."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDJScript 5.6 is installedMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012JScript 5.6JScript 5.6 is installed.Maria MikhnoDRAFTINTERIMACCEPTEDACCEPTEDJScript 5.8 is installedMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012JScript 5.8JScript 5.8 is installed.Maria MikhnoDRAFTINTERIMACCEPTEDACCEPTEDJScript 5.7 is installedMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012JScript 5.7JScript 5.7 is installed.Maria MikhnoDRAFTINTERIMACCEPTEDACCEPTEDWin32k information disclosure vulnerability - CVE-2015-2367 (MS15-073)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from uninitialized kernel memory via a crafted application, aka "Win32k Information Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWindows Journal remote code execution vulnerability - CVE-2015-1675 (MS15-045)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Windows Journal Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-1695, CVE-2015-1696, CVE-2015-1697, CVE-2015-1698, and CVE-2015-1699.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTED.NET XML decryption denial of service vulnerability - CVE-2015-1672 (MS15-048)Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows VistaMicrosoft .NET Framework 2.0Microsoft .NET Framework 3.5Microsoft .NET Framework 3.5.1Microsoft .NET Framework 4.0Microsoft .NET Framework 4.5Microsoft .NET Framework 4.5.1Microsoft .NET Framework 4.5.2Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 allows remote attackers to cause a denial of service (recursion and performance degradation) via crafted encrypted data in an XML document, aka ".NET XML Decryption Denial of Service Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMINTERIMAdobe font driver remote code execution vulnerability - CVE-2015-0093 (MS15-021)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "Adobe Font Driver Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-0088, CVE-2015-0090, CVE-2015-0091, and CVE-2015-0092.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer elevation of privilege vulnerability - CVE-2015-0072 (MS15-018)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy and inject arbitrary web script or HTML via vectors involving an IFRAME element that triggers a redirect, a second IFRAME element that does not trigger a redirect, and an eval of a WindowProxy object, aka "Universal XSS (UXSS)."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-0039 (MS15-009)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0027, CVE-2015-0035, CVE-2015-0052, and CVE-2015-0068.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDTIFF Processing information disclosure vulnerability - CVE-2015-0061 (MS15-016)Microsoft Windows Server 2003Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly initialize memory for TIFF images, which allows remote attackers to obtain sensitive information from process memory via a crafted image file, aka "TIFF Processing Information Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDEvgeniy PavlovINTERIMACCEPTEDACCEPTEDAdobe font driver denial of service vulnerability - CVE-2015-0074 (MS15-021)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly allocate memory, which allows remote attackers to cause a denial of service via a crafted (1) web site or (2) file, aka "Adobe Font Driver Denial of Service Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer elevation of privilege vulnerability - CVE-2015-0055 (MS15-009)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-0022 (MS15-009)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 7Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0017, CVE-2015-0020, CVE-2015-0026, CVE-2015-0030, CVE-2015-0031, CVE-2015-0036, and CVE-2015-0041.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDDirectory Traversal elevation of privilege vulnerability - CVE-2015-0016 (MS15-004)Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows Remote Desktop Connection 7.0Microsoft Windows Remote Desktop Connection 8.0Microsoft Windows Remote Desktop Connection 8.1Directory traversal vulnerability in the TS WebProxy (aka TSWbPrxy) component in Microsoft Windows Vista SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via a crafted pathname in an executable file, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Directory Traversal Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-0020 (MS15-009)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 7Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0017, CVE-2015-0022, CVE-2015-0026, CVE-2015-0030, CVE-2015-0031, CVE-2015-0036, and CVE-2015-0041.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWindows Journal remote code execution vulnerability - CVE-2015-1696 (MS15-045)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Windows Journal Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-1675, CVE-2015-1695, CVE-2015-1697, CVE-2015-1698, and CVE-2015-1699.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1665 (MS15-032)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1659 and CVE-2015-1662.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDGraphics component EOP vulnerability - CVE-2015-2364 (MS15-072)Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows VistaThe graphics component in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application that leverages an incorrect bitmap conversion, aka "Graphics Component EOP Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1657 (MS15-032)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDGroup Policy remote code execution vulnerability - CVE-2015-0008 (MS15-011)Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows VistaMicrosoft Windows Server 2008 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2The UNC implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not include authentication from the server to the client, which allows remote attackers to execute arbitrary code by making crafted data available on a UNC share, as demonstrated by Group Policy data from a spoofed domain controller, aka "Group Policy Remote Code Execution Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWindows Kernel security feature bypass vulnerability - CVE-2015-1674 (MS15-052)Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate an unspecified address, which allows local users to bypass the KASLR protection mechanism, and consequently discover the cng.sys base address, via a crafted application, aka "Windows Kernel Security Feature Bypass Vulnerability."SecPod TeamDRAFTKumarswamy SINTERIMACCEPTEDACCEPTEDDEPRECATED: WTS remote code execution vulnerability - CVE-2015-0081 (MS15-020)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Windows Text Services (WTS) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "WTS Remote Code Execution Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDRichard HelbingDEPRECATEDDEPRECATEDInternet Explorer elevation of privilege vulnerability - CVE-2015-1703 (MS15-043)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1704.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWin32k elevation of privilege vulnerability - CVE-2015-0057 (MS15-010)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDKumarswamy SINTERIMACCEPTEDACCEPTEDWindows font driver denial of service vulnerability - CVE-2015-0060 (MS15-010)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1The font mapper in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly scale fonts, which allows local users to cause a denial of service (system hang) via a crafted application, aka "Windows Font Driver Denial of Service Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDKumarswamy SINTERIMACCEPTEDACCEPTEDAdobe font driver remote code execution vulnerability - CVE-2015-0091 (MS15-021)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "Adobe Font Driver Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-0088, CVE-2015-0090, CVE-2015-0092, and CVE-2015-0093.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-0052 (MS15-009)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0027, CVE-2015-0035, CVE-2015-0039, and CVE-2015-0068.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1714 (MS15-043)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDJPEG XR parser information disclosure vulnerability - CVE-2015-0076 (MS15-029)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1The photo-decoder implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly initialize memory for rendering of JXR images, which allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "JPEG XR Parser Information Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDSchannel information disclosure vulnerability - CVE-2015-1716 (MS15-055)Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows VistaMicrosoft Windows Server 2008 R2Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly restrict Diffie-Hellman Ephemeral (DHE) key lengths, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, aka "Schannel Information Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1623 (MS15-018)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0056 and CVE-2015-1626.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft windows kernel memory disclosure vulnerability - CVE-2015-0095 (MS15-023)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to cause a denial of service (NULL pointer dereference and blue screen), or obtain sensitive information from kernel memory and possibly bypass the ASLR protection mechanism, via a crafted application, aka "Microsoft Windows Kernel Memory Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWin32k buffer overflow vulnerability - CVE-2015-1725 (MS15-061)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Buffer overflow in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Win32k Buffer Overflow Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDGraphics component information disclosure vulnerability - CVE-2015-0002 (MS15-001)Microsoft Windows Server 2008 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2The AhcVerifyAdminContext function in ahcache.sys in the Application Compatibility component in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not verify that an impersonation token is associated with an administrative account, which allows local users to gain privileges by running AppCompatCache.exe with a crafted DLL file, aka MSRC ID 20544 or "Microsoft Application Compatibility Infrastructure Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-0066 (MS15-009)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0018, CVE-2015-0037, and CVE-2015-0040.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft SharePoint xss vulnerability – CVE-2015-1636 (MS15-022)Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft SharePoint Foundation 2013Microsoft SharePoint Server 2013Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 Gold and SP1 and SharePoint Server 2013 Gold and SP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDKumarswamy SINTERIMACCEPTEDACCEPTEDMicrosoft windows kernel memory disclosure vulnerability - CVE-2015-0094 (MS15-023)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly restrict the availability of address information during a function call, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application, aka "Microsoft Windows Kernel Memory Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-0031 (MS15-009)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 7Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0017, CVE-2015-0020, CVE-2015-0022, CVE-2015-0026, CVE-2015-0030, CVE-2015-0036, and CVE-2015-0041.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1741 (MS15-056)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1752.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWindows Journal remote code execution vulnerability - CVE-2015-1698 (MS15-045)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Windows Journal Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-1675, CVE-2015-1695, CVE-2015-1696, CVE-2015-1697, and CVE-2015-1699.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1688 (MS15-043)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 7Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-0040 (MS15-009)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0018, CVE-2015-0037, and CVE-2015-0066.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWindows Error Reporting security feature bypass vulnerability - CVE-2015-0001 (MS15-006)Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2The Windows Error Reporting (WER) component in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to bypass the Protected Process Light protection mechanism and read the contents of arbitrary process-memory locations by leveraging administrative privileges, aka "Windows Error Reporting Security Feature Bypass Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDTrueType font parsing remote code execution vulnerability - CVE-2015-0059 (MS15-010)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted TrueType font, aka "TrueType Font Parsing Remote Code Execution Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDKumarswamy SINTERIMACCEPTEDACCEPTEDDEPRECATED: DLL planting remote code execution vulnerability - CVE-2015-0096 (MS15-020)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Untrusted search path vulnerability in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, leading to DLL loading during Windows Explorer access to the icon of a crafted shortcut, aka "DLL Planting Remote Code Execution Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDRichard HelbingDEPRECATEDDEPRECATEDHTTP.sys Remote code execution vulnerability - CVE-2015-1635 (MS15-034)Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Windows Server 2008 R2HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-2384 (MS15-065)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2383 and CVE-2015-2425.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDDLL planting remote code execution vulnerability - CVE-2015-0096 (MS15-020)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Untrusted search path vulnerability in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, leading to DLL loading during Windows Explorer access to the icon of a crafted shortcut, aka "DLL Planting Remote Code Execution Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDExchange Server-Side Request Forgery vulnerability - CVE-2015-1764 (MS15-064)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Exchange Server 2013The web applications in Microsoft Exchange Server 2013 SP1 and Cumulative Update 8 allow remote attackers to bypass the Same Origin Policy and send HTTP traffic to intranet servers via a crafted request, related to a Server-Side Request Forgery (SSRF) issue, aka "Exchange Server-Side Request Forgery Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Exchange Server 2013 Cumulative Update 8 is installedMicrosoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Exchange Server 2013Microsoft Exchange Server 2013 Cumulative Update 8 is installedSecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer elevation of privilege vulnerability - CVE-2015-1627 (MS15-018)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWindows MS-DOS device name vulnerability - CVE-2015-1644 (MS15-038)Microsoft Windows 7Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows Server 2012Microsoft Windows 8Microsoft Windows Server 2012 R2Microsoft Windows 8.1Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "Windows MS-DOS Device Name Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1750 (MS15-056)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1732, CVE-2015-1742, CVE-2015-1747, and CVE-2015-1753.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1694 (MS15-043)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1710.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1659 (MS15-032)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1662 and CVE-2015-1665.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-0043 (MS15-009)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1634 (MS15-018)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1625.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDVulnerability in Microsoft Schannel could allow security feature bypass - CVE-2015-1637 (MS15-031)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Schannel (aka Secure Channel) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204 and CVE-2015-1067.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-0026 (MS15-009)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 7Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0017, CVE-2015-0020, CVE-2015-0022, CVE-2015-0030, CVE-2015-0031, CVE-2015-0036, and CVE-2015-0041.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft windows kernel memory disclosure vulnerability - CVE-2015-1679 (MS15-051)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR protection mechanism via a crafted function call, aka "Microsoft Windows Kernel Memory Disclosure Vulnerability," a different vulnerability than CVE-2015-1676, CVE-2015-1677, CVE-2015-1678, and CVE-2015-1680.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWindows Telnet service buffer overflow vulnerability - CVE-2015-0014 (MS15-002)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Buffer overflow in the Telnet service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows Telnet Service Buffer Overflow Vulnerability."SecPod TeamDRAFTINTERIMKumarswamy SACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDAdobe font driver information disclosure vulnerability - CVE-2015-0089 (MS15-021)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to obtain sensitive information from kernel memory, and possibly bypass the KASLR protection mechanism, via a crafted font, aka "Adobe Font Driver Information Disclosure Vulnerability," a different vulnerability than CVE-2015-0087.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1731 (MS15-056)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1736, CVE-2015-1737, and CVE-2015-1755.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-2401 (MS15-065)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1767 and CVE-2015-2408.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDAudit report cross site scripting vulnerability - CVE-2015-1630 (MS15-026)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Exchange Server 2013Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Audit Report Cross Site Scripting Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft SharePoint XSS vulnerability – CVE-2015-1653 (MS15-036)Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 8.1Microsoft SharePoint Foundation 2013Microsoft SharePoint Server 2013Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 SP1 and SharePoint Server 2013 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-0046 (MS15-009)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0038 and CVE-2015-0042.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1745 (MS15-056)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1735, CVE-2015-1740, CVE-2015-1744, and CVE-2015-1766.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWindows Journal remote code execution vulnerability - CVE-2015-1695 (MS15-045)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Windows Journal Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-1675, CVE-2015-1696, CVE-2015-1697, CVE-2015-1698, and CVE-2015-1699.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1752 (MS15-056)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1741.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1625 (MS15-018)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1634.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDNetwork policy server RADIUS implementation denial of service vulnerability - CVE-2015-0015 (MS15-007)Microsoft Windows Server 2003Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2003 SP2, Server 2008 SP2 and R2 SP1, and Server 2012 Gold and R2 allow remote attackers to cause a denial of service (system hang and RADIUS outage) via crafted username strings to (1) Internet Authentication Service (IAS) or (2) Network Policy Server (NPS), aka "Network Policy Server RADIUS Implementation Denial of Service Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-0035 (MS15-009)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0027, CVE-2015-0039, CVE-2015-0052, and CVE-2015-0068.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDAdobe font driver information disclosure vulnerability - CVE-2015-0087 (MS15-021)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to obtain sensitive information from kernel memory, and possibly bypass the KASLR protection mechanism, via a crafted font, aka "Adobe Font Driver Information Disclosure Vulnerability," a different vulnerability than CVE-2015-0089.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer ASLR bypass vulnerability - CVE-2015-0069 (MS15-009)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer information disclosure vulnerability - CVE-2015-1765 (MS15-056)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to read the browser history via a crafted web site.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMalformed PNG parsing information disclosure vulnerability - CVE-2015-0080 (MS15-024)Microsoft Windows Server 2003Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly initialize memory for rendering of malformed PNG images, which allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Malformed PNG Parsing Information Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDOutlook Web App token spoofing vulnerability (CVE-2014-6319) - MS14-075Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Exchange Server 2007Microsoft Exchange Server 2010Microsoft Exchange Server 2013Outlook Web App (OWA) in Microsoft Exchange Server 2007 SP3, 2010 SP3, and 2013 SP1 and Cumulative Update 6 does not properly validate tokens in requests, which allows remote attackers to spoof the origin of e-mail messages via unspecified vectors, aka "Outlook Web App Token Spoofing Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Exchange Server 2007 (no Service Pack) is installedMicrosoft Windows Server 2003Microsoft Windows Server 2008Exchange Server 2007 (no Service Pack) is installed.Robert L. HollisDRAFTINTERIMACCEPTEDJeff ChengINTERIMACCEPTEDJeff ItoINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDACCEPTEDMicrosoft Exchange Server 2010 is installedMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Exchange Server 2010Microsoft Exchange Server 2010 is installedSergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2014-6329 (MS14-080)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6327 and CVE-2014-6376.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDExchange URL redirection vulnerability (CVE-2014-6336) - MS14-075Microsoft Windows Server 2008 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Exchange Server 2013Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 does not properly validate redirection tokens, which allows remote attackers to redirect users to arbitrary web sites and spoof the origin of e-mail messages via unspecified vectors, aka "Exchange URL Redirection Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-0036 (MS15-009)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 7Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0017, CVE-2015-0020, CVE-2015-0022, CVE-2015-0026, CVE-2015-0030, CVE-2015-0031, and CVE-2015-0041.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1710 (MS15-043)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1694.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2014-6327 (MS14-080)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6329 and CVE-2014-6376.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-0037 (MS15-009)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0018, CVE-2015-0040, and CVE-2015-0066.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2014-6374 (MS14-080)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 7Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWindows Hyper-V DoS vulnerability - CVE-2015-1647 (MS15-042)Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Hyper-V ServerVirtual Machine Manager (VMM) in Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 allows guest OS users to cause a denial of service (VMM functionality loss) via a crafted application, aka "Windows Hyper-V DoS Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Windows Hyper-V is installedMicrosoft Windows 8Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Hyper-V ServerMicrosoft Windows Hyper-V is installed.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWindows Journal remote code execution vulnerability - CVE-2015-1697 (MS15-045)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Windows Journal Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-1675, CVE-2015-1695, CVE-2015-1696, CVE-2015-1698, and CVE-2015-1699.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-0018 (MS15-009)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0037, CVE-2015-0040, and CVE-2015-0066.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-0030 (MS15-009)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 7Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0017, CVE-2015-0020, CVE-2015-0022, CVE-2015-0026, CVE-2015-0031, CVE-2015-0036, and CVE-2015-0041.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2014-6376 (MS14-080)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6327 and CVE-2014-6329.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2014-6368 (MS14-080)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2014-6363 (MS14-080)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2VBScript 5.8VBScript 5.6VBScript 5.7vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDDragos PrisacaINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2014-6343 (MS14-065)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-0027 (MS15-009)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0035, CVE-2015-0039, CVE-2015-0052, and CVE-2015-0068.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer cross-domain information disclosure vulnerability. - CVE-2014-6340 (MS14-065)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 7Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6Microsoft Internet Explorer 6 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-0017 (MS15-009)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 7Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0020, CVE-2015-0022, CVE-2015-0026, CVE-2015-0030, CVE-2015-0031, CVE-2015-0036, and CVE-2015-0041.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Clipboard Information Disclosure Vulnerability - CVE-2014-6323 (MS14-065)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 7Microsoft Internet Explorer 7 through 11 allows remote attackers to obtain sensitive clipboard information via a crafted web site, aka "Internet Explorer Clipboard Information Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMicrosoft user profile service elevation of privilege vulnerability - CVE-2015-0004 (MS15-003)Microsoft Windows 7Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows Server 2012Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012 R2The User Profile Service (aka ProfSvc) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges by conducting a junction attack to load another user's UsrClass.dat registry hive, aka MSRC ID 20674 or "Microsoft User Profile Service Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDOWA XSS vulnerability (CVE-2014-6326) - MS14-075Microsoft Windows Server 2008 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Exchange Server 2013Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "OWA XSS Vulnerability," a different vulnerability than CVE-2014-6325.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDNLA Security Feature Bypass Vulnerability - CVE-2015-0006 (MS15-005)Microsoft Windows 7Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows Server 2012Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012 R2The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows remote attackers to trigger an unintended permissive configuration by spoofing DNS and LDAP responses on a local network, aka "NLA Security Feature Bypass Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDExchange forged meeting request spoofing vulnerability - CVE-2015-1631 (MS15-026)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Exchange Server 2013Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to spoof meeting organizers via unspecified vectors, aka "Exchange Forged Meeting Request Spoofing Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDOWA XSS vulnerability (CVE-2014-6325) - MS14-075Microsoft Windows Server 2008 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Exchange Server 2013Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "OWA XSS Vulnerability," a different vulnerability than CVE-2014-6326.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Exchange Server 2013 CU 6 is installedMicrosoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Exchange Server 2013Microsoft Exchange Server 2013 CU 6 is installed. Microsoft Exchange Server is calendaring software, a mail server and contact manager developed by Microsoft.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer cross-domain information disclosure vulnerability - CVE-2014-6346 (MS14-065)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDWindows audio service vulnerability - CVE-2014-6322 (MS14-071)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2The Windows Audio service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via a crafted web site, as demonstrated by execution of web script in Internet Explorer, aka "Windows Audio Service Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-0068 (MS15-009)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0027, CVE-2015-0035, CVE-2015-0039, and CVE-2015-0052.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDRemote Desktop Protocol (RDP) failure to audit vulnerability - CVE-2014-6318 (MS14-074)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2The audit logon feature in Remote Desktop Protocol (RDP) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly log unauthorized login attempts supplying valid credentials, which makes it easier for remote attackers to bypass intended access restrictions via a series of attempts, aka "Remote Desktop Protocol (RDP) Failure to Audit Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer elevation of privilege vulnerability - CVE-2014-6349 (MS14-065)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-6350.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer ASLR bypass vulnerability - CVE-2015-0071 (MS15-009)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2014-6347 (MS14-065)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDCNG security feature bypass vulnerability - CVE-2015-0010 (MS15-010)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1The CryptProtectMemory function in cng.sys (aka the Cryptography Next Generation driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1, when the CRYPTPROTECTMEMORY_SAME_LOGON option is used, does not check an impersonation token's level, which allows local users to bypass intended decryption restrictions by leveraging a service that (1) has a named-pipe planting vulnerability or (2) uses world-readable shared memory for encrypted data, aka "CNG Security Feature Bypass Vulnerability" or MSRC ID 20707.SecPod TeamDRAFTINTERIMACCEPTEDKumarswamy SINTERIMACCEPTEDACCEPTEDMicrosoft Windows Kernel Brush Object use after free vulnerability - CVE-2015-1726 (MS15-061)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Microsoft Windows Kernel Brush Object Use After Free Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer elevation of privilege vulnerability - CVE-2015-0054 (MS15-009)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 7Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDKerberos checksum vulnerability - CVE-2014-6324 (MS14-068)Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows VistaThe Kerberos Key Distribution Center (KDC) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote authenticated domain users to obtain domain administrator privileges via a forged signature in a ticket, as exploited in the wild in November 2014, aka "Kerberos Checksum Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2014-6341 (MS14-065)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 7Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4143.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer XSS filter bypass vulnerability - CVE-2014-6328 (MS14-080)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a crafted attribute of an element in an HTML document, aka "Internet Explorer XSS Filter Bypass Vulnerability," a different vulnerability than CVE-2014-6365.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1711 (MS15-043)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1658, CVE-2015-1706, CVE-2015-1717, and CVE-2015-1718.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1706 (MS15-043)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1658, CVE-2015-1711, CVE-2015-1717, and CVE-2015-1718.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDASP.NET information disclosure vulnerability - CVE-2015-1648 (MS15-041)Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft .NET Framework 1.1Microsoft .NET Framework 2.0Microsoft .NET Framework 3.5.1Microsoft .NET Framework 4.0Microsoft .NET Framework 4.5Microsoft .NET Framework 4.5.1Microsoft .NET Framework 4.5.2ASP.NET in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2, when the customErrors configuration is disabled, allows remote attackers to obtain sensitive configuration-file information via a crafted request, aka "ASP.NET Information Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMINTERIMGraphics component information disclosure vulnerability - CVE-2014-6355 (MS14-085)Microsoft Windows Server 2003Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaThe Graphics Component in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly process JPEG images, which makes it easier for remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Graphics Component Information Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMSXML Remote Code Execution Vulnerability - CVE-2014-4118 (MS14-067)Microsoft Windows 7Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 8Microsoft Windows 8.1Microsoft XML Core Services 3.0XML Core Services (aka MSXML) 3.0 in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (system-state corruption) via crafted XML content, aka "MSXML Remote Code Execution Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft windows kernel memory disclosure vulnerability - CVE-2015-1678 (MS15-051)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR protection mechanism via a crafted function call, aka "Microsoft Windows Kernel Memory Disclosure Vulnerability," a different vulnerability than CVE-2015-1676, CVE-2015-1677, CVE-2015-1679, and CVE-2015-1680.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDTypeFilterLevel vulnerability - CVE-2014-4149 (MS14-072)Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft .NET Framework 1.1Microsoft .NET Framework 2.0Microsoft .NET Framework 3.5.1Microsoft .NET Framework 4.0Microsoft .NET Framework 4.5Microsoft .NET Framework 4.5.1Microsoft .NET Framework 4.5.2Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly perform TypeFilterLevel checks, which allows remote attackers to execute arbitrary code via crafted data to a .NET Remoting endpoint, aka "TypeFilterLevel Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMINTERIMWindows OLE automation array remote code execution vulnerability - CVE-2014-6332 (MS14-064)Microsoft Windows Server 2003Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaOleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted web site, as demonstrated by an array-redimensioning attempt that triggers improper handling of a size value in the SafeArrayDimen function, aka "Windows OLE Automation Array Remote Code Execution Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer cross-domain information disclosure vulnerability - CVE-2015-0070 (MS15-009)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 7Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6Microsoft Internet Explorer 6 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWTS remote code execution vulnerability - CVE-2015-0081 (MS15-020)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Windows Text Services (WTS) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "WTS Remote Code Execution Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft IME (Japanese) elevation of privilege vulnerability - CVE-2014-4077 (MS14-078)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Input Method Editor JapaneseMicrosoft Office IME Japanese 2007Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Office 2007 SP3, when IMJPDCT.EXE (aka IME for Japanese) is installed, allow remote attackers to bypass a sandbox protection mechanism via a crafted PDF document, aka "Microsoft IME (Japanese) Elevation of Privilege Vulnerability," as exploited in the wild in 2014.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Input method editor (IME) Japanese is installedMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Input Method Editor JapaneseMicrosoft Input method editor (IME) Japanese is installedSecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Office 2007 IME Japanese is installedMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Office IME Japanese 2007Microsoft Office 2007 IME Japanese is installed.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-0041 (MS15-009)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 7Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0017, CVE-2015-0020, CVE-2015-0022, CVE-2015-0026, CVE-2015-0030, CVE-2015-0031, and CVE-2015-0036.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-0042 (MS15-009)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0038 and CVE-2015-0046.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer XSS filter bypass vulnerability - CVE-2014-6365 (MS14-080)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a crafted attribute of an element in an HTML document, aka "Internet Explorer XSS Filter Bypass Vulnerability," a different vulnerability than CVE-2014-6328.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWindows OLE remote code execution vulnerability - CVE-2014-6352 (MS14-064)Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted PowerPoint document.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDIIS Security feature bypass vulnerability - CVE-2014-4078 (MS14-076)Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Information Services 8.0Microsoft Internet Information Services 8.5The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft IIS 8.5 is installedMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft IIS 8.5The application Microsoft IIS 8.5 is installed.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMicrosoft IIS 8.0 is installedMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft IIS 8.0The application Microsoft IIS 8.0 is installed.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1667 (MS15-032)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDExchange error message cross site scripting vulnerability - CVE-2015-1632 (MS15-026)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Exchange Server 2013Cross-site scripting (XSS) vulnerability in errorfe.aspx in Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to inject arbitrary web script or HTML via the msgParam parameter in an authError action, aka "Exchange Error Message Cross Site Scripting Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Exchange Server 2013 Cumulative Update 7 is installedMicrosoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Exchange Server 2013Microsoft Exchange Server 2013 Cumulative Update 7 is installedSecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Exchange Server 2013 is installedMicrosoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Exchange Server 2013Microsoft Exchange Server 2013 is installedSecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2015-1652 (MS15-032)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1666.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer elevation of privilege vulnerability - CVE-2014-6350 (MS14-065)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-6349.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMicrosoft SharePoint xss vulnerability – CVE-2015-1633 (MS15-022)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft SharePoint Foundation 2010Microsoft SharePoint Foundation 2013Microsoft SharePoint Server 2010Microsoft SharePoint Server 2013Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, SharePoint Foundation 2013 Gold and SP1, and SharePoint Server 2013 Gold and SP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDKumarswamy SINTERIMACCEPTEDACCEPTEDMicrosoft Office SharePoint Server 2010 is installed.Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Office SharePoint Server 2010Microsoft Office SharePoint Server 2010 is installed.Dragos PrisacaDRAFTINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDSharePoint elevation of privilege vulnerability - CVE-2014-4116 (MS14-073)Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows VistaMicrosoft SharePoint Foundation 2010Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2010 SP2 allows remote authenticated users to inject arbitrary web script or HTML via a modified list, aka "SharePoint Elevation of Privilege Vulnerability."SecPod TeamDRAFTKumarswamy SINTERIMACCEPTEDACCEPTEDMicrosoft SharePoint Foundation 2010 is installedMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows Server 2012Microsoft Windows 8Microsoft SharePoint Foundation 2010Microsoft SharePoint Foundation 2010 is installed.Dragos PrisacaDRAFTINTERIMACCEPTEDBhavya KINTERIMACCEPTEDACCEPTEDMicrosoft schannel remote code execution vulnerability - CVE-2014-6321 (MS14-066)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via crafted packets, aka "Microsoft Schannel Remote Code Execution Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMicrosoft schannel remote code execution vulnerability - CVE-2015-0058 (MS15-010)Microsoft Windows Server 2012 R2Microsoft Windows 8.1Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a crafted application, aka "Windows Cursor Object Double Free Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDKumarswamy SINTERIMACCEPTEDACCEPTEDDenial of service in Windows Kernel Mode Driver vulnerability - CVE-2014-6317 (MS14-079)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to cause a denial of service (reboot) via a crafted TrueType font, aka "Denial of Service in Windows Kernel Mode Driver Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWebDAV elevation of privilege vulnerability - CVE-2015-0011 (MS15-008)Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Vistamrxdav.sys (aka the WebDAV driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to bypass an impersonation protection mechanism, and obtain privileges for redirection of WebDAV requests, via a crafted application, aka "WebDAV Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2014-6369 (MS14-080)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2014-6351 (MS14-065)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2014-6337 (MS14-065)Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability - CVE-2014-4143 (MS14-065)Microsoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 7Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6341.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDWin32k.sys elevation of privilege vulnerability - CVE-2014-4113 (MS14-058)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, as exploited in the wild in October 2014, aka "Win32k.sys Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4130 (MS14-056)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4132 and CVE-2014-4138.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4126 (MS14-056)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer ASLR bypass vulnerability - CVE-2014-4140 (MS14-056)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4141 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTED.NET ClickOnce elevation of privilege vulnerability - CVE-2014-4073 (MS14-057)Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows VistaMicrosoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft .NET Framework 2.0Microsoft .NET Framework 3.5.1Microsoft .NET Framework 4.0Microsoft .NET Framework 4.5Microsoft .NET Framework 4.5.1Microsoft .NET Framework 4.5.2Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 processes unverified data during interaction with the ClickOnce installer, which allows remote attackers to gain privileges via vectors involving Internet Explorer, aka ".NET ClickOnce Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMINTERIM.NET ASLR vulnerability - CVE-2014-4122 (MS14-057)Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows VistaMicrosoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft .NET Framework 2.0Microsoft .NET Framework 3.5.1Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 omits the ASLR protection mechanism, which allows remote attackers to obtain potentially sensitive information about memory addresses by leveraging the predictability of an executable image's location, aka ".NET ASLR Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4096 (MS14-052)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4087, CVE-2014-4095, and CVE-2014-4101.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4088 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CVE-2014-4079, CVE-2014-4081, CVE-2014-4083, CVE-2014-4085, CVE-2014-4090, CVE-2014-4094, CVE-2014-4097, CVE-2014-4100, CVE-2014-4103, CVE-2014-4104, CVE-2014-4105, CVE-2014-4106, CVE-2014-4107, CVE-2014-4108, CVE-2014-4109, CVE-2014-4110, and CVE-2014-4111.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4128 (MS14-056)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4065 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4079, CVE-2014-4081, CVE-2014-4083, CVE-2014-4085, CVE-2014-4088, CVE-2014-4090, CVE-2014-4094, CVE-2014-4097, CVE-2014-4100, CVE-2014-4103, CVE-2014-4104, CVE-2014-4105, CVE-2014-4106, CVE-2014-4107, CVE-2014-4108, CVE-2014-4109, CVE-2014-4110, and CVE-2014-4111.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4095 (MS14-052)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4087, CVE-2014-4096, and CVE-2014-4101.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4081 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CVE-2014-4079, CVE-2014-4083, CVE-2014-4085, CVE-2014-4088, CVE-2014-4090, CVE-2014-4094, CVE-2014-4097, CVE-2014-4100, CVE-2014-4103, CVE-2014-4104, CVE-2014-4105, CVE-2014-4106, CVE-2014-4107, CVE-2014-4108, CVE-2014-4109, CVE-2014-4110, and CVE-2014-4111.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4132 (MS14-056)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4130 and CVE-2014-4138.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4108 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CVE-2014-4079, CVE-2014-4081, CVE-2014-4083, CVE-2014-4085, CVE-2014-4088, CVE-2014-4090, CVE-2014-4094, CVE-2014-4097, CVE-2014-4100, CVE-2014-4103, CVE-2014-4104, CVE-2014-4105, CVE-2014-4106, CVE-2014-4107, CVE-2014-4109, CVE-2014-4110, and CVE-2014-4111.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4104 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CVE-2014-4079, CVE-2014-4081, CVE-2014-4083, CVE-2014-4085, CVE-2014-4088, CVE-2014-4090, CVE-2014-4094, CVE-2014-4097, CVE-2014-4100, CVE-2014-4103, CVE-2014-4105, CVE-2014-4106, CVE-2014-4107, CVE-2014-4108, CVE-2014-4109, CVE-2014-4110, and CVE-2014-4111.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4105 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CVE-2014-4079, CVE-2014-4081, CVE-2014-4083, CVE-2014-4085, CVE-2014-4088, CVE-2014-4090, CVE-2014-4094, CVE-2014-4097, CVE-2014-4100, CVE-2014-4103, CVE-2014-4104, CVE-2014-4106, CVE-2014-4107, CVE-2014-4108, CVE-2014-4109, CVE-2014-4110, and CVE-2014-4111.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4107 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CVE-2014-4079, CVE-2014-4081, CVE-2014-4083, CVE-2014-4085, CVE-2014-4088, CVE-2014-4090, CVE-2014-4094, CVE-2014-4097, CVE-2014-4100, CVE-2014-4103, CVE-2014-4104, CVE-2014-4105, CVE-2014-4106, CVE-2014-4108, CVE-2014-4109, CVE-2014-4110, and CVE-2014-4111.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4099 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4103 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CVE-2014-4079, CVE-2014-4081, CVE-2014-4083, CVE-2014-4085, CVE-2014-4088, CVE-2014-4090, CVE-2014-4094, CVE-2014-4097, CVE-2014-4100, CVE-2014-4104, CVE-2014-4105, CVE-2014-4106, CVE-2014-4107, CVE-2014-4108, CVE-2014-4109, CVE-2014-4110, and CVE-2014-4111.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDTask Scheduler Vulnerability - CVE-2014-4074 (MS14-054)Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2The Task Scheduler in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via an application that schedules a crafted task, aka "Task Scheduler Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4101 (MS14-052)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4087, CVE-2014-4095, and CVE-2014-4096.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTED.NET Framework remote code execution vulnerability - CVE-2014-4121 (MS14-057)Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows VistaMicrosoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft .NET Framework 2.0Microsoft .NET Framework 3.5.1Microsoft .NET Framework 4.0Microsoft .NET Framework 4.5Microsoft .NET Framework 4.5.1Microsoft .NET Framework 4.5.2Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly parse internationalized resource identifiers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted request to a .NET web application, aka ".NET Framework Remote Code Execution Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMINTERIMAlows man-in-the-middle attackers to spoof servers and read encrypted domain credentials via a crafted certificateMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2DirectAccess in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly verify server X.509 certificates, which allows man-in-the-middle attackers to spoof servers and read encrypted domain credentials via a crafted certificate.Maria MikhnoDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Windows Vista (32-bit) Service Pack 1 is installedMicrosoft Windows VistaThe operating system installed on the system is Microsoft Windows Vista (32-bit) Service Pack 1Sudhir GandheDRAFTAndrew ButtnerINTERIMACCEPTEDTim HarrisonINTERIMTim HarrisonTim HarrisonACCEPTEDSudhir GandheINTERIMShane ShafferACCEPTEDACCEPTEDInternet explorer elevation of privilege vulnerability - CVE-2014-4124 (MS14-056)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-4123.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4138 (MS14-052)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4130 and CVE-2014-4132.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4092 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4098.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4089 (MS14-052)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4080, CVE-2014-4091, and CVE-2014-4102.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4087 (MS14-052)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4095, CVE-2014-4096, and CVE-2014-4101.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4111 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CVE-2014-4079, CVE-2014-4081, CVE-2014-4083, CVE-2014-4085, CVE-2014-4088, CVE-2014-4090, CVE-2014-4094, CVE-2014-4097, CVE-2014-4100, CVE-2014-4103, CVE-2014-4104, CVE-2014-4105, CVE-2014-4106, CVE-2014-4107, CVE-2014-4108, CVE-2014-4109, and CVE-2014-4110.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4106 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CVE-2014-4079, CVE-2014-4081, CVE-2014-4083, CVE-2014-4085, CVE-2014-4088, CVE-2014-4090, CVE-2014-4094, CVE-2014-4097, CVE-2014-4100, CVE-2014-4103, CVE-2014-4104, CVE-2014-4105, CVE-2014-4107, CVE-2014-4108, CVE-2014-4109, CVE-2014-4110, and CVE-2014-4111.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDLync Denial of Service vulnerability (CVE-2014-4068) - MS14-055Microsoft Windows 7Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows XPMicrosoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Lync Server 2013Microsoft Lync Server 2010The Response Group Service in Microsoft Lync Server 2010 and 2013 and the Core Components in Lync Server 2013 do not properly handle exceptions, which allows remote attackers to cause a denial of service (daemon hang) via a crafted call, aka "Lync Denial of Service Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4098 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4092.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4097 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CVE-2014-4079, CVE-2014-4081, CVE-2014-4083, CVE-2014-4085, CVE-2014-4088, CVE-2014-4090, CVE-2014-4094, CVE-2014-4100, CVE-2014-4103, CVE-2014-4104, CVE-2014-4105, CVE-2014-4106, CVE-2014-4107, CVE-2014-4108, CVE-2014-4109, CVE-2014-4110, and CVE-2014-4111.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4090 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CVE-2014-4079, CVE-2014-4081, CVE-2014-4083, CVE-2014-4085, CVE-2014-4088, CVE-2014-4094, CVE-2014-4097, CVE-2014-4100, CVE-2014-4103, CVE-2014-4104, CVE-2014-4105, CVE-2014-4106, CVE-2014-4107, CVE-2014-4108, CVE-2014-4109, CVE-2014-4110, and CVE-2014-4111.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer elevation of privilege vulnerability - CVE-2014-4123 (MS14-056)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," as exploited in the wild in October 2014, a different vulnerability than CVE-2014-4124.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4100 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CVE-2014-4079, CVE-2014-4081, CVE-2014-4083, CVE-2014-4085, CVE-2014-4088, CVE-2014-4090, CVE-2014-4094, CVE-2014-4097, CVE-2014-4103, CVE-2014-4104, CVE-2014-4105, CVE-2014-4106, CVE-2014-4107, CVE-2014-4108, CVE-2014-4109, CVE-2014-4110, and CVE-2014-4111.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-2799 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4059, CVE-2014-4065, CVE-2014-4079, CVE-2014-4081, CVE-2014-4083, CVE-2014-4085, CVE-2014-4088, CVE-2014-4090, CVE-2014-4094, CVE-2014-4097, CVE-2014-4100, CVE-2014-4103, CVE-2014-4104, CVE-2014-4105, CVE-2014-4106, CVE-2014-4107, CVE-2014-4108, CVE-2014-4109, CVE-2014-4110, and CVE-2014-4111.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4059 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2799, CVE-2014-4065, CVE-2014-4079, CVE-2014-4081, CVE-2014-4083, CVE-2014-4085, CVE-2014-4088, CVE-2014-4090, CVE-2014-4094, CVE-2014-4097, CVE-2014-4100, CVE-2014-4103, CVE-2014-4104, CVE-2014-4105, CVE-2014-4106, CVE-2014-4107, CVE-2014-4108, CVE-2014-4109, CVE-2014-4110, and CVE-2014-4111.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4083 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CVE-2014-4079, CVE-2014-4081, CVE-2014-4085, CVE-2014-4088, CVE-2014-4090, CVE-2014-4094, CVE-2014-4097, CVE-2014-4100, CVE-2014-4103, CVE-2014-4104, CVE-2014-4105, CVE-2014-4106, CVE-2014-4107, CVE-2014-4108, CVE-2014-4109, CVE-2014-4110, and CVE-2014-4111.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4079 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CVE-2014-4081, CVE-2014-4083, CVE-2014-4085, CVE-2014-4088, CVE-2014-4090, CVE-2014-4094, CVE-2014-4097, CVE-2014-4100, CVE-2014-4103, CVE-2014-4104, CVE-2014-4105, CVE-2014-4106, CVE-2014-4107, CVE-2014-4108, CVE-2014-4109, CVE-2014-4110, and CVE-2014-4111.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer resource information disclosure vulnerability - CVE-2013-7331 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers to determine the existence of local pathnames, UNC share pathnames, intranet hostnames, and intranet IP addresses by examining error codes, as demonstrated by a res:// URL, and exploited in the wild in February 2014.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTED.NET framework denial of service vulnerability - CVE-2014-4072 (MS14-053)Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows VistaMicrosoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft .NET Framework 1.1Microsoft .NET Framework 2.0Microsoft .NET Framework 3.0Microsoft .NET Framework 3.5.1Microsoft .NET Framework 4.0Microsoft .NET Framework 4.5Microsoft .NET Framework 4.5.1Microsoft .NET Framework 4.5.2Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly use a hash table for request data, which allows remote attackers to cause a denial of service (resource consumption and ASP.NET performance degradation) via crafted requests, aka ".NET Framework Denial of Service Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMINTERIMMicrosoft .NET Framework 4.5.2 is installedMicrosoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows VistaMicrosoft .NET Framework 4.5.2Microsoft .NET Framework 4.5.2 is installedSecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMINTERIMMicrosoft .NET Framework 3.0 SP2 is installedMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft .NET Framework 3.0Microsoft .NET Framework 3.0 SP2 is installedDragos PrisacaDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4080 (MS14-052)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4089, CVE-2014-4091, and CVE-2014-4102.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDLync Denial of Service vulnerability (CVE-2014-4071) - MS14-055Microsoft Windows 7Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows XPMicrosoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Lync Server 2013Microsoft Lync Server 2010The Server in Microsoft Lync Server 2013 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon hang) via a crafted request, aka "Lync Denial of Service Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Lync Server 2010 is installedMicrosoft Windows 7Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows XPMicrosoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Lync Server 2010Microsoft Lync Server 2010 is installedSecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Lync Server 2013 is installedMicrosoft Windows 7Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows XPMicrosoft Windows 8Microsoft Windows Server 2012Microsoft Lync Server 2013Microsoft Lync Server 2013 is installedSecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDAllows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web siteMicrosoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1773, CVE-2014-1783, CVE-2014-1784, CVE-2014-1786, CVE-2014-1795, CVE-2014-1805, CVE-2014-2758, CVE-2014-2759, CVE-2014-2765, CVE-2014-2766, and CVE-2014-2775.Maria MikhnoDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2774 (MS14-051)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2820, CVE-2014-2826, CVE-2014-2827, and CVE-2014-4063.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWin32k Elevation of Privilege vulnerability - CVE-2014-0318 (MS14-045)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly control access to thread-owned objects, which allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDTrueType font parsing remote code execution vulnerability - CVE-2014-4148 (MS14-058)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted TrueType font, as exploited in the wild in October 2014, aka "TrueType Font Parsing Remote Code Execution Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4109 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CVE-2014-4079, CVE-2014-4081, CVE-2014-4083, CVE-2014-4085, CVE-2014-4088, CVE-2014-4090, CVE-2014-4094, CVE-2014-4097, CVE-2014-4100, CVE-2014-4103, CVE-2014-4104, CVE-2014-4105, CVE-2014-4106, CVE-2014-4107, CVE-2014-4108, CVE-2014-4110, and CVE-2014-4111.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2784 (MS14-051)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4051.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2810 (MS14-051)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2811, CVE-2014-2822, CVE-2014-2823, and CVE-2014-4057.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2822 (MS14-051)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2810, CVE-2014-2811, CVE-2014-2823, and CVE-2014-4057.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-4058 (MS14-051)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDUnspecified vulnerability allows remote attackers to bypass Protected ModeMicrosoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to bypass Protected Mode and create arbitrary files by leveraging access to a Low integrity process, as demonstrated by Stephen Fewer as the third of three chained vulnerabilities during a Pwn2Own competition at CanSecWest 2011.Maria MikhnoDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-2782) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1773, CVE-2014-1783, CVE-2014-1784, CVE-2014-1786, CVE-2014-1795, CVE-2014-1805, CVE-2014-2758, CVE-2014-2759, CVE-2014-2765, CVE-2014-2766, and CVE-2014-2775.Maria MikhnoDRAFTINTERIMACCEPTEDACCEPTEDWindows installer repair vulnerability - CVE-2014-1814 (MS14-049)Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaThe Windows Installer in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application that invokes the repair feature for a different application, aka "Windows Installer Repair Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4102 (MS14-052)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4080, CVE-2014-4089, and CVE-2014-4091.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDFont Double-Fetch vulnerability - CVE-2014-1819 (MS14-045)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly control access to objects associated with font files, which allows local users to gain privileges via a crafted file, aka "Font Double-Fetch Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4110 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CVE-2014-4079, CVE-2014-4081, CVE-2014-4083, CVE-2014-4085, CVE-2014-4088, CVE-2014-4090, CVE-2014-4094, CVE-2014-4097, CVE-2014-4100, CVE-2014-4103, CVE-2014-4104, CVE-2014-4105, CVE-2014-4106, CVE-2014-4107, CVE-2014-4108, CVE-2014-4109, and CVE-2014-4111.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2817 (MS14-051)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2819 (MS14-051)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDSharePoint Page Content Vulnerability (CVE-2014-2816) - MS14-050Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows VistaMicrosoft Windows Server 2012 R2Microsoft SharePoint Foundation 2013Microsoft SharePoint Server 2013Microsoft SharePoint Server 2013 Gold and SP1 and SharePoint Foundation 2013 Gold and SP1 allow remote authenticated users to gain privileges via a Trojan horse app that executes a custom action in the context of the SharePoint extensibility model, aka "SharePoint Page Content Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-4050 (MS14-051)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2796, CVE-2014-2808, CVE-2014-2825, CVE-2014-4055, and CVE-2014-4067.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDLRPC ASLR Bypass Vulnerability - CVE-2014-0316 (MS14-047)Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Memory leak in the Local RPC (LRPC) server implementation in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to cause a denial of service (memory consumption) and bypass the ASLR protection mechanism via a crafted client that sends messages with an invalid data view, aka "LRPC ASLR Bypass Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2796 (MS14-051)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2808, CVE-2014-2825, CVE-2014-4050, CVE-2014-4055, and CVE-2014-4067.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-4055 (MS14-051)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2796, CVE-2014-2808, CVE-2014-2825, CVE-2014-4050, and CVE-2014-4067.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWindows OLE remote code execution vulnerability - CVE-2014-4114 (MS14-060)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object in an Office document, as exploited in the wild with a "Sandworm" attack in June through October 2014, aka "Windows OLE Remote Code Execution Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2825 (MS14-051)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2796, CVE-2014-2808, CVE-2014-4050, CVE-2014-4055, and CVE-2014-4067.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWindows kernel pool allocation vulnerability - CVE-2014-4064 (MS14-045)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly handle use of the paged kernel pool for allocation of uninitialized memory, which allows local users to obtain sensitive information about kernel addresses via a crafted application, aka "Windows Kernel Pool Allocation Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4091 (MS14-052)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4080, CVE-2014-4089, and CVE-2014-4102.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-4067 (MS14-051)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2796, CVE-2014-2808, CVE-2014-2825, CVE-2014-4050, and CVE-2014-4055.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2826 (MS14-051)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2774, CVE-2014-2820, CVE-2014-2827, and CVE-2014-4063.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-4063 (MS14-051)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2774, CVE-2014-2820, CVE-2014-2826, and CVE-2014-2827.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2827 (MS14-051)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2774, CVE-2014-2820, CVE-2014-2826, and CVE-2014-4063.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-4051 (MS14-051)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2784.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4094 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CVE-2014-4079, CVE-2014-4081, CVE-2014-4083, CVE-2014-4085, CVE-2014-4088, CVE-2014-4090, CVE-2014-4097, CVE-2014-4100, CVE-2014-4103, CVE-2014-4104, CVE-2014-4105, CVE-2014-4106, CVE-2014-4107, CVE-2014-4108, CVE-2014-4109, CVE-2014-4110, and CVE-2014-4111.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-4057 (MS14-051)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2810, CVE-2014-2811, CVE-2014-2822, and CVE-2014-2823.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet explorer memory corruption vulnerability - CVE-2014-4085 (MS14-052)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CVE-2014-4079, CVE-2014-4081, CVE-2014-4083, CVE-2014-4088, CVE-2014-4090, CVE-2014-4094, CVE-2014-4097, CVE-2014-4100, CVE-2014-4103, CVE-2014-4104, CVE-2014-4105, CVE-2014-4106, CVE-2014-4107, CVE-2014-4108, CVE-2014-4109, CVE-2014-4110, and CVE-2014-4111.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2811 (MS14-051)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2810, CVE-2014-2822, CVE-2014-2823, and CVE-2014-4057.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2820 (MS14-051)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2774, CVE-2014-2826, CVE-2014-2827, and CVE-2014-4063.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2808 (MS14-051)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2796, CVE-2014-2825, CVE-2014-4050, CVE-2014-4055, and CVE-2014-4067.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2823 (MS14-051)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2810, CVE-2014-2811, CVE-2014-2822, and CVE-2014-4057.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDArbitrary code executing via unknown vectors.Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors, as demonstrated by Stephen Fewer as the second of three chained vulnerabilities during a Pwn2Own competition at CanSecWest 2011.Maria MikhnoDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in the Oracle VM VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect confidentiality, integrity, and availabilityMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2VirtualBoxUnspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.1.34, 4.2.26, and 4.3.12 allows local users to affect confidentiality, integrity, and availability via vectors related to Graphics driver (WDDM) for Windows guests.Evgeniy PavlovDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2801 (MS14-037)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMMaria MikhnoACCEPTEDACCEPTEDWin32k Elevation of Privilege Vulnerability - CVE-2014-2781 (MS14-039)Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly restrict the exchange of keyboard and mouse data between programs at different integrity levels, which allows attackers to bypass intended access restrictions by leveraging control over a low-integrity process to launch the On-Screen Keyboard (OSK) and then upload a crafted application, aka "On-Screen Keyboard Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2802 (MS14-037)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2787, CVE-2014-2790, and CVE-2014-2806.SecPod TeamDRAFTINTERIMMaria MikhnoACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2800 (MS14-037)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2807 and CVE-2014-2809.SecPod TeamDRAFTINTERIMMaria MikhnoACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2786 (MS14-037)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2792 and CVE-2014-2813.SecPod TeamDRAFTINTERIMMaria MikhnoACCEPTEDACCEPTEDService Bus Denial of Service Vulnerability - CVE-2014-2814 (MS14-042)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Service Bus 1.1Microsoft Service Bus 1.1 on Microsoft Windows Server 2008 R2 SP1 and Server 2012 Gold and R2 allows remote authenticated users to cause a denial of service (AMQP messaging outage) via crafted AMQP messages, aka "Service Bus Denial of Service Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Service Bus 1.1 is installedMicrosoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Service Bus 1.1Microsoft Service Bus 1.1 is installedSecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2807 (MS14-037)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2800 and CVE-2014-2809.SecPod TeamDRAFTINTERIMMaria MikhnoACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2804 (MS14-037)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2789, CVE-2014-2795, and CVE-2014-2798.SecPod TeamDRAFTINTERIMMaria MikhnoACCEPTEDACCEPTEDDirectShow Elevation of Privilege Vulnerability - CVE-2014-2780 (MS14-041)Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows local users to gain privileges by leveraging control over a low-integrity process to execute a crafted application, aka "DirectShow Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2803 (MS14-037)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMMaria MikhnoACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-1765 (MS14-037)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Multiple use-after-free vulnerabilities in Microsoft Internet Explorer 6 through 11 allow remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at CanSecWest 2014.SecPod TeamDRAFTINTERIMMaria MikhnoACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2787 (MS14-037)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2790, CVE-2014-2802, and CVE-2014-2806.SecPod TeamDRAFTINTERIMMaria MikhnoACCEPTEDACCEPTEDUnspecified vulnerability in the Oracle VM VirtualBox before 4.1.34, 4.2.26, and 4.3.12 allows local users to affect confidentiality, integrity, and availabilityMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2VirtualBoxUnspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core.Evgeniy PavlovDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2809 (MS14-037)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2800 and CVE-2014-2807.SecPod TeamDRAFTINTERIMMaria MikhnoACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-1805) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1773, CVE-2014-1783, CVE-2014-1784, CVE-2014-1786, CVE-2014-1795, CVE-2014-2758, CVE-2014-2759, CVE-2014-2765, CVE-2014-2766, and CVE-2014-2775.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-1763 (MS14-037)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Use-after-free vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014.SecPod TeamDRAFTINTERIMMaria MikhnoACCEPTEDACCEPTEDUnspecified vulnerability in the Oracle VM VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect integrity and availabilityMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2VirtualBoxUnspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect integrity and availability via unknown vectors related to Core.Evgeniy PavlovDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-2755) - MS14-035Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1769, CVE-2014-1782, CVE-2014-1785, CVE-2014-2753, CVE-2014-2760, CVE-2014-2761, CVE-2014-2772, and CVE-2014-2776.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-2758) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1773, CVE-2014-1783, CVE-2014-1784, CVE-2014-1786, CVE-2014-1795, CVE-2014-1805, CVE-2014-2759, CVE-2014-2765, CVE-2014-2766, and CVE-2014-2775.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDExtended Validation (EV) Certificate Security Feature Bypass Vulnerability - CVE-2014-2783 (MS14-037)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2003Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 7 through 11 does not prevent use of wildcard EV SSL certificates, which might allow remote attackers to spoof a trust level by leveraging improper issuance of a wildcard certificate by a recognized Certification Authority, aka "Extended Validation (EV) Certificate Security Feature Bypass Vulnerability."SecPod TeamDRAFTINTERIMMaria MikhnoACCEPTEDACCEPTEDUnspecified vulnerability in the Oracle VM VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect confidentialityMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2VirtualBoxUnspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect confidentiality via unknown vectors related to Core.Evgeniy PavlovDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-1772) - MS14-035Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1780, CVE-2014-1794, CVE-2014-1797, CVE-2014-1802, CVE-2014-2756, CVE-2014-2763, CVE-2014-2764, CVE-2014-2769, and CVE-2014-2771.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in the Oracle VM VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect integrity and availabilityMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2VirtualBoxUnspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect integrity and availability via unknown vectors related to Core.Evgeniy PavlovDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-1766) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at CanSecWest 2014. NOTE: the original disclosure referred to triggering a kernel bug with the Internet Explorer exploit payload, but this ID is not for a kernel vulnerability.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Information Disclosure Vulnerability (CVE-2014-1777) - MS14-035Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to read local files on the client via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-2771) - MS14-035Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1772, CVE-2014-1780, CVE-2014-1794, CVE-2014-1797, CVE-2014-1802, CVE-2014-2756, CVE-2014-2763, CVE-2014-2764, and CVE-2014-2769.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2813 (MS14-037)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2786 and CVE-2014-2792.SecPod TeamDRAFTINTERIMMaria MikhnoACCEPTEDACCEPTEDInternet Explorer Elevation of Privilege Vulnerability (CVE-2014-1764) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism by leveraging "object confusion" in a broker process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDVulnerability in Microsoft XML Core Services could allow information disclosure (CVE-2014-1816) - MS14-033Microsoft Windows 7Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows XPMicrosoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 8Microsoft Windows 8.1Microsoft XML Core Services 3Microsoft XML Core Services 6Microsoft XML Core Services (aka MSXML) 3.0 and 6.0 does not properly restrict the information transmitted by Internet Explorer during a download action, which allows remote attackers to discover (1) full pathnames on the client system and (2) local usernames embedded in these pathnames via a crafted web site, aka "MSXML Entity URI Vulnerability."SecPod TeamDRAFTSaurabh KumarINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMicrosoft XML Core Services 6 is installedMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft XML Core Services 6Microsoft XML Core Services 6 is installed.Robert L. HollisDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-2760) - MS14-035Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1769, CVE-2014-1782, CVE-2014-1785, CVE-2014-2753, CVE-2014-2755, CVE-2014-2761, CVE-2014-2772, and CVE-2014-2776.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-1800) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-2772) - MS14-035Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1769, CVE-2014-1782, CVE-2014-1785, CVE-2014-2753, CVE-2014-2755, CVE-2014-2760, CVE-2014-2761, and CVE-2014-2776.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-2776) - MS14-035Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1769, CVE-2014-1782, CVE-2014-1785, CVE-2014-2753, CVE-2014-2755, CVE-2014-2760, CVE-2014-2761, and CVE-2014-2772.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-2759) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1773, CVE-2014-1783, CVE-2014-1784, CVE-2014-1786, CVE-2014-1795, CVE-2014-1805, CVE-2014-2758, CVE-2014-2765, CVE-2014-2766, and CVE-2014-2775.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMemory corruption vulnerability in Internet Explorer (CVE-2014-1779) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 and 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in the Oracle VM VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.14 allows local users to affect confidentialityMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2VirtualBoxUnspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.14, when running on Windows, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-4261.Evgeniy PavlovDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-1780) - MS14-035Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1772, CVE-2014-1794, CVE-2014-1797, CVE-2014-1802, CVE-2014-2756, CVE-2014-2763, CVE-2014-2764, CVE-2014-2769, and CVE-2014-2771.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-2757) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0282, CVE-2014-1775, CVE-2014-1779, CVE-2014-1799, and CVE-2014-1803.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2790 (MS14-037)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2787, CVE-2014-2802, and CVE-2014-2806.SecPod TeamDRAFTINTERIMMaria MikhnoACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-1773) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1783, CVE-2014-1784, CVE-2014-1786, CVE-2014-1795, CVE-2014-1805, CVE-2014-2758, CVE-2014-2759, CVE-2014-2765, CVE-2014-2766, and CVE-2014-2775.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-0282) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1775, CVE-2014-1779, CVE-2014-1799, CVE-2014-1803, and CVE-2014-2757.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2792 (MS14-037)Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2786 and CVE-2014-2813.SecPod TeamDRAFTINTERIMMaria MikhnoACCEPTEDACCEPTEDVulnerability in TCP Protocol could allow denial of service - CVE-2014-1811 (MS14-031)Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows VistaMicrosoft Windows 8.1Microsoft Windows Server 2012 R2The TCP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to cause a denial of service (non-paged pool memory consumption and system hang) via malformed data in the Options field of a TCP header, aka "TCP Denial of Service Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-2756) - MS14-035Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1772, CVE-2014-1780, CVE-2014-1794, CVE-2014-1797, CVE-2014-1802, CVE-2014-2763, CVE-2014-2764, CVE-2014-2769, and CVE-2014-2771.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-2766) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1773, CVE-2014-1783, CVE-2014-1784, CVE-2014-1786, CVE-2014-1795, CVE-2014-1805, CVE-2014-2758, CVE-2014-2759, CVE-2014-2765, and CVE-2014-2775.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-1779) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0282, CVE-2014-1775, CVE-2014-1799, CVE-2014-1803, and CVE-2014-2757.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-2765) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1773, CVE-2014-1783, CVE-2014-1784, CVE-2014-1786, CVE-2014-1795, CVE-2014-1805, CVE-2014-2758, CVE-2014-2759, CVE-2014-2766, and CVE-2014-2775.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-1783) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1773, CVE-2014-1784, CVE-2014-1786, CVE-2014-1795, CVE-2014-1805, CVE-2014-2758, CVE-2014-2759, CVE-2014-2765, CVE-2014-2766, and CVE-2014-2775.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2798 (MS14-037)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2789, CVE-2014-2795, and CVE-2014-2804.SecPod TeamDRAFTINTERIMMaria MikhnoACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-1771) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11SChannel in Microsoft Internet Explorer 6 through 11 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle attackers to obtain sensitive information or modify TLS session data via a "triple handshake attack," aka "TLS Server Certificate Renegotiation Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-1802) - MS14-035Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1772, CVE-2014-1780, CVE-2014-1794, CVE-2014-1797, CVE-2014-2756, CVE-2014-2763, CVE-2014-2764, CVE-2014-2769, and CVE-2014-2771.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in the Oracle VM VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.14 allows local users to affect confidentiality, integrity, and availabilityMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2VirtualBoxUnspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.14 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-2487.Evgeniy PavlovDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-1785) - MS14-035Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1769, CVE-2014-1782, CVE-2014-2753, CVE-2014-2755, CVE-2014-2760, CVE-2014-2761, CVE-2014-2772, and CVE-2014-2776.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-1782) - MS14-035Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1769, CVE-2014-1785, CVE-2014-2753, CVE-2014-2755, CVE-2014-2760, CVE-2014-2761, CVE-2014-2772, and CVE-2014-2776.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-2764) - MS14-035Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1772, CVE-2014-1780, CVE-2014-1794, CVE-2014-1797, CVE-2014-1802, CVE-2014-2756, CVE-2014-2763, CVE-2014-2769, and CVE-2014-2771.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-1762) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Unspecified vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code with medium-integrity privileges and bypass a sandbox protection mechanism via unknown vectors, as demonstrated by ZDI during a Pwn4Fun competition at CanSecWest 2014.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-1784) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1773, CVE-2014-1783, CVE-2014-1786, CVE-2014-1795, CVE-2014-1805, CVE-2014-2758, CVE-2014-2759, CVE-2014-2765, CVE-2014-2766, and CVE-2014-2775.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-1775) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0282, CVE-2014-1779, CVE-2014-1799, CVE-2014-1803, and CVE-2014-2757.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDRDP MAC Vulnerability (CVE-2014-0296) - MS14-030Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 7Microsoft Windows 8.1Microsoft Windows Server 2012 R2The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly encrypt sessions, which makes it easier for man-in-the-middle attackers to obtain sensitive information by sniffing the network or modify session content by sending crafted RDP packets, aka "RDP MAC Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWeb Applications Page Content Vulnerability (CVE-2014-1813) - MS14-022Microsoft Windows 7Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 8Microsoft Office Web Apps 2010Microsoft Web Applications 2010 SP1 and SP2 allows remote authenticated users to execute arbitrary code via crafted page content, aka "Web Applications Page Content Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Office Web Apps 2010 Service Pack 2 is installedMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows VistaMicrosoft Windows XPMicrosoft Office Web Apps 2010Microsoft Office Web Apps 2010 Service Pack 2 is installedSecPod TeamDRAFTMaria KedovskayaINTERIMACCEPTEDEvgeniy PavlovINTERIMACCEPTEDACCEPTEDMicrosoft Office Web Apps 2010 Service Pack 1 is installedMicrosoft Windows 7Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows XPMicrosoft Office Web Apps 2010Microsoft Office Web Apps 2010 Service Pack 1 is installedSecPod TeamDRAFTINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDEvgeniy PavlovINTERIMACCEPTEDACCEPTEDMicrosoft Office Web Apps 2010 is installedMicrosoft Windows 2000Microsoft Windows 7Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows VistaMicrosoft Windows XPMicrosoft Office Web Apps 2010Microsoft Office Web Apps 2010 is installedSecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-1785) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1773, CVE-2014-1783, CVE-2014-1784, CVE-2014-1795, CVE-2014-1805, CVE-2014-2758, CVE-2014-2759, CVE-2014-2765, CVE-2014-2766, and CVE-2014-2775.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2789 (MS14-037)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2795, CVE-2014-2798, and CVE-2014-2804.SecPod TeamDRAFTINTERIMMaria MikhnoACCEPTEDACCEPTEDInternet Explorer Memory corruption vulnerability (CVE-2014-1776) - MS14-021Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. NOTE: this issue originally emphasized VGX.DLL, but Microsoft clarified that "VGX.DLL does not contain the vulnerable code leveraged in this exploit. Disabling VGX.DLL is an exploit-specific workaround that provides an immediate, effective workaround to help block known attacks."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-2777) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary web script with increased privileges via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-1778.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability (CVE-2014-1815) - MS14-029Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as exploited in the wild in May 2014, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0310.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDVulnerability in .NET Framework could allow elevation of privilege - MS14-026Microsoft Windows XPMicrosoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft .NET Framework 1.1Microsoft .NET Framework 2.0Microsoft .NET Framework 3.5Microsoft .NET Framework 3.5.1Microsoft .NET Framework 4.0Microsoft .NET Framework 4.5Microsoft .NET Framework 4.5.1The .NET Remoting implementation in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly restrict memory access, which allows remote attackers to execute arbitrary code via vectors involving malformed objects, aka "TypeFilterLevel Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-1769) - MS14-035Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1782, CVE-2014-1785, CVE-2014-2753, CVE-2014-2755, CVE-2014-2760, CVE-2014-2761, CVE-2014-2772, and CVE-2014-2776.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.1.32, 4.2.24, and 4.3.10Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2VirtualBoxUnspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.1.32, 4.2.24, and 4.3.10 allows local users to affect confidentiality, integrity, and availability via vectors related to Graphics driver (WDDM) for Windows guests.Maria MikhnoDRAFTINTERIMACCEPTEDACCEPTEDAncillary Function Driver Elevation of Privilege Vulnerability - CVE-2014-1767 (MS14-040)Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows 7Double free vulnerability in the Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-1803) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0282, CVE-2014-1775, CVE-2014-1779, CVE-2014-1799, and CVE-2014-2757.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDWindows Shell File Association Vulnerability - CVE-2014-1807 (MS14-027)Microsoft Windows Server 2003Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2The ShellExecute API in Windows Shell in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly implement file associations, which allows local users to gain privileges via a crafted application, as exploited in the wild in May 2014, aka "Windows Shell File Association Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-1794) - MS14-035Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1772, CVE-2014-1780, CVE-2014-1797, CVE-2014-1802, CVE-2014-2756, CVE-2014-2763, CVE-2014-2764, CVE-2014-2769, and CVE-2014-2771.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability (CVE-2014-1760) - MS14-018Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-2761) - MS14-035Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1769, CVE-2014-1782, CVE-2014-1785, CVE-2014-2753, CVE-2014-2755, CVE-2014-2760, CVE-2014-2772, and CVE-2014-2776.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-1778) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary web script with increased privileges via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-2777.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2795 (MS14-037)Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2789, CVE-2014-2798, and CVE-2014-2804.SecPod TeamDRAFTINTERIMMaria MikhnoACCEPTEDACCEPTEDSharePoint XSS Vulnerability (CVE-2014-1754) - MS14-022Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows VistaMicrosoft Windows Server 2012 R2Microsoft SharePoint Foundation 2013Microsoft SharePoint Server 2013Microsoft Office Web Apps Server 2013Microsoft SharePoint Server 2013 Client Components SDKCross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2013 Gold and SP1, SharePoint Foundation 2013 Gold and SP1, Office Web Apps Server 2013 Gold and SP1, and SharePoint Server 2013 Client Components SDK allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "SharePoint XSS Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft SharePoint Server 2013 Client Components SDK is installedMicrosoft Windows 7Microsoft Windows 8Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft SharePoint Server 2013 Client Components SDKMicrosoft SharePoint Server 2013 Client Components SDK is installedSecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft SharePoint Foundation 2013 SP1 is installedMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft SharePoint Foundation 2013Microsoft SharePoint Foundation 2013 SP1 is installedSecPod TeamDRAFTINTERIMACCEPTEDEvgeniy PavlovINTERIMACCEPTEDACCEPTEDMicrosoft Office Web Apps Server 2013 SP1 is installedMicrosoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Office Web Apps Server 2013Microsoft Office Web Apps Server 2013 SP1 is installedSecPod TeamDRAFTMaria MikhnoINTERIMACCEPTEDEvgeniy PavlovINTERIMACCEPTEDACCEPTEDMicrosoft SharePoint Server 2013 SP1 is installedMicrosoft Windows 7Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft SharePoint Server 2013Microsoft SharePoint Server 2013 SP1 is installedSecPod TeamDRAFTINTERIMACCEPTEDEvgeniy PavlovINTERIMACCEPTEDACCEPTEDMicrosoft Office Web Apps Server 2013 is installedMicrosoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Office Web Apps Server 2013Microsoft Office Web Apps Server 2013 is installedSecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft SharePoint Foundation 2013 is installedMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows VistaMicrosoft SharePoint Foundation 2013Microsoft SharePoint Foundation 2013 is installedSecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft SharePoint Server 2013 is installedMicrosoft Windows 7Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows VistaMicrosoft SharePoint Server 2013Microsoft SharePoint Server 2013 is installedSecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer memory corruption vulnerability (CVE-2014-0310) - MS14-029Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1815.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-2763) - MS14-035Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1772, CVE-2014-1780, CVE-2014-1794, CVE-2014-1797, CVE-2014-1802, CVE-2014-2756, CVE-2014-2764, CVE-2014-2769, and CVE-2014-2771.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDWindows file handling vulnerability - CVE-2014-0315 (MS14-019)Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a Trojan horse cmd.exe file in the current working directory, as demonstrated by a directory that contains a .bat or .cmd file, aka "Windows File Handling Vulnerability."SecPod TeamDRAFTPooja ShettyINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-1797) - MS14-035Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1772, CVE-2014-1780, CVE-2014-1794, CVE-2014-1802, CVE-2014-2756, CVE-2014-2763, CVE-2014-2764, CVE-2014-2769, and CVE-2014-2771.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDGroup Policy Preferences Password Elevation of Privilege Vulnerability - CVE-2014-1812 (MS14-025)Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2The Group Policy implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly handle distribution of passwords, which allows remote authenticated users to obtain sensitive credential information and consequently gain privileges by leveraging access to the SYSVOL share, as exploited in the wild in May 2014, aka "Group Policy Preferences Password Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability - CVE-2014-2806 (MS14-037)Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2787, CVE-2014-2790, and CVE-2014-2802.SecPod TeamDRAFTINTERIMMaria MikhnoACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-2775) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1773, CVE-2014-1783, CVE-2014-1784, CVE-2014-1786, CVE-2014-1795, CVE-2014-1805, CVE-2014-2758, CVE-2014-2759, CVE-2014-2765, and CVE-2014-2766.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-1770) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript code that interacts improperly with a CollectGarbage function call on a CMarkup object allocated by the CMarkup::CreateInitialMarkup function.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-2753) - MS14-035Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1769, CVE-2014-1782, CVE-2014-1785, CVE-2014-2755, CVE-2014-2760, CVE-2014-2761, CVE-2014-2772, and CVE-2014-2776.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDVulnerability in the VirtualBox component in Oracle VirtualBox 4.2.x through 4.2.20 and 4.3.x before 4.3.8 when using 3D Acceleration, allow local guest OS users to execute arbitrary code on the Chromium server (CVE-2014-0981)Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2VirtualBoxVBox/GuestHost/OpenGL/util/net.c in Oracle VirtualBox before 3.2.22, 4.0.x before 4.0.24, 4.1.x before 4.1.32, 4.2.x before 4.2.24, and 4.3.x before 4.3.8, when using 3D Acceleration allows local guest OS users to execute arbitrary code on the Chromium server via crafted Chromium network pointer in a (1) CR_MESSAGE_READBACK or (2) CR_MESSAGE_WRITEBACK message to the VBoxSharedCrOpenGL service, which triggers an arbitrary pointer dereference and memory corruption. NOTE: this issue was MERGED with CVE-2014-0982 because it is the same type of vulnerability affecting the same set of versions. All CVE users should reference CVE-2014-0981 instead of CVE-2014-0982.Maria KedovskayaDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-1799) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0282, CVE-2014-1775, CVE-2014-1779, CVE-2014-1803, and CVE-2014-2757.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-2769) - MS14-035Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1772, CVE-2014-1780, CVE-2014-1794, CVE-2014-1797, CVE-2014-1802, CVE-2014-2756, CVE-2014-2763, CVE-2014-2764, and CVE-2014-2771.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDVulnerability in the VirtualBox component in Oracle VirtualBox 4.2.x through 4.2.20 and 4.3.x before 4.3.8 when using 3D Acceleration, allow local guest OS users to execute arbitrary code on the Chromium server (CVE-2014-0983)Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2VirtualBoxMultiple array index errors in programs that are automatically generated by VBox/HostServices/SharedOpenGL/crserverlib/server_dispatch.py in Oracle VirtualBox 4.2.x through 4.2.20 and 4.3.x before 4.3.8, when using 3D Acceleration, allow local guest OS users to execute arbitrary code on the Chromium server via certain CR_MESSAGE_OPCODES messages with a crafted index, which are not properly handled by the (1) CR_VERTEXATTRIB4NUBARB_OPCODE to the crServerDispatchVertexAttrib4NubARB function, (2) CR_VERTEXATTRIB1DARB_OPCODE to the crServerDispatchVertexAttrib1dARB function, (3) CR_VERTEXATTRIB1FARB_OPCODE to the crServerDispatchVertexAttrib1fARB function, (4) CR_VERTEXATTRIB1SARB_OPCODE to the crServerDispatchVertexAttrib1sARB function, (5) CR_VERTEXATTRIB2DARB_OPCODE to the crServerDispatchVertexAttrib2dARB function, (6) CR_VERTEXATTRIB2FARB_OPCODE to the crServerDispatchVertexAttrib2fARB function, (7) CR_VERTEXATTRIB2SARB_OPCODE to the crServerDispatchVertexAttrib2sARB function, (8) CR_VERTEXATTRIB3DARB_OPCODE to the crServerDispatchVertexAttrib3dARB function, (9) CR_VERTEXATTRIB3FARB_OPCODE to the crServerDispatchVertexAttrib3fARB function, (10) CR_VERTEXATTRIB3SARB_OPCODE to the crServerDispatchVertexAttrib3sARB function, (11) CR_VERTEXATTRIB4DARB_OPCODE to the crServerDispatchVertexAttrib4dARB function, (12) CR_VERTEXATTRIB4FARB_OPCODE to the crServerDispatchVertexAttrib4fARB function, and (13) CR_VERTEXATTRIB4SARB_OPCODE to the crServerDispatchVertexAttrib4sARB function.Maria KedovskayaDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-1795) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1773, CVE-2014-1783, CVE-2014-1784, CVE-2014-1786, CVE-2014-1805, CVE-2014-2758, CVE-2014-2759, CVE-2014-2765, CVE-2014-2766, and CVE-2014-2775.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Elevation of Privilege Vulnerability (CVE-2014-1791) - MS14-035Microsoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMicrosoft Windows Server 2003 for Itanium is installedMicrosoft Windows Server 2003A version of Microsoft Windows Server 2003 for Itanium is
installed.Sudhir GandheINTERIMACCEPTEDAndrew ButtnerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDDavid RothenbergINTERIMACCEPTEDDragos PrisacaINTERIMACCEPTEDDragos PrisacaINTERIMACCEPTEDACCEPTEDMicrosoft Windows Server 2003 is installedMicrosoft Windows Server 2003The operating system installed on the system is Microsoft Windows Server
2003.Andrew ButtnerACCEPTEDJonathan BakerINTERIMACCEPTEDAndrew ButtnerINTERIMACCEPTEDTim
HarrisonINTERIMTim
HarrisonTim
HarrisonACCEPTEDDragos PrisacaINTERIMACCEPTEDACCEPTEDiSCSI Target Remote Denial of Service Vulnerability (CVE-2014-0255) - MS14-028Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allow remote attackers to cause a denial of service (iSCSI service outage) by sending many crafted packets, aka "iSCSI Target Remote Denial of Service Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-0297) - MS14-012Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0308, CVE-2014-0312, and CVE-2014-0324.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDWin32k Information Disclosure Vulnerability - CVE-2014-0323 (MS14-015)Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (system hang) via a crafted application, aka "Win32k Information Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-0312) - MS14-012Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0297, CVE-2014-0308, and CVE-2014-0324.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-0305) - MS14-012Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0299 and CVE-2014-0311.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-0299) - MS14-012Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0305 and CVE-2014-0311.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMemory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0285) - MS14-010Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0275 and CVE-2014-0286.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMemory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0267) - MS14-010Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 8.1Microsoft Windows 7Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0289 and CVE-2014-0290.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-0304) - MS14-012Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8.1Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-0298) - MS14-012Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMemory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0286) - MS14-010Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0275 and CVE-2014-0285.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDDirectShow Memory Corruption Vulnerability - CVE-2014-0301 (MS14-013)Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Double free vulnerability in qedit.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via a crafted JPEG image, aka "DirectShow Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Windows XP SP2 (64-bit) is installedMicrosoft Windows XPThe operating system installed on the system is Microsoft Windows XP SP2 (64-bit).Robert L. HollisDRAFTINTERIMACCEPTEDAndrew ButtnerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDSudhir GandheINTERIMShane ShafferACCEPTEDACCEPTEDMicrosoft Windows XP is installedMicrosoft Windows XPThe operating system installed on the system is Microsoft Windows XP.Andrew ButtnerACCEPTEDJonathan BakerINTERIMACCEPTEDAndrew ButtnerINTERIMACCEPTEDTim HarrisonINTERIMTim HarrisonTim HarrisonACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-0308) - MS14-012Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0297, CVE-2014-0312, and CVE-2014-0324.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-0313) - MS14-012Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0321.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMemory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0288) - MS14-010Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0270, CVE-2014-0273, and CVE-2014-0274.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDType Traversal Vulnerability (CVE-2014-0257) - MS14-009Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows VistaMicrosoft Windows XPMicrosoft .NET Framework 1.1Microsoft .NET Framework 2.0Microsoft .NET Framework 3.0Microsoft .NET Framework 3.5Microsoft .NET Framework 3.5.1Microsoft .NET Framework 4.0Microsoft .NET Framework 4.5Microsoft .NET Framework 4.5.1Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine whether it is safe to execute a method, which allows remote attackers to execute arbitrary code via (1) a crafted web site or (2) a crafted .NET Framework application that exposes a COM server endpoint, aka "Type Traversal Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Elevation of Privilege Vulnerability (CVE-2014-0268) - MS14-010Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 does not properly restrict file installation and registry-key creation, which allows remote attackers to bypass the Mandatory Integrity Control protection mechanism via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMemory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0287) - MS14-010Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0281.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMicrosoft graphics component memory corruption vulnerability (CVE-2014-0263) - MS14-007Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Windows Server 2008 R2Microsoft Windows Server 2012The Direct2D implementation in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a large 2D geometric figure that is encountered with Internet Explorer, aka "Microsoft Graphics Component Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMemory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0281) - MS14-010Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0287.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in the VirtualBox component in Oracle Virtualization VirtualBox 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability, a different vulnerability than CVE-2014-0404Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2VirtualBoxUnspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0404.Maria KedovskayaDRAFTINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in the VirtualBox component in Oracle Virtualization VirtualBox 3.2.20, 4.0.22, 4.1.30, 4.2.22, and 4.3.6 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core.Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2VirtualBoxUnspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.22, and 4.3.6 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core.Maria KedovskayaDRAFTINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in the VirtualBox component in Oracle Virtualization VirtualBox 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability, a different vulnerability than CVE-2014-0406Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2VirtualBoxUnspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0406.Maria KedovskayaDRAFTINTERIMACCEPTEDACCEPTEDMemory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0273) - MS14-010Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0270, CVE-2014-0274, and CVE-2014-0288.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMemory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0269) - MS14-010Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMemory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0274) - MS14-010Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0270, CVE-2014-0273, and CVE-2014-0288.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMemory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0270) - MS14-010Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0273, CVE-2014-0274, and CVE-2014-0288.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDVulnerability in Microsoft XML Core Services could allow information disclosure (CVE-2014-0266) - MS14-005Microsoft Windows 7Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows XPMicrosoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 8Microsoft Windows 8.1Microsoft XML Core Services 3.0The XMLHTTP ActiveX controls in XML Core Services 3.0 in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to bypass the Same Origin Policy via a web page that is visited in Internet Explorer, aka "MSXML Information Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDSaurabh KumarINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMicrosoft XML Core Services 3 is installedMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft XML Core Services 3Microsoft XML Core Services 3 is installed.Robert L. HollisDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-0321) - MS14-012Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0313.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Cross-domain Information Disclosure Vulnerability - CVE-2014-0293 - MS14-010Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDPOST Request DoS Vulnerability (CVE-2014-0253) - MS14-009Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows VistaMicrosoft Windows XPMicrosoft .NET Framework 1.1Microsoft .NET Framework 2.0Microsoft .NET Framework 3.0Microsoft .NET Framework 3.5.1Microsoft .NET Framework 4.0Microsoft .NET Framework 4.5Microsoft .NET Framework 4.5.1Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine TCP connection states, which allows remote attackers to cause a denial of service (ASP.NET daemon hang) via crafted HTTP requests that trigger persistent resource consumption for a (1) stale or (2) closed connection, as exploited in the wild in February 2014, aka "POST Request DoS Vulnerability."SecPod TeamDRAFTINTERIMMaria MikhnoKumarswamy SACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMicrosoft .NET Framework 4.0 is installedMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows 7Microsoft .NET Framework 4.0Microsoft .NET Framework 4.0 is installedDragos PrisacaDRAFTINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDJosh TurpinINTERIMJosh TurpinACCEPTEDINTERIMDragos PrisacaACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMicrosoft .NET Framework 2.0 Service Pack 2 is installedMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft .NET Framework 2.0Microsoft .NET Framework 2.0 Service Pack 2 is installedDragos PrisacaDRAFTINTERIMACCEPTEDJosh TurpinINTERIMACCEPTEDJosh TurpinINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMicrosoft .NET Framework 4.5.1 is installedMicrosoft Windows 8.1Microsoft Windows 8Microsoft Windows 7Microsoft Windows VistaMicrosoft Windows Server 2012 R2Microsoft Windows Server 2012Microsoft Windows Server 2008 R2Microsoft Windows Server 2008Microsoft .NET Framework 4.5.1Microsoft .NET Framework 4.5.1 is installedMaria KedovskayaDRAFTPooja ShettyINTERIMACCEPTEDACCEPTEDMicrosoft .NET Framework 1.1 Service Pack 1 is InstalledMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft .NET Framework 1.1Microsoft .NET Framework 1.1 Service Pack 1 is InstalledSudhir GandheDRAFTINTERIMACCEPTEDACCEPTEDNate PrzybyszewskiINTERIMACCEPTEDChandan SINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMicrosoft .NET Framework 4.5 is installedMicrosoft Windows 7Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft .NET Framework 4.5Microsoft .NET Framework 4.5 is installedSecPod TeamDRAFTINTERIMSergey ArtykhovACCEPTEDACCEPTEDMicrosoft .NET Framework 3.5 SP1 is installedMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft .NET Framework 3.5Microsoft .NET Framework 3.5 SP1 is installedJosh TurpinDRAFTINTERIMACCEPTEDINTERIMDragos PrisacaACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-0324) - MS14-012Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0297, CVE-2014-0308, and CVE-2014-0312.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2014-0311) - MS14-012Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0299 and CVE-2014-0305.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDVBScript Memory Corruption Vulnerability (CVE-2014-0271) - MS14-010, MS14-011Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows 7Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows XPMicrosoft Windows Server 2012Microsoft Windows Server 2012 R2VBScript 5.6VBScript 5.7VBScript 5.8Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11The VBScript engine in Microsoft Internet Explorer 6 through 11, and VBScript 5.6 through 5.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDVBScript 5.7 is installedMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012VBScript 5.7VBScript 5.7 is installed.Maria MikhnoDRAFTINTERIMACCEPTEDACCEPTEDVBScript 5.6 is installedMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012VBScript 5.6VBScript 5.6 is installed.Maria MikhnoDRAFTINTERIMACCEPTEDACCEPTEDVBScript 5.8 is installedMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows 8Microsoft Windows Server 2012VBScript 5.8VBScript 5.8 is installed.Maria MikhnoDRAFTINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in the VirtualBox component in Oracle Virtualization VirtualBox 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availabilityMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2VirtualBoxUnspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core.Maria KedovskayaDRAFTINTERIMACCEPTEDACCEPTEDMemory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0275) - MS14-010Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0285 and CVE-2014-0286.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMemory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0290) - MS14-010Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 8.1Microsoft Windows 7Microsoft Internet Explorer 11Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0267 and CVE-2014-0289.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDWin32k Elevation of Privilege Vulnerability - CVE-2014-0300 (MS14-015)Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Windows 8.1 (x64) is installedMicrosoft Windows 8.1The operating system installed on the system is Microsoft Windows 8.1 x64Maria KedovskayaDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Windows 8.1 (x86) is installedMicrosoft Windows 8.1The operating system installed on the system is Microsoft Windows 8.1 x86Maria KedovskayaDRAFTINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in the VirtualBox component in Oracle Virtualization VirtualBox 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availabilityMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2VirtualBoxUnspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core.Maria KedovskayaDRAFTINTERIMACCEPTEDACCEPTEDVirtualBox is installedMicrosoft Windows 2000Microsoft Windows 7Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows VistaMicrosoft Windows XPVirtualBoxVirtualBox is installedSecPod TeamDRAFTINTERIMACCEPTEDJosh TurpinINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2013-5048) - MS13-097Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-5047.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDWin32k Integer Overflow Vulnerability (CVE-2013-5058) - MS13-101Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Integer overflow in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows local users to gain privileges via a crafted application, aka "Win32k Integer Overflow Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDWinVerifyTrust Signature Validation Vulnerability (CVE-2013-3900) - MS13-098Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate PE file digests during Authenticode signature verification, which allows remote attackers to execute arbitrary code via a crafted PE file, aka "WinVerifyTrust Signature Validation Vulnerability."SecPod TeamDRAFTINTERIMINTERIMACCEPTEDACCEPTEDMicrosoft Windows 8 is installedMicrosoft Windows 8The operating system installed on the system is Microsoft Windows 8.Shane ShafferDRAFTINTERIMACCEPTEDACCEPTEDTrueType Font Parsing Vulnerability (CVE-2013-3903) - MS13-101Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to cause a denial of service (reboot) via a crafted TrueType font (TTF) file, aka "TrueType Font Parsing Vulnerability."SecPod TeamDRAFTINTERIMINTERIMACCEPTEDACCEPTEDSignalR XSS Vulnerability (CVE-2013-5042) - MS13-103Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Visual Studio Team Foundation ServerCross-site scripting (XSS) vulnerability in Microsoft ASP.NET SignalR 1.1.x before 1.1.4 and 2.0.x before 2.0.1, and Visual Studio Team Foundation Server 2013, allows remote attackers to inject arbitrary web script or HTML via crafted Forever Frame transport protocol data, aka "SignalR XSS Vulnerability."SecPod TeamDRAFTINTERIMINTERIMACCEPTEDACCEPTEDMicrosoft Visual Studio Team Foundation Server 2013 is installedMicrosoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows Server 2012Microsoft Visual Studio Team Foundation ServerMicrosoft Visual Studio Team Foundation Server 2013 is installedSecPod TeamDRAFTINTERIMINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2013-5051) - MS13-097Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Elevation of Privilege Vulnerability (CVE-2013-5046) - MS13-097Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 7 through 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka "Internet Explorer Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUse-After-Free Vulnerability in Microsoft Scripting Runtime Object Library (CVE-2013-5056) - MS13-099Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Use-after-free vulnerability in the Scripting Runtime Object Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site that is visited with Internet Explorer, aka "Use-After-Free Vulnerability in Microsoft Scripting Runtime Object Library."SecPod TeamDRAFTINTERIMINTERIMACCEPTEDACCEPTEDInternet Explorer Memory Corruption Vulnerability (CVE-2013-5047) - MS13-097Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-5048.SecPod TeamDRAFTINTERIMINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDInternet Explorer Elevation of Privilege Vulnerability (CVE-2013-5045) - MS13-097Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 10 and 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka "Internet Explorer Elevation of Privilege Vulnerability."SecPod TeamDRAFTINTERIMINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMemory corruption vulnerability in Microsoft Internet Explorer (CVE-2013-3915) - MS13-088Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows XPMicrosoft Windows VistaMicrosoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3917.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMemory corruption vulnerability in Microsoft Internet Explorer (CVE-2013-3912) - MS13-088Microsoft Windows 7Microsoft Windows 8Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows 8.1Microsoft Windows Server 2012 R2Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3916.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMemory corruption vulnerability in Microsoft Internet Explorer (CVE-2013-3917) - MS13-088Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows XPMicrosoft Windows VistaMicrosoft Internet Explorer 6Microsoft Internet Explorer 7Microsoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3915.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMicrosoft Internet Explorer 7 is installedMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Internet Explorer 7A version of Microsoft Internet Explorer 7 is installed.Sudhir GandheDRAFTINTERIMAndrew ButtnerACCEPTEDBrendan MilesINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDDragos PrisacaINTERIMACCEPTEDACCEPTEDMicrosoft Windows Server 2008 (ia-64) is installedMicrosoft Windows Server 2008The operating system installed on the system is Microsoft Windows Server 2008
Itanium EditionJeff ItoDRAFTINTERIMACCEPTEDTim
HarrisonINTERIMTim
HarrisonTim
HarrisonTim
HarrisonACCEPTEDJ. Daniel BrownINTERIMACCEPTEDJonathan BakerINTERIMACCEPTEDACCEPTEDMicrosoft Internet Explorer 6 is installedMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Internet Explorer 6The application Microsoft Internet Explorer 6 is installed.Robert L. HollisDRAFTINTERIMACCEPTEDMatthew WojcikINTERIMACCEPTEDJonathan BakerINTERIMACCEPTEDBrendan MilesINTERIMACCEPTEDPreeti SubramanianINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMicrosoft Windows Server 2003 (ia64) Gold is installedMicrosoft Windows Server 2003A version of Microsoft Windows Server 2003 (ia64) Gold is installed.Andrew ButtnerDRAFTINTERIMACCEPTEDAndrew ButtnerINTERIMACCEPTEDTim HarrisonINTERIMTim HarrisonTim HarrisonACCEPTEDShane ShafferINTERIMACCEPTEDSudhir GandheINTERIMShane ShafferACCEPTEDDavid RothenbergINTERIMACCEPTEDACCEPTEDDigital Signatures Vulnerability (CVE-2013-3869) - MS13-095Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows VistaMicrosoft Windows XPMicrosoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to cause a denial of service (daemon hang) via a web-service request containing a crafted X.509 certificate that is not properly handled during validation, aka "Digital Signatures Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDInformationCardSigninHelper Vulnerability (CVE-2013-3918) - MS13-090Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows VistaMicrosoft Windows XPThe InformationCardSigninHelper Class ActiveX control in icardie.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted web page that is accessed by Internet Explorer, as exploited in the wild in November 2013, aka "InformationCardSigninHelper Vulnerability."SecPod TeamDRAFTMaria KedovskayaINTERIMACCEPTEDACCEPTEDMemory corruption vulnerability in Microsoft Internet Explorer (CVE-2013-3914) - MS13-088Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows VistaMicrosoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDGraphics Device Interface Integer Overflow Vulnerability (CVE-2013-3940) - MS13-089Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Integer overflow in the Graphics Device Interface (GDI) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image in a Windows Write (.wri) document, which is not properly handled in WordPad, aka "Graphics Device Interface Integer Overflow Vulnerability."SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Windows Server 2008 x64 Edition Service Pack 2 is installedMicrosoft Windows Server 2008The operating system installed on the system is Microsoft Windows Server 2008 x64 Edition Service Pack 2Dragos PrisacaDRAFTINTERIMACCEPTEDTodd DolinskyINTERIMACCEPTEDTodd DolinskyINTERIMTim HarrisonTim HarrisonACCEPTEDJonathan BakerINTERIMACCEPTEDSudhir GandheINTERIMShane ShafferACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDMicrosoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installedMicrosoft Windows Server 2008The operating system installed on the system is Microsoft Windows Server 2008 Itanium Edition Service Pack 2Dragos PrisacaDragos PrisacaDRAFTINTERIMACCEPTEDTim HarrisonINTERIMTim HarrisonACCEPTEDJonathan BakerINTERIMACCEPTEDSudhir GandheINTERIMShane ShafferACCEPTEDACCEPTEDMicrosoft Windows Vista (32-bit) Service Pack 2 is installedMicrosoft Windows VistaThe operating system installed on the system is Microsoft Windows Vista (32-bit) Service Pack 2Dragos PrisacaDragos PrisacaDRAFTINTERIMACCEPTEDTodd DolinskyINTERIMACCEPTEDTim HarrisonINTERIMTim HarrisonTim HarrisonACCEPTEDSudhir GandheINTERIMShane ShafferACCEPTEDACCEPTEDMicrosoft Windows Server 2008 (32-bit) Service Pack 2 is installedMicrosoft Windows Server 2008The operating system installed on the system is Microsoft Windows Server 2008 (32-bit) Service Pack 2Dragos PrisacaDRAFTINTERIMACCEPTEDTodd DolinskyINTERIMACCEPTEDTim HarrisonINTERIMTim HarrisonTim HarrisonTim HarrisonACCEPTEDJonathan BakerINTERIMACCEPTEDSudhir GandheINTERIMShane ShafferACCEPTEDACCEPTEDMicrosoft Windows XP (x86) SP3 is installedMicrosoft Windows XPA version of Microsoft Windows XP (x86) Service Pack 3 is installed.Sudhir GandheDRAFTINTERIMACCEPTEDTim HarrisonINTERIMTim HarrisonTim HarrisonACCEPTEDSudhir GandheINTERIMShane ShafferACCEPTEDACCEPTEDMicrosoft Windows Vista x64 Edition Service Pack 2 is installedMicrosoft Windows VistaThe operating system installed on the system is Microsoft Windows Vista x64 Edition Service Pack 2Dragos PrisacaDragos PrisacaDRAFTINTERIMACCEPTEDTodd DolinskyINTERIMACCEPTEDTodd DolinskyINTERIMTim HarrisonTim HarrisonTim HarrisonACCEPTEDSudhir GandheINTERIMShane ShafferACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDMicrosoft Windows XP x64 Edition SP2 is installedMicrosoft Windows XPA version of Microsoft Windows XP Professional x64 Edition Service Pack 2 is installed.Sudhir GandheDRAFTINTERIMACCEPTEDAndrew ButtnerINTERIMACCEPTEDTodd DolinskyINTERIMTim HarrisonTim HarrisonTim HarrisonACCEPTEDSudhir GandheINTERIMShane ShafferACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDMicrosoft Windows Server 2003 SP2 (x64) is installedMicrosoft Windows Server 2003A version of Microsoft Windows Server 2003 SP2 (x64) is installed.Sudhir GandheDRAFTINTERIMACCEPTEDAndrew ButtnerINTERIMACCEPTEDDragos PrisacaINTERIMACCEPTEDTodd DolinskyINTERIMACCEPTEDTodd DolinskyINTERIMTim HarrisonTim HarrisonTim HarrisonACCEPTEDShane ShafferINTERIMACCEPTEDSudhir GandheINTERIMShane ShafferACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDMicrosoft Windows Server 2003 SP2 (x86) is installedMicrosoft Windows Server 2003A version of Microsoft Windows Server 2003 Service Pack 2 (x86) is installed.Sudhir GandheDRAFTINTERIMRobert L. HollisACCEPTEDAndrew ButtnerINTERIMACCEPTEDTim HarrisonINTERIMTim HarrisonTim HarrisonACCEPTEDShane ShafferINTERIMACCEPTEDSudhir GandheINTERIMShane ShafferACCEPTEDDavid RothenbergINTERIMACCEPTEDACCEPTEDMicrosoft Windows Server 2003 (ia64) SP2 is installedMicrosoft Windows Server 2003A version of Microsoft Windows Server 2003 (ia64) Service Pack 2 is installed.Robert L. HollisDRAFTINTERIMACCEPTEDAndrew ButtnerINTERIMACCEPTEDTim HarrisonINTERIMTim HarrisonTim HarrisonACCEPTEDShane ShafferINTERIMACCEPTEDSudhir GandheINTERIMShane ShafferACCEPTEDDavid RothenbergINTERIMACCEPTEDACCEPTEDMicrosoft Windows 7 x64 Service Pack 1 is installedMicrosoft Windows 7The operating system installed on the system is Microsoft Windows 7 x64 Service Pack 1Shane ShafferDRAFTINTERIMChandan SACCEPTEDDragos PrisacaINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDMike CokusINTERIMACCEPTEDACCEPTEDMicrosoft Windows Server 2008 R2 Itanium-Based Edition Service Pack 1 is installedMicrosoft Windows Server 2008 R2The operating system installed on the system is Microsoft Windows Server 2008 R2 Itanium Edition Service Pack 1Josh TurpinDRAFTINTERIMChandan SACCEPTEDDragos PrisacaINTERIMACCEPTEDINTERIMDragos PrisacaACCEPTEDACCEPTEDMicrosoft Windows Server 2008 R2 x64 Service Pack 1 is installedMicrosoft Windows Server 2008 R2The operating system installed on the system is Microsoft Windows Server 2008 R2 x64 Service Pack 1Josh TurpinDRAFTINTERIMChandan SACCEPTEDDragos PrisacaINTERIMACCEPTEDINTERIMDragos PrisacaACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDMicrosoft Windows 7 (32-bit) Service Pack 1 is installedMicrosoft Windows 7The operating system installed on the system is Microsoft Windows 7 (32-bit) Service Pack 1Shane ShafferDRAFTINTERIMChandan SACCEPTEDDragos PrisacaINTERIMACCEPTEDMike CokusINTERIMACCEPTEDACCEPTEDMemory corruption vulnerability in Microsoft Internet Explorer (CVE-2013-3916) - MS13-088Microsoft Windows 7Microsoft Windows 8Microsoft Windows 8.1Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows XPMicrosoft Windows VistaMicrosoft Internet Explorer 8Microsoft Internet Explorer 9Microsoft Internet Explorer 10Microsoft Internet Explorer 11Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3912.SecPod TeamDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDMicrosoft Windows Server 2003 (x64) is installedMicrosoft Windows Server 2003A version of Microsoft Windows Server 2003 (x64) is installed.Andrew ButtnerDRAFTINTERIMACCEPTEDAndrew ButtnerINTERIMACCEPTEDTodd DolinskyINTERIMACCEPTEDTodd DolinskyINTERIMTim
HarrisonTim
HarrisonTim
HarrisonACCEPTEDShane ShafferINTERIMACCEPTEDDavid RothenbergINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDMicrosoft Windows Server 2008 R2 x64 Edition is installedMicrosoft Windows Server 2008 R2The operating system installed on the system is Microsoft Windows Server 2008
R2 x64 EditionDragos PrisacaDRAFTINTERIMTodd DolinskyTim
HarrisonINTERIMTim
HarrisonTim
HarrisonACCEPTEDJonathan BakerINTERIMACCEPTEDDavid RothenbergINTERIMACCEPTEDINTERIMDragos PrisacaACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDMicrosoft Internet Explorer 8 is installedMicrosoft Windows XPMicrosoft Windows VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows 7Microsoft Internet Explorer 8A version of Microsoft Internet Explorer 8 is installed.Dragos PrisacaDRAFTINTERIMACCEPTEDDragos PrisacaINTERIMACCEPTEDINTERIMDragos PrisacaACCEPTEDMaria KedovskayaINTERIMMaria MikhnoACCEPTEDACCEPTEDMicrosoft Windows 7 (32-bit) is installedMicrosoft Windows 7The operating system installed on the system is Microsoft Windows 7 (32-bit)Pai PengDRAFTINTERIMACCEPTEDTim HarrisonINTERIMTim HarrisonTim HarrisonACCEPTEDMike CokusINTERIMACCEPTEDACCEPTEDMicrosoft Windows Server 2008 R2 Itanium-Based Edition is installedMicrosoft Windows Server 2008 R2The operating system installed on the system is Microsoft Windows Server 2008
R2 Itanium EditionDragos PrisacaDRAFTINTERIMACCEPTEDTim
HarrisonINTERIMTim
HarrisonTim
HarrisonACCEPTEDJonathan BakerINTERIMACCEPTEDDavid RothenbergINTERIMACCEPTEDINTERIMDragos PrisacaACCEPTEDACCEPTEDMicrosoft Windows 7 x64 Edition is installedMicrosoft Windows 7The operating system installed on the system is Microsoft Windows 7 x64 EditionPai PengDRAFTINTERIMACCEPTEDTodd DolinskyINTERIMTim HarrisonTim HarrisonTim HarrisonACCEPTEDMaria KedovskayaINTERIMACCEPTEDMike CokusINTERIMACCEPTEDACCEPTEDMicrosoft Windows Server 2008 (64-bit) is installedMicrosoft Windows Server 2008The operating system installed on the system is Microsoft Windows Server 2008
(64-bit)Sudhir GandheDRAFTAndrew ButtnerINTERIMACCEPTEDTodd DolinskyINTERIMTim
HarrisonINTERIMTim
HarrisonTim
HarrisonTim
HarrisonACCEPTEDJ. Daniel BrownINTERIMACCEPTEDJonathan BakerINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDMicrosoft Windows Server 2008 (32-bit) is installedMicrosoft Windows Server 2008The operating system installed on the system is Microsoft Windows Server 2008
(32-bit)Sudhir GandheDRAFTAndrew ButtnerINTERIMACCEPTEDTodd DolinskyINTERIMACCEPTEDTim
HarrisonINTERIMTim
HarrisonTim
HarrisonTim
HarrisonACCEPTEDJonathan BakerINTERIMACCEPTEDACCEPTEDMicrosoft Windows Vista x64 Edition is installedMicrosoft Windows VistaThe operating system installed on the system is Microsoft Windows Vista x64
EditionJonathan BakerDRAFTINTERIMACCEPTEDSudhir GandheINTERIMAndrew ButtnerACCEPTEDTodd DolinskyINTERIMACCEPTEDTodd DolinskyINTERIMTim
HarrisonTim
HarrisonTim
HarrisonACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDMicrosoft Windows 8.1 is installedMicrosoft Windows 8.1The operating system installed on the system is Microsoft Windows 8.1Maria KedovskayaDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Windows Server 2012 R2 is installedMicrosoft Windows Server 2012 R2The operating system installed on the system is Microsoft Windows Server 2012
R2.Maria KedovskayaDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Windows Server 2003 (32-bit) is installedMicrosoft Windows Server 2003A version of Microsoft Windows Server 2003 (32-bit) is installed.Robert L. HollisDRAFTINTERIMACCEPTEDAndrew ButtnerINTERIMACCEPTEDTim
HarrisonINTERIMTim
HarrisonTim
HarrisonACCEPTEDShane ShafferINTERIMACCEPTEDDavid RothenbergINTERIMACCEPTEDACCEPTEDMicrosoft Internet Explorer 11 is installedMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Microsoft Windows 8.1Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Internet Explorer 11Microsoft Internet Explorer 11 is installedSecPod TeamDRAFTINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDBlake FrantzINTERIMACCEPTEDACCEPTEDMicrosoft Internet Explorer 10 is installedMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2008 R2Microsoft Windows Server 2012Microsoft Internet Explorer 10Microsoft Internet Explorer 10 is installedSecPod TeamDRAFTINTERIMACCEPTEDBlake FrantzINTERIMBlake FrantzACCEPTEDACCEPTEDMicrosoft Windows Server 2012 (64-bit) is installedMicrosoft Windows Server 2012The operating system installed on the system is Microsoft Windows Server 2012 64 bitSecPod TeamDRAFTINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDMicrosoft Windows Server 2012 is installedMicrosoft Windows Server 2012The operating system installed on the system is Microsoft Windows Server 2012.SecPod TeamDRAFTINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDMicrosoft Windows 8 (x64) is installedMicrosoft Windows 8The operating system installed on the system is Microsoft Windows 8 x64Shane ShafferDRAFTINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDMicrosoft Windows XP x64 is installedMicrosoft Windows XPA version of Microsoft Windows XP x64 is installed.SecPod TeamDRAFTINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDMicrosoft Windows 8 (x86) is installedMicrosoft Windows 8The operating system installed on the system is Microsoft Windows 8 x86Shane ShafferDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Windows XP (32-bit) is installedMicrosoft Windows XPThe operating system installed on the system is Microsoft Windows XP (32-bit).Robert L. HollisDRAFTINTERIMACCEPTEDAndrew ButtnerINTERIMACCEPTEDTim HarrisonINTERIMTim HarrisonTim HarrisonACCEPTEDACCEPTEDMicrosoft Windows Vista (32-bit) is installedMicrosoft Windows VistaThe operating system installed on the system is Microsoft Windows Vista
(32-bit)Jonathan BakerDRAFTINTERIMACCEPTEDSudhir GandheINTERIMAndrew ButtnerACCEPTEDTim
HarrisonINTERIMTim
HarrisonTim
HarrisonACCEPTEDACCEPTEDMicrosoft Internet Explorer 9 is installedMicrosoft Windows VistaMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows 7Microsoft Internet Explorer 9A version of Microsoft Internet Explorer 9 is installed.Shane ShafferDRAFTINTERIMACCEPTEDINTERIMDragos PrisacaACCEPTEDChandan SINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDmsi.dllvmicvss.dllstorvsp.syswksprt.exeAtlthunk.dllAtlthunk.dllOle32.dllSystem.Windows.Forms.dllSystem.Windows.Forms.dllservices.exeHKEY_LOCAL_MACHINE^SOFTWARE\\Microsoft\\Office\\12\.0\\Registration\\\{90120000-110D-0000-[01]000-0000000FF1CE\}$ProductNameMicrosoft.office.policy.dllMicrosoft.SharePoint.Portal.dllnetlogon.dllRdpudd.dllClfsw32.dllUbpm.dllScesrv.dllSystem.Security.dllSystem.Security.dllTswbprxy.exegpsvc.dllmsctf.dllWmphoto.dllAhcache.syswer.dllHttp.sysNtkrnlmp.exeHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\SetupDriverCachePathNtoskrnl.exetlntsess.exeMicrosoft.Office.Server.Search.dllIassam.dllAtmfd.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Exchange\SetupMsiProductMajorHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Exchange\SetupMsiProductMinorHKEY_LOCAL_MACHINESOFTWARE\Microsoft\ExchangeServer\v14\SetupMsiProductMajorExSetup.exeHKEY_LOCAL_MACHINESOFTWARE\Microsoft\ExchangeServer\v14\SetupMsiInstallPathExSetup.exeHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Exchange\SetupMsiInstallPathVMMS.exeJournal.dlljscript.dllProfsvc.dllUserenv.dllNlasvc.dllaudiosrv.dlllsasrv.dllKsecdd.syskerberos.dllGdiplus.dllWindowscodecs.dllmsctf.dlloval:org.mitre.oval:obj:42934oval:org.mitre.oval:obj:43009HKEY_LOCAL_MACHINESOFTWARE\Microsoft\IMEJP\8.1\directoriesModulePathHKEY_LOCAL_MACHINESOFTWARE\Microsoft\IMEJP\10.0\directoriesModulePathImjputyc.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\IMEJP\12.0\directoriesModulePathImjputyc.dllJscript9.dlloleaut32.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\INetStpMinorVersionHKEY_LOCAL_MACHINESOFTWARE\Microsoft\INetStpMajorVersionIprestr.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Exchange v15DisplayNameExSetup.exeHKEY_LOCAL_MACHINESOFTWARE\Microsoft\ExchangeServer\v15\SetupMsiInstallPathHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Office14.OSERVERDisplayNamemsoserverintl.dllwwintl.dllvutils.dllMsoserver.DllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Office14.OSERVERInstallLocationascalc.dllmicrosoft.office.infopath.server.dllHKEY_LOCAL_MACHINESoftware\Microsoft\Office Server\15.0BinPathxlsrv.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Office15.OSERVERInstallLocationstswel.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90140000-1110-0000-1000-0000000FF1CE}DisplayNameOnetutil.dllschannel.dllcng.sysmrxdav.sysSystem.Deployment.dllSystem.Deployment.dllmscorie.dllschedsvc.dllSystem.dllSystem.dllOakley.dllIkeext.dllDeploy.resources.dllMicrosoft.Rtc.Acd.Workflow.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\NET Framework Setup\NDP\v3.0InstallHKEY_LOCAL_MACHINESOFTWARE\Microsoft\NET Framework Setup\NDP\v3.0SPSystem.IdentityModel.dllSystem.IdentityModel.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\.NETFramework\AssemblyFolders\v3.0All Assemblies InHKEY_LOCAL_MACHINE^SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\\{.*\}$DisplayNamewrtces.dllSIPStack.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Real-Time Communications\{A593FD00-64F1-4288-A6F4-E699ED9DCA35}InstallDirConsent.exerpcrt4.dllPackager.dlldxgkrnl.sysMicrosoft.ServiceBus.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Service Bus\1.1INSTALLDIRMsxml6.dlltcpip.sysVBoxSVC.exerdpcorets.dllHKEY_LOCAL_MACHINE^SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\\{90140000\-1141\-0407\-1000\-0000000FF1CE\}_Office14\.WCSERVER_\{[\w\-]+\}$DisplayNameHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Office14.WCSERVERDisplayNameHKEY_LOCAL_MACHINE^SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\\{90140000\-112D\-0000\-1000\-0000000FF1CE\}_Office14\.WCSERVER_\{[\w\-]+\}$DisplayNameSWORD.DLLHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Office14.WCSERVERInstallLocationsystem.runtime.remoting.dllsystem.runtime.remoting.dllsystem.runtime.remoting.dllafd.sysShlwapi.dllshell32.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\SharePoint Client Components\15.0LocationHKEY_LOCAL_MACHINE^SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\\{90150000-101F-0401-1000-0000000FF1CE\}_Office15\.WacServer\-\{[\w\-]+\}$DisplayNameHKEY_LOCAL_MACHINE^SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\\{90150000-1014-0000-1000-0000000FF1CE}_Office15\.OSERVER\{[\w\-]+\}$DisplayNameMsoserver.DllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Office15.WacServerInstallLocationHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90150000-1014-0000-1000-0000000FF1CE}DisplayNameHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Office15.OSERVERDisplayNameMicrosoft.Office.Server.Msg.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Office15.OSERVERInstallLocationwsetupui.dllMsoserver.DllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Office14.WCSERVERInstallLocationMicrosoft.SharePoint.Client.dllWsssetup.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersionCommonFilesDirkernel32.dllgppref.dllgpme.dllIscsitgt.dllqedit.dllMscorlib.dllMscorlib.dlld2d1.dllMsxml3.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\NET Framework Setup\NDP\v4\ClientInstallHKEY_LOCAL_MACHINESOFTWARE\Microsoft\NET Framework Setup\NDP\v4\FullInstallMscorlib.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\NET Framework Setup\NDP\v4\FullReleaseHKEY_LOCAL_MACHINESOFTWARE\Microsoft\NET Framework Setup\NDP\v4\ClientReleaseHKEY_LOCAL_MACHINESOFTWARE\Microsoft\NET Framework Setup\NDP\v1.1.4322SPHKEY_LOCAL_MACHINESOFTWARE\Microsoft\NET Framework Setup\NDP\v1.1.4322InstallHKEY_LOCAL_MACHINESOFTWARE\Microsoft\NET Framework Setup\NDP\v4\FullVersionHKEY_LOCAL_MACHINESOFTWARE\Microsoft\NET Framework Setup\NDP\v4\ClientVersionHKEY_LOCAL_MACHINESOFTWARE\Microsoft\NET Framework Setup\NDP\v3.5SPHKEY_LOCAL_MACHINESOFTWARE\Microsoft\NET Framework Setup\NDP\v3.5InstallSystem.web.dllSetup.exeSystem.web.dllSystem.web.dllVbscript.dllHKEY_LOCAL_MACHINESOFTWARE\Sun\VirtualBoxHKEY_LOCAL_MACHINESOFTWARE\Sun\xVM VirtualBoxHKEY_LOCAL_MACHINESOFTWARE\Oracle\VirtualBoxVirtualBox.exeHKEY_LOCAL_MACHINESOFTWARE\Oracle\VirtualBoxInstallDirimagehlp.dllwin32k.sysMicrosoft.AspNet.SignalR.Core.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\TeamFoundationServer\12.0InstallPathscrrun.dllcrypt32.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{19916e01-b44e-4e31-94a4-4696df46157b}Compatibility FlagsHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{53001f3a-f5e1-4b90-9c9f-00e09b53c5f1}Compatibility FlagsHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{c2c4f00a-720e-4389-aeb9-e9c4b0d93c6f}Compatibility FlagsHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows NT\CurrentVersionCSDVersionHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows NT\CurrentVersionBuildLabgdi32.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Internet ExplorersvcVersionHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows NT\CurrentVersionProductNameHKEY_LOCAL_MACHINESYSTEM\CurrentControlSet\Control\Session Manager\EnvironmentPROCESSOR_ARCHITECTUREHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Internet ExplorerVersionmshtml.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows NT\CurrentVersionSystemRoot5.1.2.2434.5.6002.237304.5.6002.237315.0.7601.188965.0.9200.174125.0.9200.215235.0.7601.230995.0.9200.210004.5.6002.230005.0.9600.179054.5.6002.194245.0.7601.230006.0.6002.193786.0.6002.236846.1.7601.188446.3.9600.177235.1.2.2425.2.2.2426.2.9200.215295.2.3790.56696.0.6002.194316.1.7601.231126.3.9600.179186.2.9200.174206.1.7601.189096.0.6002.237376.3.9600.179016.3.9600.176706.3.9600.174156.2.9200.174146.1.7601.188966.2.9200.215246.3.9600.179055.2.3790.56636.1.7601.230996.0.6002.237436.0.6002.194355.2.3790.56486.1.7601.188806.0.6002.237166.2.9200.215066.3.9600.179016.0.6002.194096.2.9200.173956.1.7601.230834.0.30319.362874.0.30319.20574.0.30319.362864.0.30319.342511.1.4322.25124.0.30319.10322.0.50727.86554.0.30319.342502.0.50727.36675.7.6002.194055.8.9200.215215.8.7601.207855.8.7601.188965.6.0.88565.8.6001.196525.8.9600.179095.8.9600.179105.8.9200.174105.8.7601.230995.8.7601.171745.8.9600.179055.8.6001.237075.7.6002.237126.2.9200.173436.0.6002.193696.1.7601.230336.2.9200.214566.0.6002.236776.1.7601.188296.3.9600.17793Microsoft Office SharePoint Server 200715.0.4719.100214.0.7149.500012.0.6721.50006.1.7601.229666.1.7601.187596.2.9200.172735.2.3790.55516.0.6002.236296.3.9600.176786.2.9200.213916.0.6002.193196.2.9200.211726.1.7601.187406.2.9200.170536.3.9600.176676.1.7601.229476.2.9200.213646.2.9200.172476.2.9200.214086.2.9200.172916.1.7601.229816.0.6002.236396.0.6002.193316.3.9600.177196.1.7601.187776.0.6002.236366.2.9200.213686.1.7601.187386.2.9200.213696.2.9200.172516.3.9600.176686.1.7601.229436.0.6002.193278.0.6001.237078.0.7601.230998.0.6001.196528.0.7601.188967.0.6002.237287.0.6000.214817.0.6002.194216.0.3790.56625.8.9600.176895.8.6001.236615.8.7601.229585.7.6002.236295.8.7601.171385.8.7601.207485.8.7601.187515.8.9200.213845.8.6001.196075.8.9200.172675.7.6002.193195.6.0.88546.2.9200.172476.1.7601.187416.1.7601.229486.3.9600.176716.2.9200.213646.0.6002.192516.0.6002.235586.2.9200.172006.1.7601.186866.1.7601.228945.2.3790.54926.3.9600.175526.2.9200.213476.3.9600.176306.2.9200.172316.1.7601.229216.1.7601.187155.8.6001.236715.6.0.88555.7.6002.193515.8.9200.214135.8.7601.207515.8.9600.177285.8.7601.171415.7.6002.236595.8.9200.172965.8.7601.230105.8.7601.230005.8.6001.196125.8.7601.188066.1.7601.231096.0.6002.237356.3.9600.179156.1.7601.189066.2.9200.215286.0.6002.194295.2.3790.56676.2.9200.174192.0.50727.42564.0.30319.362884.0.30319.10312.0.50727.64264.0.30319.342522.0.50727.54904.0.30319.20562.0.50727.36652.0.50727.86526.2.9200.213457.0.6002.192816.1.7601.229227.0.6002.235916.26.2.9200.172286.1.7601.187166.2.9200.213436.26.3.9600.176316.2.9200.172265.2.6002.235886.2.9200.172126.2.9200.172136.1.7600.210006.3.9600.000006.1.7600.219096.1.7601.229076.1.7601.186996.1.7600.177156.3.9600.175556.1.7600.000006.3.9600.175536.2.9200.213296.1.7601.188986.2.9200.215216.0.6002.194216.2.9200.174106.3.9600.179026.1.7601.231005.2.3790.56616.0.6002.237286.3.9600.176306.1.7601.187116.2.9200.172256.0.6002.235886.1.7601.229176.2.9200.213396.0.6002.192796.2.9200.173436.3.9600.177856.2.9200.214566.1.7601.229375.2.3790.55286.3.9600.176646.2.9200.213616.2.9200.172436.1.7601.187316.0.6002.192966.0.6002.236066.1.7601.187426.3.9600.176687.0.6002.236096.2.9200.172476.2.9200.213646.1.7601.229496.2.9200.172547.0.6002.192996.2.9200.213716.2.9200.173616.2.9200.214736.1.7601.188436.0.6002.193756.1.7601.230455.2.3790.56186.3.9600.178106.0.6002.236836.2.9200.172146.2.9200.172136.3.9600.175556.2.9200.213176.1.7601.229086.1.7601.187006.2.9200.214035.2.3790.55616.3.9600.176946.0.6002.193276.0.6002.236366.2.9200.172876.1.7601.187736.1.7601.229786.3.9600.175506.2.9200.171996.2.9200.213166.0.6002.193226.1.7601.187626.0.3790.55586.1.7601.229696.3.9600.176806.2.9200.172796.2.9200.213956.0.6002.236326.1.7601.229766.2.9200.214016.1.7601.187726.2.9200.172856.3.9600.177126.0.6002.236326.2.9200.172796.3.9600.176806.2.9200.213956.1.7601.229696.1.7601.187626.0.6002.193226.0.3790.5558Microsoft Exchange Server 2013 Cumulative Update 815.0.847.4115.0.1076.0116.2.9200.173136.2.9200.214286.1.7601.230026.0.6002.236545.2.3790.55836.3.9600.177366.0.6002.193466.1.7601.187985.2.3790.55646.2.9200.172936.2.9200.214106.3.9600.177026.0.6002.236406.1.7601.187796.0.6002.193326.1.7601.229836.1.7601.228936.2.9200.171986.3.9600.175476.1.7601.186855.2.3790.54916.0.6002.192506.2.9200.213156.0.6002.2355710.0.9200.215239.0.8112.166699.0.8112.2078411.0.9600.1790510.0.9200.1741215.0.4711.10007.0.6002.236908.0.6001.196327.0.6000.214666.0.3790.56248.0.7601.188707.0.6002.193838.0.7601.230738.0.6001.236878.0.7601.2295810.0.9200.213848.0.6001.2366110.0.9200.172677.0.6002.1931011.0.9600.176907.0.6002.236206.0.3790.55438.0.6001.196079.0.8112.166337.0.6000.214439.0.8112.207478.0.7601.187516.1.7601.186855.2.3790.55136.2.9200.171996.2.9200.213166.0.6002.192506.0.6002.235576.3.9600.175496.1.7601.228935.2.2.2415.1.2.24110.0.9200.1737711.0.9600.1784210.0.9200.214899.0.8112.207749.0.8112.166596.3.9600.176695.2.6002.236096.2.9200.172516.2.9200.000007.0.6002.192996.1.7601.229487.0.6002.236096.2.9200.213696.1.7601.18741801414.03.0224.0018.03.0389.0028.0.7601.1883510.0.9200.214709.0.8112.207587.0.6002.236759.0.8112.166448.0.6001.236768.0.6001.196217.0.6000.2145510.0.9200.173576.0.3790.56027.0.6002.193678.0.7601.230386.0.3790.54677.0.6000.214207.0.6002.192217.0.6002.235286.3.9600.177296.1.7601.230206.1.7601.188156.0.6002.193566.2.9200.173306.1.7601.230006.3.9600.177936.2.9200.214446.0.6002.236645.8.7601.200005.7.6002.192215.8.6001.195875.8.9200.210005.8.7601.228565.8.7601.207165.8.9600.174965.6.0.88535.8.9200.171835.8.7601.171045.8.6001.236425.7.6002.235285.8.7601.186485.8.9200.212996.2.9200.172196.2.9200.213176.0.6002.235576.1.7601.229136.3.9600.175526.1.7601.187066.0.6002.192505.2.3790.54916.1.7601.186856.1.7601.228936.2.9200.171996.2.9200.213166.0.6002.192506.0.6002.235576.3.9600.17550Microsoft Exchange Server 2013 Cumulative Update 615.00.0847.03515.00.0995.0346.0.6002.192016.1.7601.228266.0.6002.235066.3.9600.173936.1.7601.186196.2.9200.212516.2.9200.171346.0.6002.230006.0.6002.235216.1.7601.228436.2.9200.171506.1.7601.186376.0.6002.192146.2.9200.212696.3.9600.173966.2.9200.172266.1.7601.187176.1.7601.229236.0.6002.192826.0.6002.235886.1.7601.187136.2.9200.172306.0.6002.235926.1.7601.229195.2.3790.55166.0.6002.192795.2.3790.55136.2.9200.213476.2.9200.213436.0.6002.237066.3.9600.178376.2.9200.214966.1.7601.230726.1.7601.188695.2.3790.56406.0.6002.193996.2.9200.173856.2.9200.171726.1.7601.228656.1.7601.186586.3.9600.174235.2.3790.54676.2.9200.2128911.0.9600.178012.0.50727.86532.0.50727.42572.0.50727.801510.0.30319.20562.0.50727.36684.0.30319.342482.0.50727.86564.0.30319.342492.0.50727.64274.0.30319.362854.0.30319.3628310.0.30319.10311.1.4322.25152.0.50727.54917.0.6002.192276.2.9200.171706.3.9600.174836.2.9200.212835.2.6002.235357.0.6002.235358.110.7601.185768.100.5009.08.110.7601.227828.100.1056.08.110.9200.210008.110.9200.170928.110.9200.212118.110.9600.173246.1.7601.230006.1.7601.188346.0.6002.193725.2.3790.56156.0.6002.236806.1.7601.230386.2.9200.214576.2.9200.173436.3.9600.177964.0.30319.10304.0.30319.342454.0.30319.20492.0.50727.86424.0.30319.362572.0.50727.36641.1.4322.25115.2.3790.54646.2.9200.172436.1.7601.229376.0.6002.236066.1.7601.187316.2.9200.213616.3.9600.176645.2.3790.55286.0.6002.1929610.0.6002.2345910.0.6002.2300010.1.7601.1855610.1.7601.227648.1.7104.012.0.6704.500010.0.6002.1915410.1.7601.220008.0.7601.187157.0.6000.214327.0.6002.192818.0.7601.229216.0.3790.55087.0.6002.235908.0.6001.196008.0.6001.236448.0.6001.236559.0.8112.1660910.0.9200.172299.0.8112.2073011.0.9600.1764010.0.9200.172289.0.8112.166209.0.8112.2072511.0.9600.1763110.0.9200.1724110.0.9200.2134510.0.9200.213598.0.7601.186678.0.6001.236428.0.6001.195878.0.7601.228746.2.9200.171606.1.7601.186456.0.6002.235236.3.9600.174086.1.7601.228466.1.7601.186406.3.9600.174036.2.9200.212786.2.9200.212736.0.6002.192166.2.9200.171556.1.7601.228536.0.6002.192206.0.6002.235275088.0.9200.212188.0.9200.171018.5.9600.172658.0.9200.21000Microsoft Exchange Server 2013 Cumulative Update 7^Microsoft Exchange Server 2013.*$15.0.847.3815.0.1044.297.0.6000.214488.0.6001.2367110.0.9200.214137.0.6002.236429.0.8112.166368.0.7601.188066.0.3790.55697.0.6002.193348.0.6001.1961211.0.9600.177288.0.7601.2300010.0.9200.172969.0.8112.207508.0.7601.23010Microsoft SharePoint Server 201015.0.4697.100015.0.4631.100014.0.7145.500015.0.4699.100015.0.4701.1000Microsoft SharePoint Foundation 201014.0.7137.50006.0.6002.235556.2.9200.171246.3.9600.173856.0.6002.192476.1.7601.228146.2.9200.212416.1.7601.186065.2.3790.54626.3.9600.176336.3.9600.176306.2.9200.171336.0.6002.235226.0.6002.192156.3.9600.173935.2.3790.54486.2.9200.212506.1.7601.186186.1.7601.228256.0.6002.192736.0.6002.235815.2.3790.55086.3.9600.175606.2.9200.213176.1.7601.187066.2.9200.172196.1.7601.229139.0.8112.2071511.0.9600.1749610.0.9200.212999.0.8112.1659910.0.9200.1718311.0.9600.174166.0.3790.54589.0.8112.165927.0.6000.214159.0.8112.207088.0.6001.195757.0.6002.2351710.0.9200.2129111.0.9600.174208.0.7601.186317.0.6002.192128.0.7601.2283810.0.9200.171738.0.6001.236334.0.30319.342432.0.50727.86412.0.50727.36634.0.30319.362562.0.50727.42554.0.30319.20484.0.30319.362554.0.30319.10294.0.30319.342442.0.50727.54882.0.50727.64242.0.50727.80122.0.50727.64192.0.50727.80086.0.3790.54246.2.9200.170686.3.9600.172766.2.9200.211884.0.30319.362504.0.30319.342384.0.30319.362514.0.30319.34239Service Pack 16.0.6002.232436.0.6002.230006.2.9200.167346.1.7601.224795.2.3790.52386.2.9200.167346.1.7601.182835.1.2600.64626.1.7601.220006.2.9200.167346.2.9200.167346.0.6002.189605.0.8308.4204.0.7577.2767.0.6000.214097.0.6002.234898.0.6001.1956910.0.9200.171168.0.7601.2280311.0.9600.173449.0.8112.165849.0.8112.207008.0.6001.2362710.0.9200.212327.0.6002.191858.0.7601.18595379893379893124.0.30319.10264.0.30319.342302.0.50727.54854.0.30319.342343.0.4506.86353.0.4506.54633.0.4506.40682.0.50727.36622.0.50727.64212.0.50727.86372.0.50727.80092.0.50727.42534.0.30319.20452.0.50727.86153.0.4506.42221.1.4322.25104.0.30319.362413.0.4506.80022.0.50727.70713.0.4506.64153.0.4506.8600^Microsoft Lync Server 2010.*$^Microsoft Lync Server 2013.*$4.0.7577.2305.0.8308.8036.1.7601.228236.2.9200.171306.0.6002.191986.0.6002.235046.3.9600.173536.2.9200.212476.1.7601.186155.2.3790.54455.131.3790.53626.1.7601.184936.3.9600.171986.1.7601.227086.0.6002.234156.2.9200.211396.0.6002.191166.2.9200.170225.2.3790.539815.0.4641.10006.2.9200.211546.1.7601.227436.1.7601.185326.3.9600.172166.2.9200.170376.2.9200.171216.2.9200.212376.1.7601.228096.0.6002.234966.1.7601.186016.0.6002.191926.3.9600.173416.1.7601.227206.3.9600.172506.2.9200.170597.0.6002.191266.2.9200.170316.2.9200.211486.1.7601.227506.0.6002.234546.3.9600.172106.2.9200.211787.0.6002.234276.1.7601.185106.0.6002.191506.1.7601.185399.0.8112.206917.0.6002.1916510.0.9200.170888.0.6001.1956110.0.9200.2120711.0.9600.172788.0.7601.1857111.0.9600.172808.0.7601.227777.0.6000.214086.0.3790.54137.0.6002.234708.0.6001.236199.0.8112.165758.0.7601.185347.0.6002.191438.0.7601.227458.0.6001.195538.0.6001.236117.0.6002.234469.0.8112.165639.0.8112.206746.0.3790.53927.0.6000.2139710.0.9200.2117310.0.9200.1705411.0.9600.172398.0.7600.167228.0.7600.208618.0.7600.200006.0.6002.191196.1.7601.227226.3.9600.166716.3.9600.170316.2.9200.170256.3.9600.172006.0.6002.234206.2.9200.211426.1.7601.185122.1.40512.26.6.7601.185016.6.9600.170316.6.7601.227166.6.9200.170236.6.9200.211406.6.9600.172006.6.6002.191186.6.6002.234186.6.9600.166726.0.3790.53587.0.6002.234137.0.6000.213957.0.6002.191146.30.7601.220006.30.7601.184318.100.5008.06.20.2017.08.110.7601.184316.20.5007.08.110.9600.166638.100.1055.08.110.7601.226408.110.9200.168636.30.7601.226408.110.9200.209826.1.7601.226486.1.7601.184386.0.6002.233706.0.6002.190806.3.9600.170884.2.244.1.323.2.224.3.124.0.246.2.9200.210356.1.7601.184656.1.7601.226786.2.9200.169126.3.9600.16663^Service Pack 2 for Microsoft Office Web Apps.*$^Microsoft.* Office Web Apps$Microsoft Office Web Apps Service Pack 1 (SP1)14.0.7123.50007.0.6002.1908710.0.9200.1689711.0.9600.171058.0.6001.235889.0.8112.2065711.0.9600.166617.0.6000.213836.0.2900.65506.0.3790.53287.0.6002.233778.0.7601.226578.0.6001.1952910.0.9200.210248.0.7601.184469.0.8112.165462.0.50727.54834.0.30319.341082.0.50727.80032.0.50727.70552.0.50727.42524.0.30319.361154.0.30319.20362.0.50727.86002.0.50727.70574.0.30319.10234.0.30319.361064.0.30319.361052.0.50727.64162.0.50727.86061.1.4322.25062.0.50727.36594.0.30319.341074.1.304.3.84.2.226.1.7601.210006.3.9600.170886.1.7601.184896.0.6002.191155.2.3790.53586.2.9200.211336.1.7601.227056.3.9600.171946.3.9600.166686.0.6002.234146.2.9200.170146.2.9200.210006.2.9200.168826.1.7601.226396.0.3790.53186.0.6002.190706.0.6002.233606.3.9600.170836.1.7601.1842911.0.9600.1665910.0.9200.211458.0.6001.2360310.0.9200.170288.0.7601.184878.0.7601.227039.0.8112.206728.0.6001.195439.0.8112.16561^Service Pack 1 for Microsoft Office Web Apps Server .*$^Service Pack 1 for Microsoft SharePoint Server 2013 .*$^Microsoft SharePoint Foundation 2013 .*$Microsoft SharePoint Server 201315.0.4514.100015.0.4561.100015.0.4609.100015.0.4615.10009.0.8112.165536.0.3790.53308.0.7601.2265910.0.9200.2102610.0.9200.168998.0.6001.195317.0.6002.190899.0.8112.206647.0.6000.213858.0.6001.235907.0.6002.2338011.0.9600.166638.0.7601.1844811.0.9600.171076.0.6002.233235.1.2600.65326.3.9600.166566.2.9200.209356.0.6002.190346.1.7601.226166.2.9200.168155.2.3790.52956.1.7601.184096.3.9600.170396.3.9600.166606.0.6002.233396.1.7601.226056.3.9600.170416.0.6002.190476.1.7601.175146.2.9200.1638411.0.9600.1667211.0.9600.172076.0.3790.53414.2.204.3.69.0.8112.165557.0.6000.2138910.0.9200.210448.0.6001.195398.0.7601.226867.0.6002.233898.0.7601.1847210.0.9200.169219.0.8112.206668.0.6001.2359810.0.9200.210007.0.6002.1909811.0.9600.1666811.0.9600.1703711.0.9600.1712611.0.9600.170416.3.9600.166606.2.9200.168866.3.9600.170396.2.9200.210056.3.9600.170956.2.9200.21000^[Ss][Ee][Rr][Vv][Ii][Cc][Ee] [Pp][Aa][Cc][Kk] ([2-9]|([1-9][0-9]+))$6.6.6002.230006.6.7601.220006.6.9200.200006.6.9200.168126.6.6002.190336.6.7601.225906.6.6002.233216.6.7601.183866.5.2600.65126.6.9600.166506.6.9200.209316.5.3790.52942.0.50727.36554.0.30319.20002.0.50727.54774.0.30319.360134.0.30319.360002.0.50727.80004.0.30319.340114.0.30319.10221.1.4322.25044.0.30319.191322.0.50727.42474.0.30319.180634.0.30319.184444.0.30319.20342.0.50727.64132.0.50727.70416.2.9200.208826.2.9200.167656.2.9200.208836.1.7601.180006.3.9600.164734.2.204.3.48.110.9200.167728.110.9600.164838.110.9200.200008.110.7601.220008.110.7601.225328.110.9200.208908.100.5007.08.100.1054.08.110.7601.1833412.0.50727.30533786753787584.5.5070914.0.30319.180671.1.4322.250510.0.30319.10224.0.30319.194534.0.30319.184492.0.50727.70004.0.30319.194552.0.50727.42482.0.50727.641410.0.30319.20342.0.50727.36582.0.50727.70454.0.30319.340094.0.30319.184462.0.50727.547910.0.30319.20002.0.50727.80012.0.50727.70464.0.30319.190004.0.30319.191364.0.30319.184476.0.2900.651210.0.9200.168439.0.8112.1654011.0.9600.165218.0.6001.195078.0.6001.2356910.0.9200.209639.0.8112.206518.0.7601.225977.0.6002.233308.0.7601.183926.0.3790.52947.0.6002.190417.0.6000.213715.7.0.05.85.6.0.05.75.8.0.05.95.8.6001.230005.8.9200.167755.8.7601.220005.7.6002.232925.8.6001.194985.7.6002.190055.8.9600.164835.8.7601.225355.8.6001.235525.8.7601.183375.8.9200.167835.6.0.88525.8.9200.209015.8.9600.164975.8.9200.208938.0.6001.235628.0.6001.194999.0.8112.165337.0.6000.213666.0.3790.528110.0.9200.167988.0.7601.225679.0.8112.206448.0.7601.183657.0.6002.1901610.0.9200.209167.0.6002.233036.0.2900.649811.0.9600.165186.1.7601.225926.1.7601.183885.2.3790.52966.0.6002.190366.3.9600.166506.2.9200.168175.1.2600.65146.2.9200.209376.0.6002.233254.2.184.1.284.2.03.2.04.1.04.0.04.3.24.3.03.2.184.0.205.1.2600.64736.0.6002.232616.1.7601.183006.1.7601.224966.0.6002.189745.2.3790.52506.1.7601.224846.0.6002.232486.2.9200.167455.1.2600.64796.1.7601.182886.3.9600.164386.0.6002.189715.2.3790.52406.2.9200.208566.2.9200.167586.3.9600.164576.2.9200.208711.1.21022.05.8.7601.224805.7.6002.232425.7.6002.189605.7.6002.230005.8.9600.164295.7.0.05.7.6002.189605.8.7601.220005.8.9200.167345.8.9200.208455.8.9200.200005.6.0.88515.8.7601.182836.0.2900.64709.0.8112.165267.0.6002.232588.0.6001.235437.0.6000.213649.0.8112.206378.0.7601.183058.0.7601.225007.0.6002.189726.0.3790.52468.0.6001.1948911.0.9600.1647610.0.9200.2086110.0.9200.16750^7\.[0-9.]*$^6\..*$6.0.3790.52387.0.6002.189616.0.2900.64627.0.6002.232447.0.6000.213597.0.6002.230006.2.9200.167276.1.7601.182775.131.3790.52356.1.7601.224735.131.2600.64596.2.9200.200006.0.6002.189536.3.9600.164316.2.9200.20838reg_dword67109888Service Pack 3Service Pack 2^\d+\.win7sp1.*$6.0.6002.230005.1.2600.64606.0.6002.232355.2.3790.52366.2.9200.208396.1.7601.220006.1.7601.182756.0.6002.189536.3.9600.164216.2.9200.167286.2.9200.200006.1.7601.22471^8\..*$ia64^[A-Za-z0-9\(\)\s]*[Ww][Ii][Nn][Dd][Oo][Ww][Ss] 7[A-Za-z0-9\(\)\s]*$^[a-zA-Z0-9\(\)\s]*2008[a-zA-Z0-9\(\)\s]*$^[a-zA-Z0-9\(\)\s]*2008 [Rr]2[a-zA-Z0-9\(\)\s]*$^[a-zA-Z0-9\(\)\s]*[Ww][Ii][Nn][Dd][Oo][Ww][Ss] 8\.1[a-zA-Z0-9\(\)\s]*$^[a-zA-Z0-9\(\)\s]*2003[a-zA-Z0-9\(\)\s]*$^11\..*$^10\..*$^[a-zA-Z0-9\(\)\s]*2012\s[rR]2[a-zA-Z0-9\(\)\s]*$^[a-zA-Z0-9\(\)\s]*2012[a-zA-Z0-9\(\)\s]*$^[Aa][Mm][Dd]64$^[a-zA-Z0-9\(\)\s]*[Ww][Ii][Nn][Dd][Oo][Ww][Ss] 8[a-zA-Z0-9\(\)\s]*$^[a-zA-Z0-9\(\)\s]*[Ww][Ii][Nn][Dd][Oo][Ww][Ss] [Xx][Pp][a-zA-Z0-9\(\)\s]*$windows^[a-zA-Z0-9\(\)\s]*[Vv][Ii][Ss][Tt][Aa][a-zA-Z0-9\(\)\s]*$x86^9\.0\..*$8.0.6001.2353611.0.9431.2248.0.6001.194838.0.7601.2247910.0.9200.2084810.0.9200.167369.0.8112.165208.0.7601.182839.0.8112.206318.0.7601.2200010.0.9200.200009.0.8112.200008.0.6001.23000\syswow64\Microsoft Shared\web server extensions\12\BIN\i386\Microsoft Shared\web server extensions\15\ISAPI\Bin\Bin\Microsoft Shared\ink^\\winsxs\\(x86|amd64)_microsoft\.windows\.gdiplus_6595b64144ccf1df_.+$|\\WinSxS\\(x86|amd64)_Microsoft\.Windows\.GdiPlus_6595b64144ccf1df_.+$\system32\IME\IMEJP10\SysWOW64\IME\IMEJP10\ime\imjp8_1\system32\inetsrv\Bin\15.0\WebServices\ConversionServices\1033\15.0\WebServices\ConversionServices\15.0\WebServices\Shared\VisioGraphicsServer\Bin\14.0\WebServices\WordServer\Core\15.0\bin\Microsoft Shared\web server extensions\15\BIN\Microsoft Shared\web server extensions\14\BIN\Deployment\de-DE\Application Host\Applications\Response Group\Server\Core\14.0\WebServices\ConversionService\Bin\Converter\System32\drivers\PPTConversionService\bin\Converter\15.0\bin\Microsoft Shared\SERVER15\Server Setup Controller\WSS.en-us\15.0\WebServices\ConversionService\Bin\Converter\Microsoft Shared\Web Server Extensions\14\ISAPI\Microsoft Shared\SERVER15\Server Setup Controller\Microsoft.NET\Framework\v1.1.4322\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Microsoft.NET\Framework\v2.0.50727\Microsoft.NET\Framework\v4.0.30319Application Tier\Web Services\bin\System32