· 6 years ago · Dec 01, 2019, 04:28 AM
1#######################################################################################################################################
2=======================================================================================================================================
3Hostname www.gip.gov.sa ISP King Abdul Aziz City for Science and Technology
4Continent Asia Flag
5SA
6Country Saudi Arabia Country Code SA
7Region Unknown Local time 01 Dec 2019 03:15 +03
8City Unknown Postal Code Unknown
9IP Address 212.138.117.71 Latitude 25
10 Longitude 45
11=======================================================================================================================================
12#######################################################################################################################################
13> www.gip.gov.sa
14Server: 185.93.180.131
15Address: 185.93.180.131#53
16
17Non-authoritative answer:
18Name: www.gip.gov.sa
19Address: 212.138.117.71
20>
21#######################################################################################################################################
22
23Domain Name: gip.gov.sa
24
25 Registrant:
26 General Intelligence Presidency رئاسة الإستخبارات العامة (مركز المعلومات)
27 Address: لا يوجد
28 Riyadh الرياض
29 Saudi Arabia المملكة العربية السعودية
30
31 Administrative Contact:
32 م م
33 Address: *******
34 *************
35 *************************************
36
37 Technical Contact:
38 م م
39 Address: ********************
40 ******
41 ****
42
43 Name Servers:
44 gip-ns1.isu.net.sa
45 gip-ns2.isu.net.sa
46
47 DNSSEC: no
48
49Created on: 2007-11-06
50Last Updated on: 2018-11-21
51#######################################################################################################################################
52[+] Target : www.gip.gov.sa
53
54[+] IP Address : 212.138.117.71
55
56[+] Headers :
57
58[+] Cache-Control : private
59[+] Content-Type : text/html; charset=utf-8
60[+] Server : Microsoft-IIS/8.5
61[+] X-Frame-Options : DENY
62[+] X-AspNetMvc-Version : 5.2
63[+] X-AspNet-Version : 4.0.30319
64[+] Set-Cookie : __RequestVerificationToken=1OPJQXKyYZqjtQz7HRK1BlO6wc1lGC3rdxOyC3sycWYo_83JvRoRZIWZ61jnuM4rkLLM-RFYW4C4fxsoetSjb2AJAGHwPuIJv-vNR74J_mU1; path=/; HttpOnly
65[+] X-Powered-By : ASP.NET
66[+] Date : Sun, 01 Dec 2019 00:20:36 GMT
67[+] Content-Length : 31950
68
69[+] SSL Certificate Information :
70
71[+] organizationalUnitName : Domain Control Validated
72[+] commonName : *.gip.gov.sa
73[+] countryName : US
74[+] stateOrProvinceName : Arizona
75[+] localityName : Scottsdale
76[+] organizationName : GoDaddy.com, Inc.
77[+] organizationalUnitName : http://certs.godaddy.com/repository/
78[+] commonName : Go Daddy Secure Certificate Authority - G2
79[+] Version : 3
80[+] Serial Number : 4A2BF26214073882
81[+] Not Before : Oct 12 10:53:33 2019 GMT
82[+] Not After : Oct 12 10:53:33 2020 GMT
83[+] OCSP : ('http://ocsp.godaddy.com/',)
84[+] subject Alt Name : (('DNS', '*.gip.gov.sa'), ('DNS', 'gip.gov.sa'))
85[+] CA Issuers : ('http://certificates.godaddy.com/repository/gdig2.crt',)
86[+] CRL Distribution Points : ('http://crl.godaddy.com/gdig2s1-1444.crl',)
87
88[+] Whois Lookup :
89
90[+] NIR : None
91[+] ASN Registry : ripencc
92[+] ASN : 8895
93[+] ASN CIDR : 212.138.117.0/24
94[+] ASN Country Code : SA
95[+] ASN Date : 1999-01-28
96[+] ASN Description : ISU Internet Services Unit (ISU), SA
97[+] cidr : 212.138.112.0/22, 212.138.116.0/23
98[+] name : ISU-8
99[+] handle : KR6046-RIPE
100[+] range : 212.138.112.0 - 212.138.117.255
101[+] description : Internet Service Unit ISU
102[+] country : SA
103[+] state : None
104[+] city : None
105[+] address : Saudi Network Information Center, ISU
106King Abdulaziz City for Science and Technology,
107P.O.Box 6086, Riyadh 11442, Saudi Arabia.
108[+] postal_code : None
109[+] emails : ['abuse@isu.net.sa']
110[+] created : 2004-08-03T12:57:57Z
111[+] updated : 2005-04-13T10:18:31Z
112
113[+] Crawling Target...
114
115[+] Looking for robots.txt........[ Found ]
116[+] Extracting robots Links.......[ 0 ]
117[+] Looking for sitemap.xml.......[ Found ]
118[+] Extracting sitemap Links......[ 0 ]
119[+] Extracting CSS Links..........[ 0 ]
120[+] Extracting Javascript Links...[ 0 ]
121[+] Extracting Internal Links.....[ 0 ]
122[+] Extracting External Links.....[ 7 ]
123[+] Extracting Images.............[ 15 ]
124
125[+] Total Links Extracted : 22
126
127[+] Dumping Links in /opt/FinalRecon/dumps/www.gip.gov.sa.dump
128[+] Completed!
129#######################################################################################################################################
130[i] Scanning Site: https://www.gip.gov.sa
131
132
133
134B A S I C I N F O
135====================
136
137
138[+] Site Title: رئاسة الاستخبارات العامة
139[+] IP address: 212.138.117.71
140[+] Web Server: Microsoft-IIS/8.5
141[+] CMS: Could Not Detect
142[+] Cloudflare: Not Detected
143[+] Robots File: Found
144
145
146
147W H O I S L O O K U P
148========================
149
150 % SaudiNIC Whois server.
151% Rights restricted by copyright.
152% http://nic.sa/en/view/whois-cmd-copyright
153
154Domain Name: gip.gov.sa
155
156 Registrant:
157 General Intelligence Presidency رئاسة الإستخبارات العامة (مركز المعلومات)
158 Address: لا يوجد
159 Riyadh الرياض
160 Saudi Arabia المملكة العربية السعودية
161
162 Administrative Contact:
163 م م
164 Address: *******
165 *************
166 *************************************
167
168 Technical Contact:
169 م م
170 Address: ********************
171 ******
172 ****
173
174 Name Servers:
175 gip-ns1.isu.net.sa
176 gip-ns2.isu.net.sa
177
178 DNSSEC: no
179
180Created on: 2007-11-06
181Last Updated on: 2018-11-21
182
183
184
185
186
187G E O I P L O O K U P
188=========================
189
190[i] IP Address: 212.138.117.71
191[i] Country: Saudi Arabia
192[i] State:
193[i] City:
194[i] Latitude: 25.0
195[i] Longitude: 45.0
196
197
198
199
200H T T P H E A D E R S
201=======================
202
203
204[i] HTTP/1.1 200 OK
205[i] Cache-Control: private
206[i] Content-Type: text/html; charset=utf-8
207[i] Server: Microsoft-IIS/8.5
208[i] X-Frame-Options: DENY
209[i] X-AspNetMvc-Version: 5.2
210[i] X-AspNet-Version: 4.0.30319
211[i] Set-Cookie: __RequestVerificationToken=yJfxTOyVYRlC-zXZfttNVynXq7biAgw6JnS77iQIZrwpSSfGKDxgaCi-WmqeXH8xYPN0VaSvB_vHxgCU73xu8bA_a7lDrHBgF-ARe1z4zGk1; path=/; HttpOnly
212[i] X-Powered-By: ASP.NET
213[i] Date: Sun, 01 Dec 2019 00:21:32 GMT
214[i] Connection: close
215[i] Content-Length: 31950
216
217
218
219
220D N S L O O K U P
221===================
222
223gip.gov.sa. 10799 IN SOA gip-ns1.isu.net.sa. hostmaster.gip.gov.sa. 2019101000 86400 3600 604800 10800
224gip.gov.sa. 10799 IN A 212.138.117.71
225gip.gov.sa. 10799 IN TXT "v=spf1 mx -all"
226gip.gov.sa. 10799 IN MX 10 cmail1.isu.sa.
227gip.gov.sa. 10799 IN MX 20 cmail2.isu.sa.
228gip.gov.sa. 10799 IN NS gip-ns2.isu.net.sa.
229gip.gov.sa. 10799 IN NS gip-ns1.isu.net.sa.
230
231
232
233
234S U B N E T C A L C U L A T I O N
235====================================
236
237Address = 212.138.117.71
238Network = 212.138.117.71 / 32
239Netmask = 255.255.255.255
240Broadcast = not needed on Point-to-Point links
241Wildcard Mask = 0.0.0.0
242Hosts Bits = 0
243Max. Hosts = 1 (2^0 - 0)
244Host Range = { 212.138.117.71 - 212.138.117.71 }
245
246
247
248N M A P P O R T S C A N
249============================
250
251Starting Nmap 7.70 ( https://nmap.org ) at 2019-12-01 00:21 UTC
252Nmap scan report for gip.gov.sa (212.138.117.71)
253Host is up (0.17s latency).
254
255PORT STATE SERVICE
25621/tcp filtered ftp
25722/tcp filtered ssh
25823/tcp filtered telnet
25980/tcp open http
260110/tcp filtered pop3
261143/tcp filtered imap
262443/tcp open https
2633389/tcp filtered ms-wbt-server
264
265Nmap done: 1 IP address (1 host up) scanned in 3.49 seconds
266
267
268
269S U B - D O M A I N F I N D E R
270==================================
271
272
273[i] Total Subdomains Found : 4
274
275[+] Subdomain: mx1.gip.gov.sa
276[-] IP: 212.138.117.191
277
278[+] Subdomain: mx2.gip.gov.sa
279[-] IP: 212.138.117.192
280
281[+] Subdomain: webmail.gip.gov.sa
282[-] IP: 212.138.117.190
283
284[+] Subdomain: www.gip.gov.sa
285[-] IP: 212.138.117.71
286#######################################################################################################################################
287[+] Starting At 2019-11-30 19:21:22.666724
288[+] Collecting Information On: https://www.gip.gov.sa/
289[#] Status: 200
290--------------------------------------------------
291[#] Web Server Detected: Microsoft-IIS/8.5
292[#] X-Powered-By: ASP.NET
293- Cache-Control: private
294- Content-Type: text/html; charset=utf-8
295- Server: Microsoft-IIS/8.5
296- X-Frame-Options: DENY
297- X-AspNetMvc-Version: 5.2
298- X-AspNet-Version: 4.0.30319
299- Set-Cookie: __RequestVerificationToken=LDxBPgD0lGSoc9VqAWlho2Wno_x6VJ8XdBDEyJo3xhCXe8PQiKwffIi6_6dcO4ZNmTbAkadaIY6E4qUKaE5-rhWztpF2yaEZM6JOr1fXORc1; path=/; HttpOnly
300- X-Powered-By: ASP.NET
301- Date: Sun, 01 Dec 2019 00:21:29 GMT
302- Content-Length: 31950
303--------------------------------------------------
304[#] Finding Location..!
305[#] status: success
306[#] country: Saudi Arabia
307[#] countryCode: SA
308[#] region: 01
309[#] regionName: Ar Riyāḑ
310[#] city: Riyadh
311[#] zip:
312[#] lat: 24.7323
313[#] lon: 46.8355
314[#] timezone: Asia/Riyadh
315[#] isp: ISU SUMMERIZATIONS
316[#] org:
317[#] as: AS8895 King Abdul Aziz City for Science and Technology
318[#] query: 212.138.117.71
319--------------------------------------------------
320[+] Detected WAF Presence in web application: ASP.NET Generic Web Application Protection
321--------------------------------------------------
322[#] Starting Reverse DNS
323[-] Failed ! Fail
324--------------------------------------------------
325[!] Scanning Open Port
326[#] 80/tcp open http
327[#] 443/tcp open https
328--------------------------------------------------
329[+] Collecting Information Disclosure!
330[#] Detecting sitemap.xml file
331[-] sitemap.xml file not Found!?
332[#] Detecting robots.txt file
333[-] robots.txt file not Found!?
334[#] Detecting GNU Mailman
335[-] GNU Mailman App Not Detected!?
336--------------------------------------------------
337[+] Crawling Url Parameter On: https://www.gip.gov.sa/
338--------------------------------------------------
339[#] Searching Html Form !
340[+] Html Form Discovered
341[#] action: /Home/Mail
342[#] class: None
343[#] id: ContactUsForm
344[#] method: post
345--------------------------------------------------
346[!] Found 4 dom parameter
347[#] https://www.gip.gov.sa//#
348[#] https://www.gip.gov.sa///Home/Index#ContactUs
349[#] https://www.gip.gov.sa//#carousel-example-generic
350[#] https://www.gip.gov.sa//#carousel-example-generic
351--------------------------------------------------
352[-] No internal Dynamic Parameter Found!?
353--------------------------------------------------
354[-] No external Dynamic Paramter Found!?
355--------------------------------------------------
356[!] 35 Internal links Discovered
357[+] https://www.gip.gov.sa///99D11CCC83A6/F5C39355202C/new_logo/png
358[+] https://www.gip.gov.sa///3E6D27023BA4
359[+] https://www.gip.gov.sa///5F03E095D45F
360[+] https://www.gip.gov.sa///DD17A5A2FDA3
361[+] https://www.gip.gov.sa///16402B4814F0
362[+] https://www.gip.gov.sa///Home/ChangeLanguage/2
363[+] https://www.gip.gov.sa///
364[+] https://www.gip.gov.sa///Home/Page/Vision
365[+] https://www.gip.gov.sa///Home/Page/Mission
366[+] https://www.gip.gov.sa///Home/Page/Leaders
367[+] https://www.gip.gov.sa///Home/Page/President
368[+] https://www.gip.gov.sa///Home/Page/AboutKSA
369[+] https://www.gip.gov.sa///Home/Page/Careers
370[+] https://www.gip.gov.sa///News
371[+] https://www.gip.gov.sa///News
372[+] https://www.gip.gov.sa///News
373[+] https://www.gip.gov.sa///News/Read/qpqC2ujq
374[+] https://www.gip.gov.sa///News/Read/qpqC2ujq
375[+] https://www.gip.gov.sa///News/Read/uZiDYgB6
376[+] https://www.gip.gov.sa///News/Read/uZiDYgB6
377[+] https://www.gip.gov.sa///News/Read/hwcBZlFk
378[+] https://www.gip.gov.sa///News/Read/hwcBZlFk
379[+] https://www.gip.gov.sa///News/Read/E9UAo25z
380[+] https://www.gip.gov.sa///News/Read/E9UAo25z
381[+] https://www.gip.gov.sa///News/Read/zz5Y4YcE
382[+] https://www.gip.gov.sa///News/Read/zz5Y4YcE
383[+] https://www.gip.gov.sa///News/Read/WogVghOu
384[+] https://www.gip.gov.sa///News/Read/WogVghOu
385[+] https://www.gip.gov.sa///News/Read/fUZ6Zb9F
386[+] https://www.gip.gov.sa///News/Read/fUZ6Zb9F
387[+] https://www.gip.gov.sa///News/Read/V5GgwXiq
388[+] https://www.gip.gov.sa///News/Read/V5GgwXiq
389[+] https://www.gip.gov.sa//mailto:info@gip.gov.sa
390[+] https://www.gip.gov.sa//mailto:help@gip.gov.sa
391[+] https://www.gip.gov.sa///
392--------------------------------------------------
393[!] 7 External links Discovered
394[#] https://www.moi.gov.sa/wps/portal/Home/sectors/investigationdepartment/contents/!ut/p/z1/rVJLc4IwEP4r9sBRshIksbcM04r2qR2q5tIJEJEOEIoptP--6ePSh2KnzS07336P3UUcLREvRZOlQmeqFLn5r7h3BxPXDQauc0bd61NgM2fqM3_ijImHFm8Af8wCl5wD0PPxECYsCOejGcbAMOKH9MOOx-DA_t0Avp_-FnHE41JXeoNWWdnIrf5I31PrdRZLCz5XE1mJWhey1D1RW6A3steKUsukV0lV5fKVr4qzBK0ckriOi6FPIuz0XfBEPxJe3I_IiOIBiCQmMZp2BTQbyO4fHjgzNpXRedJo-S8-F69O92hPva8AYNQAGL4NAjJzrujgA7Bv-13zN_nTXEXvp8bKCNMU8VquZS1r-7E25Y3W1fbYAgvatrVTpdJc2rEq7K2w4KeujdqaGX0Do5U5FbJ71AQtmky2KCxVXRg_N7_cZAAdCpfOHxU66Id_pL8RNaqKMAwLiod5U53M6TPOm8KP6MUJHqbFHTt6ARTSQCk!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
395[#] https://www.moi.gov.sa/wps/portal/Home/sectors/investigationdepartment/contents/!ut/p/z1/rZLLUsIwFIZfpS66hByaXlJ3GUYpiBdgCpKNk5ZQ6rRNaWOrb29QNl4AHc0uZ77zn_9cEEP3iBW8SROuUlnwTP-XzH2AoW0HPdu6IvbdJdCJNerT_tAaeC5avAH9AQ1sbwxAxgMHhjQIp_4EY6AYsZ_kw4FH4Yf5hwF2XH6OGGJxoUq1Qcu0aESt9t0bcr1OY2HCx-hKlLxSuSiUwSsT1EYYLS-UWBmlkGWm-SytlUGcnXAZpyu0tMGOXV_gDhHgd2wMpBO5nHciQtyYWD3fJT4anepUryJ93G4Z1X6lLvis0P3_Gl7sLB8xMXI_A0CJBiieB4E3sW5Jbw8cu4dTG9GDSDIZvR8fLSJMEsQqsRaVqLpPlQ5vlCrrcxNMaNu2m0iZZKIby7xbcxO-y9rIWg_rC4yW-ni8wzP30KJJRYvCQla59jP75UoDOFHhxvpjhRPyzh_lZ7xCZR6GYU6wkzXlxZS84KzJ-xG5vsBOkj_Qs1eyJxjs/dz/d5/L2dBISEvZ0FBIS9nQSEh/
396[#] https://www.moi.gov.sa/wps/portal/Home/sectors/investigationdepartment/contents/!ut/p/z1/rZLLcpswFIZfxVmwxDoGAXJ2itsau540tockaJORQVw6IGFQIXn7KJdNm9hOJtVOZ77zn_9cEEO3iEnelznXpZK8Mv-Y-XewwDicYOcnwVc_gK6d5YzOFs488NHNMzCb0xAHKwCymnuwoGG0ma5dF6iL2Efy4cCj8MH8wwA7Ln-NGGKJ1I0uUFzKXnT6tfuRyrIyERb8HU1Fw1tdC6kt0IUYDVxqkY4aoZrKwFXZ6REOnlSbpExR7E19Pp1Aau8837Ux5tjmqcB2QIiTJWnmg6GXp9o0eyh_7_eMGrPKFLzX6PY_ur158nvEwdL_FwBKDEDd6zAM1s4vMnkFjl3CqV2YKeSV2r2cHZU7l-SItSITrWjHf1oTLrRuunMLLBiGYZwrlVdinKh63HEL3ssqVGcm9QZGWyFRbE4nODx0M5W-FAOKpGpr42n7yZ2GcKLCpfPFCifkvS_KN3UURTVxvapvvm_Ig1v1RV7ffbu4tONlfnb2CEv0_HQ!/dz/d5/L0lHSkovd0RNQURrQUVnQSEhLzROVkUvYXI!/
397[#] http://www.saudi.gov.sa
398[#] https://www.moi.gov.sa
399[#] http://www.moda.gov.sa
400[#] http://vision2030.gov.sa
401--------------------------------------------------
402[#] Mapping Subdomain..
403[!] Found 5 Subdomain
404- gip.gov.sa
405- mx1.gip.gov.sa
406- mx2.gip.gov.sa
407- webmail.gip.gov.sa
408- www.gip.gov.sa
409--------------------------------------------------
410[!] Done At 2019-11-30 19:22:47.044204
411#######################################################################################################################################
412[INFO] ------TARGET info------
413[*] TARGET: https://www.gip.gov.sa/
414[*] TARGET IP: 212.138.117.71
415[INFO] NO load balancer detected for www.gip.gov.sa...
416[*] DNS servers: gip-ns1.isu.net.sa.
417[*] TARGET server: Microsoft-IIS/8.5
418[*] CC: SA
419[*] Country: Saudi Arabia
420[*] RegionCode: 01
421[*] RegionName: Ar Riyāḑ
422[*] City: Riyadh
423[*] ASN: AS8895
424[*] BGP_PREFIX: 212.138.0.0/16
425[*] ISP: ISU King Abdul Aziz City for Science and Technology, SA
426[INFO] SSL/HTTPS certificate detected
427[*] Issuer: issuer=C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", OU = http://certs.godaddy.com/repository/, CN = Go Daddy Secure Certificate Authority - G2
428[*] Subject: subject=OU = Domain Control Validated, CN = *.gip.gov.sa
429[INFO] DNS enumeration:
430[*] mx2.gip.gov.sa 212.138.117.192
431[*] webmail.gip.gov.sa 212.138.117.190
432[INFO] Possible abuse mails are:
433[*] abuse@gip.gov.sa
434[*] abuse@isu.net.sa
435[*] abuse@www.gip.gov.sa
436[INFO] NO PAC (Proxy Auto Configuration) file FOUND
437[ALERT] robots.txt file FOUND in http://www.gip.gov.sa/robots.txt
438[INFO] Checking for HTTP status codes recursively from http://www.gip.gov.sa/robots.txt
439[INFO] Status code Folders
440[INFO] Starting FUZZing in http://www.gip.gov.sa/FUzZzZzZzZz...
441[INFO] Status code Folders
442[*] 200 http://www.gip.gov.sa/index
443[*] 200 http://www.gip.gov.sa/images
444[*] 200 http://www.gip.gov.sa/download
445[*] 200 http://www.gip.gov.sa/2006
446[*] 200 http://www.gip.gov.sa/news
447[*] 200 http://www.gip.gov.sa/crack
448[*] 200 http://www.gip.gov.sa/serial
449[*] 200 http://www.gip.gov.sa/warez
450[*] 200 http://www.gip.gov.sa/full
451[*] 200 http://www.gip.gov.sa/12
452[ALERT] Look in the source code. It may contain passwords
453
454Recherche 212.138.117.71
455Connexion HTTP à 212.138.117.71
456Envoi de la requête HTTP.
457Requête HTTP envoyée. Attente de réponse.
458HTTP/1.1 301 Moved Permanently
459Transfert de données terminé
460HTTP/1.1 301 Moved Permanently
461Utilisation de https://212.138.117.71/
462Recherche 212.138.117.71
463Connexion HTTPS à 212.138.117.71
464
465lynx : accès impossible au fichier de départ http://212.138.117.71/
466[INFO] Links found from https://www.gip.gov.sa/ http://212.138.117.71/:
467[*] https://www.gip.gov.sa/
468[*] https://www.gip.gov.sa/#carousel-example-generic
469[*] https://www.gip.gov.sa/Home/ChangeLanguage/2
470[*] https://www.gip.gov.sa/Home/Index#ContactUs
471[*] https://www.gip.gov.sa/Home/Page/AboutKSA
472[*] https://www.gip.gov.sa/Home/Page/Careers
473[*] https://www.gip.gov.sa/Home/Page/Leaders
474[*] https://www.gip.gov.sa/Home/Page/Mission
475[*] https://www.gip.gov.sa/Home/Page/President
476[*] https://www.gip.gov.sa/Home/Page/Vision
477[*] https://www.gip.gov.sa/News
478[*] https://www.gip.gov.sa/News/Read/E9UAo25z
479[*] https://www.gip.gov.sa/News/Read/fUZ6Zb9F
480[*] https://www.gip.gov.sa/News/Read/hwcBZlFk
481[*] https://www.gip.gov.sa/News/Read/qpqC2ujq
482[*] https://www.gip.gov.sa/News/Read/uZiDYgB6
483[*] https://www.gip.gov.sa/News/Read/V5GgwXiq
484[*] https://www.gip.gov.sa/News/Read/WogVghOu
485[*] https://www.gip.gov.sa/News/Read/zz5Y4YcE
486[*] https://www.moi.gov.sa/
487[*] https://www.moi.gov.sa/wps/portal/Home/sectors/investigationdepartment/contents/!ut/p/z1/rVJLc4IwEP4r9sBRshIksbcM04r2qR2q5tIJEJEOEIoptP--6ePSh2KnzS07336P3UUcLREvRZOlQmeqFLn5r7h3BxPXDQauc0bd61NgM2fqM3_ijImHFm8Af8wCl5wD0PPxECYsCOejGcbAMOKH9MOOx-DA_t0Avp_-FnHE41JXeoNWWdnIrf5I31PrdRZLCz5XE1mJWhey1D1RW6A3steKUsukV0lV5fKVr4qzBK0ckriOi6FPIuz0XfBEPxJe3I_IiOIBiCQmMZp2BTQbyO4fHjgzNpXRedJo-S8-F69O92hPva8AYNQAGL4NAjJzrujgA7Bv-13zN_nTXEXvp8bKCNMU8VquZS1r-7E25Y3W1fbYAgvatrVTpdJc2rEq7K2w4KeujdqaGX0Do5U5FbJ71AQtmky2KCxVXRg_N7_cZAAdCpfOHxU66Id_pL8RNaqKMAwLiod5U53M6TPOm8KP6MUJHqbFHTt6ARTSQCk!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
488[*] https://www.moi.gov.sa/wps/portal/Home/sectors/investigationdepartment/contents/!ut/p/z1/rZLLcpswFIZfxVmwxDoGAXJ2itsau540tockaJORQVw6IGFQIXn7KJdNm9hOJtVOZ77zn_9cEEO3iEnelznXpZK8Mv-Y-XewwDicYOcnwVc_gK6d5YzOFs488NHNMzCb0xAHKwCymnuwoGG0ma5dF6iL2Efy4cCj8MH8wwA7Ln-NGGKJ1I0uUFzKXnT6tfuRyrIyERb8HU1Fw1tdC6kt0IUYDVxqkY4aoZrKwFXZ6REOnlSbpExR7E19Pp1Aau8837Ux5tjmqcB2QIiTJWnmg6GXp9o0eyh_7_eMGrPKFLzX6PY_ur158nvEwdL_FwBKDEDd6zAM1s4vMnkFjl3CqV2YKeSV2r2cHZU7l-SItSITrWjHf1oTLrRuunMLLBiGYZwrlVdinKh63HEL3ssqVGcm9QZGWyFRbE4nODx0M5W-FAOKpGpr42n7yZ2GcKLCpfPFCifkvS_KN3UURTVxvapvvm_Ig1v1RV7ffbu4tONlfnb2CEv0_HQ!/dz/d5/L0lHSkovd0RNQURrQUVnQSEhLzROVkUvYXI!/
489[*] https://www.moi.gov.sa/wps/portal/Home/sectors/investigationdepartment/contents/!ut/p/z1/rZLLUsIwFIZfpS66hByaXlJ3GUYpiBdgCpKNk5ZQ6rRNaWOrb29QNl4AHc0uZ77zn_9cEEP3iBW8SROuUlnwTP-XzH2AoW0HPdu6IvbdJdCJNerT_tAaeC5avAH9AQ1sbwxAxgMHhjQIp_4EY6AYsZ_kw4FH4Yf5hwF2XH6OGGJxoUq1Qcu0aESt9t0bcr1OY2HCx-hKlLxSuSiUwSsT1EYYLS-UWBmlkGWm-SytlUGcnXAZpyu0tMGOXV_gDhHgd2wMpBO5nHciQtyYWD3fJT4anepUryJ93G4Z1X6lLvis0P3_Gl7sLB8xMXI_A0CJBiieB4E3sW5Jbw8cu4dTG9GDSDIZvR8fLSJMEsQqsRaVqLpPlQ5vlCrrcxNMaNu2m0iZZKIby7xbcxO-y9rIWg_rC4yW-ni8wzP30KJJRYvCQla59jP75UoDOFHhxvpjhRPyzh_lZ7xCZR6GYU6wkzXlxZS84KzJ-xG5vsBOkj_Qs1eyJxjs/dz/d5/L2dBISEvZ0FBIS9nQSEh/
490[*] http://vision2030.gov.sa/
491[*] http://www.moda.gov.sa/
492[*] http://www.saudi.gov.sa/
493cut: les champs sont numérotés à partir de 1
494Saisissez « cut --help » pour plus d'informations.
495[INFO] BING shows 212.138.117.71 is shared with 13 hosts/vhosts
496[INFO] Shodan detected the following opened ports on 212.138.117.71:
497[*] 0
498[*] 2
499[*] 443
500[*] 6
501[*] 80
502[INFO] ------VirusTotal SECTION------
503[INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
504[INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
505[INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
506[INFO] ------Alexa Rank SECTION------
507[INFO] Percent of Visitors Rank in Country:
508[INFO] Percent of Search Traffic:
509[INFO] Percent of Unique Visits:
510[INFO] Total Sites Linking In:
511[*] Total Sites
512[INFO] Useful links related to www.gip.gov.sa - 212.138.117.71:
513[*] https://www.virustotal.com/pt/ip-address/212.138.117.71/information/
514[*] https://www.hybrid-analysis.com/search?host=212.138.117.71
515[*] https://www.shodan.io/host/212.138.117.71
516[*] https://www.senderbase.org/lookup/?search_string=212.138.117.71
517[*] https://www.alienvault.com/open-threat-exchange/ip/212.138.117.71
518[*] http://pastebin.com/search?q=212.138.117.71
519[*] http://urlquery.net/search.php?q=212.138.117.71
520[*] http://www.alexa.com/siteinfo/www.gip.gov.sa
521[*] http://www.google.com/safebrowsing/diagnostic?site=www.gip.gov.sa
522[*] https://censys.io/ipv4/212.138.117.71
523[*] https://www.abuseipdb.com/check/212.138.117.71
524[*] https://urlscan.io/search/#212.138.117.71
525[*] https://github.com/search?q=212.138.117.71&type=Code
526[INFO] Useful links related to AS8895 - 212.138.0.0/16:
527[*] http://www.google.com/safebrowsing/diagnostic?site=AS:8895
528[*] https://www.senderbase.org/lookup/?search_string=212.138.0.0/16
529[*] http://bgp.he.net/AS8895
530[*] https://stat.ripe.net/AS8895
531[INFO] Date: 30/11/19 | Time: 19:25:07
532[INFO] Total time: 3 minute(s) and 42 second(s)
533#######################################################################################################################################
534Trying "gip.gov.sa"
535;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42154
536;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 2, ADDITIONAL: 0
537
538;; QUESTION SECTION:
539;gip.gov.sa. IN ANY
540
541;; ANSWER SECTION:
542gip.gov.sa. 0 IN A 212.138.117.71
543gip.gov.sa. 0 IN TXT "v=spf1 mx -all"
544gip.gov.sa. 0 IN MX 20 cmail2.isu.sa.
545gip.gov.sa. 0 IN MX 10 cmail1.isu.sa.
546gip.gov.sa. 0 IN SOA gip-ns1.isu.net.sa. hostmaster.gip.gov.sa. 2019101000 86400 3600 604800 10800
547gip.gov.sa. 0 IN NS gip-ns2.isu.net.sa.
548gip.gov.sa. 0 IN NS gip-ns1.isu.net.sa.
549
550;; AUTHORITY SECTION:
551gip.gov.sa. 3599 IN NS gip-ns2.isu.net.sa.
552gip.gov.sa. 3599 IN NS gip-ns1.isu.net.sa.
553
554Received 248 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 738 ms
555#######################################################################################################################################
556; <<>> DiG 9.11.5-P4-5.1+b1-Debian <<>> +trace gip.gov.sa any
557;; global options: +cmd
558. 86028 IN NS a.root-servers.net.
559. 86028 IN NS g.root-servers.net.
560. 86028 IN NS c.root-servers.net.
561. 86028 IN NS f.root-servers.net.
562. 86028 IN NS h.root-servers.net.
563. 86028 IN NS e.root-servers.net.
564. 86028 IN NS k.root-servers.net.
565. 86028 IN NS l.root-servers.net.
566. 86028 IN NS i.root-servers.net.
567. 86028 IN NS b.root-servers.net.
568. 86028 IN NS m.root-servers.net.
569. 86028 IN NS d.root-servers.net.
570. 86028 IN NS j.root-servers.net.
571. 86028 IN RRSIG NS 8 0 518400 20191213170000 20191130160000 22545 . gGZBrktIkbjNA4wid3KNGdKGTzJmQZVsUjOy9/Itndl7kOXJbr+0iFy1 2IP85x69mlNuvmVBvSEMRxZK6L54hqiW90W6NJ8S7KoughDBayvxcmVq L9v2kRc6JE/cNruyKH1oC+Nm8S1V+ocfOifpm6epGP7B3W3StNSinVvQ +i8h0AziAUpzUcgWqBf9pxx7II199HAkb440poK3BbiBwWJ+F0GGKoFz f+POa3W/jJg1ZYcbQNtDtNxuvv2GBXAPPOkNpFM5+fJdlkYrqcky4hen 9XNjzFXe9/SPMt6FAMt2QPv1oszpFRa3vmlxahrJWRtA75kd5SNP2Ejr UavrOg==
572;; Received 525 bytes from 185.93.180.131#53(185.93.180.131) in 529 ms
573
574sa. 172800 IN NS i.nic.net.sa.
575sa. 172800 IN NS n.nic.net.sa.
576sa. 172800 IN NS p.nic.net.sa.
577sa. 172800 IN NS s.nic.net.sa.
578sa. 172800 IN NS s2.nic.net.sa.
579sa. 172800 IN NS ns1.nic.net.sa.
580sa. 172800 IN NS ns2.nic.net.sa.
581sa. 86400 IN DS 30574 8 2 02FC3370C8453439627440B913A8C0A6A4698F9E503F6BBB553D75D7 7E34367E
582sa. 86400 IN RRSIG DS 8 1 86400 20191213170000 20191130160000 22545 . RMIj0O/u0K18U4MBQQFbsRYcCq1EwSwSY5PIUFlHMetqRj18/EVQPAzz L4aV0xVQu/eCWE/UFwFhOyJBHgrgSUo4Z6H5H1e+luZcZ9COUpWFy5Ss x2vXN0ic41/7v4l6yiyYvNFf2sYfhpV2acEbAitbTpJZkxpgaMggHhyE 6dAzOb5Jcg9HG8mDsMQQmUcldrKWbrQLeqV1E6cLWTAKbAAIX5PFHDri hpwd16HRub9pgrzvTwPBNRODIMdKcx4YUMJGn3qJYZmftqwYxSXU8kD6 R3PqpDnRBQ9RbNrzd83a66T9/epBk9cILaW49uwxyJsFRxdhjZkPdpX7 rCZpZw==
583;; Received 807 bytes from 199.7.91.13#53(d.root-servers.net) in 518 ms
584
585gip.gov.sa. 3600 IN NS gip-ns2.isu.net.sa.
586gip.gov.sa. 3600 IN NS gip-ns1.isu.net.sa.
587kvnres9rkm0a01pu2u52s66olvpecbg5.gov.sa. 3600 IN NSEC3 1 1 5 55D71318097371EC MDGV83R1VIJAFL7VTP000E1NMEUP3SLL NS SOA RRSIG DNSKEY NSEC3PARAM
588kvnres9rkm0a01pu2u52s66olvpecbg5.gov.sa. 3600 IN RRSIG NSEC3 8 3 3600 20191213160740 20191129150701 65268 gov.sa. SR0sAkSDyMe8LIej1VVEK14epgx58ARMCL8jfqMUX/jNO7eHzIS6gQEX 0l2JWIonZBRMHh506c/4zbBOWRWW3FhAlAnbLTqqVciZQAJyX0qRITOB pB8GEJ7675lbTItXPbYEBYXxYufVv5TWcSyDjFMeW39BoDJi57nRXL35 U473uSwGLeitwPvz2hnET4lHdMFOF359nFVxXsuKsKmGOAEds7nPMkb7 b+p2Ka9JIjorRD6hhWEY3OAyVyn+tjbfx5zvOywqfmB/qWf43lD6L70/ GmqPCzubZtqsLNg8MBuA+ZBU6oWWaHTXxAu3xn3tNqxIsDxQVkSLXC+L uSp1UQ==
5899g2v1n7ta1ajtf52j7ntj3kfl083tjmb.gov.sa. 3600 IN NSEC3 1 1 5 55D71318097371EC FT8TLOVH9HJ2ONKM60G6B3B45MJMNQO7 NS DS RRSIG
5909g2v1n7ta1ajtf52j7ntj3kfl083tjmb.gov.sa. 3600 IN RRSIG NSEC3 8 3 3600 20191213160706 20191129150701 65268 gov.sa. SK9vxqF509ZImVQpA3DuIk5IiRCpA06FxI5W8tyEgh+I43AD0eE71CeW Hqn7SMPB5/LuNVHuCcjUbyRHkXcOjfsjwpYanyhgPBe2IV3+5HILckHt vi0/4YbLka4oKR3/oRA03ipFJjravGZAR6MtvT9Zv9fM+WCxlSCS2qmC zOrsO3GS5F+LzkuOpoLSnBFy/aj0g6E0J5I1a7E5pn8djvn68gJ8elf2 fDUoZpJNRxheR7Ul1pMwBXXDYSHESIS5tWH6TUtHJIj5vKHsH7MU5NZp dj0uBdAdlhB+DhtyO02vZaEs1F7pTNz43/GYDmBL6UxtPGga5tUqx23C OHyzng==
591;; Received 882 bytes from 2001:16a0:1:3002::2#53(s.nic.net.sa) in 188 ms
592
593gip.gov.sa. 10800 IN SOA gip-ns1.isu.net.sa. hostmaster.gip.gov.sa. 2019101000 86400 3600 604800 10800
594gip.gov.sa. 10800 IN NS gip-ns1.isu.net.sa.
595gip.gov.sa. 10800 IN NS gip-ns2.isu.net.sa.
596gip.gov.sa. 10800 IN MX 20 cmail2.isu.sa.
597gip.gov.sa. 10800 IN MX 10 cmail1.isu.sa.
598gip.gov.sa. 10800 IN TXT "v=spf1 mx -all"
599gip.gov.sa. 10800 IN A 212.138.117.71
600;; Received 231 bytes from 212.138.117.73#53(gip-ns1.isu.net.sa) in 365 ms
601#######################################################################################################################################
602[*] Processing domain gip.gov.sa
603[*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
604[+] Getting nameservers
605212.138.117.73 - gip-ns1.isu.net.sa
606212.138.117.74 - gip-ns2.isu.net.sa
607[-] Zone transfer failed
608
609[+] TXT records found
610"v=spf1 mx -all"
611
612[+] MX records found, added to target list
61310 cmail1.isu.sa.
61420 cmail2.isu.sa.
615
616[*] Scanning gip.gov.sa for A records
617212.138.117.71 - gip.gov.sa
618212.138.117.192 - mx2.gip.gov.sa
619212.138.117.191 - mx1.gip.gov.sa
620212.138.117.190 - webmail.gip.gov.sa
621212.138.117.71 - www.gip.gov.sa
622#######################################################################################################################################
623 1 10.252.204.1 (10.252.204.1) 216.960 ms 216.911 ms 216.879 ms
624 2 213.184.122.97 (213.184.122.97) 216.883 ms 216.848 ms 216.815 ms
625 3 bzq-82-80-246-9.cablep.bezeqint.net (82.80.246.9) 216.730 ms 216.695 ms 216.660 ms
626 4 bzq-179-124-185.cust.bezeqint.net (212.179.124.185) 216.637 ms bzq-219-189-185.cablep.bezeqint.net (62.219.189.185) 320.996 ms 321.013 ms
627 5 bzq-114-65-2.cust.bezeqint.net (192.114.65.2) 216.509 ms bzq-179-124-34.cust.bezeqint.net (212.179.124.34) 216.501 ms bzq-114-65-1.cust.bezeqint.net (192.114.65.1) 320.907 ms
628 6 bzq-179-161-218.pop.bezeqint.net (212.179.161.218) 320.996 ms 482.044 ms 481.974 ms
629 7 ae8.cr1-fra2.ip4.gtt.net (46.33.89.237) 481.972 ms bzq-179-124-42.cust.bezeqint.net (212.179.124.42) 481.860 ms bzq-179-161-218.pop.bezeqint.net (212.179.161.218) 481.873 ms
630 8 xe-0-1-0.ar2-lon1.ip4.gtt.net (89.149.187.22) 481.923 ms 481.865 ms 481.848 ms
631 9 integrated-telecom-gw.ip4.gtt.net (46.33.91.218) 481.870 ms * 3610.982 ms
63210 integrated-telecom-gw.ip4.gtt.net (46.33.91.218) 481.790 ms * 330.220 ms
63311 * * *
634#######################################################################################################################################
635
636
637 AVAILABLE PLUGINS
638 -----------------
639
640 FallbackScsvPlugin
641 OpenSslCipherSuitesPlugin
642 HttpHeadersPlugin
643 CertificateInfoPlugin
644 HeartbleedPlugin
645 EarlyDataPlugin
646 RobotPlugin
647 OpenSslCcsInjectionPlugin
648 CompressionPlugin
649 SessionRenegotiationPlugin
650 SessionResumptionPlugin
651
652
653
654 CHECKING HOST(S) AVAILABILITY
655 -----------------------------
656
657 212.138.117.71:443 => 212.138.117.71
658
659
660
661
662 SCAN RESULTS FOR 212.138.117.71:443 - 212.138.117.71
663 ----------------------------------------------------
664
665 * TLSV1_3 Cipher Suites:
666 Server rejected all cipher suites.
667
668 * Downgrade Attacks:
669 TLS_FALLBACK_SCSV: VULNERABLE - Signaling cipher suite not supported
670
671 * Session Renegotiation:
672 Client-initiated Renegotiation: OK - Rejected
673 Secure Renegotiation: OK - Supported
674
675 * Certificate Information:
676 Content
677 SHA1 Fingerprint: bf150f50f9457396c8b63b5bfabf9845bbb9c6fa
678 Common Name: *.gip.gov.sa
679 Issuer: Go Daddy Secure Certificate Authority - G2
680 Serial Number: 5344631885861959810
681 Not Before: 2019-10-12 10:53:33
682 Not After: 2020-10-12 10:53:33
683 Signature Algorithm: sha256
684 Public Key Algorithm: RSA
685 Key Size: 2048
686 Exponent: 65537 (0x10001)
687 DNS Subject Alternative Names: ['*.gip.gov.sa', 'gip.gov.sa']
688
689 Trust
690 Hostname Validation: FAILED - Certificate does NOT match 212.138.117.71
691 Android CA Store (9.0.0_r9): OK - Certificate is trusted
692 Apple CA Store (iOS 12, macOS 10.14, watchOS 5, and tvOS 12):OK - Certificate is trusted
693 Java CA Store (jdk-12.0.1): OK - Certificate is trusted
694 Mozilla CA Store (2019-03-14): OK - Certificate is trusted
695 Windows CA Store (2019-05-27): OK - Certificate is trusted
696 Symantec 2018 Deprecation: WARNING: Certificate distrusted by Google and Mozilla on September 2018
697 Received Chain: *.gip.gov.sa --> Go Daddy Secure Certificate Authority - G2
698 Verified Chain: *.gip.gov.sa --> Go Daddy Secure Certificate Authority - G2 --> Go Daddy Root Certificate Authority - G2
699 Received Chain Contains Anchor: OK - Anchor certificate not sent
700 Received Chain Order: OK - Order is valid
701 Verified Chain contains SHA1: OK - No SHA1-signed certificate in the verified certificate chain
702
703 Extensions
704 OCSP Must-Staple: NOT SUPPORTED - Extension not found
705 Certificate Transparency: WARNING - Only 2 SCTs included but Google recommends 3 or more
706
707 OCSP Stapling
708 OCSP Response Status: successful
709 Validation w/ Mozilla Store: OK - Response is trusted
710 Responder Id: C = US, ST = Arizona, L = Scottsdale, O = GoDaddy Inc., CN = Go Daddy Validation Authority - G2
711 Cert Status: good
712 Cert Serial Number: 4A2BF26214073882
713 This Update: Nov 29 17:32:27 2019 GMT
714 Next Update: Dec 1 05:32:27 2019 GMT
715
716 * TLSV1_1 Cipher Suites:
717 Forward Secrecy OK - Supported
718 RC4 OK - Not Supported
719
720 Preferred:
721 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
722 Accepted:
723 TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
724 TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
725 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits Timeout on HTTP GET
726 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
727 Undefined - An unexpected error happened:
728 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA timeout - timed out
729 TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA timeout - timed out
730
731 * OpenSSL Heartbleed:
732 OK - Not vulnerable to Heartbleed
733
734 * TLSV1_2 Cipher Suites:
735 Forward Secrecy OK - Supported
736 RC4 OK - Not Supported
737
738 Preferred:
739 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 256 bits HTTP 200 OK
740 Accepted:
741 TLS_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
742 TLS_RSA_WITH_AES_256_CBC_SHA256 256 bits Timeout on HTTP GET
743 TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
744 TLS_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
745 TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
746 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 256 bits HTTP 200 OK
747 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
748 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
749 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
750 Undefined - An unexpected error happened:
751 TLS_RSA_WITH_AES_128_GCM_SHA256 timeout - timed out
752 TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA timeout - timed out
753 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 timeout - timed out
754 TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 timeout - timed out
755 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 timeout - timed out
756 RSA_WITH_AES_256_CCM_8 timeout - timed out
757
758 * TLS 1.2 Session Resumption Support:
759 With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
760 With TLS Tickets: NOT SUPPORTED - TLS ticket not assigned.
761
762 * ROBOT Attack:
763 OK - Not vulnerable
764
765 * OpenSSL CCS Injection:
766 OK - Not vulnerable to OpenSSL CCS injection
767
768 * SSLV2 Cipher Suites:
769 Server rejected all cipher suites.
770
771 * Deflate Compression:
772 OK - Compression disabled
773
774 * TLSV1 Cipher Suites:
775 Server rejected all cipher suites.
776
777 * SSLV3 Cipher Suites:
778 Server rejected all cipher suites.
779
780
781 SCAN COMPLETED IN 59.44 S
782 -------------------------
783#######################################################################################################################################
784
785
786Domains still to check: 1
787 Checking if the hostname gip.gov.sa. given is in fact a domain...
788
789Analyzing domain: gip.gov.sa.
790 Checking NameServers using system default resolver...
791 IP: 212.138.117.73 (Saudi Arabia)
792 HostName: gip-ns1.isu.net.sa Type: NS
793 HostName: gip-ns1.isu.net.sa Type: PTR
794 IP: 212.138.117.74 (Saudi Arabia)
795 HostName: gip-ns2.isu.net.sa Type: NS
796 HostName: gip-ns2.isu.net.sa Type: PTR
797
798 Checking MailServers using system default resolver...
799 IP: 212.138.116.69 (Saudi Arabia)
800 HostName: cmail1.isu.sa Type: MX
801 HostName: cmail1.isu.sa Type: PTR
802 IP: 212.138.116.70 (Saudi Arabia)
803 HostName: cmail2.isu.sa Type: MX
804 HostName: cmail2.isu.sa Type: PTR
805
806 Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
807 No zone transfer found on nameserver 212.138.117.74
808 No zone transfer found on nameserver 212.138.117.73
809
810 Checking SPF record...
811
812 Checking 192 most common hostnames using system default resolver...
813 IP: 212.138.117.71 (Saudi Arabia)
814 HostName: www.gip.gov.sa. Type: A
815 IP: 212.138.117.190 (Saudi Arabia)
816 HostName: webmail.gip.gov.sa. Type: A
817
818 Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
819 Checking netblock 212.138.116.0
820 Checking netblock 212.138.117.0
821
822 Searching for gip.gov.sa. emails in Google
823 help@gip.gov.sa
824 help@gip.gov.sa�
825 info@gip.gov.sa
826 help@gip.gov.sa.
827
828 Checking 6 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
829 Host 212.138.116.70 is up (reset ttl 64)
830 Host 212.138.116.69 is up (reset ttl 64)
831 Host 212.138.117.74 is up (reset ttl 64)
832 Host 212.138.117.73 is up (reset ttl 64)
833 Host 212.138.117.71 is up (reset ttl 64)
834 Host 212.138.117.190 is down
835
836 Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
837 Scanning ip 212.138.116.70 (cmail2.isu.sa (PTR)):
838 Scanning ip 212.138.116.69 (cmail1.isu.sa (PTR)):
839 Scanning ip 212.138.117.74 (gip-ns2.isu.net.sa (PTR)):
840 53/tcp open domain syn-ack ttl 53 ISC BIND
841 Running (JUST GUESSING): Linux 2.6.X|4.X|3.X (91%)
842 Scanning ip 212.138.117.73 (gip-ns1.isu.net.sa (PTR)):
843 53/tcp open domain syn-ack ttl 53 ISC BIND
844 Running (JUST GUESSING): Linux 2.6.X|4.X|3.X (91%)
845 Scanning ip 212.138.117.71 (www.gip.gov.sa.):
846 80/tcp open http syn-ack ttl 117 Microsoft IIS httpd 8.5
847 |_http-server-header: Microsoft-IIS/8.5
848 |_https-redirect: ERROR: Script execution failed (use -d to debug)
849 443/tcp open ssl/http syn-ack ttl 117 Microsoft IIS httpd 8.5
850 |_http-server-header: Microsoft-IIS/8.5
851 | ssl-cert: Subject: commonName=*.gip.gov.sa
852 | Subject Alternative Name: DNS:*.gip.gov.sa, DNS:gip.gov.sa
853 | Issuer: commonName=Go Daddy Secure Certificate Authority - G2/organizationName=GoDaddy.com, Inc./stateOrProvinceName=Arizona/countryName=US
854 | Public Key type: rsa
855 | Public Key bits: 2048
856 | Signature Algorithm: sha256WithRSAEncryption
857 | Not valid before: 2019-10-12T10:53:33
858 | Not valid after: 2020-10-12T10:53:33
859 | MD5: 2140 82e6 e31e a14f ec47 9c22 d7ed a790
860 |_SHA-1: bf15 0f50 f945 7396 c8b6 3b5b fabf 9845 bbb9 c6fa
861 Device type: general purpose|WAP
862 Running (JUST GUESSING): Linux 2.6.X|2.4.X (90%)
863 OS Info: Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
864 WebCrawling domain's web servers... up to 50 max links.
865
866 + URL to crawl: http://www.gip.gov.sa.
867 + Date: 2019-11-30
868
869 + Crawling URL: http://www.gip.gov.sa.:
870 + Links:
871 + Crawling http://www.gip.gov.sa. (400 Bad Request)
872 + Searching for directories...
873 + Searching open folders...
874
875
876 + URL to crawl: https://www.gip.gov.sa.
877 + Date: 2019-11-30
878
879 + Crawling URL: https://www.gip.gov.sa.:
880 + Links:
881 + Crawling https://www.gip.gov.sa.
882 + Searching for directories...
883 + Searching open folders...
884
885--Finished--
886Summary information for domain gip.gov.sa.
887-----------------------------------------
888 Domain Specific Information:
889 Email: help@gip.gov.sa
890 Email: help@gip.gov.sa�
891 Email: info@gip.gov.sa
892 Email: help@gip.gov.sa.
893
894 Domain Ips Information:
895 IP: 212.138.116.70
896 HostName: cmail2.isu.sa Type: MX
897 HostName: cmail2.isu.sa Type: PTR
898 Country: Saudi Arabia
899 Is Active: True (reset ttl 64)
900 IP: 212.138.116.69
901 HostName: cmail1.isu.sa Type: MX
902 HostName: cmail1.isu.sa Type: PTR
903 Country: Saudi Arabia
904 Is Active: True (reset ttl 64)
905 IP: 212.138.117.74
906 HostName: gip-ns2.isu.net.sa Type: NS
907 HostName: gip-ns2.isu.net.sa Type: PTR
908 Country: Saudi Arabia
909 Is Active: True (reset ttl 64)
910 Port: 53/tcp open domain syn-ack ttl 53 ISC BIND
911 Script Info: Running (JUST GUESSING): Linux 2.6.X|4.X|3.X (91%)
912 IP: 212.138.117.73
913 HostName: gip-ns1.isu.net.sa Type: NS
914 HostName: gip-ns1.isu.net.sa Type: PTR
915 Country: Saudi Arabia
916 Is Active: True (reset ttl 64)
917 Port: 53/tcp open domain syn-ack ttl 53 ISC BIND
918 Script Info: Running (JUST GUESSING): Linux 2.6.X|4.X|3.X (91%)
919 IP: 212.138.117.71
920 HostName: www.gip.gov.sa. Type: A
921 Country: Saudi Arabia
922 Is Active: True (reset ttl 64)
923 Port: 80/tcp open http syn-ack ttl 117 Microsoft IIS httpd 8.5
924 Script Info: |_http-server-header: Microsoft-IIS/8.5
925 Script Info: |_https-redirect: ERROR: Script execution failed (use -d to debug)
926 Port: 443/tcp open ssl/http syn-ack ttl 117 Microsoft IIS httpd 8.5
927 Script Info: |_http-server-header: Microsoft-IIS/8.5
928 Script Info: | ssl-cert: Subject: commonName=*.gip.gov.sa
929 Script Info: | Subject Alternative Name: DNS:*.gip.gov.sa, DNS:gip.gov.sa
930 Script Info: | Issuer: commonName=Go Daddy Secure Certificate Authority - G2/organizationName=GoDaddy.com, Inc./stateOrProvinceName=Arizona/countryName=US
931 Script Info: | Public Key type: rsa
932 Script Info: | Public Key bits: 2048
933 Script Info: | Signature Algorithm: sha256WithRSAEncryption
934 Script Info: | Not valid before: 2019-10-12T10:53:33
935 Script Info: | Not valid after: 2020-10-12T10:53:33
936 Script Info: | MD5: 2140 82e6 e31e a14f ec47 9c22 d7ed a790
937 Script Info: |_SHA-1: bf15 0f50 f945 7396 c8b6 3b5b fabf 9845 bbb9 c6fa
938 Script Info: Device type: general purpose|WAP
939 Script Info: Running (JUST GUESSING): Linux 2.6.X|2.4.X (90%)
940 Os Info: OS: Windows; CPE: cpe:/o:microsoft:windows
941 IP: 212.138.117.190
942 HostName: webmail.gip.gov.sa. Type: A
943 Country: Saudi Arabia
944 Is Active: False
945
946--------------End Summary --------------
947-----------------------------------------
948#######################################################################################################################################
949----- gip.gov.sa -----
950
951
952Host's addresses:
953__________________
954
955gip.gov.sa. 9703 IN A 212.138.117.71
956
957
958Name Servers:
959______________
960
961gip-ns1.isu.net.sa. 2499 IN A 212.138.117.73
962gip-ns2.isu.net.sa. 2502 IN A 212.138.117.74
963
964
965Mail (MX) Servers:
966___________________
967
968cmail1.isu.sa. 85778 IN A 212.138.116.69
969cmail2.isu.sa. 85779 IN A 212.138.116.70
970
971Brute forcing with /usr/share/dnsenum/dns.txt:
972_______________________________________________
973
974mx1.gip.gov.sa. 10138 IN A 212.138.117.191
975mx2.gip.gov.sa. 9635 IN A 212.138.117.192
976webmail.gip.gov.sa. 9598 IN A 212.138.117.190
977www.gip.gov.sa. 9150 IN A 212.138.117.71
978
979
980Launching Whois Queries:
981_________________________
982
983 c class default: 212.138.117.0 -> 212.138.117.0/24 (whois netrange operation failed)
984
985
986gip.gov.sa__________
987
988 212.138.117.0/24
989#######################################################################################################################################
990WARNING: Duplicate port number(s) specified. Are you alert enough to be using Nmap? Have some coffee or Jolt(tm).
991Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-30 19:27 EST
992Nmap scan report for 212.138.117.71
993Host is up (0.43s latency).
994Not shown: 490 filtered ports, 4 closed ports
995Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
996PORT STATE SERVICE
99780/tcp open http
998443/tcp open https
999
1000Nmap done: 1 IP address (1 host up) scanned in 31.23 seconds
1001#######################################################################################################################################
1002Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-30 19:27 EST
1003Nmap scan report for 212.138.117.71
1004Host is up (1.5s latency).
1005Not shown: 2 filtered ports
1006PORT STATE SERVICE
100753/udp open|filtered domain
100867/udp open|filtered dhcps
100968/udp open|filtered dhcpc
101069/udp open|filtered tftp
101188/udp open|filtered kerberos-sec
1012123/udp open|filtered ntp
1013139/udp open|filtered netbios-ssn
1014161/udp open|filtered snmp
1015162/udp open|filtered snmptrap
1016389/udp open|filtered ldap
1017500/udp open|filtered isakmp
1018520/udp open|filtered route
10192049/udp open|filtered nfs
1020
1021Nmap done: 1 IP address (1 host up) scanned in 16.16 seconds
1022#######################################################################################################################################
1023HTTP/1.1 301 Moved Permanently
1024Content-Length: 146
1025Content-Type: text/html; charset=UTF-8
1026Location: https://212.138.117.71/
1027Server: Microsoft-IIS/8.5
1028X-Powered-By: ASP.NET
1029Date: Sun, 01 Dec 2019 00:28:12 GMT
1030#######################################################################################################################################
1031http://212.138.117.71 [301 Moved Permanently] Country[SAUDI ARABIA][SA], HTTPServer[Microsoft-IIS/8.5], IP[212.138.117.71], Microsoft-IIS[8.5], RedirectLocation[https://212.138.117.71/], Title[Document Moved], X-Powered-By[ASP.NET]
1032https://212.138.117.71/ [200 OK] ASP_NET[4.0.30319][MVC5.2], Cookies[__RequestVerificationToken], Country[SAUDI ARABIA][SA], Email[help@gip.gov.sa,info@gip.gov.sa], HTML5, HTTPServer[Microsoft-IIS/8.5], HttpOnly[__RequestVerificationToken], IP[212.138.117.71], Microsoft-IIS[8.5], Script, Title[رئاسة الاستخبارات العامة], UncommonHeaders[x-aspnetmvc-version], X-Frame-Options[DENY], X-Powered-By[ASP.NET], X-UA-Compatible[IE=edge]
1033#######################################################################################################################################
1034Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-30 19:28 EST
1035NSE: Loaded 163 scripts for scanning.
1036NSE: Script Pre-scanning.
1037Initiating NSE at 19:28
1038Completed NSE at 19:28, 0.00s elapsed
1039Initiating NSE at 19:28
1040Completed NSE at 19:28, 0.00s elapsed
1041Initiating Parallel DNS resolution of 1 host. at 19:28
1042Completed Parallel DNS resolution of 1 host. at 19:28, 0.03s elapsed
1043Initiating SYN Stealth Scan at 19:28
1044Scanning 212.138.117.71 [1 port]
1045Discovered open port 80/tcp on 212.138.117.71
1046Completed SYN Stealth Scan at 19:28, 0.37s elapsed (1 total ports)
1047Initiating Service scan at 19:28
1048Scanning 1 service on 212.138.117.71
1049Completed Service scan at 19:28, 7.29s elapsed (1 service on 1 host)
1050Initiating OS detection (try #1) against 212.138.117.71
1051Retrying OS detection (try #2) against 212.138.117.71
1052Initiating Traceroute at 19:29
1053Completed Traceroute at 19:29, 3.01s elapsed
1054Initiating Parallel DNS resolution of 11 hosts. at 19:29
1055Completed Parallel DNS resolution of 11 hosts. at 19:29, 4.00s elapsed
1056NSE: Script scanning 212.138.117.71.
1057Initiating NSE at 19:29
1058NSE Timing: About 29.33% done; ETC: 19:31 (0:01:15 remaining)
1059NSE Timing: About 55.75% done; ETC: 19:31 (0:00:56 remaining)
1060NSE Timing: About 71.38% done; ETC: 19:31 (0:00:40 remaining)
1061NSE Timing: About 82.19% done; ETC: 19:32 (0:00:31 remaining)
1062NSE Timing: About 82.94% done; ETC: 19:32 (0:00:36 remaining)
1063NSE Timing: About 83.67% done; ETC: 19:33 (0:00:41 remaining)
1064NSE Timing: About 83.78% done; ETC: 19:34 (0:00:49 remaining)
1065NSE Timing: About 85.52% done; ETC: 19:35 (0:00:51 remaining)
1066NSE Timing: About 85.33% done; ETC: 19:36 (0:01:02 remaining)
1067NSE Timing: About 85.71% done; ETC: 19:37 (0:01:10 remaining)
1068NSE Timing: About 87.71% done; ETC: 19:38 (0:01:09 remaining)
1069NSE Timing: About 89.04% done; ETC: 19:39 (0:01:10 remaining)
1070NSE: [http-wordpress-enum 212.138.117.71:80] got no answers from pipelined queries
1071NSE Timing: About 90.70% done; ETC: 19:40 (0:01:05 remaining)
1072NSE Timing: About 92.36% done; ETC: 19:41 (0:00:58 remaining)
1073NSE Timing: About 93.36% done; ETC: 19:42 (0:00:54 remaining)
1074NSE Timing: About 94.35% done; ETC: 19:43 (0:00:49 remaining)
1075NSE Timing: About 95.03% done; ETC: 19:44 (0:00:45 remaining)
1076NSE Timing: About 95.70% done; ETC: 19:45 (0:00:41 remaining)
1077Completed NSE at 19:50, 1268.03s elapsed
1078Initiating NSE at 19:50
1079Completed NSE at 19:50, 10.11s elapsed
1080Nmap scan report for 212.138.117.71
1081Host is up (0.44s latency).
1082
1083PORT STATE SERVICE VERSION
108480/tcp open http Microsoft IIS httpd 8.5
1085|_http-aspnet-debug: ERROR: Script execution failed (use -d to debug)
1086| http-brute:
1087|_ Path "/" does not require authentication
1088|_http-chrono: Request times for /; avg: 22889.57ms; min: 22516.07ms; max: 24068.04ms
1089|_http-csrf: Couldn't find any CSRF vulnerabilities.
1090|_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
1091|_http-dombased-xss: Couldn't find any DOM based XSS.
1092|_http-errors: ERROR: Script execution failed (use -d to debug)
1093|_http-feed: Couldn't find any feeds.
1094|_http-fetch: Please enter the complete path of the directory to save data in.
1095|_http-jsonp-detection: Couldn't find any JSONP endpoints.
1096|_http-mobileversion-checker: No mobile version detected.
1097|_http-security-headers:
1098|_http-server-header: Microsoft-IIS/8.5
1099| http-sitemap-generator:
1100| Directory structure:
1101| Longest directory structure:
1102| Depth: 0
1103| Dir: /
1104| Total files found (by extension):
1105|_
1106|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
1107|_http-traceroute: ERROR: Script execution failed (use -d to debug)
1108| http-vhosts:
1109|_127 names had status ERROR
1110|_http-vuln-cve2014-3704: ERROR: Script execution failed (use -d to debug)
1111|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
1112|_http-xssed: No previously reported XSS vuln.
1113|_https-redirect: ERROR: Script execution failed (use -d to debug)
1114| vulscan: VulDB - https://vuldb.com:
1115| [68193] Microsoft IIS 8.0/8.5 IP and Domain Restriction privilege escalation
1116| [48519] Microsoft Works 8.5/9.0 memory corruption
1117| [45763] Microsoft Windows Live Messenger up to 8.5.1 unknown vulnerability
1118| [141563] Microsoft Windows up to RT 8.1 Remote Desktop privilege escalation
1119| [141562] Microsoft Windows up to RT 8.1 Remote Desktop privilege escalation
1120| [134730] Microsoft Skype 8.35 on Android Bluetooth Listening information disclosure
1121| [129845] Microsoft Skype for Business 2015 CU 8 Request cross site scripting
1122| [126799] Microsoft Dynamics 365 8 Web Request Code Execution
1123| [126798] Microsoft Dynamics 365 8 Web Request cross site scripting
1124| [126797] Microsoft Dynamics 365 8 Web Request cross site scripting
1125| [126796] Microsoft Dynamics 365 8 Web Request cross site scripting
1126| [126795] Microsoft Dynamics 365 8 Web Request cross site scripting
1127| [123872] Microsoft Windows 8.1/10/RT 8.1/Server 2012/Server 2012 R2 SMB information disclosure
1128| [121108] Microsoft Mail Client 8.1 information disclosure
1129| [115260] EMC RSA Authentication Agent for Web up to 8.0.1 on IIS/Apache cross site scripting
1130| [115259] EMC RSA Authentication Agent for Web up to 8.0.1 on IIS/Apache Cookie Stack-based memory corruption
1131| [113264] Microsoft Windows 8.1/RT 8.1/Server 2012 R2 SMBv2/SMBv3 denial of service
1132| [100989] Microsoft Internet Explorer 8/9/10/11 memory corruption
1133| [100918] Microsoft Windows 8/8.1/10/Server 2012/Server 2016 Malware Protection Service Type Confusion privilege escalation
1134| [96521] Microsoft Windows 8.1/10/Server 2012/Server 2016 SMB Response mrxsmb20.sys denial of service
1135| [93988] Microsoft Desktop Client for Mac up to 8.0.36 privilege escalation
1136| [93755] Microsoft Internet Explorer 8 Ls\xC2\xADFind\xC2\xADSpan\xC2\xADVisual\xC2\xADBoundaries memory corruption
1137| [93535] Microsoft Internet Explorer 8/9/10/11 Regex vbscript.dll RegExpComp::PnodeParse memory corruption
1138| [93386] Microsoft Windows Vista SP2/7 SP1/8.1/RT 8.1/10 Video Control memory corruption
1139| [92587] Microsoft Windows 8.1/10/RT 8.1/Server 2012/Server 2012 R2 Transaction Manager privilege escalation
1140| [92585] Microsoft Windows Vista SP2/7 SP1/8.1/RT 8.1/10 Video Control privilege escalation
1141| [91571] Microsoft Windows 8.1/10/RT 8.1/Server 2012/Server 2012 R2 PDF Library information disclosure
1142| [91570] Microsoft Windows 8.1/10/RT 8.1/Server 2012/Server 2012 R2 PDF Library information disclosure
1143| [91559] Microsoft Windows 8.1/10/RT 8.1 NTLM SSO information disclosure
1144| [90711] Microsoft Windows 8.1/10/RT 8.1/Server 2012/Server 2012 R2 PDF privilege escalation
1145| [90710] Microsoft Windows 8.1/RT 8.1/Server 2012/Server 2012 R2 Netlogon privilege escalation
1146| [87959] Microsoft Windows 8.1/10/Server 2012/Server 2012 R2 PDF information disclosure
1147| [87958] Microsoft Windows 8.1/10/Server 2012/Server 2012 R2 PDF memory corruption
1148| [87957] Microsoft Windows 8.1/10/Server 2012/Server 2012 R2 PDF information disclosure
1149| [87156] Microsoft Windows 8.1/10/RT 8.1/Server 2012 R2 Shell memory corruption
1150| [87155] Microsoft Windows Vista SP2/7/8.1/RT 8.1/10 Journal memory corruption
1151| [82223] Microsoft Windows 8.1/10/Server 2012 R2 Hyper-V Memory information disclosure
1152| [82222] Microsoft Windows 8.1/10/Server 2012/Server 2012 R2 Memory information disclosure
1153| [82221] Microsoft Windows 8.1/10/Server 2012/Server 2012 R2 Hyper-V privilege escalation
1154| [81270] Microsoft Windows 8.1/10/RT 8.1/Server 2012/Server 2012 R2 PDF Library memory corruption
1155| [80865] Microsoft Windows 8.1/RT 8.1/Server 2012/Server 2012 R2 DLL Loader memory corruption
1156| [80860] Microsoft Windows 8.1/10/Server 2012/Server 2012 R2 Reader memory corruption
1157| [80859] Microsoft Windows 8.1/10/Server 2012/Server 2012 R2 PDF Library memory corruption
1158| [80844] Microsoft Internet Explorer 8/9/10/11 MSHTML MSHTML!Method_VARIANTBOOLp_BSTR_o0oVARIANT memory corruption
1159| [80209] Microsoft Internet Explorer 8/9/10/11 VBScript/JScript memory corruption
1160| [79462] Microsoft Internet Explorer 8/9/10/11 memory corruption
1161| [79460] Microsoft Internet Explorer 8/9 memory corruption
1162| [79458] Microsoft Internet Explorer 8/9 memory corruption
1163| [79457] Microsoft Internet Explorer 8/9 memory corruption
1164| [79455] Microsoft Internet Explorer 8/9/10/11 XSS Filter privilege escalation
1165| [79449] Microsoft Internet Explorer 8/9/10/11 XSS Filter privilege escalation
1166| [79448] Microsoft Internet Explorer 8/9/10/11 Scripting Engine memory corruption
1167| [79447] Microsoft Internet Explorer 8/9/10/11 Scripting Engine information disclosure
1168| [79445] Microsoft Internet Explorer 8/9/10/11 memory corruption
1169| [79162] Microsoft Internet Explorer 8/9/10/11 Scripting Engine memory corruption
1170| [79155] Microsoft Internet Explorer 8/9/10/11 memory corruption
1171| [79143] Microsoft Internet Explorer 8/9/10/11 memory corruption
1172| [78390] Microsoft Internet Explorer 8/9/10/11 VBScript/JScript Engine information disclosure
1173| [78386] Microsoft Internet Explorer 8/9/10/11 VBScript/JScript Engine memory corruption
1174| [78384] Microsoft Internet Explorer 8/9/10/11 VBScript/JScript Engine ASLR privilege escalation
1175| [78379] Microsoft Internet Explorer 8/9/10/11 EditWith Broker privilege escalation
1176| [78377] Microsoft Internet Explorer 8 privilege escalation
1177| [78362] Microsoft Internet Explorer 8/9/10/11 VBScript/JScript Engine RegExpBase::FBadHeader memory corruption
1178| [77605] Microsoft Internet Explorer 8 VBScript/JScript Engine memory corruption
1179| [77006] Microsoft Internet Explorer 8/9/10/11 memory corruption
1180| [77004] Microsoft Internet Explorer 8/9/10/11 memory corruption
1181| [76490] Microsoft Internet Explorer 8/9/10/11 Image Caching History information disclosure
1182| [76482] Microsoft Internet Explorer 8 memory corruption
1183| [76479] Microsoft Internet Explorer 8/9/10/11 XSS Filter cross site scripting
1184| [76474] Microsoft Internet Explorer 8/9 memory corruption
1185| [76449] Microsoft Windows 8/8.1/Server 2008/Server 2012/Server 2012 R2 Hyper-V memory corruption
1186| [76448] Microsoft Windows 8.1/Server 2012 R2 Hyper-V memory corruption
1187| [76437] Microsoft Internet Explorer 8/9 memory corruption
1188| [75780] Microsoft Internet Explorer 8 memory corruption
1189| [75707] Cisco Unified MeetingPlace for Microsoft Outlook 8.6(1.2)/ 8.6(1.9) cross site scripting
1190| [75322] Microsoft Internet Explorer 8/9 memory corruption
1191| [75319] Microsoft Internet Explorer 8/9/10/11 memory corruption
1192| [75311] Microsoft Internet Explorer 8/9 memory corruption
1193| [75308] Microsoft Internet Explorer 8/9/10/11 VBscript and JScript Engine privilege escalation
1194| [75306] Microsoft Internet Explorer 8/9/10/11 VBScript Engine privilege escalation
1195| [74856] Microsoft Internet Explorer 8/9/10/11 memory corruption
1196| [74842] Microsoft Windows 8.1/Server 2012 R2 Hyper-V denial of service
1197| [73946] Microsoft Internet Explorer 8/9/10/11 memory corruption
1198| [73943] Microsoft Internet Explorer 8 memory corruption
1199| [73939] Microsoft Internet Explorer 8/9/10/11 VBScript Engine memory corruption
1200| [69137] Microsoft Internet Explorer 8 ASLR privilege escalation
1201| [69136] Microsoft Internet Explorer 8/9 MSHTML SpanQualifier memory corruption
1202| [69135] Microsoft Internet Explorer 8/10 memory corruption
1203| [69131] Microsoft Internet Explorer 8/9 memory corruption
1204| [69130] Microsoft Internet Explorer 8/9/10/11 memory corruption
1205| [68400] Microsoft Internet Explorer 8 memory corruption
1206| [68393] Microsoft Internet Explorer 8/9/10/11 XSS Filter cross site scripting
1207| [68389] Microsoft Internet Explorer 8/9/10/11 XSS Filter cross site scripting
1208| [68181] Microsoft Internet Explorer 8/9/10/11 memory corruption
1209| [68176] Microsoft Internet Explorer 8/9/10/11 information disclosure
1210| [68174] Microsoft Internet Explorer 8/9 memory corruption
1211| [68169] Microsoft Internet Explorer 8/9 ASLR privilege escalation
1212| [68211] Microsoft Internet Explorer 8/9/10/11 denial of service
1213| [67821] Microsoft Internet Explorer 8/9/10/11 CAttrArray memory corruption
1214| [67813] Microsoft Internet Explorer 8 memory corruption
1215| [67500] Microsoft Internet Explorer 8/9/10/11 memory corruption
1216| [67494] Microsoft Internet Explorer 8/9/10/11 memory corruption
1217| [67345] Microsoft Internet Explorer 8/9/10/11 memory corruption
1218| [67340] Microsoft Internet Explorer 8 memory corruption
1219| [67337] Microsoft Internet Explorer 8/9 memory corruption
1220| [67007] Microsoft Internet Explorer 8/9/10/11 memory corruption
1221| [67006] Microsoft Internet Explorer 8/9/10 memory corruption
1222| [67002] Microsoft Internet Explorer 8/9/10/11 memory corruption
1223| [67000] Microsoft Internet Explorer 8/9/10/11 memory corruption
1224| [66995] Microsoft Internet Explorer 8/9/10/11 memory corruption
1225| [13542] Microsoft Internet Explorer 8/9/10/11 privilege escalation
1226| [13536] Microsoft Internet Explorer 8 memory corruption
1227| [13518] Microsoft Internet Explorer 8 memory corruption
1228| [13515] Microsoft Internet Explorer 8/9/10/11 memory corruption
1229| [13509] Microsoft Internet Explorer 8 memory corruption
1230| [13499] Microsoft Internet Explorer 8 memory corruption
1231| [13496] Microsoft Internet Explorer 8/9/10/11 privilege escalation
1232| [13027] Microsoft Internet Explorer 8/9 information disclosure
1233| [66605] Microsoft Internet Explorer 8/9/10/11 memory corruption
1234| [12543] Microsoft Internet Explorer 8/9/10/11 memory corruption
1235| [12541] Microsoft Internet Explorer 8/9/10 memory corruption
1236| [12540] Microsoft Internet Explorer 8/9/10/11 memory corruption
1237| [12538] Microsoft Internet Explorer 8/9 memory corruption
1238| [12531] Microsoft Internet Explorer 8/9/10/11 memory corruption
1239| [66445] Microsoft Windows 8.0/8.1 XMLDOM ActiveX Control information disclosure
1240| [12252] Microsoft Internet Explorer 8 memory corruption
1241| [12245] Microsoft Internet Explorer 8/9/10/11 memory corruption
1242| [12239] Microsoft Internet Explorer 8/9/10/11 privilege escalation
1243| [12238] Microsoft Windows 8/RT/Server 2012 IPv6 denial of service
1244| [11150] Microsoft Windows 8/Server 2012 Hyper-V Data Structure Value Crash privilege escalation
1245| [11141] Microsoft Internet Explorer 8/9/10/11 CCaret Object Use-After-Free memory corruption
1246| [11138] Microsoft Internet Explorer 8/9/10/11 CTreePos Object memory corruption
1247| [10623] Microsoft Internet Explorer 8/9 memory corruption
1248| [10215] Microsoft Internet Explorer 8/9 memory corruption
1249| [10214] Microsoft Internet Explorer 8/9/10 memory corruption
1250| [9935] Microsoft Internet Explorer 8/9 memory corruption
1251| [9934] Microsoft Internet Explorer 8/9/10 memory corruption
1252| [9933] Microsoft Internet Explorer 8/9 memory corruption
1253| [9932] Microsoft Internet Explorer 8/9 memory corruption
1254| [10246] Microsoft Internet Explorer 8 Table Tree Use-After-Free memory corruption
1255| [9419] Microsoft Internet Explorer up to 8 memory corruption
1256| [9418] Microsoft Internet Explorer 8/9/10 Use-After-Free memory corruption
1257| [9413] Microsoft Internet Explorer 8/9/10 Use-After-Free memory corruption
1258| [9406] Microsoft Internet Explorer 8/9/10 memory corruption
1259| [9099] Microsoft Internet Explorer 8/9 Use-After-Free memory corruption
1260| [9098] Microsoft Internet Explorer 8 memory corruption
1261| [9095] Microsoft Internet Explorer 8/9/10 Use-After-Free memory corruption
1262| [9084] Microsoft Internet Explorer 8/9/10 _UpdateButtonLocation memory corruption
1263| [9083] Microsoft Internet Explorer 8/9 memory corruption
1264| [8722] Microsoft Windows 8/RT/Server 2012 HTTP.sys denial of service
1265| [8718] Microsoft Internet Explorer 8 memory corruption
1266| [8714] Microsoft Internet Explorer 8/9 memory corruption
1267| [8712] Microsoft Internet Explorer 8/9 memory corruption
1268| [8601] Microsoft Internet Explorer 8 'vtable' memory corruption
1269| [8423] Microsoft Internet Explorer up to 8.00.6001.18702 CSS iexplorer.exe denial of service
1270| [7962] Microsoft Internet Explorer up to 8 CTreeNode memory corruption
1271| [7958] Microsoft Internet Explorer up to 8 Celement memory corruption
1272| [7996] Microsoft Windows 8 TrueType Font denial of service
1273| [63558] Microsoft Internet Explorer 8 Use-After-Free memory corruption
1274| [63557] Microsoft Internet Explorer 8/9 Use-After-Free memory corruption
1275| [7511] Microsoft Internet Explorer 8/9 TCP Session information disclosure
1276| [7510] Microsoft Internet Explorer 8/9 HTTP/HTTPS Request spoofing
1277| [7258] Microsoft Windows up to 8/Server 2012 SSL/TLS race condition
1278| [7199] Microsoft Internet Explorer 8/9 mshtml.dll Unclosed Tags Sequence denial of service
1279| [6513] Microsoft Internet Explorer 8/9 OnMove Engine Use-After-Free memory corruption
1280| [5937] Microsoft Internet Explorer 8/9 JavaScript Parser memory corruption
1281| [5538] Microsoft Internet Explorer 8 Same ID Property Deleted Object memory corruption
1282| [5532] Microsoft Internet Explorer 8/9 HTML Sanitization toStaticHTML String information disclosure
1283| [5530] Microsoft Internet Explorer 8/9 OnRowsInserted Elements memory corruption
1284| [5516] Microsoft Internet Explorer 8/9 memory corruption
1285| [4467] Microsoft Internet Explorer 8 cross site scripting
1286| [4454] Microsoft Internet Explorer 8/9 unknown vulnerability
1287| [59618] Microsoft Internet Explorer 8 unknown vulnerability
1288| [57681] Microsoft Internet Explorer 8/9 memory corruption
1289| [57675] Microsoft Internet Explorer 8 memory corruption
1290| [4372] Microsoft Internet Explorer 8/9 information disclosure
1291| [57130] Microsoft Internet Explorer 8 on Win7 msxml.dll unknown vulnerability
1292| [4340] Microsoft Internet Explorer up to 8 unknown vulnerability
1293| [56786] Microsoft Internet Explorer 8 on Win7 unknown vulnerability
1294| [56785] Microsoft Internet Explorer 8 on Win7 memory corruption
1295| [56412] Microsoft Internet Explorer 8 IEShims.dll unknown vulnerability
1296| [55755] Microsoft Internet Explorer 8 memory corruption
1297| [54961] Microsoft Internet Explorer 8 mshtml.dll InsertIntoTimeoutList information disclosure
1298| [4172] Microsoft Internet Explorer up to 8 CSS cross site scripting
1299| [54339] Microsoft Internet Explorer 8 Uninitialized Memory memory corruption
1300| [53805] Microsoft Internet Explorer 8 unknown vulnerability
1301| [53514] Microsoft Internet Explorer 8 Uninitialized Memory memory corruption
1302| [53513] Microsoft Internet Explorer 8 memory corruption
1303| [4137] Microsoft Internet Explorer up to 8.0 memory corruption
1304| [4121] Microsoft Internet Explorer 8 XSS Filter cross site scripting
1305| [52505] Microsoft Internet Explorer 8 mstime.dll memory corruption
1306| [52373] Microsoft Internet Explorer 8 on Win7 Use-After-Free memory corruption
1307| [52372] Microsoft Internet Explorer 8 on Win7 Heap-based memory corruption
1308| [51652] Microsoft Internet Explorer 8 Uninitialized Memory memory corruption
1309| [51651] Microsoft Internet Explorer 8 Uninitialized Memory memory corruption
1310| [50914] Microsoft Internet Explorer 8 cross site scripting
1311| [50910] Microsoft Internet Explorer 8 unknown vulnerability
1312| [4048] Microsoft Internet Explorer up to 8 CSS Declaration memory corruption
1313| [4047] Microsoft Internet Explorer up to 8 DOM Object memory corruption
1314| [4046] Microsoft Internet Explorer up to 8 HTML memory corruption
1315| [3987] Microsoft Internet Explorer up to 8 Row Reference memory corruption
1316| [3982] Microsoft Internet Explorer up to 8 DHTML Call memory corruption
1317| [47244] Microsoft Internet Explorer 8 on Win 7 memory corruption
1318| [45681] Microsoft Internet Explorer 8 Beta 2 privilege escalation
1319| [45451] Microsoft Internet Explorer 8 XSS Filter cross site scripting
1320| [45450] Microsoft Internet Explorer 8 XSS Filter Protection cross site scripting
1321| [45449] Microsoft Internet Explorer 8 Beta 2 XSS Filter cross site scripting
1322| [45448] Microsoft Internet Explorer 8 Beta 2 XSS Filter cross site scripting
1323| [45447] Microsoft Internet Explorer 8 XSS Filter cross site scripting
1324| [45446] Microsoft Internet Explorer 8 Beta 2 XSS Filter cross site scripting
1325| [39012] Microsoft Windows Live Messenger up to 8.1 doc memory corruption
1326| [34991] Microsoft Visual Studio 8.0 msvcr80.dll denial of service
1327| [33589] Microsoft Windows Live Messenger up to 8.0 denial of service
1328|
1329| MITRE CVE - https://cve.mitre.org:
1330| [CVE-2013-0941] EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, RSA PAM Agent before 7.0, and RSA Agent before 6.1.4 for Microsoft Windows use an improper encryption algorithm and a weak key for maintaining the stored data of the node secret for the SecurID Authentication API, which allows local users to obtain sensitive information via cryptographic attacks on this data.
1331| [CVE-2011-1215] Stack-based buffer overflow in mw8sr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a Microsoft Office document attachment, aka SPR PRAD8823ND.
1332| [CVE-2010-3496] McAfee VirusScan Enterprise 8.5i and 8.7i does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution.
1333| [CVE-2009-3126] Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka "GDI+ PNG Integer Overflow Vulnerability."
1334| [CVE-2009-3032] Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow.
1335| [CVE-2009-2504] Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allow remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "GDI+ .NET API Vulnerability."
1336| [CVE-2009-2503] GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 does not properly allocate an unspecified buffer, which allows remote attackers to execute arbitrary code via a crafted TIFF image file that triggers memory corruption, aka "GDI+ TIFF Memory Corruption Vulnerability."
1337| [CVE-2009-2502] Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted TIFF image file, aka "GDI+ TIFF Buffer Overflow Vulnerability."
1338| [CVE-2009-2501] Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka "GDI+ PNG Heap Overflow Vulnerability."
1339| [CVE-2009-2500] Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted WMF image file, aka "GDI+ WMF Integer Overflow Vulnerability."
1340| [CVE-2009-1533] Buffer overflow in the Works for Windows document converters in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, Office 2007 SP1, and Works 8.5 and 9 allows remote attackers to execute arbitrary code via a crafted Works .wps file that triggers memory corruption, aka "File Converter Buffer Overflow Vulnerability."
1341| [CVE-2008-5828] Microsoft Windows Live Messenger Client 8.5.1 and earlier, when MSN Protocol Version 15 (MSNP15) is used over a NAT session, allows remote attackers to discover intranet IP addresses and port numbers by reading the (1) IPv4InternalAddrsAndPorts, (2) IPv4Internal-Addrs, and (3) IPv4Internal-Port header fields.
1342| [CVE-2007-0045] Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770, and Opera 9.10.8679 on Windows allow remote attackers to inject arbitrary JavaScript and conduct other attacks via a .pdf URL with a javascript: or res: URI with (1) FDF, (2) XML, and (3) XFDF AJAX parameters, or (4) an arbitrarily named name=URI anchor identifier, aka "Universal XSS (UXSS)."
1343| [CVE-2004-1312] A bug in the HTML parser in a certain Microsoft HTML library, as used in various third party products, may allow remote attackers to cause a denial of service via certain strings, as reported in GFI MailEssentials for Exchange 9 and 10, and GFI MailSecurity for Exchange 8, which causes emails to remain in IIS or Exchange mail queues.
1344| [CVE-2002-1117] Veritas Backup Exec 8.5 and earlier requires that the "RestrictAnonymous" registry key for Microsoft Exchange 2000 must be set to 0, which enables anonymous listing of the SAM database and shares.
1345| [CVE-2001-1088] Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, with the "Automatically put people I reply to in my address book" option enabled, do not notify the user when the "Reply-To" address is different than the "From" address, which could allow an untrusted remote attacker to spoof legitimate addresses and intercept email from the client that is intended for another user.
1346| [CVE-2013-3661] The EPATHOBJ::bFlatten function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not check whether linked-list traversal is continually accessing the same list member, which allows local users to cause a denial of service (infinite traversal) via vectors that trigger a crafted PATHRECORD chain.
1347| [CVE-2013-3660] The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 does not properly initialize a pointer for the next object in a certain list, which allows local users to obtain write access to the PATHRECORD chain, and consequently gain privileges, by triggering excessive consumption of paged memory and then making many FlattenPath function calls, aka "Win32k Read AV Vulnerability."
1348| [CVE-2013-3174] DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows remote attackers to execute arbitrary code via a crafted GIF file, aka "DirectShow Arbitrary Memory Overwrite Vulnerability."
1349| [CVE-2013-3173] Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Win32k Buffer Overwrite Vulnerability."
1350| [CVE-2013-3164] Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
1351| [CVE-2013-3163] Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3144 and CVE-2013-3151.
1352| [CVE-2013-3151] Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3144 and CVE-2013-3163.
1353| [CVE-2013-3149] Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
1354| [CVE-2013-3144] Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3151 and CVE-2013-3163.
1355| [CVE-2013-3141] Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3110.
1356| [CVE-2013-3138] Integer overflow in the TCP/IP kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service (system hang) via crafted TCP packets, aka "TCP/IP Integer Overflow Vulnerability."
1357| [CVE-2013-3136] The kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly handle unspecified page-fault system calls, which allows local users to obtain sensitive information from kernel memory via a crafted application, aka "Kernel Information Disclosure Vulnerability."
1358| [CVE-2013-3123] Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3111.
1359| [CVE-2013-3111] Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3123.
1360| [CVE-2013-3110] Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3141.
1361| [CVE-2013-2558] Unspecified vulnerability in Microsoft Windows 8 allows remote attackers to cause a denial of service (reboot) or possibly have unknown other impact via a crafted TrueType Font (TTF) file, as demonstrated by the 120612-69701-01.dmp error report.
1362| [CVE-2013-2552] Unspecified vulnerability in Microsoft Internet Explorer 10 on Windows 8 allows remote attackers to bypass the sandbox protection mechanism by leveraging access to a Medium integrity process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013.
1363| [CVE-2013-1451] Microsoft Internet Explorer 8 and 9, when the Proxy Settings configuration has the same Proxy address and Port values in the HTTP and Secure rows, does not ensure that the SSL lock icon is consistent with the Address bar, which makes it easier for remote attackers to spoof web sites via a crafted HTML document that triggers many HTTPS requests to an arbitrary host, followed by an HTTPS request to a trusted host and then an HTTP request to an untrusted host, a related issue to CVE-2013-1450.
1364| [CVE-2013-1450] Microsoft Internet Explorer 8 and 9, when the Proxy Settings configuration has the same Proxy address and Port values in the HTTP and Secure rows, does not properly reuse TCP sessions to the proxy server, which allows remote attackers to obtain sensitive information intended for a specific host via a crafted HTML document that triggers many HTTPS requests and then triggers an HTTP request to that host, as demonstrated by reading a Cookie header, aka MSRC 12096gd.
1365| [CVE-2013-1347] Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly allocated or (2) is deleted, as exploited in the wild in May 2013.
1366| [CVE-2013-1345] win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Vulnerability."
1367| [CVE-2013-1340] win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Dereference Vulnerability."
1368| [CVE-2013-1339] The Print Spooler in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly manage memory during deletion of printer connections, which allows remote authenticated users to execute arbitrary code via a crafted request, aka "Print Spooler Vulnerability."
1369| [CVE-2013-1334] win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Window Handle Vulnerability."
1370| [CVE-2013-1332] dxgkrnl.sys (aka the DirectX graphics kernel subsystem) in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "DirectX Graphics Kernel Subsystem Double Fetch Vulnerability."
1371| [CVE-2013-1311] Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."
1372| [CVE-2013-1307] Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-0811.
1373| [CVE-2013-1305] HTTP.sys in Microsoft Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service (infinite loop) via a crafted HTTP header, aka "HTTP.sys Denial of Service Vulnerability."
1374| [CVE-2013-1300] win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Memory Allocation Vulnerability."
1375| [CVE-2013-1297] Microsoft Internet Explorer 6 through 8 does not properly restrict data access by VBScript, which allows remote attackers to perform cross-domain reading of JSON files via a crafted web site, aka "JSON Array Information Disclosure Vulnerability."
1376| [CVE-2013-1294] Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Kernel Race Condition Vulnerability."
1377| [CVE-2013-1292] Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Win32k Race Condition Vulnerability."
1378| [CVE-2013-1291] win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 Gold and SP1, and Windows 8 allows local users to cause a denial of service (reboot) via a crafted OpenType font, aka "OpenType Font Parsing Vulnerability" or "Win32k Font Parsing Vulnerability."
1379| [CVE-2013-1288] Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CTreeNode Use After Free Vulnerability."
1380| [CVE-2013-1287] The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability," a different vulnerability than CVE-2013-1285 and CVE-2013-1286.
1381| [CVE-2013-1286] The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability," a different vulnerability than CVE-2013-1285 and CVE-2013-1287.
1382| [CVE-2013-1285] The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability," a different vulnerability than CVE-2013-1286 and CVE-2013-1287.
1383| [CVE-2013-1284] Race condition in the kernel in Microsoft Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Kernel Race Condition Vulnerability."
1384| [CVE-2013-1283] Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Win32k Race Condition Vulnerability."
1385| [CVE-2013-1280] The kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Reference Count Vulnerability."
1386| [CVE-2013-1279] Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages incorrect handling of objects in memory, aka "Kernel Race Condition Vulnerability," a different vulnerability than CVE-2013-1278.
1387| [CVE-2013-1278] Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages incorrect handling of objects in memory, aka "Kernel Race Condition Vulnerability," a different vulnerability than CVE-2013-1279.
1388| [CVE-2013-1249] Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016.
1389| [CVE-2013-1248] Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016.
1390| [CVE-2013-0811] Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1307.
1391| [CVE-2013-0091] Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CElement Use After Free Vulnerability."
1392| [CVE-2013-0078] The Microsoft Antimalware Client in Windows Defender on Windows 8 and Windows RT uses an incorrect pathname for MsMpEng.exe, which allows local users to gain privileges via a crafted application, aka "Microsoft Antimalware Improper Pathname Vulnerability."
1393| [CVE-2013-0075] The TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service (reboot) via a crafted packet that terminates a TCP connection, aka "TCP FIN WAIT Vulnerability."
1394| [CVE-2013-0025] Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer SLayoutRun Use After Free Vulnerability."
1395| [CVE-2013-0024] Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer pasteHTML Use After Free Vulnerability."
1396| [CVE-2013-0013] The SSL provider component in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle encrypted packets, which allows man-in-the-middle attackers to conduct SSLv2 downgrade attacks against (1) SSLv3 sessions or (2) TLS sessions by intercepting handshakes and injecting content, aka "Microsoft SSL Version 3 and TLS Protocol Security Feature Bypass Vulnerability."
1397| [CVE-2013-0008] win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle window broadcast messages, which allows local users to gain privileges via a crafted application, aka "Win32k Improper Message Handling Vulnerability."
1398| [CVE-2012-4792] Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated by a CDwnBindInfo object, and exploited in the wild in December 2012.
1399| [CVE-2012-4786] The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted TrueType Font (TTF) file, aka "TrueType Font Parsing Vulnerability."
1400| [CVE-2012-2897] The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT, as used by Google Chrome before 22.0.1229.79 and other programs, do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a crafted TrueType font file, aka "Windows Font Parsing Vulnerability" or "TrueType Font Parsing Vulnerability."
1401| [CVE-2012-2557] Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "cloneNode Use After Free Vulnerability."
1402| [CVE-2012-2556] The OpenType Font (OTF) driver in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows remote attackers to execute arbitrary code via a crafted OpenType font file, aka "OpenType Font Parsing Vulnerability."
1403| [CVE-2012-2523] Integer overflow in Microsoft Internet Explorer 8 and 9, JScript 5.8, and VBScript 5.8 on 64-bit platforms allows remote attackers to execute arbitrary code by leveraging an incorrect size calculation during object copying, aka "JavaScript Integer Overflow Remote Code Execution Vulnerability."
1404| [CVE-2012-1881] Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnRowsInserted Event Remote Code Execution Vulnerability."
1405| [CVE-2012-1875] Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Same ID Property Remote Code Execution Vulnerability."
1406| [CVE-2012-1874] Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows user-assisted remote attackers to execute arbitrary code by accessing a deleted object, aka "Developer Toolbar Remote Code Execution Vulnerability."
1407| [CVE-2012-1858] The toStaticHTML API (aka the SafeHTML component) in Microsoft Internet Explorer 8 and 9, Communicator 2007 R2, and Lync 2010 and 2010 Attendee does not properly handle event attributes and script, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted HTML document, aka "HTML Sanitization Vulnerability."
1408| [CVE-2012-1856] The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1, SQL Server 2000 SP4, SQL Server 2005 SP4, SQL Server 2008 SP2, SP3, R2, R2 SP1, and R2 SP2, Commerce Server 2002 SP4, Commerce Server 2007 SP2, Commerce Server 2009 Gold and R2, Host Integration Server 2004 SP1, Visual FoxPro 8.0 SP1, Visual FoxPro 9.0 SP2, and Visual Basic 6.0 Runtime allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption, aka "MSCOMCTL.OCX RCE Vulnerability."
1409| [CVE-2012-1848] win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "Scrollbar Calculation Vulnerability."
1410| [CVE-2012-1537] Heap-based buffer overflow in DirectPlay in DirectX 9.0 through 11.1 in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows remote attackers to execute arbitrary code via a crafted Office document, aka "DirectPlay Heap Overflow Vulnerability."
1411| [CVE-2012-1529] Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "OnMove Use After Free Vulnerability."
1412| [CVE-2012-1528] Integer overflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted briefcase, aka "Windows Briefcase Integer Overflow Vulnerability."
1413| [CVE-2012-1527] Integer underflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted briefcase, aka "Windows Briefcase Integer Underflow Vulnerability."
1414| [CVE-2012-1523] Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Center Element Remote Code Execution Vulnerability."
1415| [CVE-2012-0181] win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly manage Keyboard Layout files, which allows local users to gain privileges via a crafted application, aka "Keyboard Layout File Vulnerability."
1416| [CVE-2012-0180] win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode input passed to kernel mode for (1) windows and (2) messages, which allows local users to gain privileges via a crafted application, aka "Windows and Messages Vulnerability."
1417| [CVE-2012-0172] Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Style Remote Code Execution Vulnerability."
1418| [CVE-2012-0159] Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview
1419| [CVE-2012-0151] The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute arbitrary code via a modified file with additional content, aka "WinVerifyTrust Signature Validation Vulnerability."
1420| [CVE-2011-2382] Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file: URL, as demonstrated by a Facebook game, related to a "cookiejacking" issue.
1421| [CVE-2011-1999] Microsoft Internet Explorer 8 does not properly allocate and access memory, which allows remote attackers to execute arbitrary code via vectors involving a "dereferenced memory address," aka "Select Element Remote Code Execution Vulnerability."
1422| [CVE-2011-1996] Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Option Element Remote Code Execution Vulnerability."
1423| [CVE-2011-1992] The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to read content from a different (1) domain or (2) zone via a "trial and error" attack, aka "XSS Filter Information Disclosure Vulnerability."
1424| [CVE-2011-1713] Microsoft msxml.dll, as used in Internet Explorer 8 on Windows 7, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function. NOTE: this might overlap CVE-2011-1202.
1425| [CVE-2011-1347] Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to bypass Protected Mode and create arbitrary files by leveraging access to a Low integrity process, as demonstrated by Stephen Fewer as the third of three chained vulnerabilities during a Pwn2Own competition at CanSecWest 2011.
1426| [CVE-2011-1346] Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors, as demonstrated by Stephen Fewer as the second of three chained vulnerabilities during a Pwn2Own competition at CanSecWest 2011.
1427| [CVE-2011-1345] Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, as demonstrated by Stephen Fewer as the first of three chained vulnerabilities during a Pwn2Own competition at CanSecWest 2011, aka "Object Management Memory Corruption Vulnerability."
1428| [CVE-2011-1266] The Vector Markup Language (VML) implementation in vgx.dll in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "VML Memory Corruption Vulnerability."
1429| [CVE-2011-1260] Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Layout Memory Corruption Vulnerability."
1430| [CVE-2011-1258] Microsoft Internet Explorer 6 through 8 does not properly restrict web script, which allows user-assisted remote attackers to obtain sensitive information from a different (1) domain or (2) zone via vectors involving a drag-and-drop operation, aka "Drag and Drop Information Disclosure Vulnerability."
1431| [CVE-2011-1257] Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors involving access to an object, aka "Window Open Race Condition Vulnerability."
1432| [CVE-2011-1256] Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Modification Memory Corruption Vulnerability."
1433| [CVE-2011-1255] The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Time Element Memory Corruption Vulnerability."
1434| [CVE-2011-1254] Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Drag and Drop Memory Corruption Vulnerability."
1435| [CVE-2011-1252] Cross-site scripting (XSS) vulnerability in the SafeHTML function in the toStaticHTML API in Microsoft Internet Explorer 7 and 8, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Groove Server 2010 Gold and SP1, Windows SharePoint Services 3.0 SP2, and SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified strings, aka "toStaticHTML Information Disclosure Vulnerability" or "HTML Sanitization Vulnerability."
1436| [CVE-2011-1251] Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Manipulation Memory Corruption Vulnerability."
1437| [CVE-2011-1246] Microsoft Internet Explorer 8 does not properly handle content settings in HTTP responses, which allows remote web servers to obtain sensitive information from a different (1) domain or (2) zone via a crafted response, aka "MIME Sniffing Information Disclosure Vulnerability."
1438| [CVE-2011-1244] Microsoft Internet Explorer 6, 7, and 8 does not enforce intended domain restrictions on content access, which allows remote attackers to obtain sensitive information or conduct clickjacking attacks via a crafted web site, aka "Frame Tag Information Disclosure Vulnerability."
1439| [CVE-2011-0346] Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the DOM implementation and the BreakAASpecial and BreakCircularMemoryReferences functions, as demonstrated by cross_fuzz, aka "MSHTML Memory Corruption Vulnerability."
1440| [CVE-2011-0038] Untrusted search path vulnerability in Microsoft Internet Explorer 8 might allow local users to gain privileges via a Trojan horse IEShims.dll in the current working directory, as demonstrated by a Desktop directory that contains an HTML file, aka "Internet Explorer Insecure Library Loading Vulnerability."
1441| [CVE-2011-0036] Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, relagted to a "dangling pointer," aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2010-2556 and CVE-2011-0035.
1442| [CVE-2011-0035] Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2010-2556 and CVE-2011-0036.
1443| [CVE-2010-5071] The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method.
1444| [CVE-2010-3971] Use-after-free vulnerability in the CSharedStyleSheet::Notify function in the Cascading Style Sheets (CSS) parser in mshtml.dll, as used in Microsoft Internet Explorer 6 through 8 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a self-referential @import rule in a stylesheet, aka "CSS Memory Corruption Vulnerability."
1445| [CVE-2010-3964] Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2, when the Document Conversions Load Balancer Service is enabled, allows remote attackers to execute arbitrary code via a crafted SOAP request to TCP port 8082, aka "Malformed Request Code Execution Vulnerability."
1446| [CVE-2010-3962] Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka an "invalid flag reference" issue or "Uninitialized Memory Corruption Vulnerability," as exploited in the wild in November 2010.
1447| [CVE-2010-3886] The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer value as part of producing Timer ID values for the setTimeout and setInterval methods in VBScript and JScript, which allows remote attackers to obtain sensitive information about the heap memory addresses used by an application, as demonstrated by the Internet Explorer 8 application.
1448| [CVE-2010-3348] Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Cross-Domain Information Disclosure Vulnerability," a different vulnerability than CVE-2010-3342.
1449| [CVE-2010-3346] Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability."
1450| [CVE-2010-3345] Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability."
1451| [CVE-2010-3342] Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Cross-Domain Information Disclosure Vulnerability," a different vulnerability than CVE-2010-3348.
1452| [CVE-2010-3331] Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory in certain circumstances involving use of Microsoft Word to read Word documents, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
1453| [CVE-2010-3330] Microsoft Internet Explorer 6 through 8 does not properly restrict script access to content from a different (1) domain or (2) zone, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Cross-Domain Information Disclosure Vulnerability."
1454| [CVE-2010-3329] mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code via a crafted Microsoft Office document that causes the HtmlDlgHelper class destructor to access uninitialized memory, aka "Uninitialized Memory Corruption Vulnerability."
1455| [CVE-2010-3328] Use-after-free vulnerability in the CAttrArray::PrivateFind function in mshtml.dll in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code by setting an unspecified property of a stylesheet object, aka "Uninitialized Memory Corruption Vulnerability."
1456| [CVE-2010-3327] The implementation of HTML content creation in Microsoft Internet Explorer 6 through 8 does not remove the Anchor element during pasting and editing, which might allow remote attackers to obtain sensitive deleted information by visiting a web page, aka "Anchor Element Information Disclosure Vulnerability."
1457| [CVE-2010-3325] Microsoft Internet Explorer 6 through 8 does not properly handle unspecified special characters in Cascading Style Sheets (CSS) documents, which allows remote attackers to obtain sensitive information from a different (1) domain or (2) zone via a crafted web site, aka "CSS Special Character Information Disclosure Vulnerability."
1458| [CVE-2010-3324] The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, allows remote attackers to bypass the cross-site scripting (XSS) protection mechanism and conduct XSS attacks via a crafted use of the Cascading Style Sheets (CSS) @import rule, aka "HTML Sanitization Vulnerability," a different vulnerability than CVE-2010-1257.
1459| [CVE-2010-3243] Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "HTML Sanitization Vulnerability."
1460| [CVE-2010-2560] Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Layout Memory Corruption Vulnerability."
1461| [CVE-2010-2559] Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3671, CVE-2009-3674, CVE-2010-0245, and CVE-2010-0246.
1462| [CVE-2010-2558] Race condition in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to an object in memory, aka "Race Condition Memory Corruption Vulnerability."
1463| [CVE-2010-2556] Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
1464| [CVE-2010-2442] Microsoft Internet Explorer, possibly 8, does not properly restrict focus changes, which allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets."
1465| [CVE-2010-2375] Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity, related to IIS.
1466| [CVE-2010-2118] Microsoft Internet Explorer 6.0.2900.2180 and 8.0.7600.16385 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs.
1467| [CVE-2010-2091] Microsoft Outlook Web Access (OWA) 8.2.254.0, when Internet Explorer 7 on Windows Server 2003 is used, does not properly handle the id parameter in a Folder IPF.Note action to the default URI, which might allow remote attackers to obtain sensitive information or conduct cross-site scripting (XSS) attacks via an invalid value.
1468| [CVE-2010-1991] Microsoft Internet Explorer 6.0.2900.2180, 7, and 8.0.7600.16385 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements.
1469| [CVE-2010-1489] The XSS Filter in Microsoft Internet Explorer 8 does not properly perform neutering for the SCRIPT tag, which allows remote attackers to conduct cross-site scripting (XSS) attacks against web sites that have no inherent XSS vulnerabilities, a different issue than CVE-2009-4074.
1470| [CVE-2010-1262] Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, related to the CStyleSheet object and a free of the root container, aka "Memory Corruption Vulnerability."
1471| [CVE-2010-1261] The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
1472| [CVE-2010-1260] The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability."
1473| [CVE-2010-1259] Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
1474| [CVE-2010-1258] Microsoft Internet Explorer 6, 7, and 8 does not properly determine the origin of script code, which allows remote attackers to execute script in an unintended domain or security zone, and obtain sensitive information, via unspecified vectors, aka "Event Handler Cross-Domain Vulnerability."
1475| [CVE-2010-1118] Unspecified vulnerability in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a use-after-free issue, as demonstrated by Peter Vreugdenhil during a Pwn2Own competition at CanSecWest 2010.
1476| [CVE-2010-1117] Heap-based buffer overflow in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to discover the base address of a Windows .dll file, and possibly have unspecified other impact, via unknown vectors, as demonstrated by Peter Vreugdenhil during a Pwn2Own competition at CanSecWest 2010.
1477| [CVE-2010-0811] Multiple unspecified vulnerabilities in the Microsoft Internet Explorer 8 Developer Tools ActiveX control in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow remote attackers to execute arbitrary code via unknown vectors that "corrupt the system state," aka "Microsoft Internet Explorer 8 Developer Tools Vulnerability."
1478| [CVE-2010-0555] Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prevent rendering of non-HTML local files as HTML documents, which allows remote attackers to bypass intended access restrictions and read arbitrary files via vectors involving the product's use of text/html as the default content type for files that are encountered after a redirection, aka the URLMON sniffing vulnerability, a variant of CVE-2009-1140 and related to CVE-2008-1448.
1479| [CVE-2010-0494] Cross-domain vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 allows user-assisted remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted HTML document in a situation where the client user drags one browser window across another browser window, aka "HTML Element Cross-Domain Vulnerability."
1480| [CVE-2010-0492] Use-after-free vulnerability in mstime.dll in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via vectors related to the TIME2 behavior, the CTimeAction object, and destruction of markup, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability."
1481| [CVE-2010-0490] Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
1482| [CVE-2010-0255] Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prevent rendering of non-HTML local files as HTML documents, which allows remote attackers to bypass intended access restrictions and read arbitrary files via vectors involving JavaScript exploit code that constructs a reference to a file://127.0.0.1 URL, aka the dynamic OBJECT tag vulnerability, as demonstrated by obtaining the data from an index.dat file, a variant of CVE-2009-1140 and related to CVE-2008-1448.
1483| [CVE-2010-0249] Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4
1484| [CVE-2010-0248] Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability."
1485| [CVE-2010-0246] Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3671, CVE-2009-3674, and CVE-2010-0245.
1486| [CVE-2010-0245] Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3671, CVE-2009-3674, and CVE-2010-0246.
1487| [CVE-2010-0244] Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-2530 and CVE-2009-2531.
1488| [CVE-2010-0112] Multiple SQL injection vulnerabilities in the Administrative Interface in the IIS extension in Symantec IM Manager before 8.4.16 allow remote attackers to execute arbitrary SQL commands via (1) the rdReport parameter to rdpageimlogic.aspx, related to the sGetDefinition function in rdServer.dll, and SQL statements contained within a certain report file
1489| [CVE-2010-0027] The URL validation functionality in Microsoft Internet Explorer 5.01, 6, 6 SP1, 7 and 8, and the ShellExecute API function in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, does not properly process input parameters, which allows remote attackers to execute arbitrary local programs via a crafted URL, aka "URL Validation Vulnerability."
1490| [CVE-2009-4074] The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to leverage the "response-changing mechanism" to conduct cross-site scripting (XSS) attacks against web sites that have no inherent XSS vulnerabilities, related to the details of output encoding and improper modification of an HTML attribute, aka "XSS Filter Script Handling Vulnerability."
1491| [CVE-2009-4073] The printing functionality in Microsoft Internet Explorer 8 allows remote attackers to discover a local pathname, and possibly a local username, by reading the dc:title element of a PDF document that was generated from a local web page.
1492| [CVE-2009-3674] Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3671.
1493| [CVE-2009-3673] Microsoft Internet Explorer 7 and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
1494| [CVE-2009-3671] Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3674.
1495| [CVE-2009-3003] Microsoft Internet Explorer 6 through 8 allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the site containing that page.
1496| [CVE-2009-2764] Microsoft Internet Explorer 8.0.7100.0 on Windows 7 RC on the x64 platform allows remote attackers to cause a denial of service (application crash) via a certain DIV element in conjunction with SCRIPT elements that have empty contents and no reference to a valid external script location.
1497| [CVE-2009-2655] mshtml.dll in Microsoft Internet Explorer 7 and 8 on Windows XP SP3 allows remote attackers to cause a denial of service (application crash) by calling the JavaScript findText method with a crafted Unicode string in the first argument, and only one additional argument, as demonstrated by a second argument of -1.
1498| [CVE-2009-2536] Microsoft Internet Explorer 5 through 8 allows remote attackers to cause a denial of service (memory consumption and application crash) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
1499| [CVE-2009-2531] Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-2530.
1500| [CVE-2009-2530] Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-2531.
1501| [CVE-2009-2529] Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not properly handle argument validation for unspecified variables, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "HTML Component Handling Vulnerability."
1502| [CVE-2009-2069] Microsoft Internet Explorer before 8 displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, and then sending the browser a crafted 502 response page upon a subsequent request.
1503| [CVE-2009-2064] Microsoft Internet Explorer 8, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related to "HTTP-Intended-but-HTTPS-Loadable (HPIHSL) pages."
1504| [CVE-2009-2057] Microsoft Internet Explorer before 8 uses the HTTP Host header to determine the context of a document provided in a (1) 4xx or (2) 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampering" attack.
1505| [CVE-2009-1532] Microsoft Internet Explorer 8 for Windows XP SP2 and SP3
1506| [CVE-2009-1335] Microsoft Internet Explorer 7 and 8 on Windows XP and Vista allows remote attackers to cause a denial of service (application hang) via a large document composed of unprintable characters, aka MSRC 9011jr.
1507| [CVE-2009-1043] Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors triggered by clicking on a link, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009.
1508| [CVE-2009-1016] Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote authenticated users to affect confidentiality, integrity, and availability, related to IIS. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on claims from a reliable researcher that this is a stack-based buffer overflow involving an unspecified Server Plug-in and a crafted SSL certificate.
1509| [CVE-2009-1012] Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and availability. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in an unspecified plug-in that parses HTTP requests, which leads to a heap-based buffer overflow.
1510| [CVE-2009-1011] Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is for multiple integer overflows in a function that parses an optional data stream within a Microsoft Office file, leading to a heap-based buffer overflow.
1511| [CVE-2009-0084] Use-after-free vulnerability in DirectShow in Microsoft DirectX 8.1 and 9.0 allows remote attackers to execute arbitrary code via an MJPEG file or video stream with a malformed Huffman table, which triggers an exception that frees heap memory that is later accessed, aka "MJPEG Decompression Vulnerability."
1512| [CVE-2009-0072] Microsoft Internet Explorer 6.0 through 8.0 beta2 allows remote attackers to cause a denial of service (application crash) via an onload=screen[""] attribute value in a BODY element.
1513| [CVE-2008-5750] Argument injection vulnerability in Microsoft Internet Explorer 8 beta 2 on Windows XP SP3 allows remote attackers to execute arbitrary commands via the --renderer-path option in a chromehtml: URI.
1514| [CVE-2008-5556] ** DISPUTED ** The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 does not recognize attack patterns designed to operate against web pages that are encoded with utf-7, which allows remote attackers to bypass the XSS protection mechanism and conduct XSS attacks by injecting crafted utf-7 content. NOTE: the vendor reportedly disputes this issue, stating "Behaviour is by design."
1515| [CVE-2008-5555] Microsoft Internet Explorer 8.0 Beta 2 relies on the XDomainRequestAllowed HTTP header to authorize data exchange between domains, which allows remote attackers to bypass the product's XSS Filter protection mechanism, and conduct XSS and cross-domain attacks, by injecting this header after a CRLF sequence, related to "XDomainRequest Allowed Injection (XAI)." NOTE: the vendor has reportedly stated that the XSS Filter intentionally does not attempt to "address every conceivable XSS attack scenario."
1516| [CVE-2008-5554] The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 does not properly handle some HTTP headers that appear after a CRLF sequence in a URI, which allows remote attackers to bypass the XSS protection mechanism and conduct XSS or redirection attacks, as demonstrated by the (1) Location and (2) Set-Cookie HTTP headers. NOTE: the vendor has reportedly stated that the XSS Filter intentionally does not attempt to "address every conceivable XSS attack scenario."
1517| [CVE-2008-5553] The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 disables itself upon encountering a certain X-XSS-Protection HTTP header, which allows remote attackers to bypass the XSS protection mechanism and conduct XSS attacks by injecting this header after a CRLF sequence. NOTE: the vendor has reportedly stated that the XSS Filter intentionally does not attempt to "address every conceivable XSS attack scenario."
1518| [CVE-2008-5552] The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 allows remote attackers to bypass the XSS protection mechanism and conduct XSS attacks via a CRLF sequence in conjunction with a crafted Content-Type header, as demonstrated by a header with a utf-7 charset value. NOTE: the vendor has reportedly stated that the XSS Filter intentionally does not attempt to "address every conceivable XSS attack scenario."
1519| [CVE-2008-5551] The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 allows remote attackers to bypass the XSS protection mechanism and conduct XSS attacks by injecting data at two different positions within an HTML document, related to STYLE elements and the CSS expression property, aka a "double injection."
1520| [CVE-2008-5457] Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
1521| [CVE-2008-5416] Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier
1522| [CVE-2008-4295] Microsoft Windows Mobile 6.0 on HTC Wiza 200 and HTC MDA 8125 devices does not properly handle the first attempt to establish a Bluetooth connection to a peer with a long name, which allows remote attackers to cause a denial of service (device reboot) by configuring a Bluetooth device with a long hci name and (1) connecting directly to the Windows Mobile system or (2) waiting for the Windows Mobile system to scan for nearby devices.
1523| [CVE-2008-4256] The Charts ActiveX control in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the "system state," aka "Charts Control Memory Corruption Vulnerability."
1524| [CVE-2008-4255] Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX control or Microsoft Animation ActiveX control) in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, and Office Project 2003 SP3 and 2007 Gold and SP1 allows remote attackers to execute arbitrary code via an AVI file with a crafted stream length, which triggers an "allocation error" and memory corruption, aka "Windows Common AVI Parsing Overflow Vulnerability."
1525| [CVE-2008-4254] Multiple integer overflows in the Hierarchical FlexGrid ActiveX control (mshflxgd.ocx) in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allow remote attackers to execute arbitrary code via crafted (1) Rows and (2) Cols properties to the (a) ExpandAll and (b) CollapseAll methods, related to access of incorrectly initialized objects and corruption of the "system state," aka "Hierarchical FlexGrid Control Memory Corruption Vulnerability."
1526| [CVE-2008-4253] The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, Office FrontPage 2002 SP3, and Office Project 2003 SP3 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the "system state," aka "FlexGrid Control Memory Corruption Vulnerability."
1527| [CVE-2008-4252] The DataGrid ActiveX control in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the "system state," aka "DataGrid Control Memory Corruption Vulnerability."
1528| [CVE-2008-4127] Mshtml.dll in Microsoft Internet Explorer 7 Gold 7.0.5730 and 8 Beta 8.0.6001 on Windows XP SP2 allows remote attackers to cause a denial of service (failure of subsequent image rendering) via a crafted PNG file, related to an infinite loop in the CDwnTaskExec::ThreadExec function.
1529| [CVE-2008-4110] Buffer overflow in the SQLVDIRLib.SQLVDirControl ActiveX control in Tools\Binn\sqlvdir.dll in Microsoft SQL Server 2000 (aka SQL Server 8.0) allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a long URL in the second argument to the Connect method. NOTE: this issue is not a vulnerability in many environments, since the control is not marked as safe for scripting and would not execute with default Internet Explorer settings.
1530| [CVE-2008-3815] Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using Microsoft Windows NT Domain authentication, allows remote attackers to bypass VPN authentication via unknown vectors.
1531| [CVE-2008-3704] Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allows remote attackers to execute arbitrary code via a long Mask parameter, related to not "validating property values with boundary checks," as exploited in the wild in August 2008, aka "Masked Edit Control Memory Corruption Vulnerability."
1532| [CVE-2008-3015] Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a BMP image file with a malformed BitMapInfoHeader that triggers a buffer overflow, aka "GDI+ BMP Integer Overflow Vulnerability."
1533| [CVE-2008-3014] Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed WMF image file that triggers improper memory allocation, aka "GDI+ WMF Buffer Overrun Vulnerability."
1534| [CVE-2008-3013] gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed GIF image file containing many extension markers for graphic control extensions and subsequent unknown labels, aka "GDI+ GIF Parsing Vulnerability."
1535| [CVE-2008-3012] gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 does not properly perform memory allocation, which allows remote attackers to execute arbitrary code via a malformed EMF image file, aka "GDI+ EMF Memory Corruption Vulnerability."
1536| [CVE-2008-2948] Cross-domain vulnerability in Microsoft Internet Explorer 7 and 8 allows remote attackers to change the location property of a frame via the Object data type, and use a frame from a different domain to observe domain-independent events, as demonstrated by observing onkeydown events with caballero-listener. NOTE: according to Microsoft, this is a duplicate of CVE-2008-2947, possibly a different attack vector.
1537| [CVE-2008-2579] Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors.
1538| [CVE-2008-1544] The setRequestHeader method of the XMLHttpRequest object in Microsoft Internet Explorer 5.01, 6, and 7 does not block dangerous HTTP request headers when certain 8-bit character sequences are appended to a header name, which allows remote attackers to (1) conduct HTTP request splitting and HTTP request smuggling attacks via an incorrect Content-Length header, (2) access arbitrary virtual hosts via a modified Host header, (3) bypass referrer restrictions via an incorrect Referer header, and (4) bypass the same-origin policy and obtain sensitive information via a crafted request header.
1539| [CVE-2008-1444] Stack-based buffer overflow in Microsoft DirectX 7.0 and 8.1 on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a Synchronized Accessible Media Interchange (SAMI) file with crafted parameters for a Class Name variable, aka the "SAMI Format Parsing Vulnerability."
1540| [CVE-2008-0108] Stack-based buffer overflow in wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted field lengths, aka "Microsoft Works File Converter Field Length Vulnerability."
1541| [CVE-2008-0105] Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section header index table information, aka "Microsoft Works File Converter Index Table Vulnerability."
1542| [CVE-2008-0011] Microsoft DirectX 8.1 through 9.0c, and DirectX on Microsoft XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, does not properly perform MJPEG error checking, which allows remote attackers to execute arbitrary code via a crafted MJPEG stream in a (1) AVI or (2) ASF file, aka the "MJPEG Decoder Vulnerability."
1543| [CVE-2007-5348] Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via an image file with crafted gradient sizes in gradient fill input, which triggers a heap-based buffer overflow related to GdiPlus.dll and VGX.DLL, aka "GDI+ VML Buffer Overrun Vulnerability."
1544| [CVE-2007-5277] Microsoft Internet Explorer 6 drops DNS pins based on failed connections to irrelevant TCP ports, which makes it easier for remote attackers to conduct DNS rebinding attacks, as demonstrated by a port 81 URL in an IMG SRC, when the DNS pin had been established for a session on port 80, a different issue than CVE-2006-4560.
1545| [CVE-2007-4916] Heap-based buffer overflow in the FileFind::FindFile method in (1) MFC42.dll, (2) MFC42u.dll, (3) MFC71.dll, and (4) MFC71u.dll in Microsoft Foundation Class (MFC) Library 8.0, as used by the ListFiles method in hpqutil.dll 2.0.0.138 in Hewlett-Packard (HP) All-in-One and Photo & Imaging Gallery 1.1 and probably other products, allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long first argument.
1546| [CVE-2007-4814] Buffer overflow in the SQLServer ActiveX control in the Distributed Management Objects OLE DLL (sqldmo.dll) 2000.085.2004.00 in Microsoft SQL Server Enterprise Manager 8.05.2004 allows remote attackers to execute arbitrary code via a long second argument to the Start method.
1547| [CVE-2007-2931] Heap-based buffer overflow in Microsoft MSN Messenger 6.2, 7.0, and 7.5, and Live Messenger 8.0 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors involving video conversation handling in Web Cam and video chat sessions.
1548| [CVE-2007-0842] The 64-bit versions of Microsoft Visual C++ 8.0 standard library (MSVCR80.DLL) time functions, including (1) localtime, (2) localtime_s, (3) gmtime, (4) gmtime_s, (5) ctime, (6) ctime_s, (7) wctime, (8) wctime_s, and (9) fstat, trigger an assertion error instead of a NULL pointer or EINVAL when processing a time argument later than Jan 1, 3000, which might allow context-dependent attackers to cause a denial of service (application exit) via large time values. NOTE: it could be argued that this is a design limitation of the functions, and the vulnerability lies with any application that does not validate arguments to these functions. However, this behavior is inconsistent with documentation, which does not list assertions as a possible result of an error condition.
1549| [CVE-2007-0216] wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section length headers, aka "Microsoft Works File Converter Input Validation Vulnerability."
1550| [CVE-2007-0047] CRLF injection vulnerability in Adobe Acrobat Reader Plugin before 8.0.0, when used with the Microsoft.XMLHTTP ActiveX object in Internet Explorer, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the javascript: URI in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.
1551| [CVE-2006-6252] Microsoft Windows Live Messenger 8.0 and earlier, when gestual emoticons are enabled, allows remote attackers to cause a denial of service (CPU consumption) via a long string composed of ":D" sequences, which are interpreted as emoticons.
1552| [CVE-2006-3654] Buffer overflow in wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote attackers to cause a denial of service (CPU consumption or crash) via crafted Excel files.
1553| [CVE-2006-3653] wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote attackers to cause a denial of service (CPU consumption or crash) via crafted (1) Works, (2) Excel, and (3) Lotus 1-2-3 files.
1554| [CVE-2005-3568] db2fmp process in IBM DB2 Content Manager before 8.2 Fix Pack 10 allows local users to cause a denial of service (CPU consumption) by importing a corrupted Microsoft Excel file, aka "CORRUPTED EXEL FILE WILL CAUSE TEXT SEARCH PROCESS LOOPING."
1555| [CVE-2005-3182] Buffer overflow in the HTTP management interface for GFI MailSecurity 8.1 allows remote attackers to execute arbitrary code via long headers such as (1) Host and (2) Accept in HTTP requests. NOTE: the vendor suggests that this issues is "in an underlying Microsoft technology" which, if true, could mean that the overflow affects other products as well.
1556| [CVE-2005-3174] Microsoft Windows 2000 before Update Rollup 1 for SP4 allows users to log on to the domain, even when their password has expired, if the fully qualified domain name (FQDN) is 8 characters long.
1557| [CVE-2004-0540] Microsoft Windows 2000, when running in a domain whose Fully Qualified Domain Name (FQDN) is exactly 8 characters long, does not prevent users with expired passwords from logging on to the domain.
1558| [CVE-2003-0604] Windows Media Player (WMP) 7 and 8, as running on Internet Explorer and possibly other Microsoft products that process HTML, allows remote attackers to bypass zone restrictions and access or execute arbitrary files via an IFRAME tag pointing to an ASF file whose Content-location contains a File:// URL.
1559| [CVE-2002-2435] The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264.
1560| [CVE-2002-2380] NetDSL ADSL Modem 800 with Microsoft Network firmware 5.5.11 allows remote attackers to gain access to configuration menus by sniffing undocumented usernames and passwords from network traffic.
1561| [CVE-2002-0797] Buffer overflow in the MIB parsing component of mibiisa for Solaris 5.6 through 8 allows remote attackers to gain root privileges.
1562| [CVE-2001-0238] Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests.
1563|
1564| SecurityFocus - https://www.securityfocus.com/bid/:
1565| [582] Microsoft IIS And PWS 8.3 Directory Name Vulnerability
1566| [58847] Microsoft Windows Defender for Windows 8 and Windows RT Local Privilege Escalation Vulnerability
1567| [42467] Microsoft Internet Explorer 8 'toStaticHTML()' HTML Sanitization Bypass Weakness
1568| [40490] Microsoft Internet Explorer 8 Developer Tools Remote Code Execution Vulnerability
1569| [37135] Microsoft Internet Explorer 8 Cross-Site Scripting Filter Cross-Site Scripting Vulnerability
1570| [35941] Microsoft Internet Explorer 8 Denial of Service Vulnerability
1571|
1572| IBM X-Force - https://exchange.xforce.ibmcloud.com:
1573| [40937] Microsoft Windows Knowledge Base Article 815495 update not installed
1574| [37226] Microsoft Windows Knowledge Base Article 815495 update not installed
1575| [19102] Microsoft Knowledge Base Article 885834 is not installed
1576| [19090] Microsoft Knowledge Base Article 885250 is not installed
1577| [18392] Microsoft Windows Knowledge Base Article 885249 update is not installed
1578| [18391] Microsoft Windows Knowledge Base Article 885835 update is not installed
1579| [18390] Microsoft Windows Knowledge Base Article 885836 update is not installed
1580| [82776] Microsoft Internet Explorer 10 on Windows 8 sandbox security bypass
1581| [66402] Microsoft Windows kernel-mode driver (win32k.sys) variant 8 privilege escalation
1582| [57338] Microsoft Internet Explorer 8 Developer Tools code execution
1583| [24509] Microsoft Windows Knowledge Base Article 889167 update is not installed
1584| [22882] Microsoft Windows Knowledge Base Article 896424 update is not installed
1585| [22156] Microsoft Windows Knowledge Base Article 899589 update is not installed
1586| [22155] Microsoft Knowledge Base Article 896688 is not installed
1587| [22072] Microsoft Knowledge Base Article 899587 is not installed
1588| [22071] Microsoft Knowledge Base Article 896428 is not installed
1589| [22069] Microsoft Knowledge Base Article 890859 is not installed
1590| [22068] Microsoft Knowledge Base Article 890046 is not installed
1591| [21704] Microsoft Windows Knowledge Base Article 896727 update is not installed
1592| [21605] Microsoft Windows Knowledge Base Article 896423 update is not installed
1593| [21603] Microsoft Windows Knowledge Base Article 899588 update is not installed
1594| [21601] Microsoft Windows Knowledge Base Article 899591 update is not installed
1595| [21600] Microsoft Windows Knowledge Base Article 893756 update is not installed
1596| [20826] Microsoft Windows Knowledge Base Article 896422 update is not installed
1597| [20825] Microsoft Windows Knowledge Base Article 896358 update is not installed
1598| [20823] Microsoft Windows Knowledge Base Article 890169 update is not installed
1599| [20822] Microsoft Windows Knowledge Base Article 883939 update is not installed
1600| [20820] Microsoft Windows Knowledge Base Article 896426 update is not installed
1601| [20382] Microsoft Windows Knowledge Base Article 894320 update is not installed
1602| [20318] Microsoft Windows Knowledge Base Article 893086 update is not installed
1603| [20317] Microsoft Windows Knowledge Base Article 890923 update is not installed
1604| [20000] Microsoft Windows Knowledge Base Article 892944 update is not installed
1605| [19875] Microsoft Knowledge Base Article 893066 is not installed
1606| [19843] Microsoft Windows Knowledge Base Article 894549 update is not installed
1607| [19252] Microsoft Knowledge Base Article 890261 is not installed
1608| [19141] Microsoft Knowledge Base Article 867282 is not installed
1609| [19118] Microsoft Knowledge Base Article 890047 is not installed
1610| [19116] Microsoft Knowledge Base Article 891781 is not installed
1611| [19112] Microsoft Knowledge Base Article 873352 is not installed
1612| [19111] Microsoft Knowledge Base Article 888113 is not installed
1613| [19106] Microsoft Knowledge Base Article 873333 is not installed
1614| [19095] Microsoft Knowledge Base Article 888302 is not installed
1615| [19092] Microsoft Knowledge Base Article 887981 is not installed
1616| [18944] Microsoft Knowledge Base Article 886185 is not installed
1617| [18770] Microsoft Knowledge Base Article 890175 is not installed
1618| [18769] Microsoft Knowledge Base Article 887219 is not installed
1619| [18768] Microsoft Windows Knowledge Base Article 891711 update is not installed
1620| [18766] Microsoft Windows Knowledge Base Article 871250 update is not installed
1621| [18394] Microsoft Windows Knowledge Base Article 870763 update is not installed
1622| [18393] Microsoft Windows Knowledge Base Article 873339 update is not installed
1623| [18314] Microsoft Windows Knowledge Base Article 889293 update is not installed
1624|
1625| Exploit-DB - https://www.exploit-db.com:
1626| [17159] Microsoft Host Integration Server <= 8.5.4224.0 DoS Vulnerabilities
1627| [31118] Microsoft Works 8.0 File Converter Field Length Remote Code Execution Vulnerability
1628| [30537] Microsoft MSN Messenger <= 8.0 - Video Conversation Buffer Overflow Vulnerability
1629| [28222] microsoft works 8.0 spreadsheet Multiple Vulnerabilities
1630| [12728] Microsoft Outlook Web Access (OWA) 8.2.254.0 - Information Disclosure vulnerability
1631|
1632| OpenVAS (Nessus) - http://www.openvas.org:
1633| [902914] Microsoft IIS GET Request Denial of Service Vulnerability
1634| [902796] Microsoft IIS IP Address/Internal Network Name Disclosure Vulnerability
1635| [902694] Microsoft Windows IIS FTP Service Information Disclosure Vulnerability (2761226)
1636| [901120] Microsoft IIS Authentication Remote Code Execution Vulnerability (982666)
1637| [900944] Microsoft IIS FTP Server 'ls' Command DOS Vulnerability
1638| [900874] Microsoft IIS FTP Service Remote Code Execution Vulnerabilities (975254)
1639| [900711] Microsoft IIS WebDAV Remote Authentication Bypass Vulnerability
1640| [900567] Microsoft IIS Security Bypass Vulnerability (970483)
1641| [802806] Microsoft IIS Default Welcome Page Information Disclosure Vulnerability
1642| [801669] Microsoft Windows IIS FTP Server DOS Vulnerability
1643| [801520] Microsoft IIS ASP Stack Based Buffer Overflow Vulnerability
1644| [100952] Microsoft IIS FTPd NLST stack overflow
1645| [11443] Microsoft IIS UNC Mapped Virtual Host Vulnerability
1646| [10680] Test Microsoft IIS Source Fragment Disclosure
1647| [903041] Microsoft Windows Kernel Privilege Elevation Vulnerability (2724197)
1648| [903037] Microsoft JScript and VBScript Engines Remote Code Execution Vulnerability (2706045)
1649| [903036] Microsoft Windows Networking Components Remote Code Execution Vulnerabilities (2733594)
1650| [903035] Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerability (2731847)
1651| [903033] Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2718523)
1652| [903026] Microsoft Office Remote Code Execution Vulnerabilities (2663830)
1653| [903017] Microsoft Office Remote Code Execution Vulnerability (2639185)
1654| [903000] Microsoft Expression Design Remote Code Execution Vulnerability (2651018)
1655| [902936] Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (2783534)
1656| [902934] Microsoft .NET Framework Remote Code Execution Vulnerability (2745030)
1657| [902933] Microsoft Windows Shell Remote Code Execution Vulnerabilities (2727528)
1658| [902932] Microsoft Internet Explorer Multiple Use-After-Free Vulnerabilities (2761451)
1659| [902931] Microsoft Office Remote Code Execution Vulnerabilities - 2720184 (Mac OS X)
1660| [902930] Microsoft Office Remote Code Execution Vulnerabilities (2720184)
1661| [902923] Microsoft Internet Explorer Multiple Vulnerabilities (2722913)
1662| [902922] Microsoft Remote Desktop Protocol Remote Code Execution Vulnerability (2723135)
1663| [902921] Microsoft Office Visio/Viewer Remote Code Execution Vulnerability (2733918)
1664| [902920] Microsoft Office Remote Code Execution Vulnerability (2731879)
1665| [902919] Microsoft SharePoint Privilege Elevation Vulnerabilities (2663841)
1666| [902916] Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2711167)
1667| [902913] Microsoft Office Remote Code Execution Vulnerabilities-2663830 (Mac OS X)
1668| [902912] Microsoft Office Word Remote Code Execution Vulnerability-2680352 (Mac OS X)
1669| [902911] Microsoft Office Word Remote Code Execution Vulnerability (2680352)
1670| [902910] Microsoft Office Visio Viewer Remote Code Execution Vulnerability (2597981)
1671| [902909] Microsoft Windows Service Pack Missing Multiple Vulnerabilities
1672| [902908] Microsoft Windows DirectWrite Denial of Service Vulnerability (2665364)
1673| [902906] Microsoft Windows DNS Server Denial of Service Vulnerability (2647170)
1674| [902900] Microsoft Windows SSL/TLS Information Disclosure Vulnerability (2643584)
1675| [902846] Microsoft Windows TLS Protocol Information Disclosure Vulnerability (2655992)
1676| [902845] Microsoft Windows Shell Remote Code Execution Vulnerability (2691442)
1677| [902842] Microsoft Lync Remote Code Execution Vulnerabilities (2707956)
1678| [902841] Microsoft .NET Framework Remote Code Execution Vulnerability (2706726)
1679| [902839] Microsoft FrontPage Server Extensions MS-DOS Device Name DoS Vulnerability
1680| [902833] Microsoft .NET Framework Remote Code Execution Vulnerability (2693777)
1681| [902832] MS Security Update For Microsoft Office, .NET Framework, and Silverlight (2681578)
1682| [902829] Microsoft Windows Common Controls Remote Code Execution Vulnerability (2664258)
1683| [902828] Microsoft .NET Framework Remote Code Execution Vulnerability (2671605)
1684| [902818] Microsoft Remote Desktop Protocol Remote Code Execution Vulnerabilities (2671387)
1685| [902817] Microsoft Visual Studio Privilege Elevation Vulnerability (2651019)
1686| [902811] Microsoft .NET Framework and Microsoft Silverlight Remote Code Execution Vulnerabilities (2651026)
1687| [902807] Microsoft Windows Media Could Allow Remote Code Execution Vulnerabilities (2636391)
1688| [902798] Microsoft SMB Signing Enabled and Not Required At Server
1689| [902797] Microsoft SMB Signing Information Disclosure Vulnerability
1690| [902785] Microsoft AntiXSS Library Information Disclosure Vulnerability (2607664)
1691| [902784] Microsoft Windows Object Packager Remote Code Execution Vulnerability (2603381)
1692| [902783] Microsoft Windows Kernel Security Feature Bypass Vulnerability (2644615)
1693| [902782] MicroSoft Windows Server Service Remote Code Execution Vulnerability (921883)
1694| [902766] Microsoft Windows Kernel Privilege Elevation Vulnerability (2633171)
1695| [902746] Microsoft Active Accessibility Remote Code Execution Vulnerability (2623699)
1696| [902727] Microsoft Office Excel Remote Code Execution Vulnerabilities (2587505)
1697| [902708] Microsoft Remote Desktop Protocol Denial of Service Vulnerability (2570222)
1698| [902696] Microsoft Internet Explorer Multiple Vulnerabilities (2761465)
1699| [902693] Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (2761226)
1700| [902692] Microsoft Office Excel ReadAV Arbitrary Code Execution Vulnerability
1701| [902689] Microsoft SQL Server Report Manager Cross Site Scripting Vulnerability (2754849)
1702| [902688] Microsoft System Center Configuration Manager XSS Vulnerability (2741528)
1703| [902687] Microsoft Windows Data Access Components Remote Code Execution Vulnerability (2698365)
1704| [902686] Microsoft Internet Explorer Multiple Vulnerabilities (2719177)
1705| [902683] Microsoft Remote Desktop Protocol Remote Code Execution Vulnerability (2685939)
1706| [902682] Microsoft Internet Explorer Multiple Vulnerabilities (2699988)
1707| [902678] Microsoft Silverlight Code Execution Vulnerabilities - 2681578 (Mac OS X)
1708| [902677] Microsoft Windows Prtition Manager Privilege Elevation Vulnerability (2690533)
1709| [902676] Microsoft Windows TCP/IP Privilege Elevation Vulnerabilities (2688338)
1710| [902670] Microsoft Internet Explorer Multiple Vulnerabilities (2675157)
1711| [902663] Microsoft Remote Desktop Protocol Remote Code Execution Vulnerabilities (2671387)
1712| [902662] MicroSoft SMB Server Trans2 Request Remote Code Execution Vulnerability
1713| [902660] Microsoft SMB Transaction Parsing Remote Code Execution Vulnerability
1714| [902658] Microsoft RDP Server Private Key Information Disclosure Vulnerability
1715| [902649] Microsoft Internet Explorer Multiple Vulnerabilities (2647516)
1716| [902642] Microsoft Internet Explorer Multiple Vulnerabilities (2618444)
1717| [902626] Microsoft SharePoint SafeHTML Information Disclosure Vulnerabilities (2412048)
1718| [902625] Microsoft SharePoint Multiple Privilege Escalation Vulnerabilities (2451858)
1719| [902613] Microsoft Internet Explorer Multiple Vulnerabilities (2559049)
1720| [902609] Microsoft Windows CSRSS Privilege Escalation Vulnerabilities (2507938)
1721| [902598] Microsoft Windows Time Component Remote Code Execution Vulnerability (2618451)
1722| [902597] Microsoft Windows Media Remote Code Execution Vulnerability (2648048)
1723| [902596] Microsoft Windows OLE Remote Code Execution Vulnerability (2624667)
1724| [902588] Microsoft Windows Internet Protocol Validation Remote Code Execution Vulnerability
1725| [902581] Microsoft .NET Framework and Silverlight Remote Code Execution Vulnerability (2604930)
1726| [902580] Microsoft Host Integration Server Denial of Service Vulnerabilities (2607670)
1727| [902567] Microsoft Office Remote Code Execution Vulnerabilites (2587634)
1728| [902566] Microsoft Windows WINS Local Privilege Escalation Vulnerability (2571621)
1729| [902552] Microsoft .NET Framework Chart Control Information Disclosure Vulnerability (2567943)
1730| [902551] Microsoft .NET Framework Information Disclosure Vulnerability (2567951)
1731| [902523] Microsoft .NET Framework and Silverlight Remote Code Execution Vulnerability (2514842)
1732| [902522] Microsoft .NET Framework Remote Code Execution Vulnerability (2538814)
1733| [902518] Microsoft .NET Framework Security Bypass Vulnerability
1734| [902516] Microsoft Windows WINS Remote Code Execution Vulnerability (2524426)
1735| [902502] Microsoft .NET Framework Remote Code Execution Vulnerability (2484015)
1736| [902501] Microsoft JScript and VBScript Scripting Engines Remote Code Execution Vulnerability (2514666)
1737| [902496] Microsoft Office IME (Chinese) Privilege Elevation Vulnerability (2652016)
1738| [902495] Microsoft Office Remote Code Execution Vulnerability (2590602)
1739| [902494] Microsoft Office Excel Remote Code Execution Vulnerability (2640241)
1740| [902493] Microsoft Publisher Remote Code Execution Vulnerabilities (2607702)
1741| [902492] Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2639142)
1742| [902487] Microsoft Windows Active Directory LDAPS Authentication Bypass Vulnerability (2630837)
1743| [902484] Microsoft Windows TCP/IP Remote Code Execution Vulnerability (2588516)
1744| [902464] Microsoft Visio Remote Code Execution Vulnerabilities (2560978)
1745| [902463] Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability (2567680)
1746| [902455] Microsoft Visio Remote Code Execution Vulnerability (2560847)
1747| [902445] Microsoft XML Editor Information Disclosure Vulnerability (2543893)
1748| [902443] Microsoft Internet Explorer Multiple Vulnerabilities (2530548)
1749| [902440] Microsoft Windows SMB Server Remote Code Execution Vulnerability (2536275)
1750| [902430] Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2545814)
1751| [902425] Microsoft Windows SMB Accessible Shares
1752| [902423] Microsoft Office Visio Viewer Remote Code Execution Vulnerabilities (2663510)
1753| [902411] Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2489283)
1754| [902410] Microsoft Office Excel Remote Code Execution Vulnerabilities (2489279)
1755| [902403] Microsoft Windows Fraudulent Digital Certificates Spoofing Vulnerability
1756| [902395] Microsoft Bluetooth Stack Remote Code Execution Vulnerability (2566220)
1757| [902378] Microsoft Office Excel Remote Code Execution Vulnerabilities (2537146)
1758| [902377] Microsoft Windows OLE Automation Remote Code Execution Vulnerability (2476490)
1759| [902365] Microsoft GDI+ Remote Code Execution Vulnerability (2489979)
1760| [902364] Microsoft Office Remote Code Execution Vulnerabilites (2489293)
1761| [902351] Microsoft Groove Remote Code Execution Vulnerability (2494047)
1762| [902337] Microsoft Windows Kernel Elevation of Privilege Vulnerability (2393802)
1763| [902336] Microsoft JScript and VBScript Scripting Engines Information Disclosure Vulnerability (2475792)
1764| [902325] Microsoft Internet Explorer 'CSS Import Rule' Use-after-free Vulnerability
1765| [902324] Microsoft SharePoint Could Allow Remote Code Execution Vulnerability (2455005)
1766| [902319] Microsoft Foundation Classes Could Allow Remote Code Execution Vulnerability (2387149)
1767| [902290] Microsoft Windows Active Directory SPN Denial of Service (2478953)
1768| [902289] Microsoft Windows LSASS Privilege Escalation Vulnerability (2478960)
1769| [902288] Microsoft Kerberos Privilege Escalation Vulnerabilities (2496930)
1770| [902287] Microsoft Visio Remote Code Execution Vulnerabilities (2451879)
1771| [902285] Microsoft Internet Explorer Information Disclosure Vulnerability (2501696)
1772| [902281] Microsoft Windows Data Access Components Remote Code Execution Vulnerabilities (2451910)
1773| [902280] Microsoft Windows BranchCache Remote Code Execution Vulnerability (2385678)
1774| [902277] Microsoft Windows Netlogon Service Denial of Service Vulnerability (2207559)
1775| [902276] Microsoft Windows Task Scheduler Elevation of Privilege Vulnerability (2305420)
1776| [902274] Microsoft Publisher Remote Code Execution Vulnerability (2292970)
1777| [902269] Microsoft Windows SMB Server NTLM Multiple Vulnerabilities (971468)
1778| [902265] Microsoft Office Word Remote Code Execution Vulnerabilities (2293194)
1779| [902264] Microsoft Office Excel Remote Code Execution Vulnerabilities (2293211)
1780| [902263] Microsoft Windows Media Player Network Sharing Remote Code Execution Vulnerability (2281679)
1781| [902262] Microsoft Windows Shell and WordPad COM Validation Vulnerability (2405882)
1782| [902256] Microsoft Windows win32k.sys Driver 'CreateDIBPalette()' BOF Vulnerability
1783| [902255] Microsoft Visual Studio Insecure Library Loading Vulnerability
1784| [902254] Microsoft Office Products Insecure Library Loading Vulnerability
1785| [902250] Microsoft Word 2003 'MSO.dll' Null Pointer Dereference Vulnerability
1786| [902246] Microsoft Internet Explorer 'toStaticHTML()' Cross Site Scripting Vulnerability
1787| [902243] Microsoft Outlook TNEF Remote Code Execution Vulnerability (2315011)
1788| [902232] Microsoft Windows TCP/IP Privilege Elevation Vulnerabilities (978886)
1789| [902231] Microsoft Windows Tracing Feature Privilege Elevation Vulnerabilities (982799)
1790| [902230] Microsoft .NET Common Language Runtime Remote Code Execution Vulnerability (2265906)
1791| [902229] Microsoft Window MPEG Layer-3 Remote Code Execution Vulnerability (2115168)
1792| [902228] Microsoft Office Word Remote Code Execution Vulnerabilities (2269638)
1793| [902227] Microsoft Windows LSASS Denial of Service Vulnerability (975467)
1794| [902226] Microsoft Windows Shell Remote Code Execution Vulnerability (2286198)
1795| [902217] Microsoft Outlook SMB Attachment Remote Code Execution Vulnerability (978212)
1796| [902210] Microsoft IE cross-domain IFRAME gadgets keystrokes steal Vulnerability
1797| [902193] Microsoft .NET Framework XML HMAC Truncation Vulnerability (981343)
1798| [902192] Microsoft Office COM Validation Remote Code Execution Vulnerability (983235)
1799| [902191] Microsoft Internet Explorer Multiple Vulnerabilities (982381)
1800| [902183] Microsoft Internet Explorer 'IFRAME' Denial Of Service Vulnerability
1801| [902178] Microsoft Visual Basic Remote Code Execution Vulnerability (978213)
1802| [902176] Microsoft SharePoint '_layouts/help.aspx' Cross Site Scripting Vulnerability
1803| [902166] Microsoft Internet Explorer 'neutering' Mechanism XSS Vulnerability
1804| [902159] Microsoft VBScript Scripting Engine Remote Code Execution Vulnerability (980232)
1805| [902158] Microsoft Office Publisher Remote Code Execution Vulnerability (981160)
1806| [902157] Microsoft 'ISATAP' Component Spoofing Vulnerability (978338)
1807| [902156] Microsoft SMB Client Remote Code Execution Vulnerabilities (980232)
1808| [902155] Microsoft Internet Explorer Multiple Vulnerabilities (980182)
1809| [902151] Microsoft Internet Explorer Denial of Service Vulnerability - Mar10
1810| [902133] Microsoft Office Excel Multiple Vulnerabilities (980150)
1811| [902117] Microsoft DirectShow Remote Code Execution Vulnerability (977935)
1812| [902116] Microsoft Client/Server Run-time Subsystem Privilege Elevation Vulnerability (978037)
1813| [902115] Microsoft Kerberos Denial of Service Vulnerability (977290)
1814| [902114] Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (975416)
1815| [902112] Microsoft SMB Client Remote Code Execution Vulnerabilities (978251)
1816| [902095] Microsoft Office Excel Remote Code Execution Vulnerability (2269707)
1817| [902094] Microsoft Windows Kernel Mode Drivers Privilege Elevation Vulnerabilities (2160329)
1818| [902093] Microsoft Windows Kernel Privilege Elevation Vulnerabilities (981852)
1819| [902080] Microsoft Help and Support Center Remote Code Execution Vulnerability (2229593)
1820| [902069] Microsoft SharePoint Privilege Elevation Vulnerabilities (2028554)
1821| [902068] Microsoft Office Excel Remote Code Execution Vulnerabilities (2027452)
1822| [902067] Microsoft Windows Kernel Mode Drivers Privilege Escalation Vulnerabilities (979559)
1823| [902039] Microsoft Visio Remote Code Execution Vulnerabilities (980094)
1824| [902038] Microsoft MPEG Layer-3 Codecs Remote Code Execution Vulnerability (977816)
1825| [902033] Microsoft Windows '.ani' file Denial of Service vulnerability
1826| [902015] Microsoft Paint Remote Code Execution Vulnerability (978706)
1827| [901305] Microsoft Windows IP-HTTPS Component Security Feature Bypass Vulnerability (2765809)
1828| [901304] Microsoft Windows File Handling Component Remote Code Execution Vulnerability (2758857)
1829| [901301] Microsoft Windows Kerberos Denial of Service Vulnerability (2743555)
1830| [901212] Microsoft Windows DirectPlay Remote Code Execution Vulnerability (2770660)
1831| [901211] Microsoft Windows Common Controls Remote Code Execution Vulnerability (2720573)
1832| [901210] Microsoft Office Privilege Elevation Vulnerability - 2721015 (Mac OS X)
1833| [901209] Microsoft Windows Media Center Remote Code Execution Vulnerabilities (2604926)
1834| [901208] Microsoft Internet Explorer Multiple Vulnerabilities (2586448)
1835| [901205] Microsoft Windows Components Remote Code Execution Vulnerabilities (2570947)
1836| [901193] Microsoft Windows Media Remote Code Execution Vulnerabilities (2510030)
1837| [901183] Internet Information Services (IIS) FTP Service Remote Code Execution Vulnerability (2489256)
1838| [901180] Microsoft Internet Explorer Multiple Vulnerabilities (2482017)
1839| [901169] Microsoft Windows Address Book Remote Code Execution Vulnerability (2423089)
1840| [901166] Microsoft Office Remote Code Execution Vulnerabilites (2423930)
1841| [901164] Microsoft Windows SChannel Denial of Service Vulnerability (2207566)
1842| [901163] Microsoft Windows Media Player Remote Code Execution Vulnerability (2378111))
1843| [901162] Microsoft Internet Explorer Multiple Vulnerabilities (2360131)
1844| [901161] Microsoft ASP.NET Information Disclosure Vulnerability (2418042)
1845| [901151] Microsoft Internet Information Services Remote Code Execution Vulnerabilities (2267960)
1846| [901150] Microsoft Windows Print Spooler Service Remote Code Execution Vulnerability(2347290)
1847| [901140] Microsoft Windows SMB Code Execution and DoS Vulnerabilities (982214)
1848| [901139] Microsoft Internet Explorer Multiple Vulnerabilities (2183461)
1849| [901119] Microsoft Windows OpenType Compact Font Format Driver Privilege Escalation Vulnerability (980218)
1850| [901102] Microsoft Windows Media Services Remote Code Execution Vulnerability (980858)
1851| [901097] Microsoft Internet Explorer Multiple Vulnerabilities (978207)
1852| [901095] Microsoft Embedded OpenType Font Engine Remote Code Execution Vulnerabilities (972270)
1853| [901069] Microsoft Office Project Remote Code Execution Vulnerability (967183)
1854| [901065] Microsoft Windows IAS Remote Code Execution Vulnerability (974318)
1855| [901064] Microsoft Windows ADFS Remote Code Execution Vulnerability (971726)
1856| [901063] Microsoft Windows LSASS Denial of Service Vulnerability (975467)
1857| [901048] Microsoft Windows Active Directory Denial of Service Vulnerability (973309)
1858| [901041] Microsoft Internet Explorer Multiple Code Execution Vulnerabilities (974455)
1859| [901012] Microsoft Windows Media Format Remote Code Execution Vulnerability (973812)
1860| [900973] Microsoft Office Word Remote Code Execution Vulnerability (976307)
1861| [900965] Microsoft Windows SMB2 Negotiation Protocol Remote Code Execution Vulnerability
1862| [900964] Microsoft .NET Common Language Runtime Code Execution Vulnerability (974378)
1863| [900963] Microsoft Windows Kernel Privilege Escalation Vulnerability (971486)
1864| [900957] Microsoft Windows Patterns & Practices EntLib DOS Vulnerability
1865| [900956] Microsoft Windows Patterns & Practices EntLib Version Detection
1866| [900929] Microsoft JScript Scripting Engine Remote Code Execution Vulnerability (971961)
1867| [900908] Microsoft Windows Message Queuing Privilege Escalation Vulnerability (971032)
1868| [900907] Microsoft Windows AVI Media File Parsing Vulnerabilities (971557)
1869| [900898] Microsoft Internet Explorer 'XSS Filter' XSS Vulnerabilities - Nov09
1870| [900897] Microsoft Internet Explorer PDF Information Disclosure Vulnerability - Nov09
1871| [900891] Microsoft Internet Denial Of Service Vulnerability - Nov09
1872| [900887] Microsoft Office Excel Multiple Vulnerabilities (972652)
1873| [900886] Microsoft Windows Kernel-Mode Drivers Multiple Vulnerabilities (969947)
1874| [900881] Microsoft Windows Indexing Service ActiveX Vulnerability (969059)
1875| [900880] Microsoft Windows ATL COM Initialization Code Execution Vulnerability (973525)
1876| [900879] Microsoft Windows Media Player ASF Heap Overflow Vulnerability (974112)
1877| [900878] Microsoft Products GDI Plus Code Execution Vulnerabilities (957488)
1878| [900877] Microsoft Windows LSASS Denial of Service Vulnerability (975467)
1879| [900876] Microsoft Windows CryptoAPI X.509 Spoofing Vulnerabilities (974571)
1880| [900873] Microsoft Windows DNS Devolution Third-Level Domain Name Resolving Weakness (971888)
1881| [900863] Microsoft Internet Explorer 'window.print()' DOS Vulnerability
1882| [900838] Microsoft Windows TCP/IP Remote Code Execution Vulnerability (967723)
1883| [900837] Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability (956844)
1884| [900836] Microsoft Internet Explorer Address Bar Spoofing Vulnerability
1885| [900826] Microsoft Internet Explorer 'location.hash' DOS Vulnerability
1886| [900814] Microsoft Windows WINS Remote Code Execution Vulnerability (969883)
1887| [900813] Microsoft Remote Desktop Connection Remote Code Execution Vulnerability (969706)
1888| [900809] Microsoft Visual Studio ATL Remote Code Execution Vulnerability (969706)
1889| [900808] Microsoft Visual Products Version Detection
1890| [900757] Microsoft Windows Media Player '.AVI' File DOS Vulnerability
1891| [900741] Microsoft Internet Explorer Information Disclosure Vulnerability Feb10
1892| [900740] Microsoft Windows Kernel Could Allow Elevation of Privilege (977165)
1893| [900690] Microsoft Virtual PC/Server Privilege Escalation Vulnerability (969856)
1894| [900689] Microsoft Embedded OpenType Font Engine Remote Code Execution Vulnerabilities (961371))
1895| [900670] Microsoft Office Excel Remote Code Execution Vulnerabilities (969462)
1896| [900589] Microsoft ISA Server Privilege Escalation Vulnerability (970953)
1897| [900588] Microsoft DirectShow Remote Code Execution Vulnerability (961373)
1898| [900568] Microsoft Windows Search Script Execution Vulnerability (963093)
1899| [900566] Microsoft Active Directory LDAP Remote Code Execution Vulnerability (969805)
1900| [900476] Microsoft Excel Remote Code Execution Vulnerabilities (968557)
1901| [900465] Microsoft Windows DNS Memory Corruption Vulnerability - Mar09
1902| [900461] Microsoft MSN Live Messneger Denial of Service Vulnerability
1903| [900445] Microsoft Autorun Arbitrary Code Execution Vulnerability (08-038)
1904| [900404] Microsoft Windows RTCP Unspecified Remote DoS Vulnerability
1905| [900400] Microsoft Internet Explorer Unicode String DoS Vulnerability
1906| [900391] Microsoft Office Publisher Remote Code Execution Vulnerability (969516)
1907| [900366] Microsoft Internet Explorer Web Script Execution Vulnerabilites
1908| [900365] Microsoft Office Word Remote Code Execution Vulnerabilities (969514)
1909| [900337] Microsoft Internet Explorer Denial of Service Vulnerability - Apr09
1910| [900336] Microsoft Windows Media Player MID File Integer Overflow Vulnerability
1911| [900328] Microsoft Internet Explorer Remote Code Execution Vulnerability (963027)
1912| [900314] Microsoft XML Core Service Information Disclosure Vulnerability
1913| [900303] Microsoft Internet Explorer HTML Form Value DoS Vulnerability
1914| [900299] Microsoft Report Viewer Information Disclosure Vulnerability (2578230)
1915| [900297] Microsoft Windows Kernel Denial of Service Vulnerability (2556532)
1916| [900296] Microsoft Windows TCP/IP Stack Denial of Service Vulnerability (2563894)
1917| [900295] Microsoft Windows DNS Server Remote Code Execution Vulnerability (2562485)
1918| [900294] Microsoft Data Access Components Remote Code Execution Vulnerabilities (2560656)
1919| [900288] Microsoft Distributed File System Remote Code Execution Vulnerabilities (2535512)
1920| [900287] Microsoft SMB Client Remote Code Execution Vulnerabilities (2536276)
1921| [900285] Microsoft Foundation Class (MFC) Library Remote Code Execution Vulnerability (2500212)
1922| [900282] Microsoft DNS Resolution Remote Code Execution Vulnerability (2509553)
1923| [900281] Microsoft IE Developer Tools WMITools and Windows Messenger ActiveX Control Vulnerability (2508272)
1924| [900280] Microsoft Windows SMB Server Remote Code Execution Vulnerability (2508429)
1925| [900279] Microsoft SMB Client Remote Code Execution Vulnerabilities (2511455)
1926| [900278] Microsoft Internet Explorer Multiple Vulnerabilities (2497640)
1927| [900273] Microsoft Remote Desktop Client Remote Code Execution Vulnerability (2508062)
1928| [900267] Microsoft Media Decompression Remote Code Execution Vulnerability (2447961)
1929| [900266] Microsoft Windows Movie Maker Could Allow Remote Code Execution Vulnerability (2424434)
1930| [900263] Microsoft Windows OpenType Compact Font Format Driver Privilege Escalation Vulnerability (2296199)
1931| [900262] Microsoft Internet Explorer Multiple Vulnerabilities (2416400)
1932| [900261] Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2293386)
1933| [900248] Microsoft Windows Movie Maker Could Allow Remote Code Execution Vulnerability (981997)
1934| [900246] Microsoft Media Decompression Remote Code Execution Vulnerability (979902)
1935| [900245] Microsoft Data Analyzer and IE Developer Tools ActiveX Control Vulnerability (980195)
1936| [900241] Microsoft Outlook Express and Windows Mail Remote Code Execution Vulnerability (978542)
1937| [900240] Microsoft Exchange and Windows SMTP Service Denial of Service Vulnerability (981832)
1938| [900237] Microsoft Windows Authentication Verification Remote Code Execution Vulnerability (981210)
1939| [900236] Microsoft Windows Kernel Could Allow Elevation of Privilege (979683)
1940| [900235] Microsoft Windows Media Player Could Allow Remote Code Execution (979402)
1941| [900232] Microsoft Windows Movie Maker Could Allow Remote Code Execution Vulnerability (975561)
1942| [900230] Microsoft Windows SMB Server Multiple Vulnerabilities (971468)
1943| [900229] Microsoft Data Analyzer ActiveX Control Vulnerability (978262)
1944| [900228] Microsoft Office (MSO) Remote Code Execution Vulnerability (978214)
1945| [900227] Microsoft Windows Shell Handler Could Allow Remote Code Execution Vulnerability (975713)
1946| [900223] Microsoft Ancillary Function Driver Elevation of Privilege Vulnerability (956803)
1947| [900192] Microsoft Internet Explorer Information Disclosure Vulnerability
1948| [900187] Microsoft Internet Explorer Argument Injection Vulnerability
1949| [900178] Microsoft Windows 'UnhookWindowsHookEx' Local DoS Vulnerability
1950| [900173] Microsoft Windows Media Player Version Detection
1951| [900172] Microsoft Windows Media Player 'MIDI' or 'DAT' File DoS Vulnerability
1952| [900170] Microsoft iExplorer '&NBSP
1953| [900131] Microsoft Internet Explorer Denial of Service Vulnerability
1954| [900125] Microsoft SQL Server 2000 sqlvdir.dll ActiveX Buffer Overflow Vulnerability
1955| [900120] Microsoft Organization Chart Remote Code Execution Vulnerability
1956| [900108] Microsoft Windows NSlookup.exe Remote Code Execution Vulnerability
1957| [900097] Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution
1958| [900095] Microsoft ISA Server and Forefront Threat Management Gateway DoS Vulnerability (961759)
1959| [900093] Microsoft DirectShow Remote Code Execution Vulnerability (961373)
1960| [900080] Vulnerabilities in Microsoft Office Visio Could Allow Remote Code Execution (957634)
1961| [900079] Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239)
1962| [900064] Vulnerability in Microsoft Office SharePoint Server Could Cause Elevation of Privilege (957175)
1963| [900063] Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173)
1964| [900061] Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070)
1965| [900058] Microsoft XML Core Services Remote Code Execution Vulnerability (955218)
1966| [900048] Microsoft Excel Remote Code Execution Vulnerability (956416)
1967| [900047] Microsoft Office nformation Disclosure Vulnerability (957699)
1968| [900046] Microsoft Office Remote Code Execution Vulnerabilities (955047)
1969| [900033] Microsoft PowerPoint Could Allow Remote Code Execution Vulnerabilities (949785)
1970| [900029] Microsoft Office Filters Could Allow Remote Code Execution Vulnerabilities (924090)
1971| [900028] Microsoft Excel Could Allow Remote Code Execution Vulnerabilities (954066)
1972| [900025] Microsoft Office Version Detection
1973| [900006] Microsoft Word Could Allow Remote Code Execution Vulnerability
1974| [900004] Microsoft Access Snapshot Viewer ActiveX Control Vulnerability
1975| [855384] Solaris Update for snmp/mibiisa 108870-36
1976| [855273] Solaris Update for snmp/mibiisa 108869-36
1977| [803028] Microsoft Internet Explorer Remote Code Execution Vulnerability (2757760)
1978| [803007] Microsoft Windows Minimum Certificate Key Length Spoofing Vulnerability (2661254)
1979| [802912] Microsoft Unauthorized Digital Certificates Spoofing Vulnerability (2728973)
1980| [802888] Microsoft Windows Media Service Handshake Sequence DoS Vulnerability
1981| [802886] Microsoft Sidebar and Gadgets Remote Code Execution Vulnerability (2719662)
1982| [802864] Microsoft XML Core Services Remote Code Execution Vulnerability (2719615)
1983| [802774] Microsoft VPN ActiveX Control Remote Code Execution Vulnerability (2695962)
1984| [802726] Microsoft SMB Signing Disabled
1985| [802708] Microsoft Internet Explorer Code Execution and DoS Vulnerabilities
1986| [802634] Microsoft Windows Unauthorized Digital Certificates Spoofing Vulnerability (2718704)
1987| [802500] Microsoft Windows TrueType Font Parsing Privilege Elevation Vulnerability
1988| [802468] Compatibility Issues Affecting Signed Microsoft Binaries (2749655)
1989| [802462] Microsoft ActiveSync Null Pointer Dereference Denial Of Service Vulnerability
1990| [802426] Microsoft Windows ActiveX Control Multiple Vulnerabilities (2647518)
1991| [802383] Microsoft Windows Color Control Panel Privilege Escalation Vulnerability
1992| [802379] Microsoft Windows Kernel 'win32k.sys' Memory Corruption Vulnerability
1993| [802287] Microsoft Internet Explorer Cache Objects History Information Disclosure Vulnerability
1994| [802286] Microsoft Internet Explorer Multiple Information Disclosure Vulnerabilities
1995| [802260] Microsoft Windows WINS Remote Code Execution Vulnerability (2524426)
1996| [802203] Microsoft Internet Explorer Cookie Hijacking Vulnerability
1997| [802202] Microsoft Internet Explorer Cookie Hijacking Vulnerability
1998| [802140] Microsoft Explorer HTTPS Sessions Multiple Vulnerabilities (Windows)
1999| [802136] Microsoft Windows Insecure Library Loading Vulnerability (2269637)
2000| [801991] Microsoft Windows SMB/NETBIOS NULL Session Authentication Bypass Vulnerability
2001| [801966] Microsoft Windows ActiveX Control Multiple Vulnerabilities (2562937)
2002| [801935] Microsoft Silverlight Multiple Memory Leak Vulnerabilities
2003| [801934] Microsoft Silverlight Version Detection
2004| [801914] Microsoft Windows IPv4 Default Configuration Security Bypass Vulnerability
2005| [801876] Microsoft Internet Explorer 'msxml.dll' Information Disclosure Vulnerability
2006| [801831] Microsoft Internet Explorer Incorrect GUI Display Vulnerability
2007| [801830] Microsoft Internet Explorer 'ReleaseInterface()' Remote Code Execution Vulnerability
2008| [801725] Microsoft Products GDI Plus Remote Code Execution Vulnerabilities (954593)
2009| [801721] Microsoft Active Directory Denial of Service Vulnerability (953235)
2010| [801719] Microsoft Windows CSRSS CSRFinalizeContext Local Privilege Escalation Vulnerability (930178)
2011| [801718] Microsoft Windows Vista Information Disclosure Vulnerability (931213)
2012| [801717] Microsoft Windows Vista Teredo Interface Firewall Bypass Vulnerability
2013| [801716] Microsoft Outlook Express/Windows Mail MHTML URI Handler Information Disclosure Vulnerability (929123)
2014| [801715] Microsoft XML Core Services Remote Code Execution Vulnerability (936227)
2015| [801713] Microsoft Outlook Express And Windows Mail NNTP Protocol Heap Buffer Overflow Vulnerability (941202)
2016| [801707] Microsoft Internet Explorer mshtml.dll Remote Memory Corruption Vulnerability (942615)
2017| [801706] Microsoft Windows TCP/IP Remote Code Execution Vulnerabilities (941644)
2018| [801705] Microsoft Windows TCP/IP Denial of Service Vulnerability (946456)
2019| [801704] Microsoft Internet Information Services Privilege Elevation Vulnerability (942831)
2020| [801702] Microsoft Internet Explorer HTML Rendering Remote Memory Corruption Vulnerability (944533)
2021| [801701] Microsoft Windows DNS Client Service Response Spoofing Vulnerability (945553)
2022| [801677] Microsoft WMI Administrative Tools ActiveX Control Remote Code Execution Vulnerabilities
2023| [801606] Microsoft Internet Explorer 'mshtml.dll' Information Disclosure Vulnerability
2024| [801598] Microsoft Windows2k3 Active Directory 'BROWSER ELECTION' Buffer Overflow Vulnerability
2025| [801597] Microsoft Office Excel 2003 Invalid Object Type Remote Code Execution Vulnerability
2026| [801596] Microsoft Excel 2007 Office Drawing Layer Remote Code Execution Vulnerability
2027| [801595] Microsoft Office Excel Axis and Art Object Parsing Remote Code Execution Vulnerabilities
2028| [801594] Microsoft PowerPoint 2007 OfficeArt Atom Remote Code Execution Vulnerability
2029| [801580] Microsoft Windows Fax Cover Page Editor BOF Vulnerabilities
2030| [801527] Microsoft Windows 32-bit Platforms Unspecified vulnerabilities
2031| [801491] Microsoft 'hxvz.dll' ActiveX Control Memory Corruption Vulnerability (948881)
2032| [801489] Microsoft Office Graphics Filters Remote Code Execution Vulnerabilities (968095)
2033| [801488] Microsoft Internet Explorer Data Stream Handling Remote Code Execution Vulnerability (947864)
2034| [801487] Microsoft Windows Kernel Usermode Callback Local Privilege Elevation Vulnerability (941693)
2035| [801486] Microsoft Windows Speech Components Voice Recognition Command Execution Vulnerability (950760)
2036| [801485] Microsoft Pragmatic General Multicast (PGM) Denial of Service Vulnerability (950762)
2037| [801484] Microsoft Windows IPsec Policy Processing Information Disclosure Vulnerability (953733)
2038| [801483] Microsoft Windows Search Remote Code Execution Vulnerability (959349)
2039| [801482] Microsoft Windows ASP.NET Denial of Service Vulnerability(970957)
2040| [801481] Microsoft Wireless LAN AutoConfig Service Remote Code Execution Vulnerability (970710)
2041| [801480] Microsoft Web Services on Devices API Remote Code Execution Vulnerability (973565)
2042| [801479] Microsoft Windows TCP/IP Could Allow Remote Code Execution (974145)
2043| [801457] Microsoft Windows Address Book Insecure Library Loading Vulnerability
2044| [801456] Microsoft Windows Progman Group Converter Insecure Library Loading Vulnerability
2045| [801349] Microsoft Internet Explorer 'IFRAME' Denial Of Service Vulnerability (June-10)
2046| [801348] Microsoft Internet Explorer 'IFRAME' Denial Of Service Vulnerability -june 10
2047| [801345] Microsoft .NET 'ASP.NET' Cross-Site Scripting vulnerability
2048| [801344] Microsoft .NET '__VIEWSTATE' Cross-Site Scripting vulnerability
2049| [801342] Microsoft ASP.NET Cross-Site Scripting vulnerability
2050| [801333] Microsoft Windows Kernel 'win32k.sys' Multiple DOS Vulnerabilities
2051| [801330] Microsoft Internet Explorer Cross Site Data Leakage Vulnerability
2052| [801109] Microsoft IE CA SSL Certificate Security Bypass Vulnerability - Oct09
2053| [801090] Microsoft Windows Indeo Codec Multiple Vulnerabilities
2054| [800968] Microsoft SharePoint Team Services Information Disclosure Vulnerability
2055| [800910] Microsoft Internet Explorer Buffer Overflow Vulnerability - Jul09
2056| [800902] Microsoft Internet Explorer XSS Vulnerability - July09
2057| [800872] Microsoft Internet Explorer 'li' Element DoS Vulnerability - Sep09
2058| [800863] Microsoft Internet Explorer XML Document DoS Vulnerability - Aug09
2059| [800862] Microsoft Windows Kernel win32k.sys Privilege Escalation Vulnerability
2060| [800861] Microsoft Internet Explorer 'findText()' Unicode Parsing DoS Vulnerability
2061| [800845] Microsoft Office Web Components ActiveX Control Code Execution Vulnerability
2062| [800829] Microsoft Video ActiveX Control 'msvidctl.dll' BOF Vulnerability
2063| [800742] Microsoft Internet Explorer Unspecified vulnerability
2064| [800700] Microsoft GDIPlus PNG Infinite Loop Vulnerability
2065| [800687] Microsoft Windows Server 2003 OpenType Font Engine DoS Vulnerability
2066| [800669] Microsoft Internet Explorer Denial Of Service Vulnerability - July09
2067| [800577] Microsoft Windows Server 2003 win32k.sys DoS Vulnerability
2068| [800505] Microsoft HTML Help Workshop buffer overflow vulnerability
2069| [800504] Microsoft Windows XP SP3 denial of service vulnerability
2070| [800481] Microsoft SharePoint Cross Site Scripting Vulnerability
2071| [800480] Microsoft Windows Media Player '.mpg' Buffer Overflow Vulnerability
2072| [800466] Microsoft Windows TLS/SSL Spoofing Vulnerability (977377)
2073| [800461] Microsoft Internet Explorer Information Disclosure Vulnerability (980088)
2074| [800442] Microsoft Windows GP Trap Handler Privilege Escalation Vulnerability
2075| [800429] Microsoft Internet Explorer Remote Code Execution Vulnerability (979352)
2076| [800382] Microsoft PowerPoint File Parsing Remote Code Execution Vulnerability (967340)
2077| [800347] Microsoft Internet Explorer Clickjacking Vulnerability
2078| [800343] Microsoft Word 2007 Sensitive Information Disclosure Vulnerability
2079| [800337] Microsoft Internet Explorer NULL Pointer DoS Vulnerability
2080| [800332] Microsoft Windows Live Messenger Information Disclosure Vulnerability
2081| [800331] Microsoft Windows Live Messenger Client Version Detection
2082| [800328] Integer Overflow vulnerability in Microsoft Windows Media Player
2083| [800310] Microsoft Windows Media Services nskey.dll ActiveX BOF Vulnerability
2084| [800267] Microsoft GDIPlus Library File Integer Overflow Vulnerability
2085| [800218] Microsoft Money 'prtstb06.dll' Denial of Service vulnerability
2086| [800217] Microsoft Money Version Detection
2087| [800209] Microsoft Internet Explorer Version Detection (Win)
2088| [800208] Microsoft Internet Explorer Anti-XSS Filter Vulnerabilities
2089| [800083] Microsoft Outlook Express Malformed MIME Message DoS Vulnerability
2090| [800082] Microsoft SQL Server sp_replwritetovarbin() BOF Vulnerability
2091| [800023] Microsoft Windows Image Color Management System Code Execution Vulnerability (952954)
2092| [103254] Microsoft SharePoint Server 2007 '_layouts/help.aspx' Cross Site Scripting Vulnerability
2093| [102059] Microsoft Windows Vector Markup Language Buffer Overflow (938127)
2094| [102055] Microsoft Windows GDI Multiple Vulnerabilities (925902)
2095| [102053] Microsoft Windows Vector Markup Language Vulnerabilities (929969)
2096| [102015] Microsoft RPC Interface Buffer Overrun (KB824146)
2097| [101100] Vulnerabilities in Microsoft ATL Could Allow Remote Code Execution (973908)
2098| [101017] Microsoft MS03-018 security check
2099| [101016] Microsoft MS03-022 security check
2100| [101015] Microsoft MS03-034 security check
2101| [101014] Microsoft MS00-078 security check
2102| [101012] Microsoft MS03-051 security check
2103| [101010] Microsoft Security Bulletin MS05-004
2104| [101009] Microsoft Security Bulletin MS06-033
2105| [101007] Microsoft dotNET version grabber
2106| [101006] Microsoft Security Bulletin MS06-056
2107| [101005] Microsoft Security Bulletin MS07-040
2108| [101004] Microsoft MS04-017 security check
2109| [101003] Microsoft MS00-058 security check
2110| [101000] Microsoft MS00-060 security check
2111| [100950] Microsoft DNS server internal hostname disclosure detection
2112| [100624] Microsoft Windows SMTP Server DNS spoofing vulnerability
2113| [100607] Microsoft SMTP Service and Exchange Routing Engine Buffer Overflow Vulnerability
2114| [100596] Microsoft Windows SMTP Server MX Record Denial of Service Vulnerability
2115| [100283] Microsoft Windows SMB2 '_Smb2ValidateProviderCallback()' Remote Code Execution Vulnerability
2116| [100062] Microsoft Remote Desktop Protocol Detection
2117| [90024] Windows Vulnerability in Microsoft Jet Database Engine
2118| [80007] Microsoft MS00-06 security check
2119| [13752] Denial of Service (DoS) in Microsoft SMS Client
2120| [11992] Vulnerability in Microsoft ISA Server 2000 H.323 Filter(816458)
2121| [11874] IIS Service Pack - 404
2122| [11808] Microsoft RPC Interface Buffer Overrun (823980)
2123| [11433] Microsoft ISA Server DNS - Denial Of Service (MS03-009)
2124| [11217] Microsoft's SQL Version Query
2125| [11177] Flaw in Microsoft VM Could Allow Code Execution (810030)
2126| [11146] Microsoft RDP flaws could allow sniffing and DOS(Q324380)
2127| [11142] IIS XSS via IDC error
2128| [11067] Microsoft's SQL Hello Overflow
2129| [11003] IIS Possible Compromise
2130| [10993] IIS ASP.NET Application Trace Enabled
2131| [10991] IIS Global.asa Retrieval
2132| [10936] IIS XSS via 404 error
2133| [10862] Microsoft's SQL Server Brute Force
2134| [10755] Microsoft Exchange Public Folders Information Leak
2135| [10732] IIS 5.0 WebDav Memory Leakage
2136| [10699] IIS FrontPage DoS II
2137| [10695] IIS .IDA ISAPI filter applied
2138| [10674] Microsoft's SQL UDP Info Query
2139| [10673] Microsoft's SQL Blank Password
2140| [10671] IIS Remote Command Execution
2141| [10667] IIS 5.0 PROPFIND Vulnerability
2142| [10661] IIS 5 .printer ISAPI filter applied
2143| [10657] NT IIS 5.0 Malformed HTTP Printer Request Header Buffer Overflow Vulnerability
2144| [10585] IIS FrontPage DoS
2145| [10576] Check for dangerous IIS default files
2146| [10575] Check for IIS .cnf file leakage
2147| [10573] IIS 5.0 Sample App reveals physical path of web root
2148| [10572] IIS 5.0 Sample App vulnerable to cross-site scripting attack
2149| [10537] IIS directory traversal
2150| [10492] IIS IDA/IDQ Path Disclosure
2151| [10491] ASP/ASA source using Microsoft Translate f: bug
2152| [10144] Microsoft SQL TCP/IP listener is running
2153|
2154| SecurityTracker - https://www.securitytracker.com:
2155| [1024070] Microsoft Internet Explorer 8 Developer Tools ActiveX Control Memory Corruption Error Lets Remote Users Execute Arbitrary Code
2156| [1027751] Microsoft Internet Information Server (IIS) FTP Server Lets Remote Users Obtain Files and Local Users Obtain Passwords
2157| [1027223] Microsoft IIS Web Server Discloses Potentially Sensitive Information to Remote Users
2158| [1024921] Microsoft IIS FTP Server Lets Remote Users Deny Service
2159| [1024496] Microsoft Internet Information Server (IIS) Web Server Stack Overflow in Reading POST Data Lets Remote Users Deny Service
2160| [1023387] Microsoft Internet Information Services (IIS) Filename Extension Parsing Configuration Error May Let Users Bypass Security Controls
2161| [1022792] Microsoft Internet Information Server (IIS) FTP Server Buffer Overflows Let Remote Authenticated Users Execute Arbitrary Code and Deny Service
2162| [1016466] Microsoft Internet Information Server (IIS) Buffer Overflow in Processing ASP Pages Lets Remote Authenticated Users Execute Arbitrary Code
2163| [1015376] Microsoft IIS Lets Remote Users Deny Service or Execute Arbitrary Code With Malformed HTTP GET Requests
2164| [1015049] Microsoft Internet Explorer Drag-and-Drop Timing May Let Remote Users Install Arbitrary Files
2165| [1014777] Microsoft IIS ASP Error Page May Disclose System Information in Certain Cases
2166| [1011633] Microsoft IIS WebDAV XML Message Handler Error Lets Remote Users Deny Service
2167| [1010692] Microsoft IIS 4.0 Buffer Overflow in Redirect Function Lets Remote Users Execute Arbitrary Code
2168| [1010610] Microsoft IIS Web Server May Disclose Private IP Addresses in Certain Cases
2169| [1010079] Microsoft IIS ASP Script Cookie Processing Flaw May Disclose Application Information to Remote Users
2170| [1008563] Microsoft IIS Fails to Log HTTP TRACK Requests
2171| [1007262] Microsoft IIS 6.0 Vulnerabilities Permit Cross-Site Scripting and Password Changing Attacks Against Administrators
2172| [1007059] Microsoft Windows Media Services (nsiislog.dll) Extension to Internet Information Server (IIS) Has Another Buffer Overflow That Lets Remote Execute Arbitrary Code
2173| [1006867] Microsoft IIS Buffer Overflow Lets Remote Users With Upload Privileges Execute Code - Remote Users Can Also Crash the Service
2174| [1006866] Microsoft Windows Media Services (nsiislog.dll) Extension to Internet Information Server (IIS) Lets Remote Execute Arbitrary Code
2175| [1006704] Microsoft IIS Authentication Manager Discloses Validity of User Names to Remote Users
2176| [1006305] Microsoft IIS Web Server WebDAV Buffer Overflow Lets Remote Users Execute Arbitrary Code
2177| [1005505] Microsoft Internet Information Server (IIS) Script Access Control Bug May Let Remote Authenticated Users Upload Unauthorized Executable Files
2178| [1005504] Microsoft Internet Information Server (IIS) WebDAV Memory Allocation Flaw Lets Remote Users Crash the Server
2179| [1005503] Microsoft Internet Information Server (IIS) Administrative Pages Allow Cross-Site Scripting Attacks
2180| [1005502] Microsoft Internet Information Server (IIS) Out-of-Process Access Control Bug Lets Certain Authenticated Users Gain Full Control of the Server
2181| [1005083] Microsoft Internet Information Server (IIS) Web Server Fails to Properly Validate Client-side Certificates, Allowing Remote Users to Impersonate Other Users or Certificate Issuers
2182| [1004757] Microsoft IIS SMTP Service Encapsulation Bug Lets Remote Users Relay Mail and Send SPAM Via the Service
2183| [1004646] ColdFusion MX Buffer Overflow When Used With Microsoft Internet Information Server (IIS) Lets Remote Users Crash the IIS Web Server or Execute Arbitrary Code
2184| [1004526] Microsoft Internet Information Server (IIS) Heap Overflow in HTR ISAPI Extension While Processing Chunked Encoded Data Lets Remote Users Execute Arbitrary Code
2185| [1004044] Cisco CallManager Affected by Microsoft Internet Information Server (IIS) Bugs
2186| [1004032] Microsoft Internet Information Server (IIS) FTP STAT Command Bug Lets Remote Users Crash Both the FTP and the Web Services
2187| [1004031] Microsoft Internet Information Server (IIS) URL Length Bug Lets Remote Users Crash the Web Service
2188| [1004011] Microsoft Internet Information Server (IIS) Buffer Overflow in ASP Server-Side Include Function May Let Remote Users Execute Arbitrary Code on the Web Server
2189| [1004006] Microsoft Internet Information Server (IIS) Off-By-One Heap Overflow in .HTR Processing May Let Remote Users Execute Arbitrary Code on the Server
2190| [1003224] Microsoft Internet Information Server (IIS) Version 4 Lets Local Users Modify the Log File Undetected
2191| [1002778] Microsoft Internet Information Server (IIS) Lets Remote Users Create Bogus Web Log Entries
2192| [1002733] Microsoft IIS 4.0 Configuration Error May Allow Remote Users to Obtain Physical Directory Path Information
2193| [1002651] Microsoft Internet Information Server (IIS) May Disclose PHP Scripting Source Code
2194| [1002212] Microsoft IIS Web Server Contains Multiple Vulnerabilities That Allow Local Users to Gain System Privileges and Allow Remote Users to Cause the Web Server to Crash
2195| [1002161] Microsoft Internet Information Server (IIS) Web Server Discloses Internal IP Addresses or NetBIOS Host Names to Remote Users
2196| [1001818] Microsoft Internet Information Server (IIS) Web Server Discloses ASP Source Code When Installed on FAT-based Filesystem
2197| [1001576] eEye Digital Security's SecureIIS Application Firewall for Microsoft Web Servers Fails to Filter Certain Web URL Characters, Allowing Remote Users to Bypass the SecureIIS Firewall
2198| [1001565] Microsoft IIS Web Server on Windows 2000 Allows Remote Users to Cause the Server to Consume All Available Memory Due to Memory Leak in WebDAV Lock Method
2199| [1001530] Microsoft IIS Web Server Allows Remote Users to Execute Commands on the Server Due to CGI Decoding Error
2200| [1001483] Microsoft IIS Web Server Lets Remote Users Restart the Web Server with Another Specially Crafted PROPFIND XML Command
2201| [1001464] Microsoft Internet Information Server IIS 5.0 for Windows 2000 Lets Remote Users Execute Arbitrary Code on the Server and Gain Control of the Server
2202| [1001402] Microsoft IIS Web Server Can Be Effectively Shutdown By Certain Internal-Network Attacks When The Underlying OS Supports User Account Lockouts
2203| [1001116] Microsoft Personal Web Server Contains An Old Internet Information Server (IIS) Vulnerability Allowing Unauthorized Directory Listings and Possible Code Execution For Remote Users
2204| [1001050] Microsoft IIS 5.0 Web Server Can Be Restarted Remotely By Any User
2205|
2206| OSVDB - http://www.osvdb.org:
2207| [91269] Microsoft Windows 8 TrueType Font (TTF) Handling Unspecified DoS
2208| [65218] Microsoft IE 8 Developer Tools ActiveX Remote Code Execution
2209| [87555] Adobe ColdFusion for Microsoft IIS Unspecified DoS
2210| [87262] Microsoft IIS FTP Command Injection Information Disclosure
2211| [87261] Microsoft IIS Log File Permission Weakness Local Password Disclosure
2212| [86899] Microsoft IIS 302 Redirect Message Internal IP Address Remote Disclosure
2213| [83771] Microsoft IIS Tilde Character Request Parsing File / Folder Name Information Disclosure
2214| [83454] Microsoft IIS ODBC Tool ctguestb.idc Unauthenticated Remote DSN Initialization
2215| [83386] Microsoft IIS Non-existent IDC File Request Web Root Path Disclosure
2216| [82848] Microsoft IIS $INDEX_ALLOCATION Data Stream Request Authentication Bypass
2217| [76237] Microsoft Forefront Unified Access Gateway IIS NULL Session Cookie Parsing Remote DoS
2218| [71856] Microsoft IIS Status Header Handling Remote Overflow
2219| [70167] Microsoft IIS FTP Server Telnet IAC Character Handling Overflow
2220| [67980] Microsoft IIS Unspecified Remote Directory Authentication Bypass
2221| [67979] Microsoft IIS FastCGI Request Header Handling Remote Overflow
2222| [67978] Microsoft IIS Repeated Parameter Request Unspecified Remote DoS
2223| [66160] Microsoft IIS Basic Authentication NTFS Stream Name Permissions Bypass
2224| [65216] Microsoft IIS Extended Protection for Authentication Memory Corruption
2225| [62229] Microsoft IIS Crafted DNS Response Inverse Lookup Log Corruption XSS
2226| [61432] Microsoft IIS Colon Safe Extension NTFS ADS Filename Syntax Arbitrary Remote File Creation
2227| [61294] Microsoft IIS ASP Crafted semicolon Extension Security Bypass
2228| [61249] Microsoft IIS ctss.idc table Parameter SQL Injection
2229| [59892] Microsoft IIS Malformed Host Header Remote DoS
2230| [59621] Microsoft IIS CodeBrws.asp Off-By-One File Check Bypass Source Disclosure
2231| [59561] Microsoft IIS CodeBrws.asp Encoded Traversal Arbitrary File Source Disclosure
2232| [59360] Microsoft IIS ASP Page Visual Basic Script Malformed Regex Parsing DoS
2233| [57753] Microsoft IIS FTP Server Crafted Recursive Listing Remote DoS
2234| [57589] Microsoft IIS FTP Server NLST Command Remote Overflow
2235| [56474] Microsoft IIS WebDAV Extension URL Decode Crafted HTTP Request Authentication Bypass
2236| [55269] Microsoft IIS Traversal GET Request Remote DoS
2237| [54555] Microsoft IIS WebDAV Unicode URI Request Authentication Bypass
2238| [52924] Microsoft IIS WebDAV PROPFIND Method Forced Directory Listing
2239| [52680] Microsoft IIS httpext.dll WebDav LOCK Method Nonexistent File Request Parsing Memory Exhaustion Remote DoS
2240| [52238] Microsoft IIS IDC Extension XSS
2241| [49899] Microsoft IIS iissext.dll Unspecified ActiveX SetPassword Method Remote Password Manipulation
2242| [49730] Microsoft IIS ActiveX (adsiis.dll) GetObject Method Remote DoS
2243| [49059] Microsoft IIS IPP Service Unspecified Remote Overflow
2244| [45583] Microsoft IIS w/ Visual Interdev Unspecified Authentication Bypass
2245| [43451] Microsoft IIS HTTP Request Smuggling
2246| [41456] Microsoft IIS File Change Handling Local Privilege Escalation
2247| [41445] Microsoft IIS ASP Web Page Input Unspecified Arbitrary Code Execution
2248| [41091] Microsoft IIS webhits.dll Hit-Highlighting Authentication Bypass
2249| [41063] Microsoft IIS ODBC Tool newdsn.exe Remote DSN Creation
2250| [41057] Microsoft IIS w/ .NET MS-DOS Device Request Blacklist Bypass
2251| [35950] Microsoft IIS IUSR_Machine Account Arbitrary Non-EXE Command Execution
2252| [33457] Microsoft IIS Crafted TCP Connection Range Header DoS
2253| [28260] Microsoft IIS FrontPage Server Extensions (FPSE) shtml.exe Path Disclosure
2254| [27152] Microsoft Windows IIS ASP Page Processing Overflow
2255| [27087] Microsoft IIS SMTP Encapsulated SMTP Address Open Relay
2256| [23590] Microsoft IIS Traversal Arbitrary FPSE File Access
2257| [21805] Microsoft IIS Crafted URL Remote DoS
2258| [21537] Microsoft IIS Log File Permission Weakness Remote Modification
2259| [18926] Microsoft IIS SERVER_NAME Variable Spoofing Filter Bypass
2260| [17124] Microsoft IIS Malformed WebDAV Request DoS
2261| [17123] Microsoft IIS Multiple Unspecified Admin Pages XSS
2262| [17122] Microsoft IIS Permission Weakness .COM File Upload
2263| [15749] Microsoft IIS / Site Server code.asp Arbitrary File Access
2264| [15342] Microsoft IIS Persistent FTP Banner Information Disclosure
2265| [14229] Microsoft IIS asp.dll Scripting.FileSystemObject Malformed Program DoS
2266| [13985] Microsoft IIS Malformed HTTP Request Log Entry Spoofing
2267| [13760] Microsoft IIS Malformed URL Request DoS
2268| [13759] Microsoft IIS ISAPI .ASP Parser Script Tag LANGUAGE Argument Overflow
2269| [13634] Microsoft IIS Inetinfo.exe Malformed Long Mail File Name DoS
2270| [13558] Microsoft IIS SSL Request Resource Exhaustion DoS
2271| [13507] Microsoft IIS showfile.asp FileSystemObject Arbitrary File Access
2272| [13479] Microsoft IIS for Far East Parsed Page Source Disclosure
2273| [13473] Microsoft IIS on FAT Partition Local ASP Source Disclosure
2274| [13439] Microsoft IIS HTTP Request Malformed Content-Length Parsing Remote DoS
2275| [13433] Microsoft IIS WebDAV MKCOL Method Location Server Header Internal IP Disclosure
2276| [13432] Microsoft IIS WebDAV WRITE Location Server Header Internal IP Disclosure
2277| [13431] Microsoft IIS WebDAV Malformed PROPFIND Request Internal IP Disclosure
2278| [13430] Microsoft IIS aexp4.htr Password Policy Bypass
2279| [13429] Microsoft IIS aexp3.htr Password Policy Bypass
2280| [13428] Microsoft IIS aexp2b.htr Password Policy Bypass
2281| [13427] Microsoft IIS aexp2.htr Password Policy Bypass
2282| [13426] Microsoft IIS NTLM Authentication Request Parsing Remote Information Disclosure
2283| [13385] Microsoft IIS WebDAV Long PROPFIND/SEARCH Request DoS
2284| [11455] Microsoft IIS / PWS DOS Filename Request Access Bypass
2285| [11452] Microsoft IIS Double Byte Code Arbitrary Source Disclosure
2286| [11277] Microsoft IIS SSL ISAPI Filter Cleartext Information Disclosure
2287| [11257] Microsoft IIS Malformed GET Request DoS
2288| [11157] Microsoft IIS FTP Service PASV Connection Saturation DoS
2289| [11101] Microsoft IIS Multiple Slash ASP Page Request DoS
2290| [9315] Microsoft IIS getdrvs.exe ODBC Sample Information Disclosure
2291| [9314] Microsoft IIS mkilog.exe ODBC Sample Arbitrary Command Execution
2292| [9200] Microsoft IIS Unspecified XSS Variant
2293| [9199] Microsoft IIS shtml.dll XSS
2294| [8098] Microsoft IIS Virtual Directory ASP Source Disclosure
2295| [7807] Microsoft IIS ISAPI Virtual Directory UNC Mapping ASP Source Disclosure
2296| [7737] Microsoft IIS ASP Redirection Function XSS
2297| [7265] Microsoft IIS .ASP Session ID Disclosure and Hijacking
2298| [5851] Microsoft IIS Single Dot Source Code Disclosure
2299| [5736] Microsoft IIS Relative Path System Privilege Escalation
2300| [5693] Microsoft MS00-060 Patch IIS Malformed Request DoS
2301| [5633] Microsoft IIS Invalid WebDAV Request DoS
2302| [5606] Microsoft IIS WebDAV PROPFIND Request DoS
2303| [5584] Microsoft IIS URL Redirection Malformed Length DoS
2304| [5566] Microsoft IIS Form_VBScript.asp XSS
2305| [5316] Microsoft IIS ISAPI HTR Chunked Encoding Overflow
2306| [4864] Microsoft IIS TRACK Logging Failure
2307| [4863] Microsoft IIS Active Server Page Header DoS
2308| [4791] Microsoft IIS Response Object DoS
2309| [4655] Microsoft IIS ssinc.dll Long Filename Overflow
2310| [4535] Microsoft Media Services ISAPI nsiislog.dll POST Overflow
2311| [3512] Microsoft IIS ODBC Tool getdrvrs.exe Remote DSN Creation
2312| [3500] Microsoft IIS fpcount.exe Remote Overflow
2313| [3341] Microsoft IIS Redirect Response XSS
2314| [3339] Microsoft IIS HTTP Error Page XSS
2315| [3338] Microsoft IIS Help File XSS
2316| [3328] Microsoft IIS FTP Status Request DoS
2317| [3326] Microsoft IIS w3svc.dll ISAPI Filter URL Handling Remote DoS
2318| [3325] Microsoft IIS HTR ISAPI Overflow
2319| [3323] Microsoft IIS ISAPI .printer Extension Host Header Overflow
2320| [3320] Microsoft IIS ASP Server-Side Include Buffer Overflow
2321| [3316] Microsoft IIS HTTP Header Field Delimiter Overflow
2322| [3301] Microsoft IIS ASP Chunked Encoding Variant Heap Overflow
2323| [3284] Microsoft IIS Winmsdp.exe Arbitrary File Retrieval
2324| [3231] Microsoft IIS Log Bypass
2325| [2106] Microsoft Media Services ISAPI nsiislog.dll Overflow
2326| [1931] Microsoft IIS MIME Content-Type Header DoS
2327| [1930] Microsoft IIS SSI ssinc.dll Filename Handling Overflow
2328| [1826] Microsoft IIS Domain Guest Account Disclosure
2329| [1824] Microsoft IIS FTP DoS
2330| [1804] Microsoft IIS Long Request Parsing Remote DoS
2331| [1770] Microsoft IIS WebDAV Malformed PROPFIND Request Remote DoS
2332| [1750] Microsoft IIS File Fragment Disclosure
2333| [1543] Microsoft NT/IIS Invalid URL Request DoS
2334| [1504] Microsoft IIS File Permission Canonicalization Bypass
2335| [1465] Microsoft IIS .htr Missing Variable DoS
2336| [1325] Microsoft IIS Malformed Filename Request File Fragment Disclosure
2337| [1322] Microsoft IIS Malformed .htr Request DoS
2338| [1281] Microsoft IIS Escaped Character Saturation Remote DoS
2339| [1261] Microsoft IIS Chunked Transfer Encoding Remote Overflow DoS
2340| [1210] Microsoft IIS WebHits.dll ISAPI Filter Traversal Arbitrary File Access
2341| [1170] Microsoft IIS Escape Character URL Access Bypass
2342| [1083] Microsoft IIS FTP NO ACCESS Read/Delete File
2343| [1082] Microsoft IIS Domain Resolution Access Bypass
2344| [1041] Microsoft IIS Malformed HTTP Request Header DoS
2345| [1020] Microsoft IIS ISAPI GetExtensionVersion() Privilege Escalation
2346| [930] Microsoft IIS Shared ASP Cache Information Disclosure
2347| [929] Microsoft IIS FTP Server NLST Command Overflow
2348| [928] Microsoft IIS Long Request Log Evasion
2349| [815] Microsoft IIS ASP.NET trace.axd Application Tracing Information Disclosure
2350| [814] Microsoft IIS global.asa Remote Information Disclosure
2351| [782] Microsoft IIS / Site Server codebrws.asp Arbitrary File Access
2352| [771] Microsoft IIS Hosting Process (dllhost.exe) Out of Process Application Unspecified Privilege Escalation
2353| [768] Microsoft IIS ASP Chunked Encoding Heap Overflow
2354| [636] Microsoft IIS sqlqhit.asp Sample Script CiScope Parameter Information Disclosure
2355| [630] Microsoft IIS Multiple Malformed Header Field Internal IP Address Disclosure
2356| [568] Microsoft IIS idq.dll IDA/IDQ ISAPI Remote Overflow
2357| [564] Microsoft IIS ISM.dll Fragmented Source Disclosure
2358| [556] Microsoft IIS/PWS Encoded Filename Arbitrary Command Execution
2359| [525] Microsoft IIS Webserver Invalid Filename Request Arbitrary Command Execution
2360| [482] Microsoft IIS FrontPage Server Extensions (FPSE) Malformed Form DoS
2361| [475] Microsoft IIS bdir.htr Arbitrary Directory Listing
2362| [474] Microsoft IIS / Site Server viewcode.asp Arbitrary File Access
2363| [473] Microsoft IIS Multiple .cnf File Information Disclosure
2364| [471] Microsoft IIS ServerVariables_Jscript.asp Path Disclosure
2365| [470] Microsoft IIS Form_JScript.asp XSS
2366| [463] Microsoft IIS Phone Book Service /pbserver/pbserver.dll Remote Overflow
2367| [436] Microsoft IIS Unicode Remote Command Execution
2368| [425] Microsoft IIS WebDAV SEARCH Method Arbitrary Directory Forced Listing
2369| [391] Microsoft IIS IDA/IDQ Document Root Path Disclosure
2370| [390] Microsoft IIS Translate f: Request ASP Source Disclosure
2371| [308] Microsoft IIS Malformed File Extension URL DoS
2372| [285] Microsoft IIS repost.asp File Upload
2373| [284] Microsoft IIS IISADMPWD Virtual Directory Information Enumeration
2374| [283] Microsoft IIS /iissamples Multiple Sample Scripts Installed
2375| [277] Microsoft IIS / PWS %2e Request ASP Source Disclosure
2376| [276] Microsoft IIS ASP::$DATA Stream Request ASP Source Disclosure
2377| [275] Microsoft IIS newdsn.exe Remote Arbitrary File Creation
2378| [274] Microsoft IIS ctss.idc ODBC Sample Arbitrary Command Execution
2379| [273] Microsoft IIS Upgrade ism.dll Local Privilege Escalation
2380| [272] Microsoft IIS MDAC RDS Arbitrary Remote Command Execution
2381| [271] Microsoft IIS WebHits null.htw .asp Source Disclosure
2382| [98] Microsoft IIS perl.exe HTTP Path Disclosure
2383| [97] Microsoft IIS ISM.DLL HTR Request Overflow
2384| [96] Microsoft IIS idq.dll Traversal Arbitrary File Access
2385| [7] Microsoft IIS / Site Server showcode.asp source Parameter Traversal Arbitrary File Access
2386| [4] Microsoft IIS ExAir advsearch.asp Direct Request Remote DoS
2387| [3] Microsoft IIS ExAir query.asp Direct Request Remote DoS
2388| [2] Microsoft IIS ExAir search.asp Direct Request DoS
2389|_
2390Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2391Device type: general purpose
2392Running (JUST GUESSING): Microsoft Windows 2012 (89%)
2393OS CPE: cpe:/o:microsoft:windows_server_2012
2394Aggressive OS guesses: Microsoft Windows Server 2012 (89%), Microsoft Windows Server 2012 or Windows Server 2012 R2 (89%), Microsoft Windows Server 2012 R2 (89%)
2395No exact OS matches for host (test conditions non-ideal).
2396Uptime guess: 49.569 days (since Sat Oct 12 07:11:32 2019)
2397Network Distance: 12 hops
2398TCP Sequence Prediction: Difficulty=263 (Good luck!)
2399IP ID Sequence Generation: Randomized
2400Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
2401
2402TRACEROUTE (using port 80/tcp)
2403HOP RTT ADDRESS
24041 487.01 ms 10.252.204.1
24052 487.05 ms 213.184.122.97
24063 487.05 ms bzq-82-80-246-9.cablep.bezeqint.net (82.80.246.9)
24074 487.12 ms bzq-219-189-185.dsl.bezeqint.net (62.219.189.185)
24085 487.09 ms bzq-179-124-34.cust.bezeqint.net (212.179.124.34)
24096 487.12 ms bzq-179-124-153.cust.bezeqint.net (212.179.124.153)
24107 487.15 ms ae8.cr1-fra2.ip4.gtt.net (46.33.89.237)
24118 487.18 ms xe-0-1-0.ar2-lon1.ip4.gtt.net (89.149.187.22)
24129 487.22 ms integrated-telecom-gw.ip4.gtt.net (46.33.91.218)
241310 ...
241411 669.55 ms 212.26.63.252
241512 669.41 ms 212.138.117.71
2416
2417NSE: Script Post-scanning.
2418Initiating NSE at 19:50
2419Completed NSE at 19:50, 0.00s elapsed
2420Initiating NSE at 19:50
2421Completed NSE at 19:50, 0.00s elapsed
2422#######################################################################################################################################
2423https://212.138.117.71 [200 OK] ASP_NET[4.0.30319][MVC5.2], Cookies[__RequestVerificationToken], Country[SAUDI ARABIA][SA], Email[help@gip.gov.sa,info@gip.gov.sa], HTML5, HTTPServer[Microsoft-IIS/8.5], HttpOnly[__RequestVerificationToken], IP[212.138.117.71], Microsoft-IIS[8.5], Script, Title[رئاسة الاستخبارات العامة], UncommonHeaders[x-aspnetmvc-version], X-Frame-Options[DENY], X-Powered-By[ASP.NET], X-UA-Compatible[IE=edge]
2424#######################################################################################################################################
2425URLCrazy Domain Report
2426Domain : www.gip.gov.sa
2427Keyboard : qwerty
2428At : 2019-11-30 21:53:08 -0500
2429
2430# Please wait. 113 hostnames to process
2431
2432Typo Type Typo DNS-A CC-A DNS-MX Extn
2433------------------------------------------------------------------------------------------------------------------------------------
2434Character Omission ww.gip.gov.sa ? gov.sa
2435Character Omission www.gi.gov.sa 62.149.97.46 SA,SAUDI ARABIA mail1.gi.gov.sa gov.sa
2436Character Omission www.gp.gov.sa ? gov.sa
2437Character Omission www.ip.gov.sa ? gov.sa
2438Character Omission wwwgip.gov.sa ? gov.sa
2439Character Repeat www.ggip.gov.sa ? gov.sa
2440Character Repeat www.giip.gov.sa ? gov.sa
2441Character Repeat www.gipp.gov.sa ? gov.sa
2442Character Repeat wwww.gip.gov.sa ? gov.sa
2443Character Swap ww.wgip.gov.sa ? gov.sa
2444Character Swap www.gip.gov.as ? as
2445Character Swap www.gpi.gov.sa ? gov.sa
2446Character Swap www.igp.gov.sa ? gov.sa
2447Character Swap wwwg.ip.gov.sa ? gov.sa
2448Character Replacement eww.gip.gov.sa ? gov.sa
2449Character Replacement qww.gip.gov.sa ? gov.sa
2450Character Replacement wew.gip.gov.sa ? gov.sa
2451Character Replacement wqw.gip.gov.sa ? gov.sa
2452Character Replacement wwe.gip.gov.sa ? gov.sa
2453Character Replacement wwq.gip.gov.sa ? gov.sa
2454Character Replacement www.fip.gov.sa ? gov.sa
2455Character Replacement www.gio.gov.sa ? gov.sa
2456Character Replacement www.gop.gov.sa ? gov.sa
2457Character Replacement www.gup.gov.sa ? gov.sa
2458Character Replacement www.hip.gov.sa ? gov.sa
2459Double Character Replacement eew.gip.gov.sa ? gov.sa
2460Double Character Replacement qqw.gip.gov.sa ? gov.sa
2461Double Character Replacement wee.gip.gov.sa ? gov.sa
2462Double Character Replacement wqq.gip.gov.sa ? gov.sa
2463Character Insertion weww.gip.gov.sa ? gov.sa
2464Character Insertion wqww.gip.gov.sa ? gov.sa
2465Character Insertion wwew.gip.gov.sa ? gov.sa
2466Character Insertion wwqw.gip.gov.sa ? gov.sa
2467Character Insertion www.gfip.gov.sa ? gov.sa
2468Character Insertion www.ghip.gov.sa ? gov.sa
2469Character Insertion www.giop.gov.sa ? gov.sa
2470Character Insertion www.gipo.gov.sa ? gov.sa
2471Character Insertion www.giup.gov.sa ? gov.sa
2472Character Insertion wwwe.gip.gov.sa ? gov.sa
2473Character Insertion wwwq.gip.gov.sa ? gov.sa
2474Missing Dot wwwwww.gip.gov.sa ? gov.sa
2475Singular or Pluralise gip.gov.sa 212.138.117.71 SA,SAUDI ARABIA cmail2.isu.sa gov.sa
2476Singular or Pluralise gips.gov.sa ? gov.sa
2477Vowel Swap www.gap.gov.sa ? gov.sa
2478Vowel Swap www.gep.gov.sa ? gov.sa
2479Vowel Swap www.gip.gov.se ? se
2480Vowel Swap www.gip.gov.si ? si
2481Vowel Swap www.gip.gov.su ? su
2482Homophones www.gayep.gov.sa ? gov.sa
2483Homophones www.geyep.gov.sa ? gov.sa
2484Bit Flipping 7ww.gip.gov.sa ? gov.sa
2485Bit Flipping gww.gip.gov.sa ? gov.sa
2486Bit Flipping sww.gip.gov.sa ? gov.sa
2487Bit Flipping uww.gip.gov.sa ? gov.sa
2488Bit Flipping vww.gip.gov.sa ? gov.sa
2489Bit Flipping w7w.gip.gov.sa ? gov.sa
2490Bit Flipping wgw.gip.gov.sa ? gov.sa
2491Bit Flipping wsw.gip.gov.sa ? gov.sa
2492Bit Flipping wuw.gip.gov.sa ? gov.sa
2493Bit Flipping wvw.gip.gov.sa ? gov.sa
2494Bit Flipping ww7.gip.gov.sa ? gov.sa
2495Bit Flipping wwg.gip.gov.sa ? gov.sa
2496Bit Flipping wws.gip.gov.sa ? gov.sa
2497Bit Flipping wwu.gip.gov.sa ? gov.sa
2498Bit Flipping wwv.gip.gov.sa ? gov.sa
2499Bit Flipping www.cip.gov.sa ? gov.sa
2500Bit Flipping www.eip.gov.sa ? gov.sa
2501Bit Flipping www.ghp.gov.sa ? gov.sa
2502Bit Flipping www.gi0.gov.sa ? gov.sa
2503Bit Flipping www.gip.gov.ca ? ca
2504Bit Flipping www.gip.gov.qa ? qa
2505Bit Flipping www.gip.gov.sc ? sc
2506Bit Flipping www.giq.gov.sa ? gov.sa
2507Bit Flipping www.gir.gov.sa ? gov.sa
2508Bit Flipping www.git.gov.sa ? gov.sa
2509Bit Flipping www.gix.gov.sa ? gov.sa
2510Bit Flipping www.gkp.gov.sa ? gov.sa
2511Bit Flipping www.gmp.gov.sa ? gov.sa
2512Bit Flipping www.gyp.gov.sa ? gov.sa
2513Bit Flipping www.oip.gov.sa ? gov.sa
2514Bit Flipping www.wip.gov.sa ? gov.sa
2515Bit Flipping wwwngip.gov.sa ? gov.sa
2516Homoglyphs vvvvvv.gip.gov.sa ? gov.sa
2517Homoglyphs vvvvw.gip.gov.sa ? gov.sa
2518Homoglyphs vvwvv.gip.gov.sa ? gov.sa
2519Homoglyphs vvww.gip.gov.sa ? gov.sa
2520Homoglyphs wvvvv.gip.gov.sa ? gov.sa
2521Homoglyphs wvvw.gip.gov.sa ? gov.sa
2522Homoglyphs wwvv.gip.gov.sa ? gov.sa
2523Homoglyphs www.glp.gov.sa ? gov.sa
2524Wrong TLD gip.ca ? ca
2525Wrong TLD gip.ch 91.195.240.126 ES,SPAIN localhost ch
2526Wrong TLD gip.com 81.169.204.159 DE,GERMANY mailgw.gip.com com
2527Wrong TLD gip.de 217.160.0.66 ١, mx01.kundenserver.de de
2528Wrong TLD gip.edu ? edu
2529Wrong TLD gip.es 91.195.240.126 DE,GERMANY localhost es
2530Wrong TLD gip.fr 151.80.196.65 DE,GERMANY gip-fr.mail.protection.outlook.com fr
2531Wrong TLD gip.it 146.185.189.57 RU,RUSSIAN FEDERATION it
2532Wrong TLD gip.jp 180.131.140.7 JP,JAPAN gip05.gipservice.net jp
2533Wrong TLD gip.net ? mx3.equant.net net
2534Wrong TLD gip.nl 185.53.179.7 mail.h-email.net nl
2535Wrong TLD gip.no 94.237.45.49 FI,FINLAND mx.domeneshop.no no
2536Wrong TLD gip.org 75.126.102.233 US,UNITED STATES org
2537Wrong TLD gip.ru 92.53.96.108 RU,RUSSIAN FEDERATION emx.mail.ru ru
2538Wrong TLD gip.se ? mail.gip.se se
2539Wrong TLD gip.us 35.186.238.101 US,UNITED STATES us
2540Wrong SLD gip.com.sa ? com.sa
2541Wrong SLD gip.edu.sa 95.216.115.83 UA,UKRAINE mx3.zoho.com edu.sa
2542Wrong SLD gip.med.sa ? med.sa
2543Wrong SLD gip.net.sa ? net.sa
2544Wrong SLD gip.org.sa ? org.sa
2545Wrong SLD gip.pub.sa ? pub.sa
2546Wrong SLD gip.sch.sa ? sch.sa
2547#######################################################################################################################################
2548[*] Processing domain www.gip.gov.sa
2549[*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
2550[+] Getting nameservers
2551[-] Getting nameservers failed
2552[-] Zone transfer failed
2553
2554[*] Scanning www.gip.gov.sa for A records
2555212.138.117.71 - www.gip.gov.sa
2556#######################################################################################################################################
2557Privileges have been dropped to "nobody:nogroup" for security reasons.
2558
2559Processed queries: 0
2560Received packets: 0
2561Progress: 0.00% (00 h 00 min 00 sec / 00 h 00 min 00 sec)
2562Current incoming rate: 0 pps, average: 0 pps
2563Current success rate: 0 pps, average: 0 pps
2564Finished total: 0, success: 0 (0.00%)
2565Mismatched domains: 0 (0.00%), IDs: 0 (0.00%)
2566Failures: 0: 0.00%, 1: 0.00%, 2: 0.00%, 3: 0.00%, 4: 0.00%, 5: 0.00%, 6: 0.00%, 7: 0.00%, 8: 0.00%, 9: 0.00%, 10: 0.00%, 11: 0.00%, 12: 0.00%, 13: 0.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2567Response: | Success: | Total:
2568OK: | 0 ( 0.00%) | 0 ( 0.00%)
2569NXDOMAIN: | 0 ( 0.00%) | 0 ( 0.00%)
2570SERVFAIL: | 0 ( 0.00%) | 0 ( 0.00%)
2571REFUSED: | 0 ( 0.00%) | 0 ( 0.00%)
2572FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2573
2574
2575
2576Processed queries: 1919
2577Received packets: 1800
2578Progress: 100.00% (00 h 00 min 01 sec / 00 h 00 min 01 sec)
2579Current incoming rate: 1799 pps, average: 1799 pps
2580Current success rate: 1010 pps, average: 1010 pps
2581Finished total: 1011, success: 1011 (100.00%)
2582Mismatched domains: 117 (6.57%), IDs: 0 (0.00%)
2583Failures: 0: 26.21%, 1: 120.28%, 2: 36.20%, 3: 6.33%, 4: 0.69%, 5: 0.10%, 6: 0.00%, 7: 0.00%, 8: 0.00%, 9: 0.00%, 10: 0.00%, 11: 0.00%, 12: 0.00%, 13: 0.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2584Response: | Success: | Total:
2585OK: | 138 ( 13.65%) | 146 ( 8.19%)
2586NXDOMAIN: | 829 ( 82.00%) | 905 ( 50.79%)
2587SERVFAIL: | 44 ( 4.35%) | 45 ( 2.53%)
2588REFUSED: | 0 ( 0.00%) | 686 ( 38.50%)
2589FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2590
2591
2592
2593Processed queries: 1919
2594Received packets: 3132
2595Progress: 100.00% (00 h 00 min 02 sec / 00 h 00 min 02 sec)
2596Current incoming rate: 1329 pps, average: 1564 pps
2597Current success rate: 742 pps, average: 876 pps
2598Finished total: 1755, success: 1755 (100.00%)
2599Mismatched domains: 488 (15.72%), IDs: 0 (0.00%)
2600Failures: 0: 15.10%, 1: 37.21%, 2: 25.81%, 3: 18.69%, 4: 8.95%, 5: 3.02%, 6: 0.46%, 7: 0.11%, 8: 0.00%, 9: 0.00%, 10: 0.00%, 11: 0.00%, 12: 0.00%, 13: 0.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2601Response: | Success: | Total:
2602OK: | 185 ( 10.54%) | 201 ( 6.48%)
2603NXDOMAIN: | 1512 ( 86.15%) | 1908 ( 61.47%)
2604SERVFAIL: | 58 ( 3.30%) | 62 ( 2.00%)
2605REFUSED: | 0 ( 0.00%) | 933 ( 30.06%)
2606FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2607
2608
2609
2610Processed queries: 1919
2611Received packets: 3422
2612Progress: 100.00% (00 h 00 min 03 sec / 00 h 00 min 03 sec)
2613Current incoming rate: 289 pps, average: 1139 pps
2614Current success rate: 124 pps, average: 625 pps
2615Finished total: 1880, success: 1880 (100.00%)
2616Mismatched domains: 622 (18.33%), IDs: 0 (0.00%)
2617Failures: 0: 14.10%, 1: 34.73%, 2: 24.10%, 3: 13.72%, 4: 8.30%, 5: 4.04%, 6: 2.07%, 7: 0.80%, 8: 0.16%, 9: 0.00%, 10: 0.05%, 11: 0.00%, 12: 0.00%, 13: 0.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2618Response: | Success: | Total:
2619OK: | 193 ( 10.27%) | 210 ( 6.19%)
2620NXDOMAIN: | 1626 ( 86.49%) | 2146 ( 63.25%)
2621SERVFAIL: | 61 ( 3.24%) | 67 ( 1.97%)
2622REFUSED: | 0 ( 0.00%) | 970 ( 28.59%)
2623FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2624
2625
2626
2627Processed queries: 1919
2628Received packets: 3498
2629Progress: 100.00% (00 h 00 min 04 sec / 00 h 00 min 04 sec)
2630Current incoming rate: 75 pps, average: 873 pps
2631Current success rate: 27 pps, average: 476 pps
2632Finished total: 1908, success: 1908 (100.00%)
2633Mismatched domains: 658 (18.98%), IDs: 0 (0.00%)
2634Failures: 0: 13.89%, 1: 34.22%, 2: 23.74%, 3: 13.52%, 4: 8.18%, 5: 3.41%, 6: 1.57%, 7: 1.00%, 8: 0.58%, 9: 0.26%, 10: 0.16%, 11: 0.05%, 12: 0.00%, 13: 0.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2635Response: | Success: | Total:
2636OK: | 197 ( 10.32%) | 214 ( 6.17%)
2637NXDOMAIN: | 1650 ( 86.48%) | 2200 ( 63.46%)
2638SERVFAIL: | 61 ( 3.20%) | 68 ( 1.96%)
2639REFUSED: | 0 ( 0.00%) | 985 ( 28.41%)
2640FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2641
2642
2643
2644Processed queries: 1919
2645Received packets: 3541
2646Progress: 100.00% (00 h 00 min 05 sec / 00 h 00 min 05 sec)
2647Current incoming rate: 42 pps, average: 707 pps
2648Current success rate: 6 pps, average: 382 pps
2649Finished total: 1915, success: 1915 (100.00%)
2650Mismatched domains: 691 (19.69%), IDs: 0 (0.00%)
2651Failures: 0: 13.84%, 1: 34.10%, 2: 23.66%, 3: 13.47%, 4: 8.15%, 5: 3.39%, 6: 1.57%, 7: 0.94%, 8: 0.42%, 9: 0.31%, 10: 0.16%, 11: 0.10%, 12: 0.10%, 13: 0.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2652Response: | Success: | Total:
2653OK: | 197 ( 10.29%) | 214 ( 6.10%)
2654NXDOMAIN: | 1657 ( 86.53%) | 2239 ( 63.79%)
2655SERVFAIL: | 61 ( 3.19%) | 69 ( 1.97%)
2656REFUSED: | 0 ( 0.00%) | 988 ( 28.15%)
2657FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2658
2659
2660
2661Processed queries: 1919
2662Received packets: 3564
2663Progress: 100.00% (00 h 00 min 06 sec / 00 h 00 min 06 sec)
2664Current incoming rate: 22 pps, average: 592 pps
2665Current success rate: 2 pps, average: 319 pps
2666Finished total: 1918, success: 1918 (100.00%)
2667Mismatched domains: 710 (20.10%), IDs: 0 (0.00%)
2668Failures: 0: 13.82%, 1: 34.05%, 2: 23.62%, 3: 13.45%, 4: 8.13%, 5: 3.39%, 6: 1.56%, 7: 0.94%, 8: 0.42%, 9: 0.26%, 10: 0.10%, 11: 0.16%, 12: 0.10%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2669Response: | Success: | Total:
2670OK: | 197 ( 10.27%) | 214 ( 6.06%)
2671NXDOMAIN: | 1659 ( 86.50%) | 2259 ( 63.94%)
2672SERVFAIL: | 62 ( 3.23%) | 70 ( 1.98%)
2673REFUSED: | 0 ( 0.00%) | 990 ( 28.02%)
2674FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2675
2676
2677
2678Processed queries: 1919
2679Received packets: 3591
2680Progress: 100.00% (00 h 00 min 07 sec / 00 h 00 min 07 sec)
2681Current incoming rate: 26 pps, average: 512 pps
2682Current success rate: 0 pps, average: 273 pps
2683Finished total: 1918, success: 1918 (100.00%)
2684Mismatched domains: 737 (20.70%), IDs: 0 (0.00%)
2685Failures: 0: 13.82%, 1: 34.05%, 2: 23.62%, 3: 13.45%, 4: 8.13%, 5: 3.39%, 6: 1.56%, 7: 0.94%, 8: 0.42%, 9: 0.26%, 10: 0.10%, 11: 0.10%, 12: 0.10%, 13: 0.10%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2686Response: | Success: | Total:
2687OK: | 197 ( 10.27%) | 214 ( 6.01%)
2688NXDOMAIN: | 1659 ( 86.50%) | 2284 ( 64.16%)
2689SERVFAIL: | 62 ( 3.23%) | 70 ( 1.97%)
2690REFUSED: | 0 ( 0.00%) | 992 ( 27.87%)
2691FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2692
2693
2694
2695Processed queries: 1919
2696Received packets: 3593
2697Progress: 100.00% (00 h 00 min 08 sec / 00 h 00 min 08 sec)
2698Current incoming rate: 1 pps, average: 448 pps
2699Current success rate: 0 pps, average: 239 pps
2700Finished total: 1918, success: 1918 (100.00%)
2701Mismatched domains: 739 (20.75%), IDs: 0 (0.00%)
2702Failures: 0: 13.82%, 1: 34.05%, 2: 23.62%, 3: 13.45%, 4: 8.13%, 5: 3.39%, 6: 1.56%, 7: 0.94%, 8: 0.42%, 9: 0.26%, 10: 0.10%, 11: 0.10%, 12: 0.10%, 13: 0.05%, 14: 0.00%, 15: 0.05%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2703Response: | Success: | Total:
2704OK: | 197 ( 10.27%) | 214 ( 6.01%)
2705NXDOMAIN: | 1659 ( 86.50%) | 2285 ( 64.15%)
2706SERVFAIL: | 62 ( 3.23%) | 70 ( 1.97%)
2707REFUSED: | 0 ( 0.00%) | 992 ( 27.85%)
2708FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2709
2710
2711
2712Processed queries: 1919
2713Received packets: 3599
2714Progress: 100.00% (00 h 00 min 09 sec / 00 h 00 min 09 sec)
2715Current incoming rate: 5 pps, average: 399 pps
2716Current success rate: 0 pps, average: 212 pps
2717Finished total: 1918, success: 1918 (100.00%)
2718Mismatched domains: 745 (20.88%), IDs: 0 (0.00%)
2719Failures: 0: 13.82%, 1: 34.05%, 2: 23.62%, 3: 13.45%, 4: 8.13%, 5: 3.39%, 6: 1.56%, 7: 0.94%, 8: 0.42%, 9: 0.26%, 10: 0.10%, 11: 0.10%, 12: 0.10%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.05%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2720Response: | Success: | Total:
2721OK: | 197 ( 10.27%) | 214 ( 6.00%)
2722NXDOMAIN: | 1659 ( 86.50%) | 2289 ( 64.15%)
2723SERVFAIL: | 62 ( 3.23%) | 70 ( 1.96%)
2724REFUSED: | 0 ( 0.00%) | 994 ( 27.86%)
2725FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2726
2727
2728
2729Processed queries: 1919
2730Received packets: 3601
2731Progress: 100.00% (00 h 00 min 10 sec / 00 h 00 min 10 sec)
2732Current incoming rate: 1 pps, average: 359 pps
2733Current success rate: 0 pps, average: 191 pps
2734Finished total: 1918, success: 1918 (100.00%)
2735Mismatched domains: 747 (20.92%), IDs: 0 (0.00%)
2736Failures: 0: 13.82%, 1: 34.05%, 2: 23.62%, 3: 13.45%, 4: 8.13%, 5: 3.39%, 6: 1.56%, 7: 0.94%, 8: 0.42%, 9: 0.26%, 10: 0.10%, 11: 0.10%, 12: 0.10%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.05%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2737Response: | Success: | Total:
2738OK: | 197 ( 10.27%) | 214 ( 5.99%)
2739NXDOMAIN: | 1659 ( 86.50%) | 2290 ( 64.15%)
2740SERVFAIL: | 62 ( 3.23%) | 70 ( 1.96%)
2741REFUSED: | 0 ( 0.00%) | 995 ( 27.87%)
2742FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2743
2744
2745
2746Processed queries: 1919
2747Received packets: 3613
2748Progress: 100.00% (00 h 00 min 11 sec / 00 h 00 min 11 sec)
2749Current incoming rate: 11 pps, average: 327 pps
2750Current success rate: 0 pps, average: 174 pps
2751Finished total: 1918, success: 1918 (100.00%)
2752Mismatched domains: 759 (21.19%), IDs: 0 (0.00%)
2753Failures: 0: 13.82%, 1: 34.05%, 2: 23.62%, 3: 13.45%, 4: 8.13%, 5: 3.39%, 6: 1.56%, 7: 0.94%, 8: 0.42%, 9: 0.26%, 10: 0.10%, 11: 0.10%, 12: 0.10%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.05%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2754Response: | Success: | Total:
2755OK: | 197 ( 10.27%) | 214 ( 5.97%)
2756NXDOMAIN: | 1659 ( 86.50%) | 2292 ( 63.99%)
2757SERVFAIL: | 62 ( 3.23%) | 78 ( 2.18%)
2758REFUSED: | 0 ( 0.00%) | 996 ( 27.81%)
2759FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2760
2761
2762
2763Processed queries: 1919
2764Received packets: 3620
2765Progress: 100.00% (00 h 00 min 12 sec / 00 h 00 min 12 sec)
2766Current incoming rate: 6 pps, average: 301 pps
2767Current success rate: 0 pps, average: 159 pps
2768Finished total: 1918, success: 1918 (100.00%)
2769Mismatched domains: 766 (21.34%), IDs: 0 (0.00%)
2770Failures: 0: 13.82%, 1: 34.05%, 2: 23.62%, 3: 13.45%, 4: 8.13%, 5: 3.39%, 6: 1.56%, 7: 0.94%, 8: 0.42%, 9: 0.26%, 10: 0.10%, 11: 0.10%, 12: 0.10%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.05%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2771Response: | Success: | Total:
2772OK: | 197 ( 10.27%) | 214 ( 5.96%)
2773NXDOMAIN: | 1659 ( 86.50%) | 2293 ( 63.89%)
2774SERVFAIL: | 62 ( 3.23%) | 84 ( 2.34%)
2775REFUSED: | 0 ( 0.00%) | 996 ( 27.75%)
2776FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2777
2778
2779
2780Processed queries: 1919
2781Received packets: 3623
2782Progress: 100.00% (00 h 00 min 13 sec / 00 h 00 min 13 sec)
2783Current incoming rate: 2 pps, average: 278 pps
2784Current success rate: 0 pps, average: 147 pps
2785Finished total: 1918, success: 1918 (100.00%)
2786Mismatched domains: 769 (21.41%), IDs: 0 (0.00%)
2787Failures: 0: 13.82%, 1: 34.05%, 2: 23.62%, 3: 13.45%, 4: 8.13%, 5: 3.39%, 6: 1.56%, 7: 0.94%, 8: 0.42%, 9: 0.26%, 10: 0.10%, 11: 0.10%, 12: 0.10%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.05%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2788Response: | Success: | Total:
2789OK: | 197 ( 10.27%) | 214 ( 5.96%)
2790NXDOMAIN: | 1659 ( 86.50%) | 2293 ( 63.84%)
2791SERVFAIL: | 62 ( 3.23%) | 86 ( 2.39%)
2792REFUSED: | 0 ( 0.00%) | 997 ( 27.76%)
2793FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2794
2795
2796
2797Processed queries: 1919
2798Received packets: 3625
2799Progress: 100.00% (00 h 00 min 14 sec / 00 h 00 min 14 sec)
2800Current incoming rate: 1 pps, average: 258 pps
2801Current success rate: 0 pps, average: 136 pps
2802Finished total: 1918, success: 1918 (100.00%)
2803Mismatched domains: 771 (21.45%), IDs: 0 (0.00%)
2804Failures: 0: 13.82%, 1: 34.05%, 2: 23.62%, 3: 13.45%, 4: 8.13%, 5: 3.39%, 6: 1.56%, 7: 0.94%, 8: 0.42%, 9: 0.26%, 10: 0.10%, 11: 0.10%, 12: 0.10%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.05%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2805Response: | Success: | Total:
2806OK: | 197 ( 10.27%) | 214 ( 5.95%)
2807NXDOMAIN: | 1659 ( 86.50%) | 2294 ( 63.83%)
2808SERVFAIL: | 62 ( 3.23%) | 86 ( 2.39%)
2809REFUSED: | 0 ( 0.00%) | 998 ( 27.77%)
2810FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2811
2812
2813
2814Processed queries: 1919
2815Received packets: 3627
2816Progress: 100.00% (00 h 00 min 15 sec / 00 h 00 min 15 sec)
2817Current incoming rate: 1 pps, average: 241 pps
2818Current success rate: 0 pps, average: 127 pps
2819Finished total: 1918, success: 1918 (100.00%)
2820Mismatched domains: 773 (21.50%), IDs: 0 (0.00%)
2821Failures: 0: 13.82%, 1: 34.05%, 2: 23.62%, 3: 13.45%, 4: 8.13%, 5: 3.39%, 6: 1.56%, 7: 0.94%, 8: 0.42%, 9: 0.26%, 10: 0.10%, 11: 0.10%, 12: 0.10%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.05%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2822Response: | Success: | Total:
2823OK: | 197 ( 10.27%) | 214 ( 5.95%)
2824NXDOMAIN: | 1659 ( 86.50%) | 2294 ( 63.79%)
2825SERVFAIL: | 62 ( 3.23%) | 87 ( 2.42%)
2826REFUSED: | 0 ( 0.00%) | 999 ( 27.78%)
2827FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2828
2829
2830
2831Processed queries: 1919
2832Received packets: 3629
2833Progress: 100.00% (00 h 00 min 16 sec / 00 h 00 min 16 sec)
2834Current incoming rate: 1 pps, average: 226 pps
2835Current success rate: 0 pps, average: 119 pps
2836Finished total: 1918, success: 1918 (100.00%)
2837Mismatched domains: 775 (21.54%), IDs: 0 (0.00%)
2838Failures: 0: 13.82%, 1: 34.05%, 2: 23.62%, 3: 13.45%, 4: 8.13%, 5: 3.39%, 6: 1.56%, 7: 0.94%, 8: 0.42%, 9: 0.26%, 10: 0.10%, 11: 0.10%, 12: 0.10%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.05%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2839Response: | Success: | Total:
2840OK: | 197 ( 10.27%) | 214 ( 5.95%)
2841NXDOMAIN: | 1659 ( 86.50%) | 2294 ( 63.76%)
2842SERVFAIL: | 62 ( 3.23%) | 87 ( 2.42%)
2843REFUSED: | 0 ( 0.00%) | 1001 ( 27.82%)
2844FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2845
2846
2847
2848Processed queries: 1919
2849Received packets: 3630
2850Progress: 100.00% (00 h 00 min 17 sec / 00 h 00 min 17 sec)
2851Current incoming rate: 0 pps, average: 213 pps
2852Current success rate: 0 pps, average: 112 pps
2853Finished total: 1918, success: 1918 (100.00%)
2854Mismatched domains: 776 (21.56%), IDs: 0 (0.00%)
2855Failures: 0: 13.82%, 1: 34.05%, 2: 23.62%, 3: 13.45%, 4: 8.13%, 5: 3.39%, 6: 1.56%, 7: 0.94%, 8: 0.42%, 9: 0.26%, 10: 0.10%, 11: 0.10%, 12: 0.10%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.05%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2856Response: | Success: | Total:
2857OK: | 197 ( 10.27%) | 214 ( 5.95%)
2858NXDOMAIN: | 1659 ( 86.50%) | 2295 ( 63.77%)
2859SERVFAIL: | 62 ( 3.23%) | 87 ( 2.42%)
2860REFUSED: | 0 ( 0.00%) | 1001 ( 27.81%)
2861FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2862
2863
2864
2865Processed queries: 1919
2866Received packets: 3630
2867Progress: 100.00% (00 h 00 min 18 sec / 00 h 00 min 18 sec)
2868Current incoming rate: 0 pps, average: 201 pps
2869Current success rate: 0 pps, average: 106 pps
2870Finished total: 1918, success: 1918 (100.00%)
2871Mismatched domains: 776 (21.56%), IDs: 0 (0.00%)
2872Failures: 0: 13.82%, 1: 34.05%, 2: 23.62%, 3: 13.45%, 4: 8.13%, 5: 3.39%, 6: 1.56%, 7: 0.94%, 8: 0.42%, 9: 0.26%, 10: 0.10%, 11: 0.10%, 12: 0.10%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.05%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2873Response: | Success: | Total:
2874OK: | 197 ( 10.27%) | 214 ( 5.95%)
2875NXDOMAIN: | 1659 ( 86.50%) | 2295 ( 63.77%)
2876SERVFAIL: | 62 ( 3.23%) | 87 ( 2.42%)
2877REFUSED: | 0 ( 0.00%) | 1001 ( 27.81%)
2878FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2879
2880
2881
2882Processed queries: 1919
2883Received packets: 3633
2884Progress: 100.00% (00 h 00 min 19 sec / 00 h 00 min 19 sec)
2885Current incoming rate: 2 pps, average: 190 pps
2886Current success rate: 0 pps, average: 100 pps
2887Finished total: 1918, success: 1918 (100.00%)
2888Mismatched domains: 779 (21.63%), IDs: 0 (0.00%)
2889Failures: 0: 13.82%, 1: 34.05%, 2: 23.62%, 3: 13.45%, 4: 8.13%, 5: 3.39%, 6: 1.56%, 7: 0.94%, 8: 0.42%, 9: 0.26%, 10: 0.10%, 11: 0.10%, 12: 0.10%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.05%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2890Response: | Success: | Total:
2891OK: | 197 ( 10.27%) | 214 ( 5.94%)
2892NXDOMAIN: | 1659 ( 86.50%) | 2295 ( 63.71%)
2893SERVFAIL: | 62 ( 3.23%) | 88 ( 2.44%)
2894REFUSED: | 0 ( 0.00%) | 1003 ( 27.85%)
2895FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2896
2897
2898
2899Processed queries: 1919
2900Received packets: 3636
2901Progress: 100.00% (00 h 00 min 20 sec / 00 h 00 min 20 sec)
2902Current incoming rate: 2 pps, average: 181 pps
2903Current success rate: 0 pps, average: 95 pps
2904Finished total: 1918, success: 1918 (100.00%)
2905Mismatched domains: 782 (21.69%), IDs: 0 (0.00%)
2906Failures: 0: 13.82%, 1: 34.05%, 2: 23.62%, 3: 13.45%, 4: 8.13%, 5: 3.39%, 6: 1.56%, 7: 0.94%, 8: 0.42%, 9: 0.26%, 10: 0.10%, 11: 0.10%, 12: 0.10%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.05%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2907Response: | Success: | Total:
2908OK: | 197 ( 10.27%) | 214 ( 5.94%)
2909NXDOMAIN: | 1659 ( 86.50%) | 2295 ( 63.66%)
2910SERVFAIL: | 62 ( 3.23%) | 90 ( 2.50%)
2911REFUSED: | 0 ( 0.00%) | 1004 ( 27.85%)
2912FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2913
2914
2915
2916Processed queries: 1919
2917Received packets: 3640
2918Progress: 100.00% (00 h 00 min 21 sec / 00 h 00 min 21 sec)
2919Current incoming rate: 3 pps, average: 173 pps
2920Current success rate: 0 pps, average: 91 pps
2921Finished total: 1918, success: 1918 (100.00%)
2922Mismatched domains: 786 (21.78%), IDs: 0 (0.00%)
2923Failures: 0: 13.82%, 1: 34.05%, 2: 23.62%, 3: 13.45%, 4: 8.13%, 5: 3.39%, 6: 1.56%, 7: 0.94%, 8: 0.42%, 9: 0.26%, 10: 0.10%, 11: 0.10%, 12: 0.10%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.05%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2924Response: | Success: | Total:
2925OK: | 197 ( 10.27%) | 214 ( 5.93%)
2926NXDOMAIN: | 1659 ( 86.50%) | 2295 ( 63.59%)
2927SERVFAIL: | 62 ( 3.23%) | 93 ( 2.58%)
2928REFUSED: | 0 ( 0.00%) | 1005 ( 27.85%)
2929FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2930
2931
2932
2933Processed queries: 1919
2934Received packets: 3642
2935Progress: 100.00% (00 h 00 min 22 sec / 00 h 00 min 22 sec)
2936Current incoming rate: 1 pps, average: 165 pps
2937Current success rate: 0 pps, average: 87 pps
2938Finished total: 1918, success: 1918 (100.00%)
2939Mismatched domains: 788 (21.82%), IDs: 0 (0.00%)
2940Failures: 0: 13.82%, 1: 34.05%, 2: 23.62%, 3: 13.45%, 4: 8.13%, 5: 3.39%, 6: 1.56%, 7: 0.94%, 8: 0.42%, 9: 0.26%, 10: 0.10%, 11: 0.10%, 12: 0.10%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.05%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2941Response: | Success: | Total:
2942OK: | 197 ( 10.27%) | 214 ( 5.93%)
2943NXDOMAIN: | 1659 ( 86.50%) | 2295 ( 63.56%)
2944SERVFAIL: | 62 ( 3.23%) | 94 ( 2.60%)
2945REFUSED: | 0 ( 0.00%) | 1006 ( 27.86%)
2946FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2947
2948
2949
2950Processed queries: 1919
2951Received packets: 3644
2952Progress: 100.00% (00 h 00 min 23 sec / 00 h 00 min 23 sec)
2953Current incoming rate: 1 pps, average: 158 pps
2954Current success rate: 0 pps, average: 83 pps
2955Finished total: 1918, success: 1918 (100.00%)
2956Mismatched domains: 790 (21.87%), IDs: 0 (0.00%)
2957Failures: 0: 13.82%, 1: 34.05%, 2: 23.62%, 3: 13.45%, 4: 8.13%, 5: 3.39%, 6: 1.56%, 7: 0.94%, 8: 0.42%, 9: 0.26%, 10: 0.10%, 11: 0.10%, 12: 0.10%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.05%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2958Response: | Success: | Total:
2959OK: | 197 ( 10.27%) | 214 ( 5.92%)
2960NXDOMAIN: | 1659 ( 86.50%) | 2295 ( 63.52%)
2961SERVFAIL: | 62 ( 3.23%) | 94 ( 2.60%)
2962REFUSED: | 0 ( 0.00%) | 1008 ( 27.90%)
2963FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2964
2965
2966
2967Processed queries: 1919
2968Received packets: 3645
2969Progress: 100.00% (00 h 00 min 24 sec / 00 h 00 min 24 sec)
2970Current incoming rate: 0 pps, average: 151 pps
2971Current success rate: 0 pps, average: 79 pps
2972Finished total: 1918, success: 1918 (100.00%)
2973Mismatched domains: 791 (21.89%), IDs: 0 (0.00%)
2974Failures: 0: 13.82%, 1: 34.05%, 2: 23.62%, 3: 13.45%, 4: 8.13%, 5: 3.39%, 6: 1.56%, 7: 0.94%, 8: 0.42%, 9: 0.26%, 10: 0.10%, 11: 0.10%, 12: 0.10%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.05%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2975Response: | Success: | Total:
2976OK: | 197 ( 10.27%) | 214 ( 5.92%)
2977NXDOMAIN: | 1659 ( 86.50%) | 2295 ( 63.50%)
2978SERVFAIL: | 62 ( 3.23%) | 94 ( 2.60%)
2979REFUSED: | 0 ( 0.00%) | 1009 ( 27.92%)
2980FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2981
2982
2983
2984Processed queries: 1919
2985Received packets: 3649
2986Progress: 100.00% (00 h 00 min 25 sec / 00 h 00 min 25 sec)
2987Current incoming rate: 3 pps, average: 145 pps
2988Current success rate: 0 pps, average: 76 pps
2989Finished total: 1918, success: 1918 (100.00%)
2990Mismatched domains: 795 (21.97%), IDs: 0 (0.00%)
2991Failures: 0: 13.82%, 1: 34.05%, 2: 23.62%, 3: 13.45%, 4: 8.13%, 5: 3.39%, 6: 1.56%, 7: 0.94%, 8: 0.42%, 9: 0.26%, 10: 0.10%, 11: 0.10%, 12: 0.10%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.05%, 50: 0.00%,
2992Response: | Success: | Total:
2993OK: | 197 ( 10.27%) | 214 ( 5.91%)
2994NXDOMAIN: | 1659 ( 86.50%) | 2298 ( 63.52%)
2995SERVFAIL: | 62 ( 3.23%) | 94 ( 2.60%)
2996REFUSED: | 0 ( 0.00%) | 1010 ( 27.92%)
2997FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2998
2999
3000
3001Processed queries: 1919
3002Received packets: 3649
3003Progress: 100.00% (00 h 00 min 25 sec / 00 h 00 min 25 sec)
3004Current incoming rate: 0 pps, average: 145 pps
3005Current success rate: 0 pps, average: 76 pps
3006Finished total: 1919, success: 1918 (99.95%)
3007Mismatched domains: 795 (21.97%), IDs: 0 (0.00%)
3008Failures: 0: 13.81%, 1: 34.03%, 2: 23.61%, 3: 13.44%, 4: 8.13%, 5: 3.39%, 6: 1.56%, 7: 0.94%, 8: 0.42%, 9: 0.26%, 10: 0.10%, 11: 0.10%, 12: 0.10%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.05%,
3009Response: | Success: | Total:
3010OK: | 197 ( 10.27%) | 214 ( 5.91%)
3011NXDOMAIN: | 1659 ( 86.50%) | 2298 ( 63.52%)
3012SERVFAIL: | 62 ( 3.23%) | 94 ( 2.60%)
3013REFUSED: | 0 ( 0.00%) | 1010 ( 27.92%)
3014FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3015www.gip.gov.sa
3016212.138.117.71
3017#######################################################################################################################################
3018[+] www.gip.gov.sa has no SPF record!
3019[*] No DMARC record found. Looking for organizational record
3020[*] Found organizational DMARC record:
3021[*] v=DMARC1; p=reject; sp=reject; pct=100; fo=1; ri=3600; adkim=s; aspf=s; rua=mailto:dmarc@isu.net.sa; ruf=mailto:dmarc@isu.net.sa
3022[-] Organizational subdomain policy explicitly set to reject
3023[-] Spoofing not possible for www.gip.gov.sa
3024#######################################################################################################################################
3025INFO[0000] Starting to process queue....
3026INFO[0000] Starting to process permutations....
3027INFO[0000] FORBIDDEN http://gip.s3.amazonaws.com (http://gip.gov.sa)
3028INFO[0000] FORBIDDEN http://gip-s3.s3.amazonaws.com (http://gip.gov.sa)
3029INFO[0000] FORBIDDEN http://gip-corporate.s3.amazonaws.com (http://gip.gov.sa)
3030INFO[0001] FORBIDDEN http://gip-dev.s3.amazonaws.com (http://gip.gov.sa)
3031#######################################################################################################################################
3032WARNING: Duplicate port number(s) specified. Are you alert enough to be using Nmap? Have some coffee or Jolt(tm).
3033Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-30 22:01 EST
3034Nmap scan report for www.gip.gov.sa (212.138.117.71)
3035Host is up (0.16s latency).
3036Not shown: 490 filtered ports, 4 closed ports
3037Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
3038PORT STATE SERVICE
303980/tcp open http
3040443/tcp open https
3041
3042Nmap done: 1 IP address (1 host up) scanned in 9.37 seconds
3043#######################################################################################################################################
3044Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-30 22:02 EST
3045Nmap scan report for www.gip.gov.sa (212.138.117.71)
3046Host is up (0.029s latency).
3047Not shown: 2 filtered ports
3048PORT STATE SERVICE
304953/udp open|filtered domain
305067/udp open|filtered dhcps
305168/udp open|filtered dhcpc
305269/udp open|filtered tftp
305388/udp open|filtered kerberos-sec
3054123/udp open|filtered ntp
3055139/udp open|filtered netbios-ssn
3056161/udp open|filtered snmp
3057162/udp open|filtered snmptrap
3058389/udp open|filtered ldap
3059500/udp open|filtered isakmp
3060520/udp open|filtered route
30612049/udp open|filtered nfs
3062
3063Nmap done: 1 IP address (1 host up) scanned in 3.43 seconds
3064#######################################################################################################################################
3065HTTP/1.1 301 Moved Permanently
3066Content-Length: 146
3067Content-Type: text/html; charset=UTF-8
3068Location: https://www.gip.gov.sa/
3069Server: Microsoft-IIS/8.5
3070X-Powered-By: ASP.NET
3071Date: Sun, 01 Dec 2019 03:02:08 GMT
3072#######################################################################################################################################
3073/
3074/16402B4814F0
3075/237678CAD4E3
3076/3E6D27023BA4
3077/5F03E095D45F
3078/DD17A5A2FDA3
3079/Home/Index#ContactUs
3080/Home/Mail
3081/Home/Page/AboutKSA
3082/Home/Page/Careers
3083/Home/Page/Leaders
3084/Home/Page/Mission
3085/Home/Page/President
3086/Home/Page/Vision
3087/News
3088/News/Read/E9UAo25z
3089/News/Read/hwcBZlFk
3090/News/Read/qpqC2ujq
3091/News/Read/uZiDYgB6
3092/News/Read/zz5Y4YcE
3093#######################################################################################################################################
3094http://www.gip.gov.sa [301 Moved Permanently] Country[SAUDI ARABIA][SA], HTTPServer[Microsoft-IIS/8.5], IP[212.138.117.71], Microsoft-IIS[8.5], RedirectLocation[https://www.gip.gov.sa/], Title[Document Moved], X-Powered-By[ASP.NET]
3095https://www.gip.gov.sa/ [200 OK] ASP_NET[4.0.30319][MVC5.2], Cookies[__RequestVerificationToken], Country[SAUDI ARABIA][SA], Email[help@gip.gov.sa,info@gip.gov.sa], HTML5, HTTPServer[Microsoft-IIS/8.5], HttpOnly[__RequestVerificationToken], IP[212.138.117.71], Microsoft-IIS[8.5], Script, Title[رئاسة الاستخبارات العامة], UncommonHeaders[x-aspnetmvc-version], X-Frame-Options[DENY], X-Powered-By[ASP.NET], X-UA-Compatible[IE=edge]
3096#######################################################################################################################################
3097
3098wig - WebApp Information Gatherer
3099
3100
3101Scanning https://www.gip.gov.sa...
3102______________________ SITE INFO _______________________
3103IP Title
3104212.138.117.71 رئاسة الاستخبارات العامة
3105
3106_______________________ VERSION ________________________
3107Name Versions Type
3108ASP.NET 4.0.30319 Platform
3109IIS 8.5 Platform
3110Microsoft Windows Server 2012 R2 OS
3111
3112_____________________ INTERESTING ______________________
3113URL Note Type
3114/test.htm Test file Interesting
3115
3116________________________________________________________
3117Time: 74.4 sec Urls: 619 Fingerprints: 40401
3118#######################################################################################################################################
3119Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-30 22:03 EST
3120NSE: Loaded 163 scripts for scanning.
3121NSE: Script Pre-scanning.
3122Initiating NSE at 22:03
3123Completed NSE at 22:03, 0.00s elapsed
3124Initiating NSE at 22:03
3125Completed NSE at 22:03, 0.00s elapsed
3126Initiating Parallel DNS resolution of 1 host. at 22:03
3127Completed Parallel DNS resolution of 1 host. at 22:03, 0.02s elapsed
3128Initiating SYN Stealth Scan at 22:03
3129Scanning www.gip.gov.sa (212.138.117.71) [1 port]
3130Discovered open port 80/tcp on 212.138.117.71
3131Completed SYN Stealth Scan at 22:03, 0.23s elapsed (1 total ports)
3132Initiating Service scan at 22:03
3133Scanning 1 service on www.gip.gov.sa (212.138.117.71)
3134Completed Service scan at 22:03, 6.40s elapsed (1 service on 1 host)
3135Initiating OS detection (try #1) against www.gip.gov.sa (212.138.117.71)
3136Retrying OS detection (try #2) against www.gip.gov.sa (212.138.117.71)
3137Initiating Traceroute at 22:03
3138Completed Traceroute at 22:03, 3.07s elapsed
3139Initiating Parallel DNS resolution of 14 hosts. at 22:03
3140Completed Parallel DNS resolution of 14 hosts. at 22:04, 7.35s elapsed
3141NSE: Script scanning 212.138.117.71.
3142Initiating NSE at 22:04
3143NSE Timing: About 35.44% done; ETC: 22:05 (0:00:56 remaining)
3144NSE Timing: About 68.86% done; ETC: 22:06 (0:00:37 remaining)
3145NSE Timing: About 83.56% done; ETC: 22:07 (0:00:30 remaining)
3146NSE Timing: About 83.96% done; ETC: 22:07 (0:00:35 remaining)
3147NSE Timing: About 83.78% done; ETC: 22:08 (0:00:43 remaining)
3148NSE Timing: About 83.89% done; ETC: 22:09 (0:00:51 remaining)
3149NSE Timing: About 84.33% done; ETC: 22:10 (0:00:59 remaining)
3150NSE Timing: About 85.71% done; ETC: 22:11 (0:01:03 remaining)
3151NSE Timing: About 86.09% done; ETC: 22:12 (0:01:11 remaining)
3152NSE Timing: About 87.75% done; ETC: 22:13 (0:01:11 remaining)
3153NSE: [http-wordpress-enum 212.138.117.71:80] got no answers from pipelined queries
3154NSE Timing: About 89.07% done; ETC: 22:15 (0:01:12 remaining)
3155NSE Timing: About 91.72% done; ETC: 22:16 (0:00:59 remaining)
3156NSE Timing: About 93.05% done; ETC: 22:16 (0:00:54 remaining)
3157NSE Timing: About 93.71% done; ETC: 22:17 (0:00:52 remaining)
3158NSE Timing: About 95.70% done; ETC: 22:18 (0:00:37 remaining)
3159NSE Timing: About 96.36% done; ETC: 22:19 (0:00:33 remaining)
3160Completed NSE at 22:24, 1210.03s elapsed
3161Initiating NSE at 22:24
3162Completed NSE at 22:24, 8.22s elapsed
3163Nmap scan report for www.gip.gov.sa (212.138.117.71)
3164Host is up (0.21s latency).
3165
3166PORT STATE SERVICE VERSION
316780/tcp open http Microsoft IIS httpd 8.5
3168|_http-aspnet-debug: ERROR: Script execution failed (use -d to debug)
3169| http-brute:
3170|_ Path "/" does not require authentication
3171|_http-chrono: Request times for /; avg: 22503.70ms; min: 22397.68ms; max: 22749.42ms
3172|_http-csrf: Couldn't find any CSRF vulnerabilities.
3173|_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
3174|_http-dombased-xss: Couldn't find any DOM based XSS.
3175|_http-errors: ERROR: Script execution failed (use -d to debug)
3176|_http-feed: Couldn't find any feeds.
3177|_http-fetch: Please enter the complete path of the directory to save data in.
3178|_http-jsonp-detection: Couldn't find any JSONP endpoints.
3179|_http-mobileversion-checker: No mobile version detected.
3180|_http-security-headers:
3181|_http-server-header: Microsoft-IIS/8.5
3182| http-sitemap-generator:
3183| Directory structure:
3184| Longest directory structure:
3185| Depth: 0
3186| Dir: /
3187| Total files found (by extension):
3188|_
3189|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
3190|_http-traceroute: ERROR: Script execution failed (use -d to debug)
3191| http-vhosts:
3192|_127 names had status ERROR
3193|_http-vuln-cve2014-3704: ERROR: Script execution failed (use -d to debug)
3194|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
3195|_http-xssed: No previously reported XSS vuln.
3196|_https-redirect: ERROR: Script execution failed (use -d to debug)
3197| vulscan: VulDB - https://vuldb.com:
3198| [68193] Microsoft IIS 8.0/8.5 IP and Domain Restriction privilege escalation
3199| [48519] Microsoft Works 8.5/9.0 memory corruption
3200| [45763] Microsoft Windows Live Messenger up to 8.5.1 unknown vulnerability
3201| [141563] Microsoft Windows up to RT 8.1 Remote Desktop privilege escalation
3202| [141562] Microsoft Windows up to RT 8.1 Remote Desktop privilege escalation
3203| [134730] Microsoft Skype 8.35 on Android Bluetooth Listening information disclosure
3204| [129845] Microsoft Skype for Business 2015 CU 8 Request cross site scripting
3205| [126799] Microsoft Dynamics 365 8 Web Request Code Execution
3206| [126798] Microsoft Dynamics 365 8 Web Request cross site scripting
3207| [126797] Microsoft Dynamics 365 8 Web Request cross site scripting
3208| [126796] Microsoft Dynamics 365 8 Web Request cross site scripting
3209| [126795] Microsoft Dynamics 365 8 Web Request cross site scripting
3210| [123872] Microsoft Windows 8.1/10/RT 8.1/Server 2012/Server 2012 R2 SMB information disclosure
3211| [121108] Microsoft Mail Client 8.1 information disclosure
3212| [115260] EMC RSA Authentication Agent for Web up to 8.0.1 on IIS/Apache cross site scripting
3213| [115259] EMC RSA Authentication Agent for Web up to 8.0.1 on IIS/Apache Cookie Stack-based memory corruption
3214| [113264] Microsoft Windows 8.1/RT 8.1/Server 2012 R2 SMBv2/SMBv3 denial of service
3215| [100989] Microsoft Internet Explorer 8/9/10/11 memory corruption
3216| [100918] Microsoft Windows 8/8.1/10/Server 2012/Server 2016 Malware Protection Service Type Confusion privilege escalation
3217| [96521] Microsoft Windows 8.1/10/Server 2012/Server 2016 SMB Response mrxsmb20.sys denial of service
3218| [93988] Microsoft Desktop Client for Mac up to 8.0.36 privilege escalation
3219| [93755] Microsoft Internet Explorer 8 Ls\xC2\xADFind\xC2\xADSpan\xC2\xADVisual\xC2\xADBoundaries memory corruption
3220| [93535] Microsoft Internet Explorer 8/9/10/11 Regex vbscript.dll RegExpComp::PnodeParse memory corruption
3221| [93386] Microsoft Windows Vista SP2/7 SP1/8.1/RT 8.1/10 Video Control memory corruption
3222| [92587] Microsoft Windows 8.1/10/RT 8.1/Server 2012/Server 2012 R2 Transaction Manager privilege escalation
3223| [92585] Microsoft Windows Vista SP2/7 SP1/8.1/RT 8.1/10 Video Control privilege escalation
3224| [91571] Microsoft Windows 8.1/10/RT 8.1/Server 2012/Server 2012 R2 PDF Library information disclosure
3225| [91570] Microsoft Windows 8.1/10/RT 8.1/Server 2012/Server 2012 R2 PDF Library information disclosure
3226| [91559] Microsoft Windows 8.1/10/RT 8.1 NTLM SSO information disclosure
3227| [90711] Microsoft Windows 8.1/10/RT 8.1/Server 2012/Server 2012 R2 PDF privilege escalation
3228| [90710] Microsoft Windows 8.1/RT 8.1/Server 2012/Server 2012 R2 Netlogon privilege escalation
3229| [87959] Microsoft Windows 8.1/10/Server 2012/Server 2012 R2 PDF information disclosure
3230| [87958] Microsoft Windows 8.1/10/Server 2012/Server 2012 R2 PDF memory corruption
3231| [87957] Microsoft Windows 8.1/10/Server 2012/Server 2012 R2 PDF information disclosure
3232| [87156] Microsoft Windows 8.1/10/RT 8.1/Server 2012 R2 Shell memory corruption
3233| [87155] Microsoft Windows Vista SP2/7/8.1/RT 8.1/10 Journal memory corruption
3234| [82223] Microsoft Windows 8.1/10/Server 2012 R2 Hyper-V Memory information disclosure
3235| [82222] Microsoft Windows 8.1/10/Server 2012/Server 2012 R2 Memory information disclosure
3236| [82221] Microsoft Windows 8.1/10/Server 2012/Server 2012 R2 Hyper-V privilege escalation
3237| [81270] Microsoft Windows 8.1/10/RT 8.1/Server 2012/Server 2012 R2 PDF Library memory corruption
3238| [80865] Microsoft Windows 8.1/RT 8.1/Server 2012/Server 2012 R2 DLL Loader memory corruption
3239| [80860] Microsoft Windows 8.1/10/Server 2012/Server 2012 R2 Reader memory corruption
3240| [80859] Microsoft Windows 8.1/10/Server 2012/Server 2012 R2 PDF Library memory corruption
3241| [80844] Microsoft Internet Explorer 8/9/10/11 MSHTML MSHTML!Method_VARIANTBOOLp_BSTR_o0oVARIANT memory corruption
3242| [80209] Microsoft Internet Explorer 8/9/10/11 VBScript/JScript memory corruption
3243| [79462] Microsoft Internet Explorer 8/9/10/11 memory corruption
3244| [79460] Microsoft Internet Explorer 8/9 memory corruption
3245| [79458] Microsoft Internet Explorer 8/9 memory corruption
3246| [79457] Microsoft Internet Explorer 8/9 memory corruption
3247| [79455] Microsoft Internet Explorer 8/9/10/11 XSS Filter privilege escalation
3248| [79449] Microsoft Internet Explorer 8/9/10/11 XSS Filter privilege escalation
3249| [79448] Microsoft Internet Explorer 8/9/10/11 Scripting Engine memory corruption
3250| [79447] Microsoft Internet Explorer 8/9/10/11 Scripting Engine information disclosure
3251| [79445] Microsoft Internet Explorer 8/9/10/11 memory corruption
3252| [79162] Microsoft Internet Explorer 8/9/10/11 Scripting Engine memory corruption
3253| [79155] Microsoft Internet Explorer 8/9/10/11 memory corruption
3254| [79143] Microsoft Internet Explorer 8/9/10/11 memory corruption
3255| [78390] Microsoft Internet Explorer 8/9/10/11 VBScript/JScript Engine information disclosure
3256| [78386] Microsoft Internet Explorer 8/9/10/11 VBScript/JScript Engine memory corruption
3257| [78384] Microsoft Internet Explorer 8/9/10/11 VBScript/JScript Engine ASLR privilege escalation
3258| [78379] Microsoft Internet Explorer 8/9/10/11 EditWith Broker privilege escalation
3259| [78377] Microsoft Internet Explorer 8 privilege escalation
3260| [78362] Microsoft Internet Explorer 8/9/10/11 VBScript/JScript Engine RegExpBase::FBadHeader memory corruption
3261| [77605] Microsoft Internet Explorer 8 VBScript/JScript Engine memory corruption
3262| [77006] Microsoft Internet Explorer 8/9/10/11 memory corruption
3263| [77004] Microsoft Internet Explorer 8/9/10/11 memory corruption
3264| [76490] Microsoft Internet Explorer 8/9/10/11 Image Caching History information disclosure
3265| [76482] Microsoft Internet Explorer 8 memory corruption
3266| [76479] Microsoft Internet Explorer 8/9/10/11 XSS Filter cross site scripting
3267| [76474] Microsoft Internet Explorer 8/9 memory corruption
3268| [76449] Microsoft Windows 8/8.1/Server 2008/Server 2012/Server 2012 R2 Hyper-V memory corruption
3269| [76448] Microsoft Windows 8.1/Server 2012 R2 Hyper-V memory corruption
3270| [76437] Microsoft Internet Explorer 8/9 memory corruption
3271| [75780] Microsoft Internet Explorer 8 memory corruption
3272| [75707] Cisco Unified MeetingPlace for Microsoft Outlook 8.6(1.2)/ 8.6(1.9) cross site scripting
3273| [75322] Microsoft Internet Explorer 8/9 memory corruption
3274| [75319] Microsoft Internet Explorer 8/9/10/11 memory corruption
3275| [75311] Microsoft Internet Explorer 8/9 memory corruption
3276| [75308] Microsoft Internet Explorer 8/9/10/11 VBscript and JScript Engine privilege escalation
3277| [75306] Microsoft Internet Explorer 8/9/10/11 VBScript Engine privilege escalation
3278| [74856] Microsoft Internet Explorer 8/9/10/11 memory corruption
3279| [74842] Microsoft Windows 8.1/Server 2012 R2 Hyper-V denial of service
3280| [73946] Microsoft Internet Explorer 8/9/10/11 memory corruption
3281| [73943] Microsoft Internet Explorer 8 memory corruption
3282| [73939] Microsoft Internet Explorer 8/9/10/11 VBScript Engine memory corruption
3283| [69137] Microsoft Internet Explorer 8 ASLR privilege escalation
3284| [69136] Microsoft Internet Explorer 8/9 MSHTML SpanQualifier memory corruption
3285| [69135] Microsoft Internet Explorer 8/10 memory corruption
3286| [69131] Microsoft Internet Explorer 8/9 memory corruption
3287| [69130] Microsoft Internet Explorer 8/9/10/11 memory corruption
3288| [68400] Microsoft Internet Explorer 8 memory corruption
3289| [68393] Microsoft Internet Explorer 8/9/10/11 XSS Filter cross site scripting
3290| [68389] Microsoft Internet Explorer 8/9/10/11 XSS Filter cross site scripting
3291| [68181] Microsoft Internet Explorer 8/9/10/11 memory corruption
3292| [68176] Microsoft Internet Explorer 8/9/10/11 information disclosure
3293| [68174] Microsoft Internet Explorer 8/9 memory corruption
3294| [68169] Microsoft Internet Explorer 8/9 ASLR privilege escalation
3295| [68211] Microsoft Internet Explorer 8/9/10/11 denial of service
3296| [67821] Microsoft Internet Explorer 8/9/10/11 CAttrArray memory corruption
3297| [67813] Microsoft Internet Explorer 8 memory corruption
3298| [67500] Microsoft Internet Explorer 8/9/10/11 memory corruption
3299| [67494] Microsoft Internet Explorer 8/9/10/11 memory corruption
3300| [67345] Microsoft Internet Explorer 8/9/10/11 memory corruption
3301| [67340] Microsoft Internet Explorer 8 memory corruption
3302| [67337] Microsoft Internet Explorer 8/9 memory corruption
3303| [67007] Microsoft Internet Explorer 8/9/10/11 memory corruption
3304| [67006] Microsoft Internet Explorer 8/9/10 memory corruption
3305| [67002] Microsoft Internet Explorer 8/9/10/11 memory corruption
3306| [67000] Microsoft Internet Explorer 8/9/10/11 memory corruption
3307| [66995] Microsoft Internet Explorer 8/9/10/11 memory corruption
3308| [13542] Microsoft Internet Explorer 8/9/10/11 privilege escalation
3309| [13536] Microsoft Internet Explorer 8 memory corruption
3310| [13518] Microsoft Internet Explorer 8 memory corruption
3311| [13515] Microsoft Internet Explorer 8/9/10/11 memory corruption
3312| [13509] Microsoft Internet Explorer 8 memory corruption
3313| [13499] Microsoft Internet Explorer 8 memory corruption
3314| [13496] Microsoft Internet Explorer 8/9/10/11 privilege escalation
3315| [13027] Microsoft Internet Explorer 8/9 information disclosure
3316| [66605] Microsoft Internet Explorer 8/9/10/11 memory corruption
3317| [12543] Microsoft Internet Explorer 8/9/10/11 memory corruption
3318| [12541] Microsoft Internet Explorer 8/9/10 memory corruption
3319| [12540] Microsoft Internet Explorer 8/9/10/11 memory corruption
3320| [12538] Microsoft Internet Explorer 8/9 memory corruption
3321| [12531] Microsoft Internet Explorer 8/9/10/11 memory corruption
3322| [66445] Microsoft Windows 8.0/8.1 XMLDOM ActiveX Control information disclosure
3323| [12252] Microsoft Internet Explorer 8 memory corruption
3324| [12245] Microsoft Internet Explorer 8/9/10/11 memory corruption
3325| [12239] Microsoft Internet Explorer 8/9/10/11 privilege escalation
3326| [12238] Microsoft Windows 8/RT/Server 2012 IPv6 denial of service
3327| [11150] Microsoft Windows 8/Server 2012 Hyper-V Data Structure Value Crash privilege escalation
3328| [11141] Microsoft Internet Explorer 8/9/10/11 CCaret Object Use-After-Free memory corruption
3329| [11138] Microsoft Internet Explorer 8/9/10/11 CTreePos Object memory corruption
3330| [10623] Microsoft Internet Explorer 8/9 memory corruption
3331| [10215] Microsoft Internet Explorer 8/9 memory corruption
3332| [10214] Microsoft Internet Explorer 8/9/10 memory corruption
3333| [9935] Microsoft Internet Explorer 8/9 memory corruption
3334| [9934] Microsoft Internet Explorer 8/9/10 memory corruption
3335| [9933] Microsoft Internet Explorer 8/9 memory corruption
3336| [9932] Microsoft Internet Explorer 8/9 memory corruption
3337| [10246] Microsoft Internet Explorer 8 Table Tree Use-After-Free memory corruption
3338| [9419] Microsoft Internet Explorer up to 8 memory corruption
3339| [9418] Microsoft Internet Explorer 8/9/10 Use-After-Free memory corruption
3340| [9413] Microsoft Internet Explorer 8/9/10 Use-After-Free memory corruption
3341| [9406] Microsoft Internet Explorer 8/9/10 memory corruption
3342| [9099] Microsoft Internet Explorer 8/9 Use-After-Free memory corruption
3343| [9098] Microsoft Internet Explorer 8 memory corruption
3344| [9095] Microsoft Internet Explorer 8/9/10 Use-After-Free memory corruption
3345| [9084] Microsoft Internet Explorer 8/9/10 _UpdateButtonLocation memory corruption
3346| [9083] Microsoft Internet Explorer 8/9 memory corruption
3347| [8722] Microsoft Windows 8/RT/Server 2012 HTTP.sys denial of service
3348| [8718] Microsoft Internet Explorer 8 memory corruption
3349| [8714] Microsoft Internet Explorer 8/9 memory corruption
3350| [8712] Microsoft Internet Explorer 8/9 memory corruption
3351| [8601] Microsoft Internet Explorer 8 'vtable' memory corruption
3352| [8423] Microsoft Internet Explorer up to 8.00.6001.18702 CSS iexplorer.exe denial of service
3353| [7962] Microsoft Internet Explorer up to 8 CTreeNode memory corruption
3354| [7958] Microsoft Internet Explorer up to 8 Celement memory corruption
3355| [7996] Microsoft Windows 8 TrueType Font denial of service
3356| [63558] Microsoft Internet Explorer 8 Use-After-Free memory corruption
3357| [63557] Microsoft Internet Explorer 8/9 Use-After-Free memory corruption
3358| [7511] Microsoft Internet Explorer 8/9 TCP Session information disclosure
3359| [7510] Microsoft Internet Explorer 8/9 HTTP/HTTPS Request spoofing
3360| [7258] Microsoft Windows up to 8/Server 2012 SSL/TLS race condition
3361| [7199] Microsoft Internet Explorer 8/9 mshtml.dll Unclosed Tags Sequence denial of service
3362| [6513] Microsoft Internet Explorer 8/9 OnMove Engine Use-After-Free memory corruption
3363| [5937] Microsoft Internet Explorer 8/9 JavaScript Parser memory corruption
3364| [5538] Microsoft Internet Explorer 8 Same ID Property Deleted Object memory corruption
3365| [5532] Microsoft Internet Explorer 8/9 HTML Sanitization toStaticHTML String information disclosure
3366| [5530] Microsoft Internet Explorer 8/9 OnRowsInserted Elements memory corruption
3367| [5516] Microsoft Internet Explorer 8/9 memory corruption
3368| [4467] Microsoft Internet Explorer 8 cross site scripting
3369| [4454] Microsoft Internet Explorer 8/9 unknown vulnerability
3370| [59618] Microsoft Internet Explorer 8 unknown vulnerability
3371| [57681] Microsoft Internet Explorer 8/9 memory corruption
3372| [57675] Microsoft Internet Explorer 8 memory corruption
3373| [4372] Microsoft Internet Explorer 8/9 information disclosure
3374| [57130] Microsoft Internet Explorer 8 on Win7 msxml.dll unknown vulnerability
3375| [4340] Microsoft Internet Explorer up to 8 unknown vulnerability
3376| [56786] Microsoft Internet Explorer 8 on Win7 unknown vulnerability
3377| [56785] Microsoft Internet Explorer 8 on Win7 memory corruption
3378| [56412] Microsoft Internet Explorer 8 IEShims.dll unknown vulnerability
3379| [55755] Microsoft Internet Explorer 8 memory corruption
3380| [54961] Microsoft Internet Explorer 8 mshtml.dll InsertIntoTimeoutList information disclosure
3381| [4172] Microsoft Internet Explorer up to 8 CSS cross site scripting
3382| [54339] Microsoft Internet Explorer 8 Uninitialized Memory memory corruption
3383| [53805] Microsoft Internet Explorer 8 unknown vulnerability
3384| [53514] Microsoft Internet Explorer 8 Uninitialized Memory memory corruption
3385| [53513] Microsoft Internet Explorer 8 memory corruption
3386| [4137] Microsoft Internet Explorer up to 8.0 memory corruption
3387| [4121] Microsoft Internet Explorer 8 XSS Filter cross site scripting
3388| [52505] Microsoft Internet Explorer 8 mstime.dll memory corruption
3389| [52373] Microsoft Internet Explorer 8 on Win7 Use-After-Free memory corruption
3390| [52372] Microsoft Internet Explorer 8 on Win7 Heap-based memory corruption
3391| [51652] Microsoft Internet Explorer 8 Uninitialized Memory memory corruption
3392| [51651] Microsoft Internet Explorer 8 Uninitialized Memory memory corruption
3393| [50914] Microsoft Internet Explorer 8 cross site scripting
3394| [50910] Microsoft Internet Explorer 8 unknown vulnerability
3395| [4048] Microsoft Internet Explorer up to 8 CSS Declaration memory corruption
3396| [4047] Microsoft Internet Explorer up to 8 DOM Object memory corruption
3397| [4046] Microsoft Internet Explorer up to 8 HTML memory corruption
3398| [3987] Microsoft Internet Explorer up to 8 Row Reference memory corruption
3399| [3982] Microsoft Internet Explorer up to 8 DHTML Call memory corruption
3400| [47244] Microsoft Internet Explorer 8 on Win 7 memory corruption
3401| [45681] Microsoft Internet Explorer 8 Beta 2 privilege escalation
3402| [45451] Microsoft Internet Explorer 8 XSS Filter cross site scripting
3403| [45450] Microsoft Internet Explorer 8 XSS Filter Protection cross site scripting
3404| [45449] Microsoft Internet Explorer 8 Beta 2 XSS Filter cross site scripting
3405| [45448] Microsoft Internet Explorer 8 Beta 2 XSS Filter cross site scripting
3406| [45447] Microsoft Internet Explorer 8 XSS Filter cross site scripting
3407| [45446] Microsoft Internet Explorer 8 Beta 2 XSS Filter cross site scripting
3408| [39012] Microsoft Windows Live Messenger up to 8.1 doc memory corruption
3409| [34991] Microsoft Visual Studio 8.0 msvcr80.dll denial of service
3410| [33589] Microsoft Windows Live Messenger up to 8.0 denial of service
3411|
3412| MITRE CVE - https://cve.mitre.org:
3413| [CVE-2013-0941] EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, RSA PAM Agent before 7.0, and RSA Agent before 6.1.4 for Microsoft Windows use an improper encryption algorithm and a weak key for maintaining the stored data of the node secret for the SecurID Authentication API, which allows local users to obtain sensitive information via cryptographic attacks on this data.
3414| [CVE-2011-1215] Stack-based buffer overflow in mw8sr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a Microsoft Office document attachment, aka SPR PRAD8823ND.
3415| [CVE-2010-3496] McAfee VirusScan Enterprise 8.5i and 8.7i does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution.
3416| [CVE-2009-3126] Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka "GDI+ PNG Integer Overflow Vulnerability."
3417| [CVE-2009-3032] Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow.
3418| [CVE-2009-2504] Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allow remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "GDI+ .NET API Vulnerability."
3419| [CVE-2009-2503] GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 does not properly allocate an unspecified buffer, which allows remote attackers to execute arbitrary code via a crafted TIFF image file that triggers memory corruption, aka "GDI+ TIFF Memory Corruption Vulnerability."
3420| [CVE-2009-2502] Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted TIFF image file, aka "GDI+ TIFF Buffer Overflow Vulnerability."
3421| [CVE-2009-2501] Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka "GDI+ PNG Heap Overflow Vulnerability."
3422| [CVE-2009-2500] Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted WMF image file, aka "GDI+ WMF Integer Overflow Vulnerability."
3423| [CVE-2009-1533] Buffer overflow in the Works for Windows document converters in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, Office 2007 SP1, and Works 8.5 and 9 allows remote attackers to execute arbitrary code via a crafted Works .wps file that triggers memory corruption, aka "File Converter Buffer Overflow Vulnerability."
3424| [CVE-2008-5828] Microsoft Windows Live Messenger Client 8.5.1 and earlier, when MSN Protocol Version 15 (MSNP15) is used over a NAT session, allows remote attackers to discover intranet IP addresses and port numbers by reading the (1) IPv4InternalAddrsAndPorts, (2) IPv4Internal-Addrs, and (3) IPv4Internal-Port header fields.
3425| [CVE-2007-0045] Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770, and Opera 9.10.8679 on Windows allow remote attackers to inject arbitrary JavaScript and conduct other attacks via a .pdf URL with a javascript: or res: URI with (1) FDF, (2) XML, and (3) XFDF AJAX parameters, or (4) an arbitrarily named name=URI anchor identifier, aka "Universal XSS (UXSS)."
3426| [CVE-2004-1312] A bug in the HTML parser in a certain Microsoft HTML library, as used in various third party products, may allow remote attackers to cause a denial of service via certain strings, as reported in GFI MailEssentials for Exchange 9 and 10, and GFI MailSecurity for Exchange 8, which causes emails to remain in IIS or Exchange mail queues.
3427| [CVE-2002-1117] Veritas Backup Exec 8.5 and earlier requires that the "RestrictAnonymous" registry key for Microsoft Exchange 2000 must be set to 0, which enables anonymous listing of the SAM database and shares.
3428| [CVE-2001-1088] Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, with the "Automatically put people I reply to in my address book" option enabled, do not notify the user when the "Reply-To" address is different than the "From" address, which could allow an untrusted remote attacker to spoof legitimate addresses and intercept email from the client that is intended for another user.
3429| [CVE-2013-3661] The EPATHOBJ::bFlatten function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not check whether linked-list traversal is continually accessing the same list member, which allows local users to cause a denial of service (infinite traversal) via vectors that trigger a crafted PATHRECORD chain.
3430| [CVE-2013-3660] The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 does not properly initialize a pointer for the next object in a certain list, which allows local users to obtain write access to the PATHRECORD chain, and consequently gain privileges, by triggering excessive consumption of paged memory and then making many FlattenPath function calls, aka "Win32k Read AV Vulnerability."
3431| [CVE-2013-3174] DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows remote attackers to execute arbitrary code via a crafted GIF file, aka "DirectShow Arbitrary Memory Overwrite Vulnerability."
3432| [CVE-2013-3173] Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Win32k Buffer Overwrite Vulnerability."
3433| [CVE-2013-3164] Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
3434| [CVE-2013-3163] Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3144 and CVE-2013-3151.
3435| [CVE-2013-3151] Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3144 and CVE-2013-3163.
3436| [CVE-2013-3149] Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
3437| [CVE-2013-3144] Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3151 and CVE-2013-3163.
3438| [CVE-2013-3141] Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3110.
3439| [CVE-2013-3138] Integer overflow in the TCP/IP kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service (system hang) via crafted TCP packets, aka "TCP/IP Integer Overflow Vulnerability."
3440| [CVE-2013-3136] The kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly handle unspecified page-fault system calls, which allows local users to obtain sensitive information from kernel memory via a crafted application, aka "Kernel Information Disclosure Vulnerability."
3441| [CVE-2013-3123] Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3111.
3442| [CVE-2013-3111] Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3123.
3443| [CVE-2013-3110] Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3141.
3444| [CVE-2013-2558] Unspecified vulnerability in Microsoft Windows 8 allows remote attackers to cause a denial of service (reboot) or possibly have unknown other impact via a crafted TrueType Font (TTF) file, as demonstrated by the 120612-69701-01.dmp error report.
3445| [CVE-2013-2552] Unspecified vulnerability in Microsoft Internet Explorer 10 on Windows 8 allows remote attackers to bypass the sandbox protection mechanism by leveraging access to a Medium integrity process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013.
3446| [CVE-2013-1451] Microsoft Internet Explorer 8 and 9, when the Proxy Settings configuration has the same Proxy address and Port values in the HTTP and Secure rows, does not ensure that the SSL lock icon is consistent with the Address bar, which makes it easier for remote attackers to spoof web sites via a crafted HTML document that triggers many HTTPS requests to an arbitrary host, followed by an HTTPS request to a trusted host and then an HTTP request to an untrusted host, a related issue to CVE-2013-1450.
3447| [CVE-2013-1450] Microsoft Internet Explorer 8 and 9, when the Proxy Settings configuration has the same Proxy address and Port values in the HTTP and Secure rows, does not properly reuse TCP sessions to the proxy server, which allows remote attackers to obtain sensitive information intended for a specific host via a crafted HTML document that triggers many HTTPS requests and then triggers an HTTP request to that host, as demonstrated by reading a Cookie header, aka MSRC 12096gd.
3448| [CVE-2013-1347] Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly allocated or (2) is deleted, as exploited in the wild in May 2013.
3449| [CVE-2013-1345] win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Vulnerability."
3450| [CVE-2013-1340] win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Dereference Vulnerability."
3451| [CVE-2013-1339] The Print Spooler in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly manage memory during deletion of printer connections, which allows remote authenticated users to execute arbitrary code via a crafted request, aka "Print Spooler Vulnerability."
3452| [CVE-2013-1334] win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Window Handle Vulnerability."
3453| [CVE-2013-1332] dxgkrnl.sys (aka the DirectX graphics kernel subsystem) in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "DirectX Graphics Kernel Subsystem Double Fetch Vulnerability."
3454| [CVE-2013-1311] Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."
3455| [CVE-2013-1307] Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-0811.
3456| [CVE-2013-1305] HTTP.sys in Microsoft Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service (infinite loop) via a crafted HTTP header, aka "HTTP.sys Denial of Service Vulnerability."
3457| [CVE-2013-1300] win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Memory Allocation Vulnerability."
3458| [CVE-2013-1297] Microsoft Internet Explorer 6 through 8 does not properly restrict data access by VBScript, which allows remote attackers to perform cross-domain reading of JSON files via a crafted web site, aka "JSON Array Information Disclosure Vulnerability."
3459| [CVE-2013-1294] Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Kernel Race Condition Vulnerability."
3460| [CVE-2013-1292] Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Win32k Race Condition Vulnerability."
3461| [CVE-2013-1291] win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 Gold and SP1, and Windows 8 allows local users to cause a denial of service (reboot) via a crafted OpenType font, aka "OpenType Font Parsing Vulnerability" or "Win32k Font Parsing Vulnerability."
3462| [CVE-2013-1288] Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CTreeNode Use After Free Vulnerability."
3463| [CVE-2013-1287] The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability," a different vulnerability than CVE-2013-1285 and CVE-2013-1286.
3464| [CVE-2013-1286] The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability," a different vulnerability than CVE-2013-1285 and CVE-2013-1287.
3465| [CVE-2013-1285] The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability," a different vulnerability than CVE-2013-1286 and CVE-2013-1287.
3466| [CVE-2013-1284] Race condition in the kernel in Microsoft Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Kernel Race Condition Vulnerability."
3467| [CVE-2013-1283] Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Win32k Race Condition Vulnerability."
3468| [CVE-2013-1280] The kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Reference Count Vulnerability."
3469| [CVE-2013-1279] Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages incorrect handling of objects in memory, aka "Kernel Race Condition Vulnerability," a different vulnerability than CVE-2013-1278.
3470| [CVE-2013-1278] Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages incorrect handling of objects in memory, aka "Kernel Race Condition Vulnerability," a different vulnerability than CVE-2013-1279.
3471| [CVE-2013-1249] Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016.
3472| [CVE-2013-1248] Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016.
3473| [CVE-2013-0811] Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1307.
3474| [CVE-2013-0091] Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CElement Use After Free Vulnerability."
3475| [CVE-2013-0078] The Microsoft Antimalware Client in Windows Defender on Windows 8 and Windows RT uses an incorrect pathname for MsMpEng.exe, which allows local users to gain privileges via a crafted application, aka "Microsoft Antimalware Improper Pathname Vulnerability."
3476| [CVE-2013-0075] The TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service (reboot) via a crafted packet that terminates a TCP connection, aka "TCP FIN WAIT Vulnerability."
3477| [CVE-2013-0025] Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer SLayoutRun Use After Free Vulnerability."
3478| [CVE-2013-0024] Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer pasteHTML Use After Free Vulnerability."
3479| [CVE-2013-0013] The SSL provider component in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle encrypted packets, which allows man-in-the-middle attackers to conduct SSLv2 downgrade attacks against (1) SSLv3 sessions or (2) TLS sessions by intercepting handshakes and injecting content, aka "Microsoft SSL Version 3 and TLS Protocol Security Feature Bypass Vulnerability."
3480| [CVE-2013-0008] win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle window broadcast messages, which allows local users to gain privileges via a crafted application, aka "Win32k Improper Message Handling Vulnerability."
3481| [CVE-2012-4792] Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated by a CDwnBindInfo object, and exploited in the wild in December 2012.
3482| [CVE-2012-4786] The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted TrueType Font (TTF) file, aka "TrueType Font Parsing Vulnerability."
3483| [CVE-2012-2897] The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT, as used by Google Chrome before 22.0.1229.79 and other programs, do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a crafted TrueType font file, aka "Windows Font Parsing Vulnerability" or "TrueType Font Parsing Vulnerability."
3484| [CVE-2012-2557] Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "cloneNode Use After Free Vulnerability."
3485| [CVE-2012-2556] The OpenType Font (OTF) driver in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows remote attackers to execute arbitrary code via a crafted OpenType font file, aka "OpenType Font Parsing Vulnerability."
3486| [CVE-2012-2523] Integer overflow in Microsoft Internet Explorer 8 and 9, JScript 5.8, and VBScript 5.8 on 64-bit platforms allows remote attackers to execute arbitrary code by leveraging an incorrect size calculation during object copying, aka "JavaScript Integer Overflow Remote Code Execution Vulnerability."
3487| [CVE-2012-1881] Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnRowsInserted Event Remote Code Execution Vulnerability."
3488| [CVE-2012-1875] Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Same ID Property Remote Code Execution Vulnerability."
3489| [CVE-2012-1874] Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows user-assisted remote attackers to execute arbitrary code by accessing a deleted object, aka "Developer Toolbar Remote Code Execution Vulnerability."
3490| [CVE-2012-1858] The toStaticHTML API (aka the SafeHTML component) in Microsoft Internet Explorer 8 and 9, Communicator 2007 R2, and Lync 2010 and 2010 Attendee does not properly handle event attributes and script, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted HTML document, aka "HTML Sanitization Vulnerability."
3491| [CVE-2012-1856] The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1, SQL Server 2000 SP4, SQL Server 2005 SP4, SQL Server 2008 SP2, SP3, R2, R2 SP1, and R2 SP2, Commerce Server 2002 SP4, Commerce Server 2007 SP2, Commerce Server 2009 Gold and R2, Host Integration Server 2004 SP1, Visual FoxPro 8.0 SP1, Visual FoxPro 9.0 SP2, and Visual Basic 6.0 Runtime allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption, aka "MSCOMCTL.OCX RCE Vulnerability."
3492| [CVE-2012-1848] win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "Scrollbar Calculation Vulnerability."
3493| [CVE-2012-1537] Heap-based buffer overflow in DirectPlay in DirectX 9.0 through 11.1 in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows remote attackers to execute arbitrary code via a crafted Office document, aka "DirectPlay Heap Overflow Vulnerability."
3494| [CVE-2012-1529] Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "OnMove Use After Free Vulnerability."
3495| [CVE-2012-1528] Integer overflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted briefcase, aka "Windows Briefcase Integer Overflow Vulnerability."
3496| [CVE-2012-1527] Integer underflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted briefcase, aka "Windows Briefcase Integer Underflow Vulnerability."
3497| [CVE-2012-1523] Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Center Element Remote Code Execution Vulnerability."
3498| [CVE-2012-0181] win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly manage Keyboard Layout files, which allows local users to gain privileges via a crafted application, aka "Keyboard Layout File Vulnerability."
3499| [CVE-2012-0180] win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode input passed to kernel mode for (1) windows and (2) messages, which allows local users to gain privileges via a crafted application, aka "Windows and Messages Vulnerability."
3500| [CVE-2012-0172] Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Style Remote Code Execution Vulnerability."
3501| [CVE-2012-0159] Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview
3502| [CVE-2012-0151] The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute arbitrary code via a modified file with additional content, aka "WinVerifyTrust Signature Validation Vulnerability."
3503| [CVE-2011-2382] Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file: URL, as demonstrated by a Facebook game, related to a "cookiejacking" issue.
3504| [CVE-2011-1999] Microsoft Internet Explorer 8 does not properly allocate and access memory, which allows remote attackers to execute arbitrary code via vectors involving a "dereferenced memory address," aka "Select Element Remote Code Execution Vulnerability."
3505| [CVE-2011-1996] Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Option Element Remote Code Execution Vulnerability."
3506| [CVE-2011-1992] The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to read content from a different (1) domain or (2) zone via a "trial and error" attack, aka "XSS Filter Information Disclosure Vulnerability."
3507| [CVE-2011-1713] Microsoft msxml.dll, as used in Internet Explorer 8 on Windows 7, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function. NOTE: this might overlap CVE-2011-1202.
3508| [CVE-2011-1347] Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to bypass Protected Mode and create arbitrary files by leveraging access to a Low integrity process, as demonstrated by Stephen Fewer as the third of three chained vulnerabilities during a Pwn2Own competition at CanSecWest 2011.
3509| [CVE-2011-1346] Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors, as demonstrated by Stephen Fewer as the second of three chained vulnerabilities during a Pwn2Own competition at CanSecWest 2011.
3510| [CVE-2011-1345] Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, as demonstrated by Stephen Fewer as the first of three chained vulnerabilities during a Pwn2Own competition at CanSecWest 2011, aka "Object Management Memory Corruption Vulnerability."
3511| [CVE-2011-1266] The Vector Markup Language (VML) implementation in vgx.dll in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "VML Memory Corruption Vulnerability."
3512| [CVE-2011-1260] Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Layout Memory Corruption Vulnerability."
3513| [CVE-2011-1258] Microsoft Internet Explorer 6 through 8 does not properly restrict web script, which allows user-assisted remote attackers to obtain sensitive information from a different (1) domain or (2) zone via vectors involving a drag-and-drop operation, aka "Drag and Drop Information Disclosure Vulnerability."
3514| [CVE-2011-1257] Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors involving access to an object, aka "Window Open Race Condition Vulnerability."
3515| [CVE-2011-1256] Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Modification Memory Corruption Vulnerability."
3516| [CVE-2011-1255] The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Time Element Memory Corruption Vulnerability."
3517| [CVE-2011-1254] Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Drag and Drop Memory Corruption Vulnerability."
3518| [CVE-2011-1252] Cross-site scripting (XSS) vulnerability in the SafeHTML function in the toStaticHTML API in Microsoft Internet Explorer 7 and 8, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Groove Server 2010 Gold and SP1, Windows SharePoint Services 3.0 SP2, and SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified strings, aka "toStaticHTML Information Disclosure Vulnerability" or "HTML Sanitization Vulnerability."
3519| [CVE-2011-1251] Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Manipulation Memory Corruption Vulnerability."
3520| [CVE-2011-1246] Microsoft Internet Explorer 8 does not properly handle content settings in HTTP responses, which allows remote web servers to obtain sensitive information from a different (1) domain or (2) zone via a crafted response, aka "MIME Sniffing Information Disclosure Vulnerability."
3521| [CVE-2011-1244] Microsoft Internet Explorer 6, 7, and 8 does not enforce intended domain restrictions on content access, which allows remote attackers to obtain sensitive information or conduct clickjacking attacks via a crafted web site, aka "Frame Tag Information Disclosure Vulnerability."
3522| [CVE-2011-0346] Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the DOM implementation and the BreakAASpecial and BreakCircularMemoryReferences functions, as demonstrated by cross_fuzz, aka "MSHTML Memory Corruption Vulnerability."
3523| [CVE-2011-0038] Untrusted search path vulnerability in Microsoft Internet Explorer 8 might allow local users to gain privileges via a Trojan horse IEShims.dll in the current working directory, as demonstrated by a Desktop directory that contains an HTML file, aka "Internet Explorer Insecure Library Loading Vulnerability."
3524| [CVE-2011-0036] Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, relagted to a "dangling pointer," aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2010-2556 and CVE-2011-0035.
3525| [CVE-2011-0035] Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2010-2556 and CVE-2011-0036.
3526| [CVE-2010-5071] The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method.
3527| [CVE-2010-3971] Use-after-free vulnerability in the CSharedStyleSheet::Notify function in the Cascading Style Sheets (CSS) parser in mshtml.dll, as used in Microsoft Internet Explorer 6 through 8 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a self-referential @import rule in a stylesheet, aka "CSS Memory Corruption Vulnerability."
3528| [CVE-2010-3964] Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2, when the Document Conversions Load Balancer Service is enabled, allows remote attackers to execute arbitrary code via a crafted SOAP request to TCP port 8082, aka "Malformed Request Code Execution Vulnerability."
3529| [CVE-2010-3962] Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka an "invalid flag reference" issue or "Uninitialized Memory Corruption Vulnerability," as exploited in the wild in November 2010.
3530| [CVE-2010-3886] The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer value as part of producing Timer ID values for the setTimeout and setInterval methods in VBScript and JScript, which allows remote attackers to obtain sensitive information about the heap memory addresses used by an application, as demonstrated by the Internet Explorer 8 application.
3531| [CVE-2010-3348] Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Cross-Domain Information Disclosure Vulnerability," a different vulnerability than CVE-2010-3342.
3532| [CVE-2010-3346] Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability."
3533| [CVE-2010-3345] Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability."
3534| [CVE-2010-3342] Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Cross-Domain Information Disclosure Vulnerability," a different vulnerability than CVE-2010-3348.
3535| [CVE-2010-3331] Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory in certain circumstances involving use of Microsoft Word to read Word documents, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
3536| [CVE-2010-3330] Microsoft Internet Explorer 6 through 8 does not properly restrict script access to content from a different (1) domain or (2) zone, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Cross-Domain Information Disclosure Vulnerability."
3537| [CVE-2010-3329] mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code via a crafted Microsoft Office document that causes the HtmlDlgHelper class destructor to access uninitialized memory, aka "Uninitialized Memory Corruption Vulnerability."
3538| [CVE-2010-3328] Use-after-free vulnerability in the CAttrArray::PrivateFind function in mshtml.dll in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code by setting an unspecified property of a stylesheet object, aka "Uninitialized Memory Corruption Vulnerability."
3539| [CVE-2010-3327] The implementation of HTML content creation in Microsoft Internet Explorer 6 through 8 does not remove the Anchor element during pasting and editing, which might allow remote attackers to obtain sensitive deleted information by visiting a web page, aka "Anchor Element Information Disclosure Vulnerability."
3540| [CVE-2010-3325] Microsoft Internet Explorer 6 through 8 does not properly handle unspecified special characters in Cascading Style Sheets (CSS) documents, which allows remote attackers to obtain sensitive information from a different (1) domain or (2) zone via a crafted web site, aka "CSS Special Character Information Disclosure Vulnerability."
3541| [CVE-2010-3324] The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, allows remote attackers to bypass the cross-site scripting (XSS) protection mechanism and conduct XSS attacks via a crafted use of the Cascading Style Sheets (CSS) @import rule, aka "HTML Sanitization Vulnerability," a different vulnerability than CVE-2010-1257.
3542| [CVE-2010-3243] Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "HTML Sanitization Vulnerability."
3543| [CVE-2010-2560] Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Layout Memory Corruption Vulnerability."
3544| [CVE-2010-2559] Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3671, CVE-2009-3674, CVE-2010-0245, and CVE-2010-0246.
3545| [CVE-2010-2558] Race condition in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to an object in memory, aka "Race Condition Memory Corruption Vulnerability."
3546| [CVE-2010-2556] Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
3547| [CVE-2010-2442] Microsoft Internet Explorer, possibly 8, does not properly restrict focus changes, which allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets."
3548| [CVE-2010-2375] Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity, related to IIS.
3549| [CVE-2010-2118] Microsoft Internet Explorer 6.0.2900.2180 and 8.0.7600.16385 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs.
3550| [CVE-2010-2091] Microsoft Outlook Web Access (OWA) 8.2.254.0, when Internet Explorer 7 on Windows Server 2003 is used, does not properly handle the id parameter in a Folder IPF.Note action to the default URI, which might allow remote attackers to obtain sensitive information or conduct cross-site scripting (XSS) attacks via an invalid value.
3551| [CVE-2010-1991] Microsoft Internet Explorer 6.0.2900.2180, 7, and 8.0.7600.16385 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements.
3552| [CVE-2010-1489] The XSS Filter in Microsoft Internet Explorer 8 does not properly perform neutering for the SCRIPT tag, which allows remote attackers to conduct cross-site scripting (XSS) attacks against web sites that have no inherent XSS vulnerabilities, a different issue than CVE-2009-4074.
3553| [CVE-2010-1262] Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, related to the CStyleSheet object and a free of the root container, aka "Memory Corruption Vulnerability."
3554| [CVE-2010-1261] The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
3555| [CVE-2010-1260] The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability."
3556| [CVE-2010-1259] Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
3557| [CVE-2010-1258] Microsoft Internet Explorer 6, 7, and 8 does not properly determine the origin of script code, which allows remote attackers to execute script in an unintended domain or security zone, and obtain sensitive information, via unspecified vectors, aka "Event Handler Cross-Domain Vulnerability."
3558| [CVE-2010-1118] Unspecified vulnerability in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a use-after-free issue, as demonstrated by Peter Vreugdenhil during a Pwn2Own competition at CanSecWest 2010.
3559| [CVE-2010-1117] Heap-based buffer overflow in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to discover the base address of a Windows .dll file, and possibly have unspecified other impact, via unknown vectors, as demonstrated by Peter Vreugdenhil during a Pwn2Own competition at CanSecWest 2010.
3560| [CVE-2010-0811] Multiple unspecified vulnerabilities in the Microsoft Internet Explorer 8 Developer Tools ActiveX control in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow remote attackers to execute arbitrary code via unknown vectors that "corrupt the system state," aka "Microsoft Internet Explorer 8 Developer Tools Vulnerability."
3561| [CVE-2010-0555] Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prevent rendering of non-HTML local files as HTML documents, which allows remote attackers to bypass intended access restrictions and read arbitrary files via vectors involving the product's use of text/html as the default content type for files that are encountered after a redirection, aka the URLMON sniffing vulnerability, a variant of CVE-2009-1140 and related to CVE-2008-1448.
3562| [CVE-2010-0494] Cross-domain vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 allows user-assisted remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted HTML document in a situation where the client user drags one browser window across another browser window, aka "HTML Element Cross-Domain Vulnerability."
3563| [CVE-2010-0492] Use-after-free vulnerability in mstime.dll in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via vectors related to the TIME2 behavior, the CTimeAction object, and destruction of markup, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability."
3564| [CVE-2010-0490] Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
3565| [CVE-2010-0255] Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prevent rendering of non-HTML local files as HTML documents, which allows remote attackers to bypass intended access restrictions and read arbitrary files via vectors involving JavaScript exploit code that constructs a reference to a file://127.0.0.1 URL, aka the dynamic OBJECT tag vulnerability, as demonstrated by obtaining the data from an index.dat file, a variant of CVE-2009-1140 and related to CVE-2008-1448.
3566| [CVE-2010-0249] Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4
3567| [CVE-2010-0248] Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability."
3568| [CVE-2010-0246] Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3671, CVE-2009-3674, and CVE-2010-0245.
3569| [CVE-2010-0245] Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3671, CVE-2009-3674, and CVE-2010-0246.
3570| [CVE-2010-0244] Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-2530 and CVE-2009-2531.
3571| [CVE-2010-0112] Multiple SQL injection vulnerabilities in the Administrative Interface in the IIS extension in Symantec IM Manager before 8.4.16 allow remote attackers to execute arbitrary SQL commands via (1) the rdReport parameter to rdpageimlogic.aspx, related to the sGetDefinition function in rdServer.dll, and SQL statements contained within a certain report file
3572| [CVE-2010-0027] The URL validation functionality in Microsoft Internet Explorer 5.01, 6, 6 SP1, 7 and 8, and the ShellExecute API function in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, does not properly process input parameters, which allows remote attackers to execute arbitrary local programs via a crafted URL, aka "URL Validation Vulnerability."
3573| [CVE-2009-4074] The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to leverage the "response-changing mechanism" to conduct cross-site scripting (XSS) attacks against web sites that have no inherent XSS vulnerabilities, related to the details of output encoding and improper modification of an HTML attribute, aka "XSS Filter Script Handling Vulnerability."
3574| [CVE-2009-4073] The printing functionality in Microsoft Internet Explorer 8 allows remote attackers to discover a local pathname, and possibly a local username, by reading the dc:title element of a PDF document that was generated from a local web page.
3575| [CVE-2009-3674] Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3671.
3576| [CVE-2009-3673] Microsoft Internet Explorer 7 and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
3577| [CVE-2009-3671] Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3674.
3578| [CVE-2009-3003] Microsoft Internet Explorer 6 through 8 allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the site containing that page.
3579| [CVE-2009-2764] Microsoft Internet Explorer 8.0.7100.0 on Windows 7 RC on the x64 platform allows remote attackers to cause a denial of service (application crash) via a certain DIV element in conjunction with SCRIPT elements that have empty contents and no reference to a valid external script location.
3580| [CVE-2009-2655] mshtml.dll in Microsoft Internet Explorer 7 and 8 on Windows XP SP3 allows remote attackers to cause a denial of service (application crash) by calling the JavaScript findText method with a crafted Unicode string in the first argument, and only one additional argument, as demonstrated by a second argument of -1.
3581| [CVE-2009-2536] Microsoft Internet Explorer 5 through 8 allows remote attackers to cause a denial of service (memory consumption and application crash) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
3582| [CVE-2009-2531] Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-2530.
3583| [CVE-2009-2530] Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-2531.
3584| [CVE-2009-2529] Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not properly handle argument validation for unspecified variables, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "HTML Component Handling Vulnerability."
3585| [CVE-2009-2069] Microsoft Internet Explorer before 8 displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, and then sending the browser a crafted 502 response page upon a subsequent request.
3586| [CVE-2009-2064] Microsoft Internet Explorer 8, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related to "HTTP-Intended-but-HTTPS-Loadable (HPIHSL) pages."
3587| [CVE-2009-2057] Microsoft Internet Explorer before 8 uses the HTTP Host header to determine the context of a document provided in a (1) 4xx or (2) 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampering" attack.
3588| [CVE-2009-1532] Microsoft Internet Explorer 8 for Windows XP SP2 and SP3
3589| [CVE-2009-1335] Microsoft Internet Explorer 7 and 8 on Windows XP and Vista allows remote attackers to cause a denial of service (application hang) via a large document composed of unprintable characters, aka MSRC 9011jr.
3590| [CVE-2009-1043] Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors triggered by clicking on a link, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009.
3591| [CVE-2009-1016] Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote authenticated users to affect confidentiality, integrity, and availability, related to IIS. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on claims from a reliable researcher that this is a stack-based buffer overflow involving an unspecified Server Plug-in and a crafted SSL certificate.
3592| [CVE-2009-1012] Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and availability. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in an unspecified plug-in that parses HTTP requests, which leads to a heap-based buffer overflow.
3593| [CVE-2009-1011] Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is for multiple integer overflows in a function that parses an optional data stream within a Microsoft Office file, leading to a heap-based buffer overflow.
3594| [CVE-2009-0084] Use-after-free vulnerability in DirectShow in Microsoft DirectX 8.1 and 9.0 allows remote attackers to execute arbitrary code via an MJPEG file or video stream with a malformed Huffman table, which triggers an exception that frees heap memory that is later accessed, aka "MJPEG Decompression Vulnerability."
3595| [CVE-2009-0072] Microsoft Internet Explorer 6.0 through 8.0 beta2 allows remote attackers to cause a denial of service (application crash) via an onload=screen[""] attribute value in a BODY element.
3596| [CVE-2008-5750] Argument injection vulnerability in Microsoft Internet Explorer 8 beta 2 on Windows XP SP3 allows remote attackers to execute arbitrary commands via the --renderer-path option in a chromehtml: URI.
3597| [CVE-2008-5556] ** DISPUTED ** The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 does not recognize attack patterns designed to operate against web pages that are encoded with utf-7, which allows remote attackers to bypass the XSS protection mechanism and conduct XSS attacks by injecting crafted utf-7 content. NOTE: the vendor reportedly disputes this issue, stating "Behaviour is by design."
3598| [CVE-2008-5555] Microsoft Internet Explorer 8.0 Beta 2 relies on the XDomainRequestAllowed HTTP header to authorize data exchange between domains, which allows remote attackers to bypass the product's XSS Filter protection mechanism, and conduct XSS and cross-domain attacks, by injecting this header after a CRLF sequence, related to "XDomainRequest Allowed Injection (XAI)." NOTE: the vendor has reportedly stated that the XSS Filter intentionally does not attempt to "address every conceivable XSS attack scenario."
3599| [CVE-2008-5554] The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 does not properly handle some HTTP headers that appear after a CRLF sequence in a URI, which allows remote attackers to bypass the XSS protection mechanism and conduct XSS or redirection attacks, as demonstrated by the (1) Location and (2) Set-Cookie HTTP headers. NOTE: the vendor has reportedly stated that the XSS Filter intentionally does not attempt to "address every conceivable XSS attack scenario."
3600| [CVE-2008-5553] The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 disables itself upon encountering a certain X-XSS-Protection HTTP header, which allows remote attackers to bypass the XSS protection mechanism and conduct XSS attacks by injecting this header after a CRLF sequence. NOTE: the vendor has reportedly stated that the XSS Filter intentionally does not attempt to "address every conceivable XSS attack scenario."
3601| [CVE-2008-5552] The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 allows remote attackers to bypass the XSS protection mechanism and conduct XSS attacks via a CRLF sequence in conjunction with a crafted Content-Type header, as demonstrated by a header with a utf-7 charset value. NOTE: the vendor has reportedly stated that the XSS Filter intentionally does not attempt to "address every conceivable XSS attack scenario."
3602| [CVE-2008-5551] The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 allows remote attackers to bypass the XSS protection mechanism and conduct XSS attacks by injecting data at two different positions within an HTML document, related to STYLE elements and the CSS expression property, aka a "double injection."
3603| [CVE-2008-5457] Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
3604| [CVE-2008-5416] Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier
3605| [CVE-2008-4295] Microsoft Windows Mobile 6.0 on HTC Wiza 200 and HTC MDA 8125 devices does not properly handle the first attempt to establish a Bluetooth connection to a peer with a long name, which allows remote attackers to cause a denial of service (device reboot) by configuring a Bluetooth device with a long hci name and (1) connecting directly to the Windows Mobile system or (2) waiting for the Windows Mobile system to scan for nearby devices.
3606| [CVE-2008-4256] The Charts ActiveX control in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the "system state," aka "Charts Control Memory Corruption Vulnerability."
3607| [CVE-2008-4255] Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX control or Microsoft Animation ActiveX control) in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, and Office Project 2003 SP3 and 2007 Gold and SP1 allows remote attackers to execute arbitrary code via an AVI file with a crafted stream length, which triggers an "allocation error" and memory corruption, aka "Windows Common AVI Parsing Overflow Vulnerability."
3608| [CVE-2008-4254] Multiple integer overflows in the Hierarchical FlexGrid ActiveX control (mshflxgd.ocx) in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allow remote attackers to execute arbitrary code via crafted (1) Rows and (2) Cols properties to the (a) ExpandAll and (b) CollapseAll methods, related to access of incorrectly initialized objects and corruption of the "system state," aka "Hierarchical FlexGrid Control Memory Corruption Vulnerability."
3609| [CVE-2008-4253] The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, Office FrontPage 2002 SP3, and Office Project 2003 SP3 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the "system state," aka "FlexGrid Control Memory Corruption Vulnerability."
3610| [CVE-2008-4252] The DataGrid ActiveX control in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the "system state," aka "DataGrid Control Memory Corruption Vulnerability."
3611| [CVE-2008-4127] Mshtml.dll in Microsoft Internet Explorer 7 Gold 7.0.5730 and 8 Beta 8.0.6001 on Windows XP SP2 allows remote attackers to cause a denial of service (failure of subsequent image rendering) via a crafted PNG file, related to an infinite loop in the CDwnTaskExec::ThreadExec function.
3612| [CVE-2008-4110] Buffer overflow in the SQLVDIRLib.SQLVDirControl ActiveX control in Tools\Binn\sqlvdir.dll in Microsoft SQL Server 2000 (aka SQL Server 8.0) allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a long URL in the second argument to the Connect method. NOTE: this issue is not a vulnerability in many environments, since the control is not marked as safe for scripting and would not execute with default Internet Explorer settings.
3613| [CVE-2008-3815] Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using Microsoft Windows NT Domain authentication, allows remote attackers to bypass VPN authentication via unknown vectors.
3614| [CVE-2008-3704] Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allows remote attackers to execute arbitrary code via a long Mask parameter, related to not "validating property values with boundary checks," as exploited in the wild in August 2008, aka "Masked Edit Control Memory Corruption Vulnerability."
3615| [CVE-2008-3015] Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a BMP image file with a malformed BitMapInfoHeader that triggers a buffer overflow, aka "GDI+ BMP Integer Overflow Vulnerability."
3616| [CVE-2008-3014] Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed WMF image file that triggers improper memory allocation, aka "GDI+ WMF Buffer Overrun Vulnerability."
3617| [CVE-2008-3013] gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed GIF image file containing many extension markers for graphic control extensions and subsequent unknown labels, aka "GDI+ GIF Parsing Vulnerability."
3618| [CVE-2008-3012] gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 does not properly perform memory allocation, which allows remote attackers to execute arbitrary code via a malformed EMF image file, aka "GDI+ EMF Memory Corruption Vulnerability."
3619| [CVE-2008-2948] Cross-domain vulnerability in Microsoft Internet Explorer 7 and 8 allows remote attackers to change the location property of a frame via the Object data type, and use a frame from a different domain to observe domain-independent events, as demonstrated by observing onkeydown events with caballero-listener. NOTE: according to Microsoft, this is a duplicate of CVE-2008-2947, possibly a different attack vector.
3620| [CVE-2008-2579] Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors.
3621| [CVE-2008-1544] The setRequestHeader method of the XMLHttpRequest object in Microsoft Internet Explorer 5.01, 6, and 7 does not block dangerous HTTP request headers when certain 8-bit character sequences are appended to a header name, which allows remote attackers to (1) conduct HTTP request splitting and HTTP request smuggling attacks via an incorrect Content-Length header, (2) access arbitrary virtual hosts via a modified Host header, (3) bypass referrer restrictions via an incorrect Referer header, and (4) bypass the same-origin policy and obtain sensitive information via a crafted request header.
3622| [CVE-2008-1444] Stack-based buffer overflow in Microsoft DirectX 7.0 and 8.1 on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a Synchronized Accessible Media Interchange (SAMI) file with crafted parameters for a Class Name variable, aka the "SAMI Format Parsing Vulnerability."
3623| [CVE-2008-0108] Stack-based buffer overflow in wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted field lengths, aka "Microsoft Works File Converter Field Length Vulnerability."
3624| [CVE-2008-0105] Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section header index table information, aka "Microsoft Works File Converter Index Table Vulnerability."
3625| [CVE-2008-0011] Microsoft DirectX 8.1 through 9.0c, and DirectX on Microsoft XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, does not properly perform MJPEG error checking, which allows remote attackers to execute arbitrary code via a crafted MJPEG stream in a (1) AVI or (2) ASF file, aka the "MJPEG Decoder Vulnerability."
3626| [CVE-2007-5348] Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via an image file with crafted gradient sizes in gradient fill input, which triggers a heap-based buffer overflow related to GdiPlus.dll and VGX.DLL, aka "GDI+ VML Buffer Overrun Vulnerability."
3627| [CVE-2007-5277] Microsoft Internet Explorer 6 drops DNS pins based on failed connections to irrelevant TCP ports, which makes it easier for remote attackers to conduct DNS rebinding attacks, as demonstrated by a port 81 URL in an IMG SRC, when the DNS pin had been established for a session on port 80, a different issue than CVE-2006-4560.
3628| [CVE-2007-4916] Heap-based buffer overflow in the FileFind::FindFile method in (1) MFC42.dll, (2) MFC42u.dll, (3) MFC71.dll, and (4) MFC71u.dll in Microsoft Foundation Class (MFC) Library 8.0, as used by the ListFiles method in hpqutil.dll 2.0.0.138 in Hewlett-Packard (HP) All-in-One and Photo & Imaging Gallery 1.1 and probably other products, allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long first argument.
3629| [CVE-2007-4814] Buffer overflow in the SQLServer ActiveX control in the Distributed Management Objects OLE DLL (sqldmo.dll) 2000.085.2004.00 in Microsoft SQL Server Enterprise Manager 8.05.2004 allows remote attackers to execute arbitrary code via a long second argument to the Start method.
3630| [CVE-2007-2931] Heap-based buffer overflow in Microsoft MSN Messenger 6.2, 7.0, and 7.5, and Live Messenger 8.0 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors involving video conversation handling in Web Cam and video chat sessions.
3631| [CVE-2007-0842] The 64-bit versions of Microsoft Visual C++ 8.0 standard library (MSVCR80.DLL) time functions, including (1) localtime, (2) localtime_s, (3) gmtime, (4) gmtime_s, (5) ctime, (6) ctime_s, (7) wctime, (8) wctime_s, and (9) fstat, trigger an assertion error instead of a NULL pointer or EINVAL when processing a time argument later than Jan 1, 3000, which might allow context-dependent attackers to cause a denial of service (application exit) via large time values. NOTE: it could be argued that this is a design limitation of the functions, and the vulnerability lies with any application that does not validate arguments to these functions. However, this behavior is inconsistent with documentation, which does not list assertions as a possible result of an error condition.
3632| [CVE-2007-0216] wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section length headers, aka "Microsoft Works File Converter Input Validation Vulnerability."
3633| [CVE-2007-0047] CRLF injection vulnerability in Adobe Acrobat Reader Plugin before 8.0.0, when used with the Microsoft.XMLHTTP ActiveX object in Internet Explorer, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the javascript: URI in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.
3634| [CVE-2006-6252] Microsoft Windows Live Messenger 8.0 and earlier, when gestual emoticons are enabled, allows remote attackers to cause a denial of service (CPU consumption) via a long string composed of ":D" sequences, which are interpreted as emoticons.
3635| [CVE-2006-3654] Buffer overflow in wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote attackers to cause a denial of service (CPU consumption or crash) via crafted Excel files.
3636| [CVE-2006-3653] wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote attackers to cause a denial of service (CPU consumption or crash) via crafted (1) Works, (2) Excel, and (3) Lotus 1-2-3 files.
3637| [CVE-2005-3568] db2fmp process in IBM DB2 Content Manager before 8.2 Fix Pack 10 allows local users to cause a denial of service (CPU consumption) by importing a corrupted Microsoft Excel file, aka "CORRUPTED EXEL FILE WILL CAUSE TEXT SEARCH PROCESS LOOPING."
3638| [CVE-2005-3182] Buffer overflow in the HTTP management interface for GFI MailSecurity 8.1 allows remote attackers to execute arbitrary code via long headers such as (1) Host and (2) Accept in HTTP requests. NOTE: the vendor suggests that this issues is "in an underlying Microsoft technology" which, if true, could mean that the overflow affects other products as well.
3639| [CVE-2005-3174] Microsoft Windows 2000 before Update Rollup 1 for SP4 allows users to log on to the domain, even when their password has expired, if the fully qualified domain name (FQDN) is 8 characters long.
3640| [CVE-2004-0540] Microsoft Windows 2000, when running in a domain whose Fully Qualified Domain Name (FQDN) is exactly 8 characters long, does not prevent users with expired passwords from logging on to the domain.
3641| [CVE-2003-0604] Windows Media Player (WMP) 7 and 8, as running on Internet Explorer and possibly other Microsoft products that process HTML, allows remote attackers to bypass zone restrictions and access or execute arbitrary files via an IFRAME tag pointing to an ASF file whose Content-location contains a File:// URL.
3642| [CVE-2002-2435] The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264.
3643| [CVE-2002-2380] NetDSL ADSL Modem 800 with Microsoft Network firmware 5.5.11 allows remote attackers to gain access to configuration menus by sniffing undocumented usernames and passwords from network traffic.
3644| [CVE-2002-0797] Buffer overflow in the MIB parsing component of mibiisa for Solaris 5.6 through 8 allows remote attackers to gain root privileges.
3645| [CVE-2001-0238] Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests.
3646|
3647| SecurityFocus - https://www.securityfocus.com/bid/:
3648| [582] Microsoft IIS And PWS 8.3 Directory Name Vulnerability
3649| [58847] Microsoft Windows Defender for Windows 8 and Windows RT Local Privilege Escalation Vulnerability
3650| [42467] Microsoft Internet Explorer 8 'toStaticHTML()' HTML Sanitization Bypass Weakness
3651| [40490] Microsoft Internet Explorer 8 Developer Tools Remote Code Execution Vulnerability
3652| [37135] Microsoft Internet Explorer 8 Cross-Site Scripting Filter Cross-Site Scripting Vulnerability
3653| [35941] Microsoft Internet Explorer 8 Denial of Service Vulnerability
3654|
3655| IBM X-Force - https://exchange.xforce.ibmcloud.com:
3656| [40937] Microsoft Windows Knowledge Base Article 815495 update not installed
3657| [37226] Microsoft Windows Knowledge Base Article 815495 update not installed
3658| [19102] Microsoft Knowledge Base Article 885834 is not installed
3659| [19090] Microsoft Knowledge Base Article 885250 is not installed
3660| [18392] Microsoft Windows Knowledge Base Article 885249 update is not installed
3661| [18391] Microsoft Windows Knowledge Base Article 885835 update is not installed
3662| [18390] Microsoft Windows Knowledge Base Article 885836 update is not installed
3663| [82776] Microsoft Internet Explorer 10 on Windows 8 sandbox security bypass
3664| [66402] Microsoft Windows kernel-mode driver (win32k.sys) variant 8 privilege escalation
3665| [57338] Microsoft Internet Explorer 8 Developer Tools code execution
3666| [24509] Microsoft Windows Knowledge Base Article 889167 update is not installed
3667| [22882] Microsoft Windows Knowledge Base Article 896424 update is not installed
3668| [22156] Microsoft Windows Knowledge Base Article 899589 update is not installed
3669| [22155] Microsoft Knowledge Base Article 896688 is not installed
3670| [22072] Microsoft Knowledge Base Article 899587 is not installed
3671| [22071] Microsoft Knowledge Base Article 896428 is not installed
3672| [22069] Microsoft Knowledge Base Article 890859 is not installed
3673| [22068] Microsoft Knowledge Base Article 890046 is not installed
3674| [21704] Microsoft Windows Knowledge Base Article 896727 update is not installed
3675| [21605] Microsoft Windows Knowledge Base Article 896423 update is not installed
3676| [21603] Microsoft Windows Knowledge Base Article 899588 update is not installed
3677| [21601] Microsoft Windows Knowledge Base Article 899591 update is not installed
3678| [21600] Microsoft Windows Knowledge Base Article 893756 update is not installed
3679| [20826] Microsoft Windows Knowledge Base Article 896422 update is not installed
3680| [20825] Microsoft Windows Knowledge Base Article 896358 update is not installed
3681| [20823] Microsoft Windows Knowledge Base Article 890169 update is not installed
3682| [20822] Microsoft Windows Knowledge Base Article 883939 update is not installed
3683| [20820] Microsoft Windows Knowledge Base Article 896426 update is not installed
3684| [20382] Microsoft Windows Knowledge Base Article 894320 update is not installed
3685| [20318] Microsoft Windows Knowledge Base Article 893086 update is not installed
3686| [20317] Microsoft Windows Knowledge Base Article 890923 update is not installed
3687| [20000] Microsoft Windows Knowledge Base Article 892944 update is not installed
3688| [19875] Microsoft Knowledge Base Article 893066 is not installed
3689| [19843] Microsoft Windows Knowledge Base Article 894549 update is not installed
3690| [19252] Microsoft Knowledge Base Article 890261 is not installed
3691| [19141] Microsoft Knowledge Base Article 867282 is not installed
3692| [19118] Microsoft Knowledge Base Article 890047 is not installed
3693| [19116] Microsoft Knowledge Base Article 891781 is not installed
3694| [19112] Microsoft Knowledge Base Article 873352 is not installed
3695| [19111] Microsoft Knowledge Base Article 888113 is not installed
3696| [19106] Microsoft Knowledge Base Article 873333 is not installed
3697| [19095] Microsoft Knowledge Base Article 888302 is not installed
3698| [19092] Microsoft Knowledge Base Article 887981 is not installed
3699| [18944] Microsoft Knowledge Base Article 886185 is not installed
3700| [18770] Microsoft Knowledge Base Article 890175 is not installed
3701| [18769] Microsoft Knowledge Base Article 887219 is not installed
3702| [18768] Microsoft Windows Knowledge Base Article 891711 update is not installed
3703| [18766] Microsoft Windows Knowledge Base Article 871250 update is not installed
3704| [18394] Microsoft Windows Knowledge Base Article 870763 update is not installed
3705| [18393] Microsoft Windows Knowledge Base Article 873339 update is not installed
3706| [18314] Microsoft Windows Knowledge Base Article 889293 update is not installed
3707|
3708| Exploit-DB - https://www.exploit-db.com:
3709| [17159] Microsoft Host Integration Server <= 8.5.4224.0 DoS Vulnerabilities
3710| [31118] Microsoft Works 8.0 File Converter Field Length Remote Code Execution Vulnerability
3711| [30537] Microsoft MSN Messenger <= 8.0 - Video Conversation Buffer Overflow Vulnerability
3712| [28222] microsoft works 8.0 spreadsheet Multiple Vulnerabilities
3713| [12728] Microsoft Outlook Web Access (OWA) 8.2.254.0 - Information Disclosure vulnerability
3714|
3715| OpenVAS (Nessus) - http://www.openvas.org:
3716| [902914] Microsoft IIS GET Request Denial of Service Vulnerability
3717| [902796] Microsoft IIS IP Address/Internal Network Name Disclosure Vulnerability
3718| [902694] Microsoft Windows IIS FTP Service Information Disclosure Vulnerability (2761226)
3719| [901120] Microsoft IIS Authentication Remote Code Execution Vulnerability (982666)
3720| [900944] Microsoft IIS FTP Server 'ls' Command DOS Vulnerability
3721| [900874] Microsoft IIS FTP Service Remote Code Execution Vulnerabilities (975254)
3722| [900711] Microsoft IIS WebDAV Remote Authentication Bypass Vulnerability
3723| [900567] Microsoft IIS Security Bypass Vulnerability (970483)
3724| [802806] Microsoft IIS Default Welcome Page Information Disclosure Vulnerability
3725| [801669] Microsoft Windows IIS FTP Server DOS Vulnerability
3726| [801520] Microsoft IIS ASP Stack Based Buffer Overflow Vulnerability
3727| [100952] Microsoft IIS FTPd NLST stack overflow
3728| [11443] Microsoft IIS UNC Mapped Virtual Host Vulnerability
3729| [10680] Test Microsoft IIS Source Fragment Disclosure
3730| [903041] Microsoft Windows Kernel Privilege Elevation Vulnerability (2724197)
3731| [903037] Microsoft JScript and VBScript Engines Remote Code Execution Vulnerability (2706045)
3732| [903036] Microsoft Windows Networking Components Remote Code Execution Vulnerabilities (2733594)
3733| [903035] Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerability (2731847)
3734| [903033] Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2718523)
3735| [903026] Microsoft Office Remote Code Execution Vulnerabilities (2663830)
3736| [903017] Microsoft Office Remote Code Execution Vulnerability (2639185)
3737| [903000] Microsoft Expression Design Remote Code Execution Vulnerability (2651018)
3738| [902936] Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (2783534)
3739| [902934] Microsoft .NET Framework Remote Code Execution Vulnerability (2745030)
3740| [902933] Microsoft Windows Shell Remote Code Execution Vulnerabilities (2727528)
3741| [902932] Microsoft Internet Explorer Multiple Use-After-Free Vulnerabilities (2761451)
3742| [902931] Microsoft Office Remote Code Execution Vulnerabilities - 2720184 (Mac OS X)
3743| [902930] Microsoft Office Remote Code Execution Vulnerabilities (2720184)
3744| [902923] Microsoft Internet Explorer Multiple Vulnerabilities (2722913)
3745| [902922] Microsoft Remote Desktop Protocol Remote Code Execution Vulnerability (2723135)
3746| [902921] Microsoft Office Visio/Viewer Remote Code Execution Vulnerability (2733918)
3747| [902920] Microsoft Office Remote Code Execution Vulnerability (2731879)
3748| [902919] Microsoft SharePoint Privilege Elevation Vulnerabilities (2663841)
3749| [902916] Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2711167)
3750| [902913] Microsoft Office Remote Code Execution Vulnerabilities-2663830 (Mac OS X)
3751| [902912] Microsoft Office Word Remote Code Execution Vulnerability-2680352 (Mac OS X)
3752| [902911] Microsoft Office Word Remote Code Execution Vulnerability (2680352)
3753| [902910] Microsoft Office Visio Viewer Remote Code Execution Vulnerability (2597981)
3754| [902909] Microsoft Windows Service Pack Missing Multiple Vulnerabilities
3755| [902908] Microsoft Windows DirectWrite Denial of Service Vulnerability (2665364)
3756| [902906] Microsoft Windows DNS Server Denial of Service Vulnerability (2647170)
3757| [902900] Microsoft Windows SSL/TLS Information Disclosure Vulnerability (2643584)
3758| [902846] Microsoft Windows TLS Protocol Information Disclosure Vulnerability (2655992)
3759| [902845] Microsoft Windows Shell Remote Code Execution Vulnerability (2691442)
3760| [902842] Microsoft Lync Remote Code Execution Vulnerabilities (2707956)
3761| [902841] Microsoft .NET Framework Remote Code Execution Vulnerability (2706726)
3762| [902839] Microsoft FrontPage Server Extensions MS-DOS Device Name DoS Vulnerability
3763| [902833] Microsoft .NET Framework Remote Code Execution Vulnerability (2693777)
3764| [902832] MS Security Update For Microsoft Office, .NET Framework, and Silverlight (2681578)
3765| [902829] Microsoft Windows Common Controls Remote Code Execution Vulnerability (2664258)
3766| [902828] Microsoft .NET Framework Remote Code Execution Vulnerability (2671605)
3767| [902818] Microsoft Remote Desktop Protocol Remote Code Execution Vulnerabilities (2671387)
3768| [902817] Microsoft Visual Studio Privilege Elevation Vulnerability (2651019)
3769| [902811] Microsoft .NET Framework and Microsoft Silverlight Remote Code Execution Vulnerabilities (2651026)
3770| [902807] Microsoft Windows Media Could Allow Remote Code Execution Vulnerabilities (2636391)
3771| [902798] Microsoft SMB Signing Enabled and Not Required At Server
3772| [902797] Microsoft SMB Signing Information Disclosure Vulnerability
3773| [902785] Microsoft AntiXSS Library Information Disclosure Vulnerability (2607664)
3774| [902784] Microsoft Windows Object Packager Remote Code Execution Vulnerability (2603381)
3775| [902783] Microsoft Windows Kernel Security Feature Bypass Vulnerability (2644615)
3776| [902782] MicroSoft Windows Server Service Remote Code Execution Vulnerability (921883)
3777| [902766] Microsoft Windows Kernel Privilege Elevation Vulnerability (2633171)
3778| [902746] Microsoft Active Accessibility Remote Code Execution Vulnerability (2623699)
3779| [902727] Microsoft Office Excel Remote Code Execution Vulnerabilities (2587505)
3780| [902708] Microsoft Remote Desktop Protocol Denial of Service Vulnerability (2570222)
3781| [902696] Microsoft Internet Explorer Multiple Vulnerabilities (2761465)
3782| [902693] Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (2761226)
3783| [902692] Microsoft Office Excel ReadAV Arbitrary Code Execution Vulnerability
3784| [902689] Microsoft SQL Server Report Manager Cross Site Scripting Vulnerability (2754849)
3785| [902688] Microsoft System Center Configuration Manager XSS Vulnerability (2741528)
3786| [902687] Microsoft Windows Data Access Components Remote Code Execution Vulnerability (2698365)
3787| [902686] Microsoft Internet Explorer Multiple Vulnerabilities (2719177)
3788| [902683] Microsoft Remote Desktop Protocol Remote Code Execution Vulnerability (2685939)
3789| [902682] Microsoft Internet Explorer Multiple Vulnerabilities (2699988)
3790| [902678] Microsoft Silverlight Code Execution Vulnerabilities - 2681578 (Mac OS X)
3791| [902677] Microsoft Windows Prtition Manager Privilege Elevation Vulnerability (2690533)
3792| [902676] Microsoft Windows TCP/IP Privilege Elevation Vulnerabilities (2688338)
3793| [902670] Microsoft Internet Explorer Multiple Vulnerabilities (2675157)
3794| [902663] Microsoft Remote Desktop Protocol Remote Code Execution Vulnerabilities (2671387)
3795| [902662] MicroSoft SMB Server Trans2 Request Remote Code Execution Vulnerability
3796| [902660] Microsoft SMB Transaction Parsing Remote Code Execution Vulnerability
3797| [902658] Microsoft RDP Server Private Key Information Disclosure Vulnerability
3798| [902649] Microsoft Internet Explorer Multiple Vulnerabilities (2647516)
3799| [902642] Microsoft Internet Explorer Multiple Vulnerabilities (2618444)
3800| [902626] Microsoft SharePoint SafeHTML Information Disclosure Vulnerabilities (2412048)
3801| [902625] Microsoft SharePoint Multiple Privilege Escalation Vulnerabilities (2451858)
3802| [902613] Microsoft Internet Explorer Multiple Vulnerabilities (2559049)
3803| [902609] Microsoft Windows CSRSS Privilege Escalation Vulnerabilities (2507938)
3804| [902598] Microsoft Windows Time Component Remote Code Execution Vulnerability (2618451)
3805| [902597] Microsoft Windows Media Remote Code Execution Vulnerability (2648048)
3806| [902596] Microsoft Windows OLE Remote Code Execution Vulnerability (2624667)
3807| [902588] Microsoft Windows Internet Protocol Validation Remote Code Execution Vulnerability
3808| [902581] Microsoft .NET Framework and Silverlight Remote Code Execution Vulnerability (2604930)
3809| [902580] Microsoft Host Integration Server Denial of Service Vulnerabilities (2607670)
3810| [902567] Microsoft Office Remote Code Execution Vulnerabilites (2587634)
3811| [902566] Microsoft Windows WINS Local Privilege Escalation Vulnerability (2571621)
3812| [902552] Microsoft .NET Framework Chart Control Information Disclosure Vulnerability (2567943)
3813| [902551] Microsoft .NET Framework Information Disclosure Vulnerability (2567951)
3814| [902523] Microsoft .NET Framework and Silverlight Remote Code Execution Vulnerability (2514842)
3815| [902522] Microsoft .NET Framework Remote Code Execution Vulnerability (2538814)
3816| [902518] Microsoft .NET Framework Security Bypass Vulnerability
3817| [902516] Microsoft Windows WINS Remote Code Execution Vulnerability (2524426)
3818| [902502] Microsoft .NET Framework Remote Code Execution Vulnerability (2484015)
3819| [902501] Microsoft JScript and VBScript Scripting Engines Remote Code Execution Vulnerability (2514666)
3820| [902496] Microsoft Office IME (Chinese) Privilege Elevation Vulnerability (2652016)
3821| [902495] Microsoft Office Remote Code Execution Vulnerability (2590602)
3822| [902494] Microsoft Office Excel Remote Code Execution Vulnerability (2640241)
3823| [902493] Microsoft Publisher Remote Code Execution Vulnerabilities (2607702)
3824| [902492] Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2639142)
3825| [902487] Microsoft Windows Active Directory LDAPS Authentication Bypass Vulnerability (2630837)
3826| [902484] Microsoft Windows TCP/IP Remote Code Execution Vulnerability (2588516)
3827| [902464] Microsoft Visio Remote Code Execution Vulnerabilities (2560978)
3828| [902463] Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability (2567680)
3829| [902455] Microsoft Visio Remote Code Execution Vulnerability (2560847)
3830| [902445] Microsoft XML Editor Information Disclosure Vulnerability (2543893)
3831| [902443] Microsoft Internet Explorer Multiple Vulnerabilities (2530548)
3832| [902440] Microsoft Windows SMB Server Remote Code Execution Vulnerability (2536275)
3833| [902430] Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2545814)
3834| [902425] Microsoft Windows SMB Accessible Shares
3835| [902423] Microsoft Office Visio Viewer Remote Code Execution Vulnerabilities (2663510)
3836| [902411] Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2489283)
3837| [902410] Microsoft Office Excel Remote Code Execution Vulnerabilities (2489279)
3838| [902403] Microsoft Windows Fraudulent Digital Certificates Spoofing Vulnerability
3839| [902395] Microsoft Bluetooth Stack Remote Code Execution Vulnerability (2566220)
3840| [902378] Microsoft Office Excel Remote Code Execution Vulnerabilities (2537146)
3841| [902377] Microsoft Windows OLE Automation Remote Code Execution Vulnerability (2476490)
3842| [902365] Microsoft GDI+ Remote Code Execution Vulnerability (2489979)
3843| [902364] Microsoft Office Remote Code Execution Vulnerabilites (2489293)
3844| [902351] Microsoft Groove Remote Code Execution Vulnerability (2494047)
3845| [902337] Microsoft Windows Kernel Elevation of Privilege Vulnerability (2393802)
3846| [902336] Microsoft JScript and VBScript Scripting Engines Information Disclosure Vulnerability (2475792)
3847| [902325] Microsoft Internet Explorer 'CSS Import Rule' Use-after-free Vulnerability
3848| [902324] Microsoft SharePoint Could Allow Remote Code Execution Vulnerability (2455005)
3849| [902319] Microsoft Foundation Classes Could Allow Remote Code Execution Vulnerability (2387149)
3850| [902290] Microsoft Windows Active Directory SPN Denial of Service (2478953)
3851| [902289] Microsoft Windows LSASS Privilege Escalation Vulnerability (2478960)
3852| [902288] Microsoft Kerberos Privilege Escalation Vulnerabilities (2496930)
3853| [902287] Microsoft Visio Remote Code Execution Vulnerabilities (2451879)
3854| [902285] Microsoft Internet Explorer Information Disclosure Vulnerability (2501696)
3855| [902281] Microsoft Windows Data Access Components Remote Code Execution Vulnerabilities (2451910)
3856| [902280] Microsoft Windows BranchCache Remote Code Execution Vulnerability (2385678)
3857| [902277] Microsoft Windows Netlogon Service Denial of Service Vulnerability (2207559)
3858| [902276] Microsoft Windows Task Scheduler Elevation of Privilege Vulnerability (2305420)
3859| [902274] Microsoft Publisher Remote Code Execution Vulnerability (2292970)
3860| [902269] Microsoft Windows SMB Server NTLM Multiple Vulnerabilities (971468)
3861| [902265] Microsoft Office Word Remote Code Execution Vulnerabilities (2293194)
3862| [902264] Microsoft Office Excel Remote Code Execution Vulnerabilities (2293211)
3863| [902263] Microsoft Windows Media Player Network Sharing Remote Code Execution Vulnerability (2281679)
3864| [902262] Microsoft Windows Shell and WordPad COM Validation Vulnerability (2405882)
3865| [902256] Microsoft Windows win32k.sys Driver 'CreateDIBPalette()' BOF Vulnerability
3866| [902255] Microsoft Visual Studio Insecure Library Loading Vulnerability
3867| [902254] Microsoft Office Products Insecure Library Loading Vulnerability
3868| [902250] Microsoft Word 2003 'MSO.dll' Null Pointer Dereference Vulnerability
3869| [902246] Microsoft Internet Explorer 'toStaticHTML()' Cross Site Scripting Vulnerability
3870| [902243] Microsoft Outlook TNEF Remote Code Execution Vulnerability (2315011)
3871| [902232] Microsoft Windows TCP/IP Privilege Elevation Vulnerabilities (978886)
3872| [902231] Microsoft Windows Tracing Feature Privilege Elevation Vulnerabilities (982799)
3873| [902230] Microsoft .NET Common Language Runtime Remote Code Execution Vulnerability (2265906)
3874| [902229] Microsoft Window MPEG Layer-3 Remote Code Execution Vulnerability (2115168)
3875| [902228] Microsoft Office Word Remote Code Execution Vulnerabilities (2269638)
3876| [902227] Microsoft Windows LSASS Denial of Service Vulnerability (975467)
3877| [902226] Microsoft Windows Shell Remote Code Execution Vulnerability (2286198)
3878| [902217] Microsoft Outlook SMB Attachment Remote Code Execution Vulnerability (978212)
3879| [902210] Microsoft IE cross-domain IFRAME gadgets keystrokes steal Vulnerability
3880| [902193] Microsoft .NET Framework XML HMAC Truncation Vulnerability (981343)
3881| [902192] Microsoft Office COM Validation Remote Code Execution Vulnerability (983235)
3882| [902191] Microsoft Internet Explorer Multiple Vulnerabilities (982381)
3883| [902183] Microsoft Internet Explorer 'IFRAME' Denial Of Service Vulnerability
3884| [902178] Microsoft Visual Basic Remote Code Execution Vulnerability (978213)
3885| [902176] Microsoft SharePoint '_layouts/help.aspx' Cross Site Scripting Vulnerability
3886| [902166] Microsoft Internet Explorer 'neutering' Mechanism XSS Vulnerability
3887| [902159] Microsoft VBScript Scripting Engine Remote Code Execution Vulnerability (980232)
3888| [902158] Microsoft Office Publisher Remote Code Execution Vulnerability (981160)
3889| [902157] Microsoft 'ISATAP' Component Spoofing Vulnerability (978338)
3890| [902156] Microsoft SMB Client Remote Code Execution Vulnerabilities (980232)
3891| [902155] Microsoft Internet Explorer Multiple Vulnerabilities (980182)
3892| [902151] Microsoft Internet Explorer Denial of Service Vulnerability - Mar10
3893| [902133] Microsoft Office Excel Multiple Vulnerabilities (980150)
3894| [902117] Microsoft DirectShow Remote Code Execution Vulnerability (977935)
3895| [902116] Microsoft Client/Server Run-time Subsystem Privilege Elevation Vulnerability (978037)
3896| [902115] Microsoft Kerberos Denial of Service Vulnerability (977290)
3897| [902114] Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (975416)
3898| [902112] Microsoft SMB Client Remote Code Execution Vulnerabilities (978251)
3899| [902095] Microsoft Office Excel Remote Code Execution Vulnerability (2269707)
3900| [902094] Microsoft Windows Kernel Mode Drivers Privilege Elevation Vulnerabilities (2160329)
3901| [902093] Microsoft Windows Kernel Privilege Elevation Vulnerabilities (981852)
3902| [902080] Microsoft Help and Support Center Remote Code Execution Vulnerability (2229593)
3903| [902069] Microsoft SharePoint Privilege Elevation Vulnerabilities (2028554)
3904| [902068] Microsoft Office Excel Remote Code Execution Vulnerabilities (2027452)
3905| [902067] Microsoft Windows Kernel Mode Drivers Privilege Escalation Vulnerabilities (979559)
3906| [902039] Microsoft Visio Remote Code Execution Vulnerabilities (980094)
3907| [902038] Microsoft MPEG Layer-3 Codecs Remote Code Execution Vulnerability (977816)
3908| [902033] Microsoft Windows '.ani' file Denial of Service vulnerability
3909| [902015] Microsoft Paint Remote Code Execution Vulnerability (978706)
3910| [901305] Microsoft Windows IP-HTTPS Component Security Feature Bypass Vulnerability (2765809)
3911| [901304] Microsoft Windows File Handling Component Remote Code Execution Vulnerability (2758857)
3912| [901301] Microsoft Windows Kerberos Denial of Service Vulnerability (2743555)
3913| [901212] Microsoft Windows DirectPlay Remote Code Execution Vulnerability (2770660)
3914| [901211] Microsoft Windows Common Controls Remote Code Execution Vulnerability (2720573)
3915| [901210] Microsoft Office Privilege Elevation Vulnerability - 2721015 (Mac OS X)
3916| [901209] Microsoft Windows Media Center Remote Code Execution Vulnerabilities (2604926)
3917| [901208] Microsoft Internet Explorer Multiple Vulnerabilities (2586448)
3918| [901205] Microsoft Windows Components Remote Code Execution Vulnerabilities (2570947)
3919| [901193] Microsoft Windows Media Remote Code Execution Vulnerabilities (2510030)
3920| [901183] Internet Information Services (IIS) FTP Service Remote Code Execution Vulnerability (2489256)
3921| [901180] Microsoft Internet Explorer Multiple Vulnerabilities (2482017)
3922| [901169] Microsoft Windows Address Book Remote Code Execution Vulnerability (2423089)
3923| [901166] Microsoft Office Remote Code Execution Vulnerabilites (2423930)
3924| [901164] Microsoft Windows SChannel Denial of Service Vulnerability (2207566)
3925| [901163] Microsoft Windows Media Player Remote Code Execution Vulnerability (2378111))
3926| [901162] Microsoft Internet Explorer Multiple Vulnerabilities (2360131)
3927| [901161] Microsoft ASP.NET Information Disclosure Vulnerability (2418042)
3928| [901151] Microsoft Internet Information Services Remote Code Execution Vulnerabilities (2267960)
3929| [901150] Microsoft Windows Print Spooler Service Remote Code Execution Vulnerability(2347290)
3930| [901140] Microsoft Windows SMB Code Execution and DoS Vulnerabilities (982214)
3931| [901139] Microsoft Internet Explorer Multiple Vulnerabilities (2183461)
3932| [901119] Microsoft Windows OpenType Compact Font Format Driver Privilege Escalation Vulnerability (980218)
3933| [901102] Microsoft Windows Media Services Remote Code Execution Vulnerability (980858)
3934| [901097] Microsoft Internet Explorer Multiple Vulnerabilities (978207)
3935| [901095] Microsoft Embedded OpenType Font Engine Remote Code Execution Vulnerabilities (972270)
3936| [901069] Microsoft Office Project Remote Code Execution Vulnerability (967183)
3937| [901065] Microsoft Windows IAS Remote Code Execution Vulnerability (974318)
3938| [901064] Microsoft Windows ADFS Remote Code Execution Vulnerability (971726)
3939| [901063] Microsoft Windows LSASS Denial of Service Vulnerability (975467)
3940| [901048] Microsoft Windows Active Directory Denial of Service Vulnerability (973309)
3941| [901041] Microsoft Internet Explorer Multiple Code Execution Vulnerabilities (974455)
3942| [901012] Microsoft Windows Media Format Remote Code Execution Vulnerability (973812)
3943| [900973] Microsoft Office Word Remote Code Execution Vulnerability (976307)
3944| [900965] Microsoft Windows SMB2 Negotiation Protocol Remote Code Execution Vulnerability
3945| [900964] Microsoft .NET Common Language Runtime Code Execution Vulnerability (974378)
3946| [900963] Microsoft Windows Kernel Privilege Escalation Vulnerability (971486)
3947| [900957] Microsoft Windows Patterns & Practices EntLib DOS Vulnerability
3948| [900956] Microsoft Windows Patterns & Practices EntLib Version Detection
3949| [900929] Microsoft JScript Scripting Engine Remote Code Execution Vulnerability (971961)
3950| [900908] Microsoft Windows Message Queuing Privilege Escalation Vulnerability (971032)
3951| [900907] Microsoft Windows AVI Media File Parsing Vulnerabilities (971557)
3952| [900898] Microsoft Internet Explorer 'XSS Filter' XSS Vulnerabilities - Nov09
3953| [900897] Microsoft Internet Explorer PDF Information Disclosure Vulnerability - Nov09
3954| [900891] Microsoft Internet Denial Of Service Vulnerability - Nov09
3955| [900887] Microsoft Office Excel Multiple Vulnerabilities (972652)
3956| [900886] Microsoft Windows Kernel-Mode Drivers Multiple Vulnerabilities (969947)
3957| [900881] Microsoft Windows Indexing Service ActiveX Vulnerability (969059)
3958| [900880] Microsoft Windows ATL COM Initialization Code Execution Vulnerability (973525)
3959| [900879] Microsoft Windows Media Player ASF Heap Overflow Vulnerability (974112)
3960| [900878] Microsoft Products GDI Plus Code Execution Vulnerabilities (957488)
3961| [900877] Microsoft Windows LSASS Denial of Service Vulnerability (975467)
3962| [900876] Microsoft Windows CryptoAPI X.509 Spoofing Vulnerabilities (974571)
3963| [900873] Microsoft Windows DNS Devolution Third-Level Domain Name Resolving Weakness (971888)
3964| [900863] Microsoft Internet Explorer 'window.print()' DOS Vulnerability
3965| [900838] Microsoft Windows TCP/IP Remote Code Execution Vulnerability (967723)
3966| [900837] Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability (956844)
3967| [900836] Microsoft Internet Explorer Address Bar Spoofing Vulnerability
3968| [900826] Microsoft Internet Explorer 'location.hash' DOS Vulnerability
3969| [900814] Microsoft Windows WINS Remote Code Execution Vulnerability (969883)
3970| [900813] Microsoft Remote Desktop Connection Remote Code Execution Vulnerability (969706)
3971| [900809] Microsoft Visual Studio ATL Remote Code Execution Vulnerability (969706)
3972| [900808] Microsoft Visual Products Version Detection
3973| [900757] Microsoft Windows Media Player '.AVI' File DOS Vulnerability
3974| [900741] Microsoft Internet Explorer Information Disclosure Vulnerability Feb10
3975| [900740] Microsoft Windows Kernel Could Allow Elevation of Privilege (977165)
3976| [900690] Microsoft Virtual PC/Server Privilege Escalation Vulnerability (969856)
3977| [900689] Microsoft Embedded OpenType Font Engine Remote Code Execution Vulnerabilities (961371))
3978| [900670] Microsoft Office Excel Remote Code Execution Vulnerabilities (969462)
3979| [900589] Microsoft ISA Server Privilege Escalation Vulnerability (970953)
3980| [900588] Microsoft DirectShow Remote Code Execution Vulnerability (961373)
3981| [900568] Microsoft Windows Search Script Execution Vulnerability (963093)
3982| [900566] Microsoft Active Directory LDAP Remote Code Execution Vulnerability (969805)
3983| [900476] Microsoft Excel Remote Code Execution Vulnerabilities (968557)
3984| [900465] Microsoft Windows DNS Memory Corruption Vulnerability - Mar09
3985| [900461] Microsoft MSN Live Messneger Denial of Service Vulnerability
3986| [900445] Microsoft Autorun Arbitrary Code Execution Vulnerability (08-038)
3987| [900404] Microsoft Windows RTCP Unspecified Remote DoS Vulnerability
3988| [900400] Microsoft Internet Explorer Unicode String DoS Vulnerability
3989| [900391] Microsoft Office Publisher Remote Code Execution Vulnerability (969516)
3990| [900366] Microsoft Internet Explorer Web Script Execution Vulnerabilites
3991| [900365] Microsoft Office Word Remote Code Execution Vulnerabilities (969514)
3992| [900337] Microsoft Internet Explorer Denial of Service Vulnerability - Apr09
3993| [900336] Microsoft Windows Media Player MID File Integer Overflow Vulnerability
3994| [900328] Microsoft Internet Explorer Remote Code Execution Vulnerability (963027)
3995| [900314] Microsoft XML Core Service Information Disclosure Vulnerability
3996| [900303] Microsoft Internet Explorer HTML Form Value DoS Vulnerability
3997| [900299] Microsoft Report Viewer Information Disclosure Vulnerability (2578230)
3998| [900297] Microsoft Windows Kernel Denial of Service Vulnerability (2556532)
3999| [900296] Microsoft Windows TCP/IP Stack Denial of Service Vulnerability (2563894)
4000| [900295] Microsoft Windows DNS Server Remote Code Execution Vulnerability (2562485)
4001| [900294] Microsoft Data Access Components Remote Code Execution Vulnerabilities (2560656)
4002| [900288] Microsoft Distributed File System Remote Code Execution Vulnerabilities (2535512)
4003| [900287] Microsoft SMB Client Remote Code Execution Vulnerabilities (2536276)
4004| [900285] Microsoft Foundation Class (MFC) Library Remote Code Execution Vulnerability (2500212)
4005| [900282] Microsoft DNS Resolution Remote Code Execution Vulnerability (2509553)
4006| [900281] Microsoft IE Developer Tools WMITools and Windows Messenger ActiveX Control Vulnerability (2508272)
4007| [900280] Microsoft Windows SMB Server Remote Code Execution Vulnerability (2508429)
4008| [900279] Microsoft SMB Client Remote Code Execution Vulnerabilities (2511455)
4009| [900278] Microsoft Internet Explorer Multiple Vulnerabilities (2497640)
4010| [900273] Microsoft Remote Desktop Client Remote Code Execution Vulnerability (2508062)
4011| [900267] Microsoft Media Decompression Remote Code Execution Vulnerability (2447961)
4012| [900266] Microsoft Windows Movie Maker Could Allow Remote Code Execution Vulnerability (2424434)
4013| [900263] Microsoft Windows OpenType Compact Font Format Driver Privilege Escalation Vulnerability (2296199)
4014| [900262] Microsoft Internet Explorer Multiple Vulnerabilities (2416400)
4015| [900261] Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2293386)
4016| [900248] Microsoft Windows Movie Maker Could Allow Remote Code Execution Vulnerability (981997)
4017| [900246] Microsoft Media Decompression Remote Code Execution Vulnerability (979902)
4018| [900245] Microsoft Data Analyzer and IE Developer Tools ActiveX Control Vulnerability (980195)
4019| [900241] Microsoft Outlook Express and Windows Mail Remote Code Execution Vulnerability (978542)
4020| [900240] Microsoft Exchange and Windows SMTP Service Denial of Service Vulnerability (981832)
4021| [900237] Microsoft Windows Authentication Verification Remote Code Execution Vulnerability (981210)
4022| [900236] Microsoft Windows Kernel Could Allow Elevation of Privilege (979683)
4023| [900235] Microsoft Windows Media Player Could Allow Remote Code Execution (979402)
4024| [900232] Microsoft Windows Movie Maker Could Allow Remote Code Execution Vulnerability (975561)
4025| [900230] Microsoft Windows SMB Server Multiple Vulnerabilities (971468)
4026| [900229] Microsoft Data Analyzer ActiveX Control Vulnerability (978262)
4027| [900228] Microsoft Office (MSO) Remote Code Execution Vulnerability (978214)
4028| [900227] Microsoft Windows Shell Handler Could Allow Remote Code Execution Vulnerability (975713)
4029| [900223] Microsoft Ancillary Function Driver Elevation of Privilege Vulnerability (956803)
4030| [900192] Microsoft Internet Explorer Information Disclosure Vulnerability
4031| [900187] Microsoft Internet Explorer Argument Injection Vulnerability
4032| [900178] Microsoft Windows 'UnhookWindowsHookEx' Local DoS Vulnerability
4033| [900173] Microsoft Windows Media Player Version Detection
4034| [900172] Microsoft Windows Media Player 'MIDI' or 'DAT' File DoS Vulnerability
4035| [900170] Microsoft iExplorer '&NBSP
4036| [900131] Microsoft Internet Explorer Denial of Service Vulnerability
4037| [900125] Microsoft SQL Server 2000 sqlvdir.dll ActiveX Buffer Overflow Vulnerability
4038| [900120] Microsoft Organization Chart Remote Code Execution Vulnerability
4039| [900108] Microsoft Windows NSlookup.exe Remote Code Execution Vulnerability
4040| [900097] Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution
4041| [900095] Microsoft ISA Server and Forefront Threat Management Gateway DoS Vulnerability (961759)
4042| [900093] Microsoft DirectShow Remote Code Execution Vulnerability (961373)
4043| [900080] Vulnerabilities in Microsoft Office Visio Could Allow Remote Code Execution (957634)
4044| [900079] Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239)
4045| [900064] Vulnerability in Microsoft Office SharePoint Server Could Cause Elevation of Privilege (957175)
4046| [900063] Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173)
4047| [900061] Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070)
4048| [900058] Microsoft XML Core Services Remote Code Execution Vulnerability (955218)
4049| [900048] Microsoft Excel Remote Code Execution Vulnerability (956416)
4050| [900047] Microsoft Office nformation Disclosure Vulnerability (957699)
4051| [900046] Microsoft Office Remote Code Execution Vulnerabilities (955047)
4052| [900033] Microsoft PowerPoint Could Allow Remote Code Execution Vulnerabilities (949785)
4053| [900029] Microsoft Office Filters Could Allow Remote Code Execution Vulnerabilities (924090)
4054| [900028] Microsoft Excel Could Allow Remote Code Execution Vulnerabilities (954066)
4055| [900025] Microsoft Office Version Detection
4056| [900006] Microsoft Word Could Allow Remote Code Execution Vulnerability
4057| [900004] Microsoft Access Snapshot Viewer ActiveX Control Vulnerability
4058| [855384] Solaris Update for snmp/mibiisa 108870-36
4059| [855273] Solaris Update for snmp/mibiisa 108869-36
4060| [803028] Microsoft Internet Explorer Remote Code Execution Vulnerability (2757760)
4061| [803007] Microsoft Windows Minimum Certificate Key Length Spoofing Vulnerability (2661254)
4062| [802912] Microsoft Unauthorized Digital Certificates Spoofing Vulnerability (2728973)
4063| [802888] Microsoft Windows Media Service Handshake Sequence DoS Vulnerability
4064| [802886] Microsoft Sidebar and Gadgets Remote Code Execution Vulnerability (2719662)
4065| [802864] Microsoft XML Core Services Remote Code Execution Vulnerability (2719615)
4066| [802774] Microsoft VPN ActiveX Control Remote Code Execution Vulnerability (2695962)
4067| [802726] Microsoft SMB Signing Disabled
4068| [802708] Microsoft Internet Explorer Code Execution and DoS Vulnerabilities
4069| [802634] Microsoft Windows Unauthorized Digital Certificates Spoofing Vulnerability (2718704)
4070| [802500] Microsoft Windows TrueType Font Parsing Privilege Elevation Vulnerability
4071| [802468] Compatibility Issues Affecting Signed Microsoft Binaries (2749655)
4072| [802462] Microsoft ActiveSync Null Pointer Dereference Denial Of Service Vulnerability
4073| [802426] Microsoft Windows ActiveX Control Multiple Vulnerabilities (2647518)
4074| [802383] Microsoft Windows Color Control Panel Privilege Escalation Vulnerability
4075| [802379] Microsoft Windows Kernel 'win32k.sys' Memory Corruption Vulnerability
4076| [802287] Microsoft Internet Explorer Cache Objects History Information Disclosure Vulnerability
4077| [802286] Microsoft Internet Explorer Multiple Information Disclosure Vulnerabilities
4078| [802260] Microsoft Windows WINS Remote Code Execution Vulnerability (2524426)
4079| [802203] Microsoft Internet Explorer Cookie Hijacking Vulnerability
4080| [802202] Microsoft Internet Explorer Cookie Hijacking Vulnerability
4081| [802140] Microsoft Explorer HTTPS Sessions Multiple Vulnerabilities (Windows)
4082| [802136] Microsoft Windows Insecure Library Loading Vulnerability (2269637)
4083| [801991] Microsoft Windows SMB/NETBIOS NULL Session Authentication Bypass Vulnerability
4084| [801966] Microsoft Windows ActiveX Control Multiple Vulnerabilities (2562937)
4085| [801935] Microsoft Silverlight Multiple Memory Leak Vulnerabilities
4086| [801934] Microsoft Silverlight Version Detection
4087| [801914] Microsoft Windows IPv4 Default Configuration Security Bypass Vulnerability
4088| [801876] Microsoft Internet Explorer 'msxml.dll' Information Disclosure Vulnerability
4089| [801831] Microsoft Internet Explorer Incorrect GUI Display Vulnerability
4090| [801830] Microsoft Internet Explorer 'ReleaseInterface()' Remote Code Execution Vulnerability
4091| [801725] Microsoft Products GDI Plus Remote Code Execution Vulnerabilities (954593)
4092| [801721] Microsoft Active Directory Denial of Service Vulnerability (953235)
4093| [801719] Microsoft Windows CSRSS CSRFinalizeContext Local Privilege Escalation Vulnerability (930178)
4094| [801718] Microsoft Windows Vista Information Disclosure Vulnerability (931213)
4095| [801717] Microsoft Windows Vista Teredo Interface Firewall Bypass Vulnerability
4096| [801716] Microsoft Outlook Express/Windows Mail MHTML URI Handler Information Disclosure Vulnerability (929123)
4097| [801715] Microsoft XML Core Services Remote Code Execution Vulnerability (936227)
4098| [801713] Microsoft Outlook Express And Windows Mail NNTP Protocol Heap Buffer Overflow Vulnerability (941202)
4099| [801707] Microsoft Internet Explorer mshtml.dll Remote Memory Corruption Vulnerability (942615)
4100| [801706] Microsoft Windows TCP/IP Remote Code Execution Vulnerabilities (941644)
4101| [801705] Microsoft Windows TCP/IP Denial of Service Vulnerability (946456)
4102| [801704] Microsoft Internet Information Services Privilege Elevation Vulnerability (942831)
4103| [801702] Microsoft Internet Explorer HTML Rendering Remote Memory Corruption Vulnerability (944533)
4104| [801701] Microsoft Windows DNS Client Service Response Spoofing Vulnerability (945553)
4105| [801677] Microsoft WMI Administrative Tools ActiveX Control Remote Code Execution Vulnerabilities
4106| [801606] Microsoft Internet Explorer 'mshtml.dll' Information Disclosure Vulnerability
4107| [801598] Microsoft Windows2k3 Active Directory 'BROWSER ELECTION' Buffer Overflow Vulnerability
4108| [801597] Microsoft Office Excel 2003 Invalid Object Type Remote Code Execution Vulnerability
4109| [801596] Microsoft Excel 2007 Office Drawing Layer Remote Code Execution Vulnerability
4110| [801595] Microsoft Office Excel Axis and Art Object Parsing Remote Code Execution Vulnerabilities
4111| [801594] Microsoft PowerPoint 2007 OfficeArt Atom Remote Code Execution Vulnerability
4112| [801580] Microsoft Windows Fax Cover Page Editor BOF Vulnerabilities
4113| [801527] Microsoft Windows 32-bit Platforms Unspecified vulnerabilities
4114| [801491] Microsoft 'hxvz.dll' ActiveX Control Memory Corruption Vulnerability (948881)
4115| [801489] Microsoft Office Graphics Filters Remote Code Execution Vulnerabilities (968095)
4116| [801488] Microsoft Internet Explorer Data Stream Handling Remote Code Execution Vulnerability (947864)
4117| [801487] Microsoft Windows Kernel Usermode Callback Local Privilege Elevation Vulnerability (941693)
4118| [801486] Microsoft Windows Speech Components Voice Recognition Command Execution Vulnerability (950760)
4119| [801485] Microsoft Pragmatic General Multicast (PGM) Denial of Service Vulnerability (950762)
4120| [801484] Microsoft Windows IPsec Policy Processing Information Disclosure Vulnerability (953733)
4121| [801483] Microsoft Windows Search Remote Code Execution Vulnerability (959349)
4122| [801482] Microsoft Windows ASP.NET Denial of Service Vulnerability(970957)
4123| [801481] Microsoft Wireless LAN AutoConfig Service Remote Code Execution Vulnerability (970710)
4124| [801480] Microsoft Web Services on Devices API Remote Code Execution Vulnerability (973565)
4125| [801479] Microsoft Windows TCP/IP Could Allow Remote Code Execution (974145)
4126| [801457] Microsoft Windows Address Book Insecure Library Loading Vulnerability
4127| [801456] Microsoft Windows Progman Group Converter Insecure Library Loading Vulnerability
4128| [801349] Microsoft Internet Explorer 'IFRAME' Denial Of Service Vulnerability (June-10)
4129| [801348] Microsoft Internet Explorer 'IFRAME' Denial Of Service Vulnerability -june 10
4130| [801345] Microsoft .NET 'ASP.NET' Cross-Site Scripting vulnerability
4131| [801344] Microsoft .NET '__VIEWSTATE' Cross-Site Scripting vulnerability
4132| [801342] Microsoft ASP.NET Cross-Site Scripting vulnerability
4133| [801333] Microsoft Windows Kernel 'win32k.sys' Multiple DOS Vulnerabilities
4134| [801330] Microsoft Internet Explorer Cross Site Data Leakage Vulnerability
4135| [801109] Microsoft IE CA SSL Certificate Security Bypass Vulnerability - Oct09
4136| [801090] Microsoft Windows Indeo Codec Multiple Vulnerabilities
4137| [800968] Microsoft SharePoint Team Services Information Disclosure Vulnerability
4138| [800910] Microsoft Internet Explorer Buffer Overflow Vulnerability - Jul09
4139| [800902] Microsoft Internet Explorer XSS Vulnerability - July09
4140| [800872] Microsoft Internet Explorer 'li' Element DoS Vulnerability - Sep09
4141| [800863] Microsoft Internet Explorer XML Document DoS Vulnerability - Aug09
4142| [800862] Microsoft Windows Kernel win32k.sys Privilege Escalation Vulnerability
4143| [800861] Microsoft Internet Explorer 'findText()' Unicode Parsing DoS Vulnerability
4144| [800845] Microsoft Office Web Components ActiveX Control Code Execution Vulnerability
4145| [800829] Microsoft Video ActiveX Control 'msvidctl.dll' BOF Vulnerability
4146| [800742] Microsoft Internet Explorer Unspecified vulnerability
4147| [800700] Microsoft GDIPlus PNG Infinite Loop Vulnerability
4148| [800687] Microsoft Windows Server 2003 OpenType Font Engine DoS Vulnerability
4149| [800669] Microsoft Internet Explorer Denial Of Service Vulnerability - July09
4150| [800577] Microsoft Windows Server 2003 win32k.sys DoS Vulnerability
4151| [800505] Microsoft HTML Help Workshop buffer overflow vulnerability
4152| [800504] Microsoft Windows XP SP3 denial of service vulnerability
4153| [800481] Microsoft SharePoint Cross Site Scripting Vulnerability
4154| [800480] Microsoft Windows Media Player '.mpg' Buffer Overflow Vulnerability
4155| [800466] Microsoft Windows TLS/SSL Spoofing Vulnerability (977377)
4156| [800461] Microsoft Internet Explorer Information Disclosure Vulnerability (980088)
4157| [800442] Microsoft Windows GP Trap Handler Privilege Escalation Vulnerability
4158| [800429] Microsoft Internet Explorer Remote Code Execution Vulnerability (979352)
4159| [800382] Microsoft PowerPoint File Parsing Remote Code Execution Vulnerability (967340)
4160| [800347] Microsoft Internet Explorer Clickjacking Vulnerability
4161| [800343] Microsoft Word 2007 Sensitive Information Disclosure Vulnerability
4162| [800337] Microsoft Internet Explorer NULL Pointer DoS Vulnerability
4163| [800332] Microsoft Windows Live Messenger Information Disclosure Vulnerability
4164| [800331] Microsoft Windows Live Messenger Client Version Detection
4165| [800328] Integer Overflow vulnerability in Microsoft Windows Media Player
4166| [800310] Microsoft Windows Media Services nskey.dll ActiveX BOF Vulnerability
4167| [800267] Microsoft GDIPlus Library File Integer Overflow Vulnerability
4168| [800218] Microsoft Money 'prtstb06.dll' Denial of Service vulnerability
4169| [800217] Microsoft Money Version Detection
4170| [800209] Microsoft Internet Explorer Version Detection (Win)
4171| [800208] Microsoft Internet Explorer Anti-XSS Filter Vulnerabilities
4172| [800083] Microsoft Outlook Express Malformed MIME Message DoS Vulnerability
4173| [800082] Microsoft SQL Server sp_replwritetovarbin() BOF Vulnerability
4174| [800023] Microsoft Windows Image Color Management System Code Execution Vulnerability (952954)
4175| [103254] Microsoft SharePoint Server 2007 '_layouts/help.aspx' Cross Site Scripting Vulnerability
4176| [102059] Microsoft Windows Vector Markup Language Buffer Overflow (938127)
4177| [102055] Microsoft Windows GDI Multiple Vulnerabilities (925902)
4178| [102053] Microsoft Windows Vector Markup Language Vulnerabilities (929969)
4179| [102015] Microsoft RPC Interface Buffer Overrun (KB824146)
4180| [101100] Vulnerabilities in Microsoft ATL Could Allow Remote Code Execution (973908)
4181| [101017] Microsoft MS03-018 security check
4182| [101016] Microsoft MS03-022 security check
4183| [101015] Microsoft MS03-034 security check
4184| [101014] Microsoft MS00-078 security check
4185| [101012] Microsoft MS03-051 security check
4186| [101010] Microsoft Security Bulletin MS05-004
4187| [101009] Microsoft Security Bulletin MS06-033
4188| [101007] Microsoft dotNET version grabber
4189| [101006] Microsoft Security Bulletin MS06-056
4190| [101005] Microsoft Security Bulletin MS07-040
4191| [101004] Microsoft MS04-017 security check
4192| [101003] Microsoft MS00-058 security check
4193| [101000] Microsoft MS00-060 security check
4194| [100950] Microsoft DNS server internal hostname disclosure detection
4195| [100624] Microsoft Windows SMTP Server DNS spoofing vulnerability
4196| [100607] Microsoft SMTP Service and Exchange Routing Engine Buffer Overflow Vulnerability
4197| [100596] Microsoft Windows SMTP Server MX Record Denial of Service Vulnerability
4198| [100283] Microsoft Windows SMB2 '_Smb2ValidateProviderCallback()' Remote Code Execution Vulnerability
4199| [100062] Microsoft Remote Desktop Protocol Detection
4200| [90024] Windows Vulnerability in Microsoft Jet Database Engine
4201| [80007] Microsoft MS00-06 security check
4202| [13752] Denial of Service (DoS) in Microsoft SMS Client
4203| [11992] Vulnerability in Microsoft ISA Server 2000 H.323 Filter(816458)
4204| [11874] IIS Service Pack - 404
4205| [11808] Microsoft RPC Interface Buffer Overrun (823980)
4206| [11433] Microsoft ISA Server DNS - Denial Of Service (MS03-009)
4207| [11217] Microsoft's SQL Version Query
4208| [11177] Flaw in Microsoft VM Could Allow Code Execution (810030)
4209| [11146] Microsoft RDP flaws could allow sniffing and DOS(Q324380)
4210| [11142] IIS XSS via IDC error
4211| [11067] Microsoft's SQL Hello Overflow
4212| [11003] IIS Possible Compromise
4213| [10993] IIS ASP.NET Application Trace Enabled
4214| [10991] IIS Global.asa Retrieval
4215| [10936] IIS XSS via 404 error
4216| [10862] Microsoft's SQL Server Brute Force
4217| [10755] Microsoft Exchange Public Folders Information Leak
4218| [10732] IIS 5.0 WebDav Memory Leakage
4219| [10699] IIS FrontPage DoS II
4220| [10695] IIS .IDA ISAPI filter applied
4221| [10674] Microsoft's SQL UDP Info Query
4222| [10673] Microsoft's SQL Blank Password
4223| [10671] IIS Remote Command Execution
4224| [10667] IIS 5.0 PROPFIND Vulnerability
4225| [10661] IIS 5 .printer ISAPI filter applied
4226| [10657] NT IIS 5.0 Malformed HTTP Printer Request Header Buffer Overflow Vulnerability
4227| [10585] IIS FrontPage DoS
4228| [10576] Check for dangerous IIS default files
4229| [10575] Check for IIS .cnf file leakage
4230| [10573] IIS 5.0 Sample App reveals physical path of web root
4231| [10572] IIS 5.0 Sample App vulnerable to cross-site scripting attack
4232| [10537] IIS directory traversal
4233| [10492] IIS IDA/IDQ Path Disclosure
4234| [10491] ASP/ASA source using Microsoft Translate f: bug
4235| [10144] Microsoft SQL TCP/IP listener is running
4236|
4237| SecurityTracker - https://www.securitytracker.com:
4238| [1024070] Microsoft Internet Explorer 8 Developer Tools ActiveX Control Memory Corruption Error Lets Remote Users Execute Arbitrary Code
4239| [1027751] Microsoft Internet Information Server (IIS) FTP Server Lets Remote Users Obtain Files and Local Users Obtain Passwords
4240| [1027223] Microsoft IIS Web Server Discloses Potentially Sensitive Information to Remote Users
4241| [1024921] Microsoft IIS FTP Server Lets Remote Users Deny Service
4242| [1024496] Microsoft Internet Information Server (IIS) Web Server Stack Overflow in Reading POST Data Lets Remote Users Deny Service
4243| [1023387] Microsoft Internet Information Services (IIS) Filename Extension Parsing Configuration Error May Let Users Bypass Security Controls
4244| [1022792] Microsoft Internet Information Server (IIS) FTP Server Buffer Overflows Let Remote Authenticated Users Execute Arbitrary Code and Deny Service
4245| [1016466] Microsoft Internet Information Server (IIS) Buffer Overflow in Processing ASP Pages Lets Remote Authenticated Users Execute Arbitrary Code
4246| [1015376] Microsoft IIS Lets Remote Users Deny Service or Execute Arbitrary Code With Malformed HTTP GET Requests
4247| [1015049] Microsoft Internet Explorer Drag-and-Drop Timing May Let Remote Users Install Arbitrary Files
4248| [1014777] Microsoft IIS ASP Error Page May Disclose System Information in Certain Cases
4249| [1011633] Microsoft IIS WebDAV XML Message Handler Error Lets Remote Users Deny Service
4250| [1010692] Microsoft IIS 4.0 Buffer Overflow in Redirect Function Lets Remote Users Execute Arbitrary Code
4251| [1010610] Microsoft IIS Web Server May Disclose Private IP Addresses in Certain Cases
4252| [1010079] Microsoft IIS ASP Script Cookie Processing Flaw May Disclose Application Information to Remote Users
4253| [1008563] Microsoft IIS Fails to Log HTTP TRACK Requests
4254| [1007262] Microsoft IIS 6.0 Vulnerabilities Permit Cross-Site Scripting and Password Changing Attacks Against Administrators
4255| [1007059] Microsoft Windows Media Services (nsiislog.dll) Extension to Internet Information Server (IIS) Has Another Buffer Overflow That Lets Remote Execute Arbitrary Code
4256| [1006867] Microsoft IIS Buffer Overflow Lets Remote Users With Upload Privileges Execute Code - Remote Users Can Also Crash the Service
4257| [1006866] Microsoft Windows Media Services (nsiislog.dll) Extension to Internet Information Server (IIS) Lets Remote Execute Arbitrary Code
4258| [1006704] Microsoft IIS Authentication Manager Discloses Validity of User Names to Remote Users
4259| [1006305] Microsoft IIS Web Server WebDAV Buffer Overflow Lets Remote Users Execute Arbitrary Code
4260| [1005505] Microsoft Internet Information Server (IIS) Script Access Control Bug May Let Remote Authenticated Users Upload Unauthorized Executable Files
4261| [1005504] Microsoft Internet Information Server (IIS) WebDAV Memory Allocation Flaw Lets Remote Users Crash the Server
4262| [1005503] Microsoft Internet Information Server (IIS) Administrative Pages Allow Cross-Site Scripting Attacks
4263| [1005502] Microsoft Internet Information Server (IIS) Out-of-Process Access Control Bug Lets Certain Authenticated Users Gain Full Control of the Server
4264| [1005083] Microsoft Internet Information Server (IIS) Web Server Fails to Properly Validate Client-side Certificates, Allowing Remote Users to Impersonate Other Users or Certificate Issuers
4265| [1004757] Microsoft IIS SMTP Service Encapsulation Bug Lets Remote Users Relay Mail and Send SPAM Via the Service
4266| [1004646] ColdFusion MX Buffer Overflow When Used With Microsoft Internet Information Server (IIS) Lets Remote Users Crash the IIS Web Server or Execute Arbitrary Code
4267| [1004526] Microsoft Internet Information Server (IIS) Heap Overflow in HTR ISAPI Extension While Processing Chunked Encoded Data Lets Remote Users Execute Arbitrary Code
4268| [1004044] Cisco CallManager Affected by Microsoft Internet Information Server (IIS) Bugs
4269| [1004032] Microsoft Internet Information Server (IIS) FTP STAT Command Bug Lets Remote Users Crash Both the FTP and the Web Services
4270| [1004031] Microsoft Internet Information Server (IIS) URL Length Bug Lets Remote Users Crash the Web Service
4271| [1004011] Microsoft Internet Information Server (IIS) Buffer Overflow in ASP Server-Side Include Function May Let Remote Users Execute Arbitrary Code on the Web Server
4272| [1004006] Microsoft Internet Information Server (IIS) Off-By-One Heap Overflow in .HTR Processing May Let Remote Users Execute Arbitrary Code on the Server
4273| [1003224] Microsoft Internet Information Server (IIS) Version 4 Lets Local Users Modify the Log File Undetected
4274| [1002778] Microsoft Internet Information Server (IIS) Lets Remote Users Create Bogus Web Log Entries
4275| [1002733] Microsoft IIS 4.0 Configuration Error May Allow Remote Users to Obtain Physical Directory Path Information
4276| [1002651] Microsoft Internet Information Server (IIS) May Disclose PHP Scripting Source Code
4277| [1002212] Microsoft IIS Web Server Contains Multiple Vulnerabilities That Allow Local Users to Gain System Privileges and Allow Remote Users to Cause the Web Server to Crash
4278| [1002161] Microsoft Internet Information Server (IIS) Web Server Discloses Internal IP Addresses or NetBIOS Host Names to Remote Users
4279| [1001818] Microsoft Internet Information Server (IIS) Web Server Discloses ASP Source Code When Installed on FAT-based Filesystem
4280| [1001576] eEye Digital Security's SecureIIS Application Firewall for Microsoft Web Servers Fails to Filter Certain Web URL Characters, Allowing Remote Users to Bypass the SecureIIS Firewall
4281| [1001565] Microsoft IIS Web Server on Windows 2000 Allows Remote Users to Cause the Server to Consume All Available Memory Due to Memory Leak in WebDAV Lock Method
4282| [1001530] Microsoft IIS Web Server Allows Remote Users to Execute Commands on the Server Due to CGI Decoding Error
4283| [1001483] Microsoft IIS Web Server Lets Remote Users Restart the Web Server with Another Specially Crafted PROPFIND XML Command
4284| [1001464] Microsoft Internet Information Server IIS 5.0 for Windows 2000 Lets Remote Users Execute Arbitrary Code on the Server and Gain Control of the Server
4285| [1001402] Microsoft IIS Web Server Can Be Effectively Shutdown By Certain Internal-Network Attacks When The Underlying OS Supports User Account Lockouts
4286| [1001116] Microsoft Personal Web Server Contains An Old Internet Information Server (IIS) Vulnerability Allowing Unauthorized Directory Listings and Possible Code Execution For Remote Users
4287| [1001050] Microsoft IIS 5.0 Web Server Can Be Restarted Remotely By Any User
4288|
4289| OSVDB - http://www.osvdb.org:
4290| [91269] Microsoft Windows 8 TrueType Font (TTF) Handling Unspecified DoS
4291| [65218] Microsoft IE 8 Developer Tools ActiveX Remote Code Execution
4292| [87555] Adobe ColdFusion for Microsoft IIS Unspecified DoS
4293| [87262] Microsoft IIS FTP Command Injection Information Disclosure
4294| [87261] Microsoft IIS Log File Permission Weakness Local Password Disclosure
4295| [86899] Microsoft IIS 302 Redirect Message Internal IP Address Remote Disclosure
4296| [83771] Microsoft IIS Tilde Character Request Parsing File / Folder Name Information Disclosure
4297| [83454] Microsoft IIS ODBC Tool ctguestb.idc Unauthenticated Remote DSN Initialization
4298| [83386] Microsoft IIS Non-existent IDC File Request Web Root Path Disclosure
4299| [82848] Microsoft IIS $INDEX_ALLOCATION Data Stream Request Authentication Bypass
4300| [76237] Microsoft Forefront Unified Access Gateway IIS NULL Session Cookie Parsing Remote DoS
4301| [71856] Microsoft IIS Status Header Handling Remote Overflow
4302| [70167] Microsoft IIS FTP Server Telnet IAC Character Handling Overflow
4303| [67980] Microsoft IIS Unspecified Remote Directory Authentication Bypass
4304| [67979] Microsoft IIS FastCGI Request Header Handling Remote Overflow
4305| [67978] Microsoft IIS Repeated Parameter Request Unspecified Remote DoS
4306| [66160] Microsoft IIS Basic Authentication NTFS Stream Name Permissions Bypass
4307| [65216] Microsoft IIS Extended Protection for Authentication Memory Corruption
4308| [62229] Microsoft IIS Crafted DNS Response Inverse Lookup Log Corruption XSS
4309| [61432] Microsoft IIS Colon Safe Extension NTFS ADS Filename Syntax Arbitrary Remote File Creation
4310| [61294] Microsoft IIS ASP Crafted semicolon Extension Security Bypass
4311| [61249] Microsoft IIS ctss.idc table Parameter SQL Injection
4312| [59892] Microsoft IIS Malformed Host Header Remote DoS
4313| [59621] Microsoft IIS CodeBrws.asp Off-By-One File Check Bypass Source Disclosure
4314| [59561] Microsoft IIS CodeBrws.asp Encoded Traversal Arbitrary File Source Disclosure
4315| [59360] Microsoft IIS ASP Page Visual Basic Script Malformed Regex Parsing DoS
4316| [57753] Microsoft IIS FTP Server Crafted Recursive Listing Remote DoS
4317| [57589] Microsoft IIS FTP Server NLST Command Remote Overflow
4318| [56474] Microsoft IIS WebDAV Extension URL Decode Crafted HTTP Request Authentication Bypass
4319| [55269] Microsoft IIS Traversal GET Request Remote DoS
4320| [54555] Microsoft IIS WebDAV Unicode URI Request Authentication Bypass
4321| [52924] Microsoft IIS WebDAV PROPFIND Method Forced Directory Listing
4322| [52680] Microsoft IIS httpext.dll WebDav LOCK Method Nonexistent File Request Parsing Memory Exhaustion Remote DoS
4323| [52238] Microsoft IIS IDC Extension XSS
4324| [49899] Microsoft IIS iissext.dll Unspecified ActiveX SetPassword Method Remote Password Manipulation
4325| [49730] Microsoft IIS ActiveX (adsiis.dll) GetObject Method Remote DoS
4326| [49059] Microsoft IIS IPP Service Unspecified Remote Overflow
4327| [45583] Microsoft IIS w/ Visual Interdev Unspecified Authentication Bypass
4328| [43451] Microsoft IIS HTTP Request Smuggling
4329| [41456] Microsoft IIS File Change Handling Local Privilege Escalation
4330| [41445] Microsoft IIS ASP Web Page Input Unspecified Arbitrary Code Execution
4331| [41091] Microsoft IIS webhits.dll Hit-Highlighting Authentication Bypass
4332| [41063] Microsoft IIS ODBC Tool newdsn.exe Remote DSN Creation
4333| [41057] Microsoft IIS w/ .NET MS-DOS Device Request Blacklist Bypass
4334| [35950] Microsoft IIS IUSR_Machine Account Arbitrary Non-EXE Command Execution
4335| [33457] Microsoft IIS Crafted TCP Connection Range Header DoS
4336| [28260] Microsoft IIS FrontPage Server Extensions (FPSE) shtml.exe Path Disclosure
4337| [27152] Microsoft Windows IIS ASP Page Processing Overflow
4338| [27087] Microsoft IIS SMTP Encapsulated SMTP Address Open Relay
4339| [23590] Microsoft IIS Traversal Arbitrary FPSE File Access
4340| [21805] Microsoft IIS Crafted URL Remote DoS
4341| [21537] Microsoft IIS Log File Permission Weakness Remote Modification
4342| [18926] Microsoft IIS SERVER_NAME Variable Spoofing Filter Bypass
4343| [17124] Microsoft IIS Malformed WebDAV Request DoS
4344| [17123] Microsoft IIS Multiple Unspecified Admin Pages XSS
4345| [17122] Microsoft IIS Permission Weakness .COM File Upload
4346| [15749] Microsoft IIS / Site Server code.asp Arbitrary File Access
4347| [15342] Microsoft IIS Persistent FTP Banner Information Disclosure
4348| [14229] Microsoft IIS asp.dll Scripting.FileSystemObject Malformed Program DoS
4349| [13985] Microsoft IIS Malformed HTTP Request Log Entry Spoofing
4350| [13760] Microsoft IIS Malformed URL Request DoS
4351| [13759] Microsoft IIS ISAPI .ASP Parser Script Tag LANGUAGE Argument Overflow
4352| [13634] Microsoft IIS Inetinfo.exe Malformed Long Mail File Name DoS
4353| [13558] Microsoft IIS SSL Request Resource Exhaustion DoS
4354| [13507] Microsoft IIS showfile.asp FileSystemObject Arbitrary File Access
4355| [13479] Microsoft IIS for Far East Parsed Page Source Disclosure
4356| [13473] Microsoft IIS on FAT Partition Local ASP Source Disclosure
4357| [13439] Microsoft IIS HTTP Request Malformed Content-Length Parsing Remote DoS
4358| [13433] Microsoft IIS WebDAV MKCOL Method Location Server Header Internal IP Disclosure
4359| [13432] Microsoft IIS WebDAV WRITE Location Server Header Internal IP Disclosure
4360| [13431] Microsoft IIS WebDAV Malformed PROPFIND Request Internal IP Disclosure
4361| [13430] Microsoft IIS aexp4.htr Password Policy Bypass
4362| [13429] Microsoft IIS aexp3.htr Password Policy Bypass
4363| [13428] Microsoft IIS aexp2b.htr Password Policy Bypass
4364| [13427] Microsoft IIS aexp2.htr Password Policy Bypass
4365| [13426] Microsoft IIS NTLM Authentication Request Parsing Remote Information Disclosure
4366| [13385] Microsoft IIS WebDAV Long PROPFIND/SEARCH Request DoS
4367| [11455] Microsoft IIS / PWS DOS Filename Request Access Bypass
4368| [11452] Microsoft IIS Double Byte Code Arbitrary Source Disclosure
4369| [11277] Microsoft IIS SSL ISAPI Filter Cleartext Information Disclosure
4370| [11257] Microsoft IIS Malformed GET Request DoS
4371| [11157] Microsoft IIS FTP Service PASV Connection Saturation DoS
4372| [11101] Microsoft IIS Multiple Slash ASP Page Request DoS
4373| [9315] Microsoft IIS getdrvs.exe ODBC Sample Information Disclosure
4374| [9314] Microsoft IIS mkilog.exe ODBC Sample Arbitrary Command Execution
4375| [9200] Microsoft IIS Unspecified XSS Variant
4376| [9199] Microsoft IIS shtml.dll XSS
4377| [8098] Microsoft IIS Virtual Directory ASP Source Disclosure
4378| [7807] Microsoft IIS ISAPI Virtual Directory UNC Mapping ASP Source Disclosure
4379| [7737] Microsoft IIS ASP Redirection Function XSS
4380| [7265] Microsoft IIS .ASP Session ID Disclosure and Hijacking
4381| [5851] Microsoft IIS Single Dot Source Code Disclosure
4382| [5736] Microsoft IIS Relative Path System Privilege Escalation
4383| [5693] Microsoft MS00-060 Patch IIS Malformed Request DoS
4384| [5633] Microsoft IIS Invalid WebDAV Request DoS
4385| [5606] Microsoft IIS WebDAV PROPFIND Request DoS
4386| [5584] Microsoft IIS URL Redirection Malformed Length DoS
4387| [5566] Microsoft IIS Form_VBScript.asp XSS
4388| [5316] Microsoft IIS ISAPI HTR Chunked Encoding Overflow
4389| [4864] Microsoft IIS TRACK Logging Failure
4390| [4863] Microsoft IIS Active Server Page Header DoS
4391| [4791] Microsoft IIS Response Object DoS
4392| [4655] Microsoft IIS ssinc.dll Long Filename Overflow
4393| [4535] Microsoft Media Services ISAPI nsiislog.dll POST Overflow
4394| [3512] Microsoft IIS ODBC Tool getdrvrs.exe Remote DSN Creation
4395| [3500] Microsoft IIS fpcount.exe Remote Overflow
4396| [3341] Microsoft IIS Redirect Response XSS
4397| [3339] Microsoft IIS HTTP Error Page XSS
4398| [3338] Microsoft IIS Help File XSS
4399| [3328] Microsoft IIS FTP Status Request DoS
4400| [3326] Microsoft IIS w3svc.dll ISAPI Filter URL Handling Remote DoS
4401| [3325] Microsoft IIS HTR ISAPI Overflow
4402| [3323] Microsoft IIS ISAPI .printer Extension Host Header Overflow
4403| [3320] Microsoft IIS ASP Server-Side Include Buffer Overflow
4404| [3316] Microsoft IIS HTTP Header Field Delimiter Overflow
4405| [3301] Microsoft IIS ASP Chunked Encoding Variant Heap Overflow
4406| [3284] Microsoft IIS Winmsdp.exe Arbitrary File Retrieval
4407| [3231] Microsoft IIS Log Bypass
4408| [2106] Microsoft Media Services ISAPI nsiislog.dll Overflow
4409| [1931] Microsoft IIS MIME Content-Type Header DoS
4410| [1930] Microsoft IIS SSI ssinc.dll Filename Handling Overflow
4411| [1826] Microsoft IIS Domain Guest Account Disclosure
4412| [1824] Microsoft IIS FTP DoS
4413| [1804] Microsoft IIS Long Request Parsing Remote DoS
4414| [1770] Microsoft IIS WebDAV Malformed PROPFIND Request Remote DoS
4415| [1750] Microsoft IIS File Fragment Disclosure
4416| [1543] Microsoft NT/IIS Invalid URL Request DoS
4417| [1504] Microsoft IIS File Permission Canonicalization Bypass
4418| [1465] Microsoft IIS .htr Missing Variable DoS
4419| [1325] Microsoft IIS Malformed Filename Request File Fragment Disclosure
4420| [1322] Microsoft IIS Malformed .htr Request DoS
4421| [1281] Microsoft IIS Escaped Character Saturation Remote DoS
4422| [1261] Microsoft IIS Chunked Transfer Encoding Remote Overflow DoS
4423| [1210] Microsoft IIS WebHits.dll ISAPI Filter Traversal Arbitrary File Access
4424| [1170] Microsoft IIS Escape Character URL Access Bypass
4425| [1083] Microsoft IIS FTP NO ACCESS Read/Delete File
4426| [1082] Microsoft IIS Domain Resolution Access Bypass
4427| [1041] Microsoft IIS Malformed HTTP Request Header DoS
4428| [1020] Microsoft IIS ISAPI GetExtensionVersion() Privilege Escalation
4429| [930] Microsoft IIS Shared ASP Cache Information Disclosure
4430| [929] Microsoft IIS FTP Server NLST Command Overflow
4431| [928] Microsoft IIS Long Request Log Evasion
4432| [815] Microsoft IIS ASP.NET trace.axd Application Tracing Information Disclosure
4433| [814] Microsoft IIS global.asa Remote Information Disclosure
4434| [782] Microsoft IIS / Site Server codebrws.asp Arbitrary File Access
4435| [771] Microsoft IIS Hosting Process (dllhost.exe) Out of Process Application Unspecified Privilege Escalation
4436| [768] Microsoft IIS ASP Chunked Encoding Heap Overflow
4437| [636] Microsoft IIS sqlqhit.asp Sample Script CiScope Parameter Information Disclosure
4438| [630] Microsoft IIS Multiple Malformed Header Field Internal IP Address Disclosure
4439| [568] Microsoft IIS idq.dll IDA/IDQ ISAPI Remote Overflow
4440| [564] Microsoft IIS ISM.dll Fragmented Source Disclosure
4441| [556] Microsoft IIS/PWS Encoded Filename Arbitrary Command Execution
4442| [525] Microsoft IIS Webserver Invalid Filename Request Arbitrary Command Execution
4443| [482] Microsoft IIS FrontPage Server Extensions (FPSE) Malformed Form DoS
4444| [475] Microsoft IIS bdir.htr Arbitrary Directory Listing
4445| [474] Microsoft IIS / Site Server viewcode.asp Arbitrary File Access
4446| [473] Microsoft IIS Multiple .cnf File Information Disclosure
4447| [471] Microsoft IIS ServerVariables_Jscript.asp Path Disclosure
4448| [470] Microsoft IIS Form_JScript.asp XSS
4449| [463] Microsoft IIS Phone Book Service /pbserver/pbserver.dll Remote Overflow
4450| [436] Microsoft IIS Unicode Remote Command Execution
4451| [425] Microsoft IIS WebDAV SEARCH Method Arbitrary Directory Forced Listing
4452| [391] Microsoft IIS IDA/IDQ Document Root Path Disclosure
4453| [390] Microsoft IIS Translate f: Request ASP Source Disclosure
4454| [308] Microsoft IIS Malformed File Extension URL DoS
4455| [285] Microsoft IIS repost.asp File Upload
4456| [284] Microsoft IIS IISADMPWD Virtual Directory Information Enumeration
4457| [283] Microsoft IIS /iissamples Multiple Sample Scripts Installed
4458| [277] Microsoft IIS / PWS %2e Request ASP Source Disclosure
4459| [276] Microsoft IIS ASP::$DATA Stream Request ASP Source Disclosure
4460| [275] Microsoft IIS newdsn.exe Remote Arbitrary File Creation
4461| [274] Microsoft IIS ctss.idc ODBC Sample Arbitrary Command Execution
4462| [273] Microsoft IIS Upgrade ism.dll Local Privilege Escalation
4463| [272] Microsoft IIS MDAC RDS Arbitrary Remote Command Execution
4464| [271] Microsoft IIS WebHits null.htw .asp Source Disclosure
4465| [98] Microsoft IIS perl.exe HTTP Path Disclosure
4466| [97] Microsoft IIS ISM.DLL HTR Request Overflow
4467| [96] Microsoft IIS idq.dll Traversal Arbitrary File Access
4468| [7] Microsoft IIS / Site Server showcode.asp source Parameter Traversal Arbitrary File Access
4469| [4] Microsoft IIS ExAir advsearch.asp Direct Request Remote DoS
4470| [3] Microsoft IIS ExAir query.asp Direct Request Remote DoS
4471| [2] Microsoft IIS ExAir search.asp Direct Request DoS
4472|_
4473Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
4474Device type: general purpose
4475Running (JUST GUESSING): Microsoft Windows 2012 (89%)
4476OS CPE: cpe:/o:microsoft:windows_server_2012
4477Aggressive OS guesses: Microsoft Windows Server 2012 (89%), Microsoft Windows Server 2012 or Windows Server 2012 R2 (89%), Microsoft Windows Server 2012 R2 (89%)
4478No exact OS matches for host (test conditions non-ideal).
4479Uptime guess: 49.676 days (since Sat Oct 12 07:11:32 2019)
4480Network Distance: 15 hops
4481TCP Sequence Prediction: Difficulty=262 (Good luck!)
4482IP ID Sequence Generation: Incremental
4483Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
4484
4485TRACEROUTE (using port 80/tcp)
4486HOP RTT ADDRESS
44871 36.87 ms 10.244.204.1
44882 59.01 ms vlan102.as04.qc1.ca.m247.com (176.113.74.145)
44893 59.05 ms irb-0.agg2.qc1.ca.m247.com (83.97.21.80)
44904 59.04 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
44915 59.01 ms ix-xe-11-1-1-0.tcore1.w6c-montreal.as6453.net (66.198.96.98)
44926 139.13 ms if-ae-12-2.tcore1.mtt-montreal.as6453.net (64.86.31.26)
44937 139.09 ms if-ae-0-2.tcore2.mtt-montreal.as6453.net (216.6.115.90)
44948 139.14 ms if-ae-5-2.tcore2.n0v-new-york.as6453.net (64.86.226.58)
44959 157.02 ms if-ae-4-2.tcore2.l78-london.as6453.net (80.231.131.157)
449610 120.51 ms if-ae-9-2.tcore2.wyn-marseille.as6453.net (80.231.200.13)
449711 134.26 ms if-ae-2-2.tcore1.wyn-marseille.as6453.net (80.231.217.1)
449812 185.01 ms 80.231.217.99
449913 ...
450014 244.18 ms 212.26.63.252
450115 272.79 ms 212.138.117.71
4502
4503NSE: Script Post-scanning.
4504Initiating NSE at 22:24
4505Completed NSE at 22:24, 0.00s elapsed
4506Initiating NSE at 22:24
4507Completed NSE at 22:24, 0.00s elapsed
4508#######################################################################################################################################
4509------------------------------------------------------------------------------------------------------------------------
4510
4511[ ! ] Starting SCANNER INURLBR 2.1 at [30-11-2019 22:24:47]
4512[ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
4513It is the end user's responsibility to obey all applicable local, state and federal laws.
4514Developers assume no liability and are not responsible for any misuse or damage caused by this program
4515
4516[ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/www.gip.gov.sa/output/inurlbr-www.gip.gov.sa ]
4517[ INFO ][ DORK ]::[ site:www.gip.gov.sa ]
4518[ INFO ][ SEARCHING ]:: {
4519[ INFO ][ ENGINE ]::[ GOOGLE - www.google.iq ]
4520
4521[ INFO ][ SEARCHING ]::
4522-[:::]
4523[ INFO ][ ENGINE ]::[ GOOGLE API ]
4524
4525[ INFO ][ SEARCHING ]::
4526-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
4527[ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.com.bo ID: 002901626849897788481:cpnctza84gq ]
4528
4529[ INFO ][ SEARCHING ]::
4530-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
4531
4532[ INFO ][ TOTAL FOUND VALUES ]:: [ 100 ]
4533
4534
4535 _[ - ]::--------------------------------------------------------------------------------------------------------------
4536|_[ + ] [ 0 / 100 ]-[22:25:00] [ - ]
4537|_[ + ] Target:: [ https://www.gip.gov.sa/ ]
4538|_[ + ] Exploit::
4539|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4540|_[ + ] More details:: / - / , ISP:
4541|_[ + ] Found:: UNIDENTIFIED
4542
4543 _[ - ]::--------------------------------------------------------------------------------------------------------------
4544|_[ + ] [ 1 / 100 ]-[22:25:02] [ - ]
4545|_[ + ] Target:: [ https://www.gip.gov.sa/News ]
4546|_[ + ] Exploit::
4547|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4548|_[ + ] More details:: / - / , ISP:
4549|_[ + ] Found:: UNIDENTIFIED
4550
4551 _[ - ]::--------------------------------------------------------------------------------------------------------------
4552|_[ + ] [ 2 / 100 ]-[22:25:03] [ - ]
4553|_[ + ] Target:: [ https://www.gip.gov.sa/full ]
4554|_[ + ] Exploit::
4555|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4556|_[ + ] More details:: / - / , ISP:
4557|_[ + ] Found:: UNIDENTIFIED
4558
4559 _[ - ]::--------------------------------------------------------------------------------------------------------------
4560|_[ + ] [ 3 / 100 ]-[22:25:05] [ - ]
4561|_[ + ] Target:: [ https://www.gip.gov.sa/crack ]
4562|_[ + ] Exploit::
4563|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4564|_[ + ] More details:: / - / , ISP:
4565|_[ + ] Found:: UNIDENTIFIED
4566
4567 _[ - ]::--------------------------------------------------------------------------------------------------------------
4568|_[ + ] [ 4 / 100 ]-[22:25:06] [ - ]
4569|_[ + ] Target:: [ https://www.gip.gov.sa/Inquiry ]
4570|_[ + ] Exploit::
4571|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4572|_[ + ] More details:: / - / , ISP:
4573|_[ + ] Found:: UNIDENTIFIED
4574
4575 _[ - ]::--------------------------------------------------------------------------------------------------------------
4576|_[ + ] [ 5 / 100 ]-[22:25:07] [ - ]
4577|_[ + ] Target:: [ https://www.gip.gov.sa/2006 ]
4578|_[ + ] Exploit::
4579|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4580|_[ + ] More details:: / - / , ISP:
4581|_[ + ] Found:: UNIDENTIFIED
4582
4583 _[ - ]::--------------------------------------------------------------------------------------------------------------
4584|_[ + ] [ 6 / 100 ]-[22:25:08] [ - ]
4585|_[ + ] Target:: [ https://www.gip.gov.sa/images ]
4586|_[ + ] Exploit::
4587|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4588|_[ + ] More details:: / - / , ISP:
4589|_[ + ] Found:: UNIDENTIFIED
4590
4591 _[ - ]::--------------------------------------------------------------------------------------------------------------
4592|_[ + ] [ 7 / 100 ]-[22:25:10] [ - ]
4593|_[ + ] Target:: [ https://www.gip.gov.sa/Pages/ ]
4594|_[ + ] Exploit::
4595|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4596|_[ + ] More details:: / - / , ISP:
4597|_[ + ] Found:: UNIDENTIFIED
4598
4599 _[ - ]::--------------------------------------------------------------------------------------------------------------
4600|_[ + ] [ 8 / 100 ]-[22:25:11] [ - ]
4601|_[ + ] Target:: [ https://www.gip.gov.sa/m/ ]
4602|_[ + ] Exploit::
4603|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4604|_[ + ] More details:: / - / , ISP:
4605|_[ + ] Found:: UNIDENTIFIED
4606
4607 _[ - ]::--------------------------------------------------------------------------------------------------------------
4608|_[ + ] [ 9 / 100 ]-[22:25:12] [ - ]
4609|_[ + ] Target:: [ https://www.gip.gov.sa/news13.html ]
4610|_[ + ] Exploit::
4611|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4612|_[ + ] More details:: / - / , ISP:
4613|_[ + ] Found:: UNIDENTIFIED
4614
4615 _[ - ]::--------------------------------------------------------------------------------------------------------------
4616|_[ + ] [ 10 / 100 ]-[22:25:14] [ - ]
4617|_[ + ] Target:: [ https://www.gip.gov.sa/Documents/GIP ]
4618|_[ + ] Exploit::
4619|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4620|_[ + ] More details:: / - / , ISP:
4621|_[ + ] Found:: UNIDENTIFIED
4622
4623 _[ - ]::--------------------------------------------------------------------------------------------------------------
4624|_[ + ] [ 11 / 100 ]-[22:25:15] [ - ]
4625|_[ + ] Target:: [ https://www.gip.gov.sa/president.html ]
4626|_[ + ] Exploit::
4627|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4628|_[ + ] More details:: / - / , ISP:
4629|_[ + ] Found:: UNIDENTIFIED
4630
4631 _[ - ]::--------------------------------------------------------------------------------------------------------------
4632|_[ + ] [ 12 / 100 ]-[22:25:16] [ - ]
4633|_[ + ] Target:: [ https://www.gip.gov.sa/sites/english/ ]
4634|_[ + ] Exploit::
4635|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4636|_[ + ] More details:: / - / , ISP:
4637|_[ + ] Found:: UNIDENTIFIED
4638
4639 _[ - ]::--------------------------------------------------------------------------------------------------------------
4640|_[ + ] [ 13 / 100 ]-[22:25:17] [ - ]
4641|_[ + ] Target:: [ https://www.gip.gov.sa/sitemap.xml ]
4642|_[ + ] Exploit::
4643|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4644|_[ + ] More details:: / - / , ISP:
4645|_[ + ] Found:: UNIDENTIFIED
4646
4647 _[ - ]::--------------------------------------------------------------------------------------------------------------
4648|_[ + ] [ 14 / 100 ]-[22:25:19] [ - ]
4649|_[ + ] Target:: [ https://www.gip.gov.sa/Home.aspx ]
4650|_[ + ] Exploit::
4651|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4652|_[ + ] More details:: / - / , ISP:
4653|_[ + ] Found:: UNIDENTIFIED
4654
4655 _[ - ]::--------------------------------------------------------------------------------------------------------------
4656|_[ + ] [ 15 / 100 ]-[22:25:20] [ - ]
4657|_[ + ] Target:: [ https://www.gip.gov.sa/aboutksa.html ]
4658|_[ + ] Exploit::
4659|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4660|_[ + ] More details:: / - / , ISP:
4661|_[ + ] Found:: UNIDENTIFIED
4662
4663 _[ - ]::--------------------------------------------------------------------------------------------------------------
4664|_[ + ] [ 16 / 100 ]-[22:25:21] [ - ]
4665|_[ + ] Target:: [ https://www.gip.gov.sa/News/PublishingImages/ ]
4666|_[ + ] Exploit::
4667|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4668|_[ + ] More details:: / - / , ISP:
4669|_[ + ] Found:: UNIDENTIFIED
4670
4671 _[ - ]::--------------------------------------------------------------------------------------------------------------
4672|_[ + ] [ 17 / 100 ]-[22:25:22] [ - ]
4673|_[ + ] Target:: [ https://www.gip.gov.sa/careers.html ]
4674|_[ + ] Exploit::
4675|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4676|_[ + ] More details:: / - / , ISP:
4677|_[ + ] Found:: UNIDENTIFIED
4678
4679 _[ - ]::--------------------------------------------------------------------------------------------------------------
4680|_[ + ] [ 18 / 100 ]-[22:25:24] [ - ]
4681|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/fUZ6Zb9F ]
4682|_[ + ] Exploit::
4683|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4684|_[ + ] More details:: / - / , ISP:
4685|_[ + ] Found:: UNIDENTIFIED
4686
4687 _[ - ]::--------------------------------------------------------------------------------------------------------------
4688|_[ + ] [ 19 / 100 ]-[22:25:25] [ - ]
4689|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/F6qPrwYM ]
4690|_[ + ] Exploit::
4691|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4692|_[ + ] More details:: / - / , ISP:
4693|_[ + ] Found:: UNIDENTIFIED
4694
4695 _[ - ]::--------------------------------------------------------------------------------------------------------------
4696|_[ + ] [ 20 / 100 ]-[22:25:27] [ - ]
4697|_[ + ] Target:: [ https://www.gip.gov.sa/Home/Page/AboutKSA ]
4698|_[ + ] Exploit::
4699|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4700|_[ + ] More details:: / - / , ISP:
4701|_[ + ] Found:: UNIDENTIFIED
4702
4703 _[ - ]::--------------------------------------------------------------------------------------------------------------
4704|_[ + ] [ 21 / 100 ]-[22:25:28] [ - ]
4705|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/zz5Y4YcE ]
4706|_[ + ] Exploit::
4707|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4708|_[ + ] More details:: / - / , ISP:
4709|_[ + ] Found:: UNIDENTIFIED
4710
4711 _[ - ]::--------------------------------------------------------------------------------------------------------------
4712|_[ + ] [ 22 / 100 ]-[22:25:30] [ - ]
4713|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/3soKdtXH ]
4714|_[ + ] Exploit::
4715|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4716|_[ + ] More details:: / - / , ISP:
4717|_[ + ] Found:: UNIDENTIFIED
4718
4719 _[ - ]::--------------------------------------------------------------------------------------------------------------
4720|_[ + ] [ 23 / 100 ]-[22:25:31] [ - ]
4721|_[ + ] Target:: [ https://www.gip.gov.sa/Home/Page/Leaders ]
4722|_[ + ] Exploit::
4723|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4724|_[ + ] More details:: / - / , ISP:
4725|_[ + ] Found:: UNIDENTIFIED
4726
4727 _[ - ]::--------------------------------------------------------------------------------------------------------------
4728|_[ + ] [ 24 / 100 ]-[22:25:33] [ - ]
4729|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/E9UAo25z ]
4730|_[ + ] Exploit::
4731|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4732|_[ + ] More details:: / - / , ISP:
4733|_[ + ] Found:: UNIDENTIFIED
4734
4735 _[ - ]::--------------------------------------------------------------------------------------------------------------
4736|_[ + ] [ 25 / 100 ]-[22:25:35] [ - ]
4737|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/OsU987Rg ]
4738|_[ + ] Exploit::
4739|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4740|_[ + ] More details:: / - / , ISP:
4741|_[ + ] Found:: UNIDENTIFIED
4742
4743 _[ - ]::--------------------------------------------------------------------------------------------------------------
4744|_[ + ] [ 26 / 100 ]-[22:25:36] [ - ]
4745|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/Wpj2jZ6X ]
4746|_[ + ] Exploit::
4747|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4748|_[ + ] More details:: / - / , ISP:
4749|_[ + ] Found:: UNIDENTIFIED
4750
4751 _[ - ]::--------------------------------------------------------------------------------------------------------------
4752|_[ + ] [ 27 / 100 ]-[22:25:38] [ - ]
4753|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/uZiDYgB6 ]
4754|_[ + ] Exploit::
4755|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4756|_[ + ] More details:: / - / , ISP:
4757|_[ + ] Found:: UNIDENTIFIED
4758
4759 _[ - ]::--------------------------------------------------------------------------------------------------------------
4760|_[ + ] [ 28 / 100 ]-[22:25:39] [ - ]
4761|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/iTZotQqd ]
4762|_[ + ] Exploit::
4763|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4764|_[ + ] More details:: / - / , ISP:
4765|_[ + ] Found:: UNIDENTIFIED
4766
4767 _[ - ]::--------------------------------------------------------------------------------------------------------------
4768|_[ + ] [ 29 / 100 ]-[22:25:40] [ - ]
4769|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/ckHVcyBG ]
4770|_[ + ] Exploit::
4771|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4772|_[ + ] More details:: / - / , ISP:
4773|_[ + ] Found:: UNIDENTIFIED
4774
4775 _[ - ]::--------------------------------------------------------------------------------------------------------------
4776|_[ + ] [ 30 / 100 ]-[22:25:42] [ - ]
4777|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/7He4DjCJ ]
4778|_[ + ] Exploit::
4779|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4780|_[ + ] More details:: / - / , ISP:
4781|_[ + ] Found:: UNIDENTIFIED
4782
4783 _[ - ]::--------------------------------------------------------------------------------------------------------------
4784|_[ + ] [ 31 / 100 ]-[22:25:43] [ - ]
4785|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/IteW3Djf ]
4786|_[ + ] Exploit::
4787|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4788|_[ + ] More details:: / - / , ISP:
4789|_[ + ] Found:: UNIDENTIFIED
4790
4791 _[ - ]::--------------------------------------------------------------------------------------------------------------
4792|_[ + ] [ 32 / 100 ]-[22:25:45] [ - ]
4793|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/hwcBZlFk ]
4794|_[ + ] Exploit::
4795|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4796|_[ + ] More details:: / - / , ISP:
4797|_[ + ] Found:: UNIDENTIFIED
4798
4799 _[ - ]::--------------------------------------------------------------------------------------------------------------
4800|_[ + ] [ 33 / 100 ]-[22:25:46] [ - ]
4801|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/vixxEwMZ ]
4802|_[ + ] Exploit::
4803|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4804|_[ + ] More details:: / - / , ISP:
4805|_[ + ] Found:: UNIDENTIFIED
4806
4807 _[ - ]::--------------------------------------------------------------------------------------------------------------
4808|_[ + ] [ 34 / 100 ]-[22:25:48] [ - ]
4809|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/mZJfQez2 ]
4810|_[ + ] Exploit::
4811|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4812|_[ + ] More details:: / - / , ISP:
4813|_[ + ] Found:: UNIDENTIFIED
4814
4815 _[ - ]::--------------------------------------------------------------------------------------------------------------
4816|_[ + ] [ 35 / 100 ]-[22:25:49] [ - ]
4817|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/wnihj67P ]
4818|_[ + ] Exploit::
4819|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4820|_[ + ] More details:: / - / , ISP:
4821|_[ + ] Found:: UNIDENTIFIED
4822
4823 _[ - ]::--------------------------------------------------------------------------------------------------------------
4824|_[ + ] [ 36 / 100 ]-[22:25:51] [ - ]
4825|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/XkYAMqzD ]
4826|_[ + ] Exploit::
4827|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4828|_[ + ] More details:: / - / , ISP:
4829|_[ + ] Found:: UNIDENTIFIED
4830
4831 _[ - ]::--------------------------------------------------------------------------------------------------------------
4832|_[ + ] [ 37 / 100 ]-[22:25:52] [ - ]
4833|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/V5GgwXiq ]
4834|_[ + ] Exploit::
4835|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4836|_[ + ] More details:: / - / , ISP:
4837|_[ + ] Found:: UNIDENTIFIED
4838
4839 _[ - ]::--------------------------------------------------------------------------------------------------------------
4840|_[ + ] [ 38 / 100 ]-[22:25:54] [ - ]
4841|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/RzjbOMeN ]
4842|_[ + ] Exploit::
4843|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4844|_[ + ] More details:: / - / , ISP:
4845|_[ + ] Found:: UNIDENTIFIED
4846
4847 _[ - ]::--------------------------------------------------------------------------------------------------------------
4848|_[ + ] [ 39 / 100 ]-[22:25:55] [ - ]
4849|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/5rTcROks ]
4850|_[ + ] Exploit::
4851|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4852|_[ + ] More details:: / - / , ISP:
4853|_[ + ] Found:: UNIDENTIFIED
4854
4855 _[ - ]::--------------------------------------------------------------------------------------------------------------
4856|_[ + ] [ 40 / 100 ]-[22:25:57] [ - ]
4857|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/WogVghOu ]
4858|_[ + ] Exploit::
4859|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4860|_[ + ] More details:: / - / , ISP:
4861|_[ + ] Found:: UNIDENTIFIED
4862
4863 _[ - ]::--------------------------------------------------------------------------------------------------------------
4864|_[ + ] [ 41 / 100 ]-[22:25:58] [ - ]
4865|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/dWcJfASQ ]
4866|_[ + ] Exploit::
4867|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4868|_[ + ] More details:: / - / , ISP:
4869|_[ + ] Found:: UNIDENTIFIED
4870
4871 _[ - ]::--------------------------------------------------------------------------------------------------------------
4872|_[ + ] [ 42 / 100 ]-[22:26:00] [ - ]
4873|_[ + ] Target:: [ https://www.gip.gov.sa/Home/Page/Careers ]
4874|_[ + ] Exploit::
4875|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4876|_[ + ] More details:: / - / , ISP:
4877|_[ + ] Found:: UNIDENTIFIED
4878
4879 _[ - ]::--------------------------------------------------------------------------------------------------------------
4880|_[ + ] [ 43 / 100 ]-[22:26:01] [ - ]
4881|_[ + ] Target:: [ https://www.gip.gov.sa/Home/Page/President ]
4882|_[ + ] Exploit::
4883|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4884|_[ + ] More details:: / - / , ISP:
4885|_[ + ] Found:: UNIDENTIFIED
4886
4887 _[ - ]::--------------------------------------------------------------------------------------------------------------
4888|_[ + ] [ 44 / 100 ]-[22:26:03] [ - ]
4889|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/gQnOrwFf ]
4890|_[ + ] Exploit::
4891|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4892|_[ + ] More details:: / - / , ISP:
4893|_[ + ] Found:: UNIDENTIFIED
4894
4895 _[ - ]::--------------------------------------------------------------------------------------------------------------
4896|_[ + ] [ 45 / 100 ]-[22:26:04] [ - ]
4897|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/qpqC2ujq ]
4898|_[ + ] Exploit::
4899|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4900|_[ + ] More details:: / - / , ISP:
4901|_[ + ] Found:: UNIDENTIFIED
4902
4903 _[ - ]::--------------------------------------------------------------------------------------------------------------
4904|_[ + ] [ 46 / 100 ]-[22:26:05] [ - ]
4905|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/hEbmtEMG ]
4906|_[ + ] Exploit::
4907|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4908|_[ + ] More details:: / - / , ISP:
4909|_[ + ] Found:: UNIDENTIFIED
4910
4911 _[ - ]::--------------------------------------------------------------------------------------------------------------
4912|_[ + ] [ 47 / 100 ]-[22:26:07] [ - ]
4913|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/96yg549U ]
4914|_[ + ] Exploit::
4915|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4916|_[ + ] More details:: / - / , ISP:
4917|_[ + ] Found:: UNIDENTIFIED
4918
4919 _[ - ]::--------------------------------------------------------------------------------------------------------------
4920|_[ + ] [ 48 / 100 ]-[22:26:08] [ - ]
4921|_[ + ] Target:: [ https://www.gip.gov.sa/en/news9.html ]
4922|_[ + ] Exploit::
4923|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4924|_[ + ] More details:: / - / , ISP:
4925|_[ + ] Found:: UNIDENTIFIED
4926
4927 _[ - ]::--------------------------------------------------------------------------------------------------------------
4928|_[ + ] [ 49 / 100 ]-[22:26:09] [ - ]
4929|_[ + ] Target:: [ https://www.gip.gov.sa/JobApplication...default ]
4930|_[ + ] Exploit::
4931|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4932|_[ + ] More details:: / - / , ISP:
4933|_[ + ] Found:: UNIDENTIFIED
4934
4935 _[ - ]::--------------------------------------------------------------------------------------------------------------
4936|_[ + ] [ 50 / 100 ]-[22:26:11] [ - ]
4937|_[ + ] Target:: [ https://www.gip.gov.sa/forms/2.pdf ]
4938|_[ + ] Exploit::
4939|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4940|_[ + ] More details:: / - / , ISP:
4941|_[ + ] Found:: UNIDENTIFIED
4942
4943 _[ - ]::--------------------------------------------------------------------------------------------------------------
4944|_[ + ] [ 51 / 100 ]-[22:26:12] [ - ]
4945|_[ + ] Target:: [ https://www.gip.gov.sa/en/contactus.html ]
4946|_[ + ] Exploit::
4947|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4948|_[ + ] More details:: / - / , ISP:
4949|_[ + ] Found:: UNIDENTIFIED
4950
4951 _[ - ]::--------------------------------------------------------------------------------------------------------------
4952|_[ + ] [ 52 / 100 ]-[22:26:13] [ - ]
4953|_[ + ] Target:: [ https://www.gip.gov.sa/Home/ChangeLanguage/2 ]
4954|_[ + ] Exploit::
4955|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4956|_[ + ] More details:: / - / , ISP:
4957|_[ + ] Found:: UNIDENTIFIED
4958
4959 _[ - ]::--------------------------------------------------------------------------------------------------------------
4960|_[ + ] [ 53 / 100 ]-[22:26:14] [ - ]
4961|_[ + ] Target:: [ https://www.gip.gov.sa/en/news12.html ]
4962|_[ + ] Exploit::
4963|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4964|_[ + ] More details:: / - / , ISP:
4965|_[ + ] Found:: UNIDENTIFIED
4966
4967 _[ - ]::--------------------------------------------------------------------------------------------------------------
4968|_[ + ] [ 54 / 100 ]-[22:26:16] [ - ]
4969|_[ + ] Target:: [ https://www.gip.gov.sa/Pages/Home.as ]
4970|_[ + ] Exploit::
4971|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4972|_[ + ] More details:: / - / , ISP:
4973|_[ + ] Found:: UNIDENTIFIED
4974
4975 _[ - ]::--------------------------------------------------------------------------------------------------------------
4976|_[ + ] [ 55 / 100 ]-[22:26:17] [ - ]
4977|_[ + ] Target:: [ https://www.gip.gov.sa/Home/Page/Mission ]
4978|_[ + ] Exploit::
4979|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4980|_[ + ] More details:: / - / , ISP:
4981|_[ + ] Found:: UNIDENTIFIED
4982
4983 _[ - ]::--------------------------------------------------------------------------------------------------------------
4984|_[ + ] [ 56 / 100 ]-[22:26:18] [ - ]
4985|_[ + ] Target:: [ https://www.gip.gov.sa/pages/loginpage.aspx ]
4986|_[ + ] Exploit::
4987|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4988|_[ + ] More details:: / - / , ISP:
4989|_[ + ] Found:: UNIDENTIFIED
4990
4991 _[ - ]::--------------------------------------------------------------------------------------------------------------
4992|_[ + ] [ 57 / 100 ]-[22:26:19] [ - ]
4993|_[ + ] Target:: [ https://www.gip.gov.sa/en/mission.html ]
4994|_[ + ] Exploit::
4995|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
4996|_[ + ] More details:: / - / , ISP:
4997|_[ + ] Found:: UNIDENTIFIED
4998
4999 _[ - ]::--------------------------------------------------------------------------------------------------------------
5000|_[ + ] [ 58 / 100 ]-[22:26:21] [ - ]
5001|_[ + ] Target:: [ https://www.gip.gov.sa/pages/jobs.aspx ]
5002|_[ + ] Exploit::
5003|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5004|_[ + ] More details:: / - / , ISP:
5005|_[ + ] Found:: UNIDENTIFIED
5006
5007 _[ - ]::--------------------------------------------------------------------------------------------------------------
5008|_[ + ] [ 59 / 100 ]-[22:26:22] [ - ]
5009|_[ + ] Target:: [ https://www.gip.gov.sa/Home/Page/Vision ]
5010|_[ + ] Exploit::
5011|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5012|_[ + ] More details:: / - / , ISP:
5013|_[ + ] Found:: UNIDENTIFIED
5014
5015 _[ - ]::--------------------------------------------------------------------------------------------------------------
5016|_[ + ] [ 60 / 100 ]-[22:26:23] [ - ]
5017|_[ + ] Target:: [ https://www.gip.gov.sa/pages/jobs.aspx، ]
5018|_[ + ] Exploit::
5019|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5020|_[ + ] More details:: / - / , ISP:
5021|_[ + ] Found:: UNIDENTIFIED
5022
5023 _[ - ]::--------------------------------------------------------------------------------------------------------------
5024|_[ + ] [ 61 / 100 ]-[22:26:25] [ - ]
5025|_[ + ] Target:: [ https://www.gip.gov.sa/forms/3.pdf ]
5026|_[ + ] Exploit::
5027|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5028|_[ + ] More details:: / - / , ISP:
5029|_[ + ] Found:: UNIDENTIFIED
5030
5031 _[ - ]::--------------------------------------------------------------------------------------------------------------
5032|_[ + ] [ 62 / 100 ]-[22:26:25] [ - ]
5033|_[ + ] Target:: [ http://www.gip.gov.sa/sites/english/AboutPresidency ]
5034|_[ + ] Exploit::
5035|_[ + ] Information Server:: HTTP/1.1 301 Moved Permanently, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:80
5036|_[ + ] More details:: / - / , ISP:
5037|_[ + ] Found:: UNIDENTIFIED
5038
5039 _[ - ]::--------------------------------------------------------------------------------------------------------------
5040|_[ + ] [ 63 / 100 ]-[22:26:27] [ - ]
5041|_[ + ] Target:: [ https://www.gip.gov.sa/INQUIRY/Pages/default.aspx ]
5042|_[ + ] Exploit::
5043|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5044|_[ + ] More details:: / - / , ISP:
5045|_[ + ] Found:: UNIDENTIFIED
5046
5047 _[ - ]::--------------------------------------------------------------------------------------------------------------
5048|_[ + ] [ 64 / 100 ]-[22:26:27] [ - ]
5049|_[ + ] Target:: [ http://www.gip.gov.sa/LISTREPOSITORY/Pages/default.aspx ]
5050|_[ + ] Exploit::
5051|_[ + ] Information Server:: HTTP/1.1 301 Moved Permanently, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:80
5052|_[ + ] More details:: / - / , ISP:
5053|_[ + ] Found:: UNIDENTIFIED
5054
5055 _[ - ]::--------------------------------------------------------------------------------------------------------------
5056|_[ + ] [ 65 / 100 ]-[22:26:28] [ - ]
5057|_[ + ] Target:: [ https://www.gip.gov.sa/_layouts/jobsystemGIP/home.aspx ]
5058|_[ + ] Exploit::
5059|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5060|_[ + ] More details:: / - / , ISP:
5061|_[ + ] Found:: UNIDENTIFIED
5062
5063 _[ - ]::--------------------------------------------------------------------------------------------------------------
5064|_[ + ] [ 66 / 100 ]-[22:26:30] [ - ]
5065|_[ + ] Target:: [ https://www.gip.gov.sa/JobApplication/Pages/default.aspx ]
5066|_[ + ] Exploit::
5067|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5068|_[ + ] More details:: / - / , ISP:
5069|_[ + ] Found:: UNIDENTIFIED
5070
5071 _[ - ]::--------------------------------------------------------------------------------------------------------------
5072|_[ + ] [ 67 / 100 ]-[22:26:30] [ - ]
5073|_[ + ] Target:: [ http://www.gip.gov.sa/Contactus/Pages/contact985.aspx ]
5074|_[ + ] Exploit::
5075|_[ + ] Information Server:: HTTP/1.1 301 Moved Permanently, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:80
5076|_[ + ] More details:: / - / , ISP:
5077|_[ + ] Found:: UNIDENTIFIED
5078
5079 _[ - ]::--------------------------------------------------------------------------------------------------------------
5080|_[ + ] [ 68 / 100 ]-[22:26:32] [ - ]
5081|_[ + ] Target:: [ https://www.gip.gov.sa/pages/jobs.aspx:tsfiq: ]
5082|_[ + ] Exploit::
5083|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5084|_[ + ] More details:: / - / , ISP:
5085|_[ + ] Found:: UNIDENTIFIED
5086
5087 _[ - ]::--------------------------------------------------------------------------------------------------------------
5088|_[ + ] [ 69 / 100 ]-[22:26:33] [ - ]
5089|_[ + ] Target:: [ https://www.gip.gov.sa/News/Pages/News1200.aspx ]
5090|_[ + ] Exploit::
5091|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5092|_[ + ] More details:: / - / , ISP:
5093|_[ + ] Found:: UNIDENTIFIED
5094
5095 _[ - ]::--------------------------------------------------------------------------------------------------------------
5096|_[ + ] [ 70 / 100 ]-[22:26:34] [ - ]
5097|_[ + ] Target:: [ https://www.gip.gov.sa/AboutPresidency/Pages/AboutPresident.aspx ]
5098|_[ + ] Exploit::
5099|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5100|_[ + ] More details:: / - / , ISP:
5101|_[ + ] Found:: UNIDENTIFIED
5102
5103 _[ - ]::--------------------------------------------------------------------------------------------------------------
5104|_[ + ] [ 71 / 100 ]-[22:26:35] [ - ]
5105|_[ + ] Target:: [ https://www.gip.gov.sa/AboutPresidency/Pages/Home.aspx ]
5106|_[ + ] Exploit::
5107|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5108|_[ + ] More details:: / - / , ISP:
5109|_[ + ] Found:: UNIDENTIFIED
5110
5111 _[ - ]::--------------------------------------------------------------------------------------------------------------
5112|_[ + ] [ 72 / 100 ]-[22:26:37] [ - ]
5113|_[ + ] Target:: [ https://www.gip.gov.sa/fonts/Cairo-Bold.ttf ]
5114|_[ + ] Exploit::
5115|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5116|_[ + ] More details:: / - / , ISP:
5117|_[ + ] Found:: UNIDENTIFIED
5118
5119 _[ - ]::--------------------------------------------------------------------------------------------------------------
5120|_[ + ] [ 73 / 100 ]-[22:26:37] [ - ]
5121|_[ + ] Target:: [ http://www.gip.gov.sa/AboutKingdom/Pages/Home.aspx ]
5122|_[ + ] Exploit::
5123|_[ + ] Information Server:: HTTP/1.1 301 Moved Permanently, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:80
5124|_[ + ] More details:: / - / , ISP:
5125|_[ + ] Found:: UNIDENTIFIED
5126
5127 _[ - ]::--------------------------------------------------------------------------------------------------------------
5128|_[ + ] [ 74 / 100 ]-[22:26:39] [ - ]
5129|_[ + ] Target:: [ https://www.gip.gov.sa/_layouts/jobsystemgip/ReferenceKey.aspx ]
5130|_[ + ] Exploit::
5131|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5132|_[ + ] More details:: / - / , ISP:
5133|_[ + ] Found:: UNIDENTIFIED
5134
5135 _[ - ]::--------------------------------------------------------------------------------------------------------------
5136|_[ + ] [ 75 / 100 ]-[22:26:40] [ - ]
5137|_[ + ] Target:: [ https://www.gip.gov.sa/PreviousPresidency/Pages/Home.aspx ]
5138|_[ + ] Exploit::
5139|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5140|_[ + ] More details:: / - / , ISP:
5141|_[ + ] Found:: UNIDENTIFIED
5142
5143 _[ - ]::--------------------------------------------------------------------------------------------------------------
5144|_[ + ] [ 76 / 100 ]-[22:26:41] [ - ]
5145|_[ + ] Target:: [ https://www.gip.gov.sa/News/Pages/أمرملكيإعفاءالأميرمقرنوتعيينهمستشاراًومبعوثاًخاصاًلخادمالحرمينوالأميربندربنسلطانرئيساًللاستخباراتالعامة.aspx ]
5146|_[ + ] Exploit::
5147|_[ + ] Information Server:: HTTP/1.1 400 Bad Request, Server: Microsoft-HTTPAPI/2.0 , IP:212.138.117.71:443
5148|_[ + ] More details:: / - / , ISP:
5149|_[ + ] Found:: UNIDENTIFIED
5150
5151 _[ - ]::--------------------------------------------------------------------------------------------------------------
5152|_[ + ] [ 77 / 100 ]-[22:26:42] [ - ]
5153|_[ + ] Target:: [ http://www.gip.gov.sa/PreviousPresidency/Pages/MrOmarMahmoudshams.aspx ]
5154|_[ + ] Exploit::
5155|_[ + ] Information Server:: HTTP/1.1 301 Moved Permanently, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:80
5156|_[ + ] More details:: / - / , ISP:
5157|_[ + ] Found:: UNIDENTIFIED
5158
5159 _[ - ]::--------------------------------------------------------------------------------------------------------------
5160|_[ + ] [ 78 / 100 ]-[22:26:43] [ - ]
5161|_[ + ] Target:: [ https://www.gip.gov.sa/sites/english/Pages/Home.aspx ]
5162|_[ + ] Exploit::
5163|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5164|_[ + ] More details:: / - / , ISP:
5165|_[ + ] Found:: UNIDENTIFIED
5166
5167 _[ - ]::--------------------------------------------------------------------------------------------------------------
5168|_[ + ] [ 79 / 100 ]-[22:26:44] [ - ]
5169|_[ + ] Target:: [ https://www.gip.gov.sa/fonts/glyphicons-halflings-regular.woff2 ]
5170|_[ + ] Exploit::
5171|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5172|_[ + ] More details:: / - / , ISP:
5173|_[ + ] Found:: UNIDENTIFIED
5174
5175 _[ - ]::--------------------------------------------------------------------------------------------------------------
5176|_[ + ] [ 80 / 100 ]-[22:26:46] [ - ]
5177|_[ + ] Target:: [ https://www.gip.gov.sa/sites/English/SiteCollectionDocuments/PDF.pdf ]
5178|_[ + ] Exploit::
5179|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5180|_[ + ] More details:: / - / , ISP:
5181|_[ + ] Found:: UNIDENTIFIED
5182
5183 _[ - ]::--------------------------------------------------------------------------------------------------------------
5184|_[ + ] [ 81 / 100 ]-[22:26:47] [ - ]
5185|_[ + ] Target:: [ https://www.gip.gov.sa/sites/English/Pages/Wanted.aspx ]
5186|_[ + ] Exploit::
5187|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5188|_[ + ] More details:: / - / , ISP:
5189|_[ + ] Found:: UNIDENTIFIED
5190
5191 _[ - ]::--------------------------------------------------------------------------------------------------------------
5192|_[ + ] [ 82 / 100 ]-[22:26:48] [ - ]
5193|_[ + ] Target:: [ https://www.gip.gov.sa/JobApplication...default .aspx ]
5194|_[ + ] Exploit::
5195|_[ + ] Information Server:: HTTP/1.1 400 Bad Request, Server: Microsoft-HTTPAPI/2.0 , IP:212.138.117.71:443
5196|_[ + ] More details:: / - / , ISP:
5197|_[ + ] Found:: UNIDENTIFIED
5198
5199 _[ - ]::--------------------------------------------------------------------------------------------------------------
5200|_[ + ] [ 83 / 100 ]-[22:26:49] [ - ]
5201|_[ + ] Target:: [ https://www.gip.gov.sa/forms/Terms-Of-Employment.pdf ]
5202|_[ + ] Exploit::
5203|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5204|_[ + ] More details:: / - / , ISP:
5205|_[ + ] Found:: UNIDENTIFIED
5206
5207 _[ - ]::--------------------------------------------------------------------------------------------------------------
5208|_[ + ] [ 84 / 100 ]-[22:26:51] [ - ]
5209|_[ + ] Target:: [ https://www.gip.gov.sa/Documents/GIP History.pdf ]
5210|_[ + ] Exploit::
5211|_[ + ] Information Server:: HTTP/1.1 400 Bad Request, Server: Microsoft-HTTPAPI/2.0 , IP:212.138.117.71:443
5212|_[ + ] More details:: / - / , ISP:
5213|_[ + ] Found:: UNIDENTIFIED
5214
5215 _[ - ]::--------------------------------------------------------------------------------------------------------------
5216|_[ + ] [ 85 / 100 ]-[22:26:52] [ - ]
5217|_[ + ] Target:: [ https://www.gip.gov.sa/sites/english/AboutKingdom/Pages/Home.aspx ]
5218|_[ + ] Exploit::
5219|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5220|_[ + ] More details:: / - / , ISP:
5221|_[ + ] Found:: UNIDENTIFIED
5222
5223 _[ - ]::--------------------------------------------------------------------------------------------------------------
5224|_[ + ] [ 86 / 100 ]-[22:26:53] [ - ]
5225|_[ + ] Target:: [ https://www.gip.gov.sa/sites/English/Newsletter/Pages/Home.aspx ]
5226|_[ + ] Exploit::
5227|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5228|_[ + ] More details:: / - / , ISP:
5229|_[ + ] Found:: UNIDENTIFIED
5230
5231 _[ - ]::--------------------------------------------------------------------------------------------------------------
5232|_[ + ] [ 87 / 100 ]-[22:26:54] [ - ]
5233|_[ + ] Target:: [ https://www.gip.gov.sa/sites/english/AboutPresidency/Pages/AboutPresident.aspx ]
5234|_[ + ] Exploit::
5235|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5236|_[ + ] More details:: / - / , ISP:
5237|_[ + ] Found:: UNIDENTIFIED
5238
5239 _[ - ]::--------------------------------------------------------------------------------------------------------------
5240|_[ + ] [ 88 / 100 ]-[22:26:55] [ - ]
5241|_[ + ] Target:: [ http://www.gip.gov.sa/sites/english/AboutPresidency/Pages/ValuesAndPrinciples.aspx ]
5242|_[ + ] Exploit::
5243|_[ + ] Information Server:: HTTP/1.1 301 Moved Permanently, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:80
5244|_[ + ] More details:: / - / , ISP:
5245|_[ + ] Found:: UNIDENTIFIED
5246
5247 _[ - ]::--------------------------------------------------------------------------------------------------------------
5248|_[ + ] [ 89 / 100 ]-[22:26:56] [ - ]
5249|_[ + ] Target:: [ https://www.gip.gov.sa/sites/english/AboutPresidency/Pages/OurVision.aspx ]
5250|_[ + ] Exploit::
5251|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5252|_[ + ] More details:: / - / , ISP:
5253|_[ + ] Found:: UNIDENTIFIED
5254
5255 _[ - ]::--------------------------------------------------------------------------------------------------------------
5256|_[ + ] [ 90 / 100 ]-[22:26:58] [ - ]
5257|_[ + ] Target:: [ https://www.gip.gov.sa/sites/english/News/Pages/News101.aspx ]
5258|_[ + ] Exploit::
5259|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5260|_[ + ] More details:: / - / , ISP:
5261|_[ + ] Found:: UNIDENTIFIED
5262
5263 _[ - ]::--------------------------------------------------------------------------------------------------------------
5264|_[ + ] [ 91 / 100 ]-[22:26:59] [ - ]
5265|_[ + ] Target:: [ https://www.gip.gov.sa/sites/english/News/Pages/ChiefofGeneralIntelligenceInspectsCenterOfCommandandControlatMina.aspx ]
5266|_[ + ] Exploit::
5267|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5268|_[ + ] More details:: / - / , ISP:
5269|_[ + ] Found:: UNIDENTIFIED
5270
5271 _[ - ]::--------------------------------------------------------------------------------------------------------------
5272|_[ + ] [ 92 / 100 ]-[22:27:00] [ - ]
5273|_[ + ] Target:: [ https://www.gip.gov.sa/sites/english/News/Pages/PrinceBandarthanksKingAbdullahforappointinghimasChiefofGeneralIntelligence.aspx ]
5274|_[ + ] Exploit::
5275|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5276|_[ + ] More details:: / - / , ISP:
5277|_[ + ] Found:: UNIDENTIFIED
5278
5279 _[ - ]::--------------------------------------------------------------------------------------------------------------
5280|_[ + ] [ 93 / 100 ]-[22:27:01] [ - ]
5281|_[ + ] Target:: [ https://www.gip.gov.sa/SITES/ENGLISH/ABOUTPRESIDENCY/Pages/History.aspx ]
5282|_[ + ] Exploit::
5283|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5284|_[ + ] More details:: / - / , ISP:
5285|_[ + ] Found:: UNIDENTIFIED
5286
5287 _[ - ]::--------------------------------------------------------------------------------------------------------------
5288|_[ + ] [ 94 / 100 ]-[22:27:03] [ - ]
5289|_[ + ] Target:: [ https://www.gip.gov.sa/Pages/رئاسة الاستخبارات العامة.aspx ]
5290|_[ + ] Exploit::
5291|_[ + ] Information Server:: HTTP/1.1 400 Bad Request, Server: Microsoft-HTTPAPI/2.0 , IP:212.138.117.71:443
5292|_[ + ] More details:: / - / , ISP:
5293|_[ + ] Found:: UNIDENTIFIED
5294
5295 _[ - ]::--------------------------------------------------------------------------------------------------------------
5296|_[ + ] [ 95 / 100 ]-[22:27:04] [ - ]
5297|_[ + ] Target:: [ https://www.gip.gov.sa/Uploads/المطلوب على المتقدم 1440.pdf ]
5298|_[ + ] Exploit::
5299|_[ + ] Information Server:: HTTP/1.1 400 Bad Request, Server: Microsoft-HTTPAPI/2.0 , IP:212.138.117.71:443
5300|_[ + ] More details:: / - / , ISP:
5301|_[ + ] Found:: UNIDENTIFIED
5302
5303 _[ - ]::--------------------------------------------------------------------------------------------------------------
5304|_[ + ] [ 96 / 100 ]-[22:27:05] [ - ]
5305|_[ + ] Target:: [ https://www.gip.gov.sa/Wanted/Pages/WantedList.aspx?PageNo=1&PageNo=1 ]
5306|_[ + ] Exploit::
5307|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5308|_[ + ] More details:: / - / , ISP:
5309|_[ + ] Found:: UNIDENTIFIED
5310
5311 _[ - ]::--------------------------------------------------------------------------------------------------------------
5312|_[ + ] [ 97 / 100 ]-[22:27:06] [ - ]
5313|_[ + ] Target:: [ https://www.gip.gov.sa/_layouts/jobsystemGIP/JobSearch.aspx?Id=2&Id=2 ]
5314|_[ + ] Exploit::
5315|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5316|_[ + ] More details:: / - / , ISP:
5317|_[ + ] Found:: UNIDENTIFIED
5318
5319 _[ - ]::--------------------------------------------------------------------------------------------------------------
5320|_[ + ] [ 98 / 100 ]-[22:27:08] [ - ]
5321|_[ + ] Target:: [ https://www.gip.gov.sa/Uploads/استمارة المعلومات الشخصية لدورة الموسيقى.pdf ]
5322|_[ + ] Exploit::
5323|_[ + ] Information Server:: HTTP/1.1 400 Bad Request, Server: Microsoft-HTTPAPI/2.0 , IP:212.138.117.71:443
5324|_[ + ] More details:: / - / , ISP:
5325|_[ + ] Found:: UNIDENTIFIED
5326
5327 _[ - ]::--------------------------------------------------------------------------------------------------------------
5328|_[ + ] [ 99 / 100 ]-[22:27:09] [ - ]
5329|_[ + ] Target:: [ https://www.gip.gov.sa/Uploads/استمارة المعلومات الشخصية للمتقدم للتعين.pdf ]
5330|_[ + ] Exploit::
5331|_[ + ] Information Server:: HTTP/1.1 400 Bad Request, Server: Microsoft-HTTPAPI/2.0 , IP:212.138.117.71:443
5332|_[ + ] More details:: / - / , ISP:
5333|_[ + ] Found:: UNIDENTIFIED
5334
5335[ INFO ] [ Shutting down ]
5336[ INFO ] [ End of process INURLBR at [30-11-2019 22:27:09]
5337[ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
5338[ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/www.gip.gov.sa/output/inurlbr-www.gip.gov.sa ]
5339|_________________________________________________________________________________________
5340
5341\_________________________________________________________________________________________/
5342#######################################################################################################################################
5343HTTP/1.1 404 Not Found
5344Cache-Control: private
5345Content-Length: 1890
5346Content-Type: text/html; charset=utf-8
5347Server: Microsoft-IIS/8.5
5348X-AspNet-Version: 4.0.30319
5349X-Powered-By: ASP.NET
5350Date: Sun, 01 Dec 2019 03:27:12 GMT
5351#######################################################################################################################################
5352/
5353/16402B4814F0
5354/237678CAD4E3
5355/3E6D27023BA4
5356/5F03E095D45F
5357/DD17A5A2FDA3
5358/Home/Index#ContactUs
5359/Home/Mail
5360/Home/Page/AboutKSA
5361/Home/Page/Careers
5362/Home/Page/Leaders
5363/Home/Page/Mission
5364/Home/Page/President
5365/Home/Page/Vision
5366/News
5367/News/Read/E9UAo25z
5368/News/Read/hwcBZlFk
5369/News/Read/qpqC2ujq
5370/News/Read/uZiDYgB6
5371/News/Read/zz5Y4YcE
5372#######################################################################################################################################
5373https://www.gip.gov.sa [200 OK] ASP_NET[4.0.30319][MVC5.2], Cookies[__RequestVerificationToken], Country[SAUDI ARABIA][SA], Email[help@gip.gov.sa,info@gip.gov.sa], HTML5, HTTPServer[Microsoft-IIS/8.5], HttpOnly[__RequestVerificationToken], IP[212.138.117.71], Microsoft-IIS[8.5], Script, Title[رئاسة الاستخبارات العامة], UncommonHeaders[x-aspnetmvc-version], X-Frame-Options[DENY], X-Powered-By[ASP.NET], X-UA-Compatible[IE=edge]
5374#####################################################################################################################################
5375
5376wig - WebApp Information Gatherer
5377
5378
5379Scanning https://www.gip.gov.sa...
5380______________________ SITE INFO _______________________
5381IP Title
5382212.138.117.71 رئاسة الاستخبارات العامة
5383
5384_______________________ VERSION ________________________
5385Name Versions Type
5386ASP.NET 4.0.30319 Platform
5387IIS 8.5 Platform
5388Microsoft Windows Server 2012 R2 OS
5389
5390_____________________ INTERESTING ______________________
5391URL Note Type
5392/test.htm Test file Interesting
5393
5394________________________________________________________
5395Time: 1.4 sec Urls: 619 Fingerprints: 40401
5396#######################################################################################################################################
5397Version: 1.11.13-static
5398OpenSSL 1.0.2-chacha (1.0.2g-dev)
5399
5400Connected to 212.138.117.71
5401
5402Testing SSL server www.gip.gov.sa on port 443 using SNI name www.gip.gov.sa
5403
5404 TLS Fallback SCSV:
5405Server does not support TLS Fallback SCSV
5406
5407 TLS renegotiation:
5408Session renegotiation not supported
5409
5410 TLS Compression:
5411Compression disabled
5412
5413 Heartbleed:
5414TLS 1.2 not vulnerable to heartbleed
5415TLS 1.1 not vulnerable to heartbleed
5416TLS 1.0 not vulnerable to heartbleed
5417
5418 Supported Server Cipher(s):
5419Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-521 DHE 521
5420Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-521 DHE 521
5421Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-521 DHE 521
5422Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-521 DHE 521
5423Accepted TLSv1.2 256 bits AES256-GCM-SHA384
5424Accepted TLSv1.2 128 bits AES128-GCM-SHA256
5425Accepted TLSv1.2 256 bits AES256-SHA256
5426Accepted TLSv1.2 128 bits AES128-SHA256
5427Accepted TLSv1.2 256 bits AES256-SHA
5428Accepted TLSv1.2 128 bits AES128-SHA
5429Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-521 DHE 521
5430Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-521 DHE 521
5431Accepted TLSv1.1 256 bits AES256-SHA
5432Accepted TLSv1.1 128 bits AES128-SHA
5433
5434 SSL Certificate:
5435Signature Algorithm: sha256WithRSAEncryption
5436RSA Key Strength: 2048
5437
5438Subject: *.gip.gov.sa
5439Altnames: DNS:*.gip.gov.sa, DNS:gip.gov.sa
5440Issuer: Go Daddy Secure Certificate Authority - G2
5441
5442Not valid before: Oct 12 10:53:33 2019 GMT
5443Not valid after: Oct 12 10:53:33 2020 GMT
5444#######################################################################################################################################
5445------------------------------------------------------------------------------------------------------------------------
5446
5447[ ! ] Starting SCANNER INURLBR 2.1 at [30-11-2019 22:29:10]
5448[ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
5449It is the end user's responsibility to obey all applicable local, state and federal laws.
5450Developers assume no liability and are not responsible for any misuse or damage caused by this program
5451
5452[ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/www.gip.gov.sa/output/inurlbr-www.gip.gov.sa ]
5453[ INFO ][ DORK ]::[ site:www.gip.gov.sa ]
5454[ INFO ][ SEARCHING ]:: {
5455[ INFO ][ ENGINE ]::[ GOOGLE - www.google.co.ke ]
5456
5457[ INFO ][ SEARCHING ]::
5458-[:::]
5459[ INFO ][ ENGINE ]::[ GOOGLE API ]
5460
5461[ INFO ][ SEARCHING ]::
5462-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
5463[ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.kz ID: 012873187529719969291:yexdhbzntue ]
5464
5465[ INFO ][ SEARCHING ]::
5466-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
5467
5468[ INFO ][ TOTAL FOUND VALUES ]:: [ 100 ]
5469
5470
5471 _[ - ]::--------------------------------------------------------------------------------------------------------------
5472|_[ + ] [ 0 / 100 ]-[22:29:26] [ - ]
5473|_[ + ] Target:: [ https://www.gip.gov.sa/ ]
5474|_[ + ] Exploit::
5475|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5476|_[ + ] More details:: / - / , ISP:
5477|_[ + ] Found:: UNIDENTIFIED
5478
5479 _[ - ]::--------------------------------------------------------------------------------------------------------------
5480|_[ + ] [ 1 / 100 ]-[22:29:28] [ - ]
5481|_[ + ] Target:: [ https://www.gip.gov.sa/News ]
5482|_[ + ] Exploit::
5483|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5484|_[ + ] More details:: / - / , ISP:
5485|_[ + ] Found:: UNIDENTIFIED
5486
5487 _[ - ]::--------------------------------------------------------------------------------------------------------------
5488|_[ + ] [ 2 / 100 ]-[22:29:29] [ - ]
5489|_[ + ] Target:: [ https://www.gip.gov.sa/full ]
5490|_[ + ] Exploit::
5491|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5492|_[ + ] More details:: / - / , ISP:
5493|_[ + ] Found:: UNIDENTIFIED
5494
5495 _[ - ]::--------------------------------------------------------------------------------------------------------------
5496|_[ + ] [ 3 / 100 ]-[22:29:30] [ - ]
5497|_[ + ] Target:: [ https://www.gip.gov.sa/crack ]
5498|_[ + ] Exploit::
5499|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5500|_[ + ] More details:: / - / , ISP:
5501|_[ + ] Found:: UNIDENTIFIED
5502
5503 _[ - ]::--------------------------------------------------------------------------------------------------------------
5504|_[ + ] [ 4 / 100 ]-[22:29:32] [ - ]
5505|_[ + ] Target:: [ https://www.gip.gov.sa/Inquiry ]
5506|_[ + ] Exploit::
5507|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5508|_[ + ] More details:: / - / , ISP:
5509|_[ + ] Found:: UNIDENTIFIED
5510
5511 _[ - ]::--------------------------------------------------------------------------------------------------------------
5512|_[ + ] [ 5 / 100 ]-[22:29:33] [ - ]
5513|_[ + ] Target:: [ https://www.gip.gov.sa/2006 ]
5514|_[ + ] Exploit::
5515|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5516|_[ + ] More details:: / - / , ISP:
5517|_[ + ] Found:: UNIDENTIFIED
5518
5519 _[ - ]::--------------------------------------------------------------------------------------------------------------
5520|_[ + ] [ 6 / 100 ]-[22:29:36] [ - ]
5521|_[ + ] Target:: [ https://www.gip.gov.sa/images ]
5522|_[ + ] Exploit::
5523|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5524|_[ + ] More details:: / - / , ISP:
5525|_[ + ] Found:: UNIDENTIFIED
5526
5527 _[ - ]::--------------------------------------------------------------------------------------------------------------
5528|_[ + ] [ 7 / 100 ]-[22:29:37] [ - ]
5529|_[ + ] Target:: [ https://www.gip.gov.sa/Pages/ ]
5530|_[ + ] Exploit::
5531|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5532|_[ + ] More details:: / - / , ISP:
5533|_[ + ] Found:: UNIDENTIFIED
5534
5535 _[ - ]::--------------------------------------------------------------------------------------------------------------
5536|_[ + ] [ 8 / 100 ]-[22:29:38] [ - ]
5537|_[ + ] Target:: [ https://www.gip.gov.sa/m/ ]
5538|_[ + ] Exploit::
5539|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5540|_[ + ] More details:: / - / , ISP:
5541|_[ + ] Found:: UNIDENTIFIED
5542
5543 _[ - ]::--------------------------------------------------------------------------------------------------------------
5544|_[ + ] [ 9 / 100 ]-[22:29:40] [ - ]
5545|_[ + ] Target:: [ https://www.gip.gov.sa/news13.html ]
5546|_[ + ] Exploit::
5547|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5548|_[ + ] More details:: / - / , ISP:
5549|_[ + ] Found:: UNIDENTIFIED
5550
5551 _[ - ]::--------------------------------------------------------------------------------------------------------------
5552|_[ + ] [ 10 / 100 ]-[22:29:41] [ - ]
5553|_[ + ] Target:: [ https://www.gip.gov.sa/Documents/GIP ]
5554|_[ + ] Exploit::
5555|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5556|_[ + ] More details:: / - / , ISP:
5557|_[ + ] Found:: UNIDENTIFIED
5558
5559 _[ - ]::--------------------------------------------------------------------------------------------------------------
5560|_[ + ] [ 11 / 100 ]-[22:29:42] [ - ]
5561|_[ + ] Target:: [ https://www.gip.gov.sa/president.html ]
5562|_[ + ] Exploit::
5563|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5564|_[ + ] More details:: / - / , ISP:
5565|_[ + ] Found:: UNIDENTIFIED
5566
5567 _[ - ]::--------------------------------------------------------------------------------------------------------------
5568|_[ + ] [ 12 / 100 ]-[22:29:43] [ - ]
5569|_[ + ] Target:: [ https://www.gip.gov.sa/sites/english/ ]
5570|_[ + ] Exploit::
5571|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5572|_[ + ] More details:: / - / , ISP:
5573|_[ + ] Found:: UNIDENTIFIED
5574
5575 _[ - ]::--------------------------------------------------------------------------------------------------------------
5576|_[ + ] [ 13 / 100 ]-[22:29:45] [ - ]
5577|_[ + ] Target:: [ https://www.gip.gov.sa/sitemap.xml ]
5578|_[ + ] Exploit::
5579|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5580|_[ + ] More details:: / - / , ISP:
5581|_[ + ] Found:: UNIDENTIFIED
5582
5583 _[ - ]::--------------------------------------------------------------------------------------------------------------
5584|_[ + ] [ 14 / 100 ]-[22:29:46] [ - ]
5585|_[ + ] Target:: [ https://www.gip.gov.sa/Home.aspx ]
5586|_[ + ] Exploit::
5587|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5588|_[ + ] More details:: / - / , ISP:
5589|_[ + ] Found:: UNIDENTIFIED
5590
5591 _[ - ]::--------------------------------------------------------------------------------------------------------------
5592|_[ + ] [ 15 / 100 ]-[22:29:47] [ - ]
5593|_[ + ] Target:: [ https://www.gip.gov.sa/aboutksa.html ]
5594|_[ + ] Exploit::
5595|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5596|_[ + ] More details:: / - / , ISP:
5597|_[ + ] Found:: UNIDENTIFIED
5598
5599 _[ - ]::--------------------------------------------------------------------------------------------------------------
5600|_[ + ] [ 16 / 100 ]-[22:29:48] [ - ]
5601|_[ + ] Target:: [ https://www.gip.gov.sa/News/PublishingImages/ ]
5602|_[ + ] Exploit::
5603|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5604|_[ + ] More details:: / - / , ISP:
5605|_[ + ] Found:: UNIDENTIFIED
5606
5607 _[ - ]::--------------------------------------------------------------------------------------------------------------
5608|_[ + ] [ 17 / 100 ]-[22:29:49] [ - ]
5609|_[ + ] Target:: [ https://www.gip.gov.sa/careers.html ]
5610|_[ + ] Exploit::
5611|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5612|_[ + ] More details:: / - / , ISP:
5613|_[ + ] Found:: UNIDENTIFIED
5614
5615 _[ - ]::--------------------------------------------------------------------------------------------------------------
5616|_[ + ] [ 18 / 100 ]-[22:29:51] [ - ]
5617|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/fUZ6Zb9F ]
5618|_[ + ] Exploit::
5619|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5620|_[ + ] More details:: / - / , ISP:
5621|_[ + ] Found:: UNIDENTIFIED
5622
5623 _[ - ]::--------------------------------------------------------------------------------------------------------------
5624|_[ + ] [ 19 / 100 ]-[22:29:53] [ - ]
5625|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/F6qPrwYM ]
5626|_[ + ] Exploit::
5627|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5628|_[ + ] More details:: / - / , ISP:
5629|_[ + ] Found:: UNIDENTIFIED
5630
5631 _[ - ]::--------------------------------------------------------------------------------------------------------------
5632|_[ + ] [ 20 / 100 ]-[22:29:58] [ - ]
5633|_[ + ] Target:: [ https://www.gip.gov.sa/Home/Page/AboutKSA ]
5634|_[ + ] Exploit::
5635|_[ + ] Information Server:: , , IP:212.138.117.71:443
5636|_[ + ] More details:: / - / , ISP:
5637|_[ + ] Found:: UNIDENTIFIED
5638
5639 _[ - ]::--------------------------------------------------------------------------------------------------------------
5640|_[ + ] [ 21 / 100 ]-[22:30:07] [ - ]
5641|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/zz5Y4YcE ]
5642|_[ + ] Exploit::
5643|_[ + ] Information Server:: , , IP:212.138.117.71:443
5644|_[ + ] More details:: / - / , ISP:
5645|_[ + ] Found:: UNIDENTIFIED
5646
5647 _[ - ]::--------------------------------------------------------------------------------------------------------------
5648|_[ + ] [ 22 / 100 ]-[22:30:08] [ - ]
5649|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/3soKdtXH ]
5650|_[ + ] Exploit::
5651|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5652|_[ + ] More details:: / - / , ISP:
5653|_[ + ] Found:: UNIDENTIFIED
5654
5655 _[ - ]::--------------------------------------------------------------------------------------------------------------
5656|_[ + ] [ 23 / 100 ]-[22:30:10] [ - ]
5657|_[ + ] Target:: [ https://www.gip.gov.sa/Home/Page/Leaders ]
5658|_[ + ] Exploit::
5659|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5660|_[ + ] More details:: / - / , ISP:
5661|_[ + ] Found:: UNIDENTIFIED
5662
5663 _[ - ]::--------------------------------------------------------------------------------------------------------------
5664|_[ + ] [ 24 / 100 ]-[22:30:14] [ - ]
5665|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/E9UAo25z ]
5666|_[ + ] Exploit::
5667|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5668|_[ + ] More details:: / - / , ISP:
5669|_[ + ] Found:: UNIDENTIFIED
5670
5671 _[ - ]::--------------------------------------------------------------------------------------------------------------
5672|_[ + ] [ 25 / 100 ]-[22:30:15] [ - ]
5673|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/OsU987Rg ]
5674|_[ + ] Exploit::
5675|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5676|_[ + ] More details:: / - / , ISP:
5677|_[ + ] Found:: UNIDENTIFIED
5678
5679 _[ - ]::--------------------------------------------------------------------------------------------------------------
5680|_[ + ] [ 26 / 100 ]-[22:30:17] [ - ]
5681|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/Wpj2jZ6X ]
5682|_[ + ] Exploit::
5683|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5684|_[ + ] More details:: / - / , ISP:
5685|_[ + ] Found:: UNIDENTIFIED
5686
5687 _[ - ]::--------------------------------------------------------------------------------------------------------------
5688|_[ + ] [ 27 / 100 ]-[22:30:18] [ - ]
5689|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/uZiDYgB6 ]
5690|_[ + ] Exploit::
5691|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5692|_[ + ] More details:: / - / , ISP:
5693|_[ + ] Found:: UNIDENTIFIED
5694
5695 _[ - ]::--------------------------------------------------------------------------------------------------------------
5696|_[ + ] [ 28 / 100 ]-[22:30:20] [ - ]
5697|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/iTZotQqd ]
5698|_[ + ] Exploit::
5699|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5700|_[ + ] More details:: / - / , ISP:
5701|_[ + ] Found:: UNIDENTIFIED
5702
5703 _[ - ]::--------------------------------------------------------------------------------------------------------------
5704|_[ + ] [ 29 / 100 ]-[22:30:21] [ - ]
5705|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/ckHVcyBG ]
5706|_[ + ] Exploit::
5707|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5708|_[ + ] More details:: / - / , ISP:
5709|_[ + ] Found:: UNIDENTIFIED
5710
5711 _[ - ]::--------------------------------------------------------------------------------------------------------------
5712|_[ + ] [ 30 / 100 ]-[22:30:23] [ - ]
5713|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/7He4DjCJ ]
5714|_[ + ] Exploit::
5715|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5716|_[ + ] More details:: / - / , ISP:
5717|_[ + ] Found:: UNIDENTIFIED
5718
5719 _[ - ]::--------------------------------------------------------------------------------------------------------------
5720|_[ + ] [ 31 / 100 ]-[22:30:26] [ - ]
5721|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/IteW3Djf ]
5722|_[ + ] Exploit::
5723|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5724|_[ + ] More details:: / - / , ISP:
5725|_[ + ] Found:: UNIDENTIFIED
5726
5727 _[ - ]::--------------------------------------------------------------------------------------------------------------
5728|_[ + ] [ 32 / 100 ]-[22:30:27] [ - ]
5729|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/hwcBZlFk ]
5730|_[ + ] Exploit::
5731|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5732|_[ + ] More details:: / - / , ISP:
5733|_[ + ] Found:: UNIDENTIFIED
5734
5735 _[ - ]::--------------------------------------------------------------------------------------------------------------
5736|_[ + ] [ 33 / 100 ]-[22:30:29] [ - ]
5737|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/vixxEwMZ ]
5738|_[ + ] Exploit::
5739|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5740|_[ + ] More details:: / - / , ISP:
5741|_[ + ] Found:: UNIDENTIFIED
5742
5743 _[ - ]::--------------------------------------------------------------------------------------------------------------
5744|_[ + ] [ 34 / 100 ]-[22:30:31] [ - ]
5745|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/mZJfQez2 ]
5746|_[ + ] Exploit::
5747|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5748|_[ + ] More details:: / - / , ISP:
5749|_[ + ] Found:: UNIDENTIFIED
5750
5751 _[ - ]::--------------------------------------------------------------------------------------------------------------
5752|_[ + ] [ 35 / 100 ]-[22:30:32] [ - ]
5753|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/wnihj67P ]
5754|_[ + ] Exploit::
5755|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5756|_[ + ] More details:: / - / , ISP:
5757|_[ + ] Found:: UNIDENTIFIED
5758
5759 _[ - ]::--------------------------------------------------------------------------------------------------------------
5760|_[ + ] [ 36 / 100 ]-[22:30:34] [ - ]
5761|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/XkYAMqzD ]
5762|_[ + ] Exploit::
5763|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5764|_[ + ] More details:: / - / , ISP:
5765|_[ + ] Found:: UNIDENTIFIED
5766
5767 _[ - ]::--------------------------------------------------------------------------------------------------------------
5768|_[ + ] [ 37 / 100 ]-[22:30:35] [ - ]
5769|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/V5GgwXiq ]
5770|_[ + ] Exploit::
5771|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5772|_[ + ] More details:: / - / , ISP:
5773|_[ + ] Found:: UNIDENTIFIED
5774
5775 _[ - ]::--------------------------------------------------------------------------------------------------------------
5776|_[ + ] [ 38 / 100 ]-[22:30:40] [ - ]
5777|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/RzjbOMeN ]
5778|_[ + ] Exploit::
5779|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5780|_[ + ] More details:: / - / , ISP:
5781|_[ + ] Found:: UNIDENTIFIED
5782
5783 _[ - ]::--------------------------------------------------------------------------------------------------------------
5784|_[ + ] [ 39 / 100 ]-[22:30:42] [ - ]
5785|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/5rTcROks ]
5786|_[ + ] Exploit::
5787|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5788|_[ + ] More details:: / - / , ISP:
5789|_[ + ] Found:: UNIDENTIFIED
5790
5791 _[ - ]::--------------------------------------------------------------------------------------------------------------
5792|_[ + ] [ 40 / 100 ]-[22:30:43] [ - ]
5793|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/WogVghOu ]
5794|_[ + ] Exploit::
5795|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5796|_[ + ] More details:: / - / , ISP:
5797|_[ + ] Found:: UNIDENTIFIED
5798
5799 _[ - ]::--------------------------------------------------------------------------------------------------------------
5800|_[ + ] [ 41 / 100 ]-[22:30:45] [ - ]
5801|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/dWcJfASQ ]
5802|_[ + ] Exploit::
5803|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5804|_[ + ] More details:: / - / , ISP:
5805|_[ + ] Found:: UNIDENTIFIED
5806
5807 _[ - ]::--------------------------------------------------------------------------------------------------------------
5808|_[ + ] [ 42 / 100 ]-[22:30:46] [ - ]
5809|_[ + ] Target:: [ https://www.gip.gov.sa/Home/Page/Careers ]
5810|_[ + ] Exploit::
5811|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5812|_[ + ] More details:: / - / , ISP:
5813|_[ + ] Found:: UNIDENTIFIED
5814
5815 _[ - ]::--------------------------------------------------------------------------------------------------------------
5816|_[ + ] [ 43 / 100 ]-[22:30:47] [ - ]
5817|_[ + ] Target:: [ https://www.gip.gov.sa/Home/Page/President ]
5818|_[ + ] Exploit::
5819|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5820|_[ + ] More details:: / - / , ISP:
5821|_[ + ] Found:: UNIDENTIFIED
5822
5823 _[ - ]::--------------------------------------------------------------------------------------------------------------
5824|_[ + ] [ 44 / 100 ]-[22:30:48] [ - ]
5825|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/gQnOrwFf ]
5826|_[ + ] Exploit::
5827|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5828|_[ + ] More details:: / - / , ISP:
5829|_[ + ] Found:: UNIDENTIFIED
5830
5831 _[ - ]::--------------------------------------------------------------------------------------------------------------
5832|_[ + ] [ 45 / 100 ]-[22:30:54] [ - ]
5833|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/qpqC2ujq ]
5834|_[ + ] Exploit::
5835|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5836|_[ + ] More details:: / - / , ISP:
5837|_[ + ] Found:: UNIDENTIFIED
5838
5839 _[ - ]::--------------------------------------------------------------------------------------------------------------
5840|_[ + ] [ 46 / 100 ]-[22:30:55] [ - ]
5841|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/hEbmtEMG ]
5842|_[ + ] Exploit::
5843|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5844|_[ + ] More details:: / - / , ISP:
5845|_[ + ] Found:: UNIDENTIFIED
5846
5847 _[ - ]::--------------------------------------------------------------------------------------------------------------
5848|_[ + ] [ 47 / 100 ]-[22:30:56] [ - ]
5849|_[ + ] Target:: [ https://www.gip.gov.sa/News/Read/96yg549U ]
5850|_[ + ] Exploit::
5851|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5852|_[ + ] More details:: / - / , ISP:
5853|_[ + ] Found:: UNIDENTIFIED
5854
5855 _[ - ]::--------------------------------------------------------------------------------------------------------------
5856|_[ + ] [ 48 / 100 ]-[22:30:58] [ - ]
5857|_[ + ] Target:: [ https://www.gip.gov.sa/en/news9.html ]
5858|_[ + ] Exploit::
5859|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5860|_[ + ] More details:: / - / , ISP:
5861|_[ + ] Found:: UNIDENTIFIED
5862
5863 _[ - ]::--------------------------------------------------------------------------------------------------------------
5864|_[ + ] [ 49 / 100 ]-[22:31:01] [ - ]
5865|_[ + ] Target:: [ https://www.gip.gov.sa/JobApplication...default ]
5866|_[ + ] Exploit::
5867|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5868|_[ + ] More details:: / - / , ISP:
5869|_[ + ] Found:: UNIDENTIFIED
5870
5871 _[ - ]::--------------------------------------------------------------------------------------------------------------
5872|_[ + ] [ 50 / 100 ]-[22:31:02] [ - ]
5873|_[ + ] Target:: [ https://www.gip.gov.sa/forms/2.pdf ]
5874|_[ + ] Exploit::
5875|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5876|_[ + ] More details:: / - / , ISP:
5877|_[ + ] Found:: UNIDENTIFIED
5878
5879 _[ - ]::--------------------------------------------------------------------------------------------------------------
5880|_[ + ] [ 51 / 100 ]-[22:31:03] [ - ]
5881|_[ + ] Target:: [ https://www.gip.gov.sa/en/contactus.html ]
5882|_[ + ] Exploit::
5883|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5884|_[ + ] More details:: / - / , ISP:
5885|_[ + ] Found:: UNIDENTIFIED
5886
5887 _[ - ]::--------------------------------------------------------------------------------------------------------------
5888|_[ + ] [ 52 / 100 ]-[22:31:08] [ - ]
5889|_[ + ] Target:: [ https://www.gip.gov.sa/Home/ChangeLanguage/2 ]
5890|_[ + ] Exploit::
5891|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5892|_[ + ] More details:: / - / , ISP:
5893|_[ + ] Found:: UNIDENTIFIED
5894
5895 _[ - ]::--------------------------------------------------------------------------------------------------------------
5896|_[ + ] [ 53 / 100 ]-[22:31:10] [ - ]
5897|_[ + ] Target:: [ https://www.gip.gov.sa/en/news12.html ]
5898|_[ + ] Exploit::
5899|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5900|_[ + ] More details:: / - / , ISP:
5901|_[ + ] Found:: UNIDENTIFIED
5902
5903 _[ - ]::--------------------------------------------------------------------------------------------------------------
5904|_[ + ] [ 54 / 100 ]-[22:31:11] [ - ]
5905|_[ + ] Target:: [ https://www.gip.gov.sa/Pages/Home.as ]
5906|_[ + ] Exploit::
5907|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5908|_[ + ] More details:: / - / , ISP:
5909|_[ + ] Found:: UNIDENTIFIED
5910
5911 _[ - ]::--------------------------------------------------------------------------------------------------------------
5912|_[ + ] [ 55 / 100 ]-[22:31:12] [ - ]
5913|_[ + ] Target:: [ https://www.gip.gov.sa/Home/Page/Mission ]
5914|_[ + ] Exploit::
5915|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5916|_[ + ] More details:: / - / , ISP:
5917|_[ + ] Found:: UNIDENTIFIED
5918
5919 _[ - ]::--------------------------------------------------------------------------------------------------------------
5920|_[ + ] [ 56 / 100 ]-[22:31:13] [ - ]
5921|_[ + ] Target:: [ https://www.gip.gov.sa/pages/loginpage.aspx ]
5922|_[ + ] Exploit::
5923|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5924|_[ + ] More details:: / - / , ISP:
5925|_[ + ] Found:: UNIDENTIFIED
5926
5927 _[ - ]::--------------------------------------------------------------------------------------------------------------
5928|_[ + ] [ 57 / 100 ]-[22:31:15] [ - ]
5929|_[ + ] Target:: [ https://www.gip.gov.sa/en/mission.html ]
5930|_[ + ] Exploit::
5931|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5932|_[ + ] More details:: / - / , ISP:
5933|_[ + ] Found:: UNIDENTIFIED
5934
5935 _[ - ]::--------------------------------------------------------------------------------------------------------------
5936|_[ + ] [ 58 / 100 ]-[22:31:16] [ - ]
5937|_[ + ] Target:: [ https://www.gip.gov.sa/pages/jobs.aspx ]
5938|_[ + ] Exploit::
5939|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5940|_[ + ] More details:: / - / , ISP:
5941|_[ + ] Found:: UNIDENTIFIED
5942
5943 _[ - ]::--------------------------------------------------------------------------------------------------------------
5944|_[ + ] [ 59 / 100 ]-[22:31:19] [ - ]
5945|_[ + ] Target:: [ https://www.gip.gov.sa/Home/Page/Vision ]
5946|_[ + ] Exploit::
5947|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5948|_[ + ] More details:: / - / , ISP:
5949|_[ + ] Found:: UNIDENTIFIED
5950
5951 _[ - ]::--------------------------------------------------------------------------------------------------------------
5952|_[ + ] [ 60 / 100 ]-[22:31:20] [ - ]
5953|_[ + ] Target:: [ https://www.gip.gov.sa/pages/jobs.aspx، ]
5954|_[ + ] Exploit::
5955|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5956|_[ + ] More details:: / - / , ISP:
5957|_[ + ] Found:: UNIDENTIFIED
5958
5959 _[ - ]::--------------------------------------------------------------------------------------------------------------
5960|_[ + ] [ 61 / 100 ]-[22:31:22] [ - ]
5961|_[ + ] Target:: [ https://www.gip.gov.sa/forms/3.pdf ]
5962|_[ + ] Exploit::
5963|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5964|_[ + ] More details:: / - / , ISP:
5965|_[ + ] Found:: UNIDENTIFIED
5966
5967 _[ - ]::--------------------------------------------------------------------------------------------------------------
5968|_[ + ] [ 62 / 100 ]-[22:31:23] [ - ]
5969|_[ + ] Target:: [ http://www.gip.gov.sa/sites/english/AboutPresidency ]
5970|_[ + ] Exploit::
5971|_[ + ] Information Server:: HTTP/1.1 301 Moved Permanently, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:80
5972|_[ + ] More details:: / - / , ISP:
5973|_[ + ] Found:: UNIDENTIFIED
5974
5975 _[ - ]::--------------------------------------------------------------------------------------------------------------
5976|_[ + ] [ 63 / 100 ]-[22:31:24] [ - ]
5977|_[ + ] Target:: [ https://www.gip.gov.sa/INQUIRY/Pages/default.aspx ]
5978|_[ + ] Exploit::
5979|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5980|_[ + ] More details:: / - / , ISP:
5981|_[ + ] Found:: UNIDENTIFIED
5982
5983 _[ - ]::--------------------------------------------------------------------------------------------------------------
5984|_[ + ] [ 64 / 100 ]-[22:31:25] [ - ]
5985|_[ + ] Target:: [ http://www.gip.gov.sa/LISTREPOSITORY/Pages/default.aspx ]
5986|_[ + ] Exploit::
5987|_[ + ] Information Server:: HTTP/1.1 301 Moved Permanently, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:80
5988|_[ + ] More details:: / - / , ISP:
5989|_[ + ] Found:: UNIDENTIFIED
5990
5991 _[ - ]::--------------------------------------------------------------------------------------------------------------
5992|_[ + ] [ 65 / 100 ]-[22:31:26] [ - ]
5993|_[ + ] Target:: [ https://www.gip.gov.sa/_layouts/jobsystemGIP/home.aspx ]
5994|_[ + ] Exploit::
5995|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
5996|_[ + ] More details:: / - / , ISP:
5997|_[ + ] Found:: UNIDENTIFIED
5998
5999 _[ - ]::--------------------------------------------------------------------------------------------------------------
6000|_[ + ] [ 66 / 100 ]-[22:31:27] [ - ]
6001|_[ + ] Target:: [ https://www.gip.gov.sa/JobApplication/Pages/default.aspx ]
6002|_[ + ] Exploit::
6003|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
6004|_[ + ] More details:: / - / , ISP:
6005|_[ + ] Found:: UNIDENTIFIED
6006
6007 _[ - ]::--------------------------------------------------------------------------------------------------------------
6008|_[ + ] [ 67 / 100 ]-[22:31:28] [ - ]
6009|_[ + ] Target:: [ http://www.gip.gov.sa/Contactus/Pages/contact985.aspx ]
6010|_[ + ] Exploit::
6011|_[ + ] Information Server:: HTTP/1.1 301 Moved Permanently, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:80
6012|_[ + ] More details:: / - / , ISP:
6013|_[ + ] Found:: UNIDENTIFIED
6014
6015 _[ - ]::--------------------------------------------------------------------------------------------------------------
6016|_[ + ] [ 68 / 100 ]-[22:31:29] [ - ]
6017|_[ + ] Target:: [ https://www.gip.gov.sa/pages/jobs.aspx:tsfiq: ]
6018|_[ + ] Exploit::
6019|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
6020|_[ + ] More details:: / - / , ISP:
6021|_[ + ] Found:: UNIDENTIFIED
6022
6023 _[ - ]::--------------------------------------------------------------------------------------------------------------
6024|_[ + ] [ 69 / 100 ]-[22:31:30] [ - ]
6025|_[ + ] Target:: [ https://www.gip.gov.sa/News/Pages/News1200.aspx ]
6026|_[ + ] Exploit::
6027|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
6028|_[ + ] More details:: / - / , ISP:
6029|_[ + ] Found:: UNIDENTIFIED
6030
6031 _[ - ]::--------------------------------------------------------------------------------------------------------------
6032|_[ + ] [ 70 / 100 ]-[22:31:31] [ - ]
6033|_[ + ] Target:: [ https://www.gip.gov.sa/AboutPresidency/Pages/AboutPresident.aspx ]
6034|_[ + ] Exploit::
6035|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
6036|_[ + ] More details:: / - / , ISP:
6037|_[ + ] Found:: UNIDENTIFIED
6038
6039 _[ - ]::--------------------------------------------------------------------------------------------------------------
6040|_[ + ] [ 71 / 100 ]-[22:31:33] [ - ]
6041|_[ + ] Target:: [ https://www.gip.gov.sa/AboutPresidency/Pages/Home.aspx ]
6042|_[ + ] Exploit::
6043|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
6044|_[ + ] More details:: / - / , ISP:
6045|_[ + ] Found:: UNIDENTIFIED
6046
6047 _[ - ]::--------------------------------------------------------------------------------------------------------------
6048|_[ + ] [ 72 / 100 ]-[22:31:34] [ - ]
6049|_[ + ] Target:: [ https://www.gip.gov.sa/fonts/Cairo-Bold.ttf ]
6050|_[ + ] Exploit::
6051|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
6052|_[ + ] More details:: / - / , ISP:
6053|_[ + ] Found:: UNIDENTIFIED
6054
6055 _[ - ]::--------------------------------------------------------------------------------------------------------------
6056|_[ + ] [ 73 / 100 ]-[22:31:35] [ - ]
6057|_[ + ] Target:: [ http://www.gip.gov.sa/AboutKingdom/Pages/Home.aspx ]
6058|_[ + ] Exploit::
6059|_[ + ] Information Server:: HTTP/1.1 301 Moved Permanently, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:80
6060|_[ + ] More details:: / - / , ISP:
6061|_[ + ] Found:: UNIDENTIFIED
6062
6063 _[ - ]::--------------------------------------------------------------------------------------------------------------
6064|_[ + ] [ 74 / 100 ]-[22:31:40] [ - ]
6065|_[ + ] Target:: [ https://www.gip.gov.sa/_layouts/jobsystemgip/ReferenceKey.aspx ]
6066|_[ + ] Exploit::
6067|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
6068|_[ + ] More details:: / - / , ISP:
6069|_[ + ] Found:: UNIDENTIFIED
6070
6071 _[ - ]::--------------------------------------------------------------------------------------------------------------
6072|_[ + ] [ 75 / 100 ]-[22:31:42] [ - ]
6073|_[ + ] Target:: [ https://www.gip.gov.sa/PreviousPresidency/Pages/Home.aspx ]
6074|_[ + ] Exploit::
6075|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
6076|_[ + ] More details:: / - / , ISP:
6077|_[ + ] Found:: UNIDENTIFIED
6078
6079 _[ - ]::--------------------------------------------------------------------------------------------------------------
6080|_[ + ] [ 76 / 100 ]-[22:31:43] [ - ]
6081|_[ + ] Target:: [ https://www.gip.gov.sa/News/Pages/أمرملكيإعفاءالأميرمقرنوتعيينهمستشاراًومبعوثاًخاصاًلخادمالحرمينوالأميربندربنسلطانرئيساًللاستخباراتالعامة.aspx ]
6082|_[ + ] Exploit::
6083|_[ + ] Information Server:: HTTP/1.1 400 Bad Request, Server: Microsoft-HTTPAPI/2.0 , IP:212.138.117.71:443
6084|_[ + ] More details:: / - / , ISP:
6085|_[ + ] Found:: UNIDENTIFIED
6086
6087 _[ - ]::--------------------------------------------------------------------------------------------------------------
6088|_[ + ] [ 77 / 100 ]-[22:31:44] [ - ]
6089|_[ + ] Target:: [ http://www.gip.gov.sa/PreviousPresidency/Pages/MrOmarMahmoudshams.aspx ]
6090|_[ + ] Exploit::
6091|_[ + ] Information Server:: HTTP/1.1 301 Moved Permanently, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:80
6092|_[ + ] More details:: / - / , ISP:
6093|_[ + ] Found:: UNIDENTIFIED
6094
6095 _[ - ]::--------------------------------------------------------------------------------------------------------------
6096|_[ + ] [ 78 / 100 ]-[22:31:45] [ - ]
6097|_[ + ] Target:: [ https://www.gip.gov.sa/sites/english/Pages/Home.aspx ]
6098|_[ + ] Exploit::
6099|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
6100|_[ + ] More details:: / - / , ISP:
6101|_[ + ] Found:: UNIDENTIFIED
6102
6103 _[ - ]::--------------------------------------------------------------------------------------------------------------
6104|_[ + ] [ 79 / 100 ]-[22:31:46] [ - ]
6105|_[ + ] Target:: [ https://www.gip.gov.sa/fonts/glyphicons-halflings-regular.woff2 ]
6106|_[ + ] Exploit::
6107|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
6108|_[ + ] More details:: / - / , ISP:
6109|_[ + ] Found:: UNIDENTIFIED
6110
6111 _[ - ]::--------------------------------------------------------------------------------------------------------------
6112|_[ + ] [ 80 / 100 ]-[22:31:47] [ - ]
6113|_[ + ] Target:: [ https://www.gip.gov.sa/sites/English/SiteCollectionDocuments/PDF.pdf ]
6114|_[ + ] Exploit::
6115|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
6116|_[ + ] More details:: / - / , ISP:
6117|_[ + ] Found:: UNIDENTIFIED
6118
6119 _[ - ]::--------------------------------------------------------------------------------------------------------------
6120|_[ + ] [ 81 / 100 ]-[22:31:52] [ - ]
6121|_[ + ] Target:: [ https://www.gip.gov.sa/sites/English/Pages/Wanted.aspx ]
6122|_[ + ] Exploit::
6123|_[ + ] Information Server:: , , IP:212.138.117.71:443
6124|_[ + ] More details:: / - / , ISP:
6125|_[ + ] Found:: UNIDENTIFIED
6126
6127 _[ - ]::--------------------------------------------------------------------------------------------------------------
6128|_[ + ] [ 82 / 100 ]-[22:31:53] [ - ]
6129|_[ + ] Target:: [ https://www.gip.gov.sa/JobApplication...default .aspx ]
6130|_[ + ] Exploit::
6131|_[ + ] Information Server:: HTTP/1.1 400 Bad Request, Server: Microsoft-HTTPAPI/2.0 , IP:212.138.117.71:443
6132|_[ + ] More details:: / - / , ISP:
6133|_[ + ] Found:: UNIDENTIFIED
6134
6135 _[ - ]::--------------------------------------------------------------------------------------------------------------
6136|_[ + ] [ 83 / 100 ]-[22:31:55] [ - ]
6137|_[ + ] Target:: [ https://www.gip.gov.sa/forms/Terms-Of-Employment.pdf ]
6138|_[ + ] Exploit::
6139|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
6140|_[ + ] More details:: / - / , ISP:
6141|_[ + ] Found:: UNIDENTIFIED
6142
6143 _[ - ]::--------------------------------------------------------------------------------------------------------------
6144|_[ + ] [ 84 / 100 ]-[22:31:56] [ - ]
6145|_[ + ] Target:: [ https://www.gip.gov.sa/Documents/GIP History.pdf ]
6146|_[ + ] Exploit::
6147|_[ + ] Information Server:: HTTP/1.1 400 Bad Request, Server: Microsoft-HTTPAPI/2.0 , IP:212.138.117.71:443
6148|_[ + ] More details:: / - / , ISP:
6149|_[ + ] Found:: UNIDENTIFIED
6150
6151 _[ - ]::--------------------------------------------------------------------------------------------------------------
6152|_[ + ] [ 85 / 100 ]-[22:31:57] [ - ]
6153|_[ + ] Target:: [ https://www.gip.gov.sa/sites/english/AboutKingdom/Pages/Home.aspx ]
6154|_[ + ] Exploit::
6155|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
6156|_[ + ] More details:: / - / , ISP:
6157|_[ + ] Found:: UNIDENTIFIED
6158
6159 _[ - ]::--------------------------------------------------------------------------------------------------------------
6160|_[ + ] [ 86 / 100 ]-[22:31:58] [ - ]
6161|_[ + ] Target:: [ https://www.gip.gov.sa/sites/English/Newsletter/Pages/Home.aspx ]
6162|_[ + ] Exploit::
6163|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
6164|_[ + ] More details:: / - / , ISP:
6165|_[ + ] Found:: UNIDENTIFIED
6166
6167 _[ - ]::--------------------------------------------------------------------------------------------------------------
6168|_[ + ] [ 87 / 100 ]-[22:32:00] [ - ]
6169|_[ + ] Target:: [ https://www.gip.gov.sa/sites/english/AboutPresidency/Pages/AboutPresident.aspx ]
6170|_[ + ] Exploit::
6171|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
6172|_[ + ] More details:: / - / , ISP:
6173|_[ + ] Found:: UNIDENTIFIED
6174
6175 _[ - ]::--------------------------------------------------------------------------------------------------------------
6176|_[ + ] [ 88 / 100 ]-[22:32:00] [ - ]
6177|_[ + ] Target:: [ http://www.gip.gov.sa/sites/english/AboutPresidency/Pages/ValuesAndPrinciples.aspx ]
6178|_[ + ] Exploit::
6179|_[ + ] Information Server:: HTTP/1.1 301 Moved Permanently, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:80
6180|_[ + ] More details:: / - / , ISP:
6181|_[ + ] Found:: UNIDENTIFIED
6182
6183 _[ - ]::--------------------------------------------------------------------------------------------------------------
6184|_[ + ] [ 89 / 100 ]-[22:32:02] [ - ]
6185|_[ + ] Target:: [ https://www.gip.gov.sa/sites/english/AboutPresidency/Pages/OurVision.aspx ]
6186|_[ + ] Exploit::
6187|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
6188|_[ + ] More details:: / - / , ISP:
6189|_[ + ] Found:: UNIDENTIFIED
6190
6191 _[ - ]::--------------------------------------------------------------------------------------------------------------
6192|_[ + ] [ 90 / 100 ]-[22:32:03] [ - ]
6193|_[ + ] Target:: [ https://www.gip.gov.sa/sites/english/News/Pages/News101.aspx ]
6194|_[ + ] Exploit::
6195|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
6196|_[ + ] More details:: / - / , ISP:
6197|_[ + ] Found:: UNIDENTIFIED
6198
6199 _[ - ]::--------------------------------------------------------------------------------------------------------------
6200|_[ + ] [ 91 / 100 ]-[22:32:04] [ - ]
6201|_[ + ] Target:: [ https://www.gip.gov.sa/sites/english/News/Pages/ChiefofGeneralIntelligenceInspectsCenterOfCommandandControlatMina.aspx ]
6202|_[ + ] Exploit::
6203|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
6204|_[ + ] More details:: / - / , ISP:
6205|_[ + ] Found:: UNIDENTIFIED
6206
6207 _[ - ]::--------------------------------------------------------------------------------------------------------------
6208|_[ + ] [ 92 / 100 ]-[22:32:05] [ - ]
6209|_[ + ] Target:: [ https://www.gip.gov.sa/sites/english/News/Pages/PrinceBandarthanksKingAbdullahforappointinghimasChiefofGeneralIntelligence.aspx ]
6210|_[ + ] Exploit::
6211|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
6212|_[ + ] More details:: / - / , ISP:
6213|_[ + ] Found:: UNIDENTIFIED
6214
6215 _[ - ]::--------------------------------------------------------------------------------------------------------------
6216|_[ + ] [ 93 / 100 ]-[22:32:07] [ - ]
6217|_[ + ] Target:: [ https://www.gip.gov.sa/SITES/ENGLISH/ABOUTPRESIDENCY/Pages/History.aspx ]
6218|_[ + ] Exploit::
6219|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
6220|_[ + ] More details:: / - / , ISP:
6221|_[ + ] Found:: UNIDENTIFIED
6222
6223 _[ - ]::--------------------------------------------------------------------------------------------------------------
6224|_[ + ] [ 94 / 100 ]-[22:32:08] [ - ]
6225|_[ + ] Target:: [ https://www.gip.gov.sa/Pages/رئاسة الاستخبارات العامة.aspx ]
6226|_[ + ] Exploit::
6227|_[ + ] Information Server:: HTTP/1.1 400 Bad Request, Server: Microsoft-HTTPAPI/2.0 , IP:212.138.117.71:443
6228|_[ + ] More details:: / - / , ISP:
6229|_[ + ] Found:: UNIDENTIFIED
6230
6231 _[ - ]::--------------------------------------------------------------------------------------------------------------
6232|_[ + ] [ 95 / 100 ]-[22:32:09] [ - ]
6233|_[ + ] Target:: [ https://www.gip.gov.sa/Uploads/المطلوب على المتقدم 1440.pdf ]
6234|_[ + ] Exploit::
6235|_[ + ] Information Server:: HTTP/1.1 400 Bad Request, Server: Microsoft-HTTPAPI/2.0 , IP:212.138.117.71:443
6236|_[ + ] More details:: / - / , ISP:
6237|_[ + ] Found:: UNIDENTIFIED
6238
6239 _[ - ]::--------------------------------------------------------------------------------------------------------------
6240|_[ + ] [ 96 / 100 ]-[22:32:10] [ - ]
6241|_[ + ] Target:: [ https://www.gip.gov.sa/Wanted/Pages/WantedList.aspx?PageNo=1&PageNo=1 ]
6242|_[ + ] Exploit::
6243|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
6244|_[ + ] More details:: / - / , ISP:
6245|_[ + ] Found:: UNIDENTIFIED
6246
6247 _[ - ]::--------------------------------------------------------------------------------------------------------------
6248|_[ + ] [ 97 / 100 ]-[22:32:12] [ - ]
6249|_[ + ] Target:: [ https://www.gip.gov.sa/_layouts/jobsystemGIP/JobSearch.aspx?Id=2&Id=2 ]
6250|_[ + ] Exploit::
6251|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.71:443
6252|_[ + ] More details:: / - / , ISP:
6253|_[ + ] Found:: UNIDENTIFIED
6254
6255 _[ - ]::--------------------------------------------------------------------------------------------------------------
6256|_[ + ] [ 98 / 100 ]-[22:32:13] [ - ]
6257|_[ + ] Target:: [ https://www.gip.gov.sa/Uploads/استمارة المعلومات الشخصية لدورة الموسيقى.pdf ]
6258|_[ + ] Exploit::
6259|_[ + ] Information Server:: HTTP/1.1 400 Bad Request, Server: Microsoft-HTTPAPI/2.0 , IP:212.138.117.71:443
6260|_[ + ] More details:: / - / , ISP:
6261|_[ + ] Found:: UNIDENTIFIED
6262
6263 _[ - ]::--------------------------------------------------------------------------------------------------------------
6264|_[ + ] [ 99 / 100 ]-[22:32:14] [ - ]
6265|_[ + ] Target:: [ https://www.gip.gov.sa/Uploads/استمارة المعلومات الشخصية للمتقدم للتعين.pdf ]
6266|_[ + ] Exploit::
6267|_[ + ] Information Server:: HTTP/1.1 400 Bad Request, Server: Microsoft-HTTPAPI/2.0 , IP:212.138.117.71:443
6268|_[ + ] More details:: / - / , ISP:
6269|_[ + ] Found:: UNIDENTIFIED
6270
6271[ INFO ] [ Shutting down ]
6272[ INFO ] [ End of process INURLBR at [30-11-2019 22:32:14]
6273[ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
6274[ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/www.gip.gov.sa/output/inurlbr-www.gip.gov.sa ]
6275|_________________________________________________________________________________________
6276
6277\_________________________________________________________________________________________/
6278#######################################################################################################################################
6279 Anonymous JTSEC #OpSaudiArabia Full Recon #18