) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:microsoft:windows_server_2008:r2:sp2:*:*:standard:*:itanium:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2016-0100 |
Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Library Loading Input Validation Remote Code Execution Vulnerability." Published: March 09, 2016; 6:59:10 AM -0500 |
V3.0: 8.4 HIGH V2.0: 7.2 HIGH |
| CVE-2016-0099 |
The Secondary Logon Service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 does not properly process request handles, which allows local users to gain privileges via a crafted application, aka "Secondary Logon Elevation of Privilege Vulnerability." Published: March 09, 2016; 6:59:09 AM -0500 |
V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
| CVE-2016-0096 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0093, CVE-2016-0094, and CVE-2016-0095. Published: March 09, 2016; 6:59:07 AM -0500 |
V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
| CVE-2016-0095 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0093, CVE-2016-0094, and CVE-2016-0096. Published: March 09, 2016; 6:59:06 AM -0500 |
V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
| CVE-2016-0094 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0093, CVE-2016-0095, and CVE-2016-0096. Published: March 09, 2016; 6:59:05 AM -0500 |
V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
| CVE-2016-0093 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0094, CVE-2016-0095, and CVE-2016-0096. Published: March 09, 2016; 6:59:04 AM -0500 |
V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
| CVE-2016-0092 |
OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka "Windows OLE Memory Remote Code Execution Vulnerability," a different vulnerability than CVE-2016-0091. Published: March 09, 2016; 6:59:03 AM -0500 |
V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2016-0091 |
OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka "Windows OLE Memory Remote Code Execution Vulnerability," a different vulnerability than CVE-2016-0092. Published: March 09, 2016; 6:59:02 AM -0500 |
V3.0: 7.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2016-0051 |
The WebDAV client in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "WebDAV Elevation of Privilege Vulnerability." Published: February 10, 2016; 6:59:15 AM -0500 |
V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
| CVE-2016-0049 |
Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 does not properly validate password changes, which allows remote attackers to bypass authentication by deploying a crafted Key Distribution Center (KDC) and then performing a sign-in action, aka "Windows Kerberos Security Feature Bypass." Published: February 10, 2016; 6:59:13 AM -0500 |
V3.0: 6.2 MEDIUM V2.0: 2.1 LOW |
| CVE-2016-0048 |
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." Published: February 10, 2016; 6:59:12 AM -0500 |
V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
| CVE-2016-0042 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "Windows DLL Loading Remote Code Execution Vulnerability." Published: February 10, 2016; 6:59:08 AM -0500 |
V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
| CVE-2016-0041 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511, and Internet Explorer 10 and 11 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability." Published: February 10, 2016; 6:59:07 AM -0500 |
V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
| CVE-2015-6128 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability." Published: December 09, 2015; 6:59:13 AM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
| CVE-2015-2535 |
Active Directory in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allows remote authenticated users to cause a denial of service (service outage) by creating multiple machine accounts, aka "Active Directory Denial of Service Vulnerability." Published: September 08, 2015; 8:59:46 PM -0400 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
| CVE-2015-2510 |
Buffer overflow in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2, Office 2007 SP3, Office 2010 SP2, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, and Live Meeting 2007 Console allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "Graphics Component Buffer Overflow Vulnerability." Published: September 08, 2015; 8:59:23 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2015-2475 |
Cross-site scripting (XSS) vulnerability in uddi/search/frames.aspx in the UDDI Services component in Microsoft Windows Server 2008 SP2 and BizTalk Server 2010, 2013 Gold, and 2013 R2 allows remote attackers to inject arbitrary web script or HTML via the search parameter, aka "UDDI Services Elevation of Privilege Vulnerability." Published: August 14, 2015; 8:59:34 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2015-2474 |
Microsoft Windows Vista SP2 and Server 2008 SP2 allow remote authenticated users to execute arbitrary code via a crafted string in a Server Message Block (SMB) server error-logging action, aka "Server Message Block Memory Corruption Vulnerability." Published: August 14, 2015; 8:59:33 PM -0400 |
V3.x:(not available) V2.0: 9.0 HIGH |
| CVE-2015-2363 |
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." Published: July 14, 2015; 6:59:00 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
| CVE-2015-2369 |
Untrusted search path vulnerability in Windows Media Device Manager in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rtf file, aka "DLL Planting Remote Code Execution Vulnerability." Published: July 14, 2015; 5:59:06 PM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |