Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:x64:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2015-2473 |
Untrusted search path vulnerability in the client in Remote Desktop Protocol (RDP) through 8.1 in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rdp file, aka "Remote Desktop Protocol DLL Planting Remote Code Execution Vulnerability." Published: August 14, 2015; 8:59:33 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2015-1701 |
Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in April 2015, aka "Win32k Elevation of Privilege Vulnerability." Published: April 21, 2015; 6:59:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2013-3128 |
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5, allow remote attackers to execute arbitrary code via a crafted OpenType font (OTF) file, aka "OpenType Font Parsing Vulnerability." Published: October 09, 2013; 10:53:24 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2012-2532 |
Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) processes unspecified commands before TLS is enabled for a session, which allows remote attackers to obtain sensitive information by reading the replies to these commands, aka "FTP Command Injection Vulnerability." Published: November 13, 2012; 7:55:01 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2012-4969 |
Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012. Published: September 18, 2012; 6:39:14 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |