Secunia Logo  
 Vulnerability InformationVulnerability ScanningCommunityBlogCorporate InformationOnline ShopCustomer Login  
 Secunia AdvisoriesSecunia ResearchBinary Analysis  
Home > Vulnerability Information > Secunia Advisories > Advisories by Product > Microsoft Windows XP Professional
Secunia Advisories
Advisories
Search
Advisories by Product
Advisories by Vendor
Historic Advisories
Mailing Lists
Report Vulnerability
Contact Form
Business Solutions Restricted
Partner Solutions Restricted
About


Secunia PSI WorldMap 		 
Vulnerability Report: Microsoft Windows XP Professional
This vulnerability report for Microsoft Windows XP Professional contains a complete overview of all Secunia advisories affecting it. You can use this vulnerability report to ensure that you are aware of all vulnerabilities, both patched and unpatched, affecting this product allowing you to take the necessary precautions.

If you have information about a new or an existing vulnerability in Microsoft Windows XP Professional then you are more than welcome to contact us.


Table of Contents

1. Product Summary Only

2. Secunia Advisory Statistics (All time)
2.1. Statistics for 2009
2.2. Statistics for 2008
2.3. Statistics for 2007
2.4. Statistics for 2006
2.5. Statistics for 2005
2.6. Statistics for 2004
2.7. Statistics for 2003

3. List of Secunia Advisories (All time)
3.1. List for 2009
3.2. List for 2008
3.3. List for 2007
3.4. List for 2006
3.5. List for 2005
3.6. List for 2004
3.7. List for 2003

4. Send Feedback
 
Vendor, Links, and Unpatched Vulnerabilities

Vendor Microsoft

Product Link N/A

Affected By 263 Secunia advisories
293 Vulnerabilities

Monitor Product Receive alerts for this product

Unpatched 12% (31 of 263 Secunia advisories)

Most Critical Unpatched
The most severe unpatched Secunia advisory affecting Microsoft Windows XP Professional, with all vendor patches applied, is rated Moderately critical .




46 Secunia Advisories in 2006
Secunia has issued a total of 46 Secunia advisories in 2006 for Microsoft Windows XP Professional. Currently, 9% (4 out of 46) are marked as unpatched with the most severe being rated Less critical

More information about the specific Secunia advisories affecting Microsoft Windows XP Professional can be found below. Each Secunia advisory is enclosed by a box highlighted with a color representing its current patch status. You can read the complete Secunia advisories for thorough descriptions of the issues covered and for solution suggestions by clicking either the Secunia advisory title or the "Read More" links available for each Secunia advisory.



Microsoft Windows CSRSS Information Disclosure Vulnerability
Vendor Patch. Secunia Advisory 1 of 46 in 2006. 16,215 views.
Release Date:
2006-12-28		 Secunia Advisory ID:
SA23491		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Exposure of sensitive information
Privilege escalation
DoS
 Where:
Local system
Short Description:
Rubén Santamarta has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain knowledge of sensitive information. [Read More]

Windows Workstation Service NetrWkstaUserEnum Denial of Service
Unpatched. Secunia Advisory 2 of 46 in 2006. 19,817 views.
Release Date:
2006-12-26		 Secunia Advisory ID:
SA23487		 Solution Status:
Unpatched
Criticality:
 Impact:
DoS
 Where:
From local network
Short Description:
h07 has discovered a weakness in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]

Microsoft Windows CSRSS MsgBox Memory Corruption Vulnerability
Vendor Patch. Secunia Advisory 3 of 46 in 2006. 30,111 views.
Release Date:
2006-12-22		 Secunia Advisory ID:
SA23448		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. [Read More]

Outlook Express Address Book Contact Record Vulnerability
Vendor Patch. Secunia Advisory 4 of 46 in 2006. 13,192 views.
Release Date:
2006-12-12		 Secunia Advisory ID:
SA23311		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
A vulnerability has been reported in Outlook Express, which can be exploited by malicious people to compromise a user's system. [Read More]

Microsoft Windows File Manifest Privilege Escalation Vulnerability
Vendor Patch. Secunia Advisory 5 of 46 in 2006. 11,590 views.
Release Date:
2006-12-12		 Secunia Advisory ID:
SA23308		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Privilege escalation
 Where:
Local system
Short Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges. [Read More]

Microsoft Windows SNMP Service GetBulkRequest Memory Corruption
Vendor Patch. Secunia Advisory 6 of 46 in 2006. 15,846 views.
Release Date:
2006-12-12		 Secunia Advisory ID:
SA23307		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
System access
 Where:
From local network
Short Description:
A vulnerability has been reported in Microsoft Windows, which potentially can be exploited by malicious people to compromise a vulnerable system. [Read More]

Windows Media Format Runtime ASX/ASF Parsing Vulnerabilities
Vendor Patch. Secunia Advisory 7 of 46 in 2006. 18,935 views.
Release Date:
2006-12-08		 Secunia Advisory ID:
SA22971		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
System access
 Where:
From remote
Short Description:
Some vulnerabilities have been reported in Windows Media Format Runtime, which potentially can be exploited by malicious people to compromise a user's system. [Read More]

Microsoft Windows Agent ActiveX Control Buffer Overflow
Vendor Patch. Secunia Advisory 8 of 46 in 2006. 18,656 views.
Release Date:
2006-11-14		 Secunia Advisory ID:
SA22878		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. [Read More]

Microsoft Windows Workstation Service Buffer Overflow Vulnerability
Vendor Patch. Secunia Advisory 9 of 46 in 2006. 15,537 views.
Release Date:
2006-11-14		 Secunia Advisory ID:
SA22883		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From local network
Short Description:
eEye Digital Security has reported a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. [Read More]

Microsoft Windows Flash Player Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 10 of 46 in 2006. 23,285 views.
Release Date:
2006-11-14		 Secunia Advisory ID:
SA22882		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Security Bypass
System access
 Where:
From remote
Short Description:
Microsoft has acknowledged some vulnerabilities in Windows XP, which can be exploited by malicious people to bypass certain security restrictions or compromise a user's system. [Read More]

Microsoft Windows Client Service for Netware Vulnerabilities
Vendor Patch. Secunia Advisory 11 of 46 in 2006. 19,329 views.
Release Date:
2006-11-14		 Secunia Advisory ID:
SA22866		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
System access
 Where:
From local network
Short Description:
Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system. [Read More]

Microsoft Windows GDI Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 12 of 46 in 2006. 20,937 views.
Release Date:
2006-11-06		 Secunia Advisory ID:
SA22668		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Privilege escalation
DoS
 Where:
From remote
Short Description:
Multiple vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. [Read More]

Microsoft XMLHTTP ActiveX Control Code Execution Vulnerability
Vendor Patch. Secunia Advisory 13 of 46 in 2006. 72,676 views.
Release Date:
2006-11-04		 Secunia Advisory ID:
SA22687		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
A vulnerability has been discovered in Microsoft XML Core Services, which can be exploited by malicious people to compromise a user's system. [Read More]

Microsoft Windows Internet Connection Sharing Denial of Service
Unpatched. Secunia Advisory 14 of 46 in 2006. 22,866 views.
Release Date:
2006-10-30		 Secunia Advisory ID:
SA22592		 Solution Status:
Unpatched
Criticality:
 Impact:
DoS
 Where:
From local network
Short Description:
h07 has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]

Microsoft Windows Object Packager Dialog Spoofing Vulnerability
Vendor Patch. Secunia Advisory 15 of 46 in 2006. 10,201 views.
Release Date:
2006-10-10		 Secunia Advisory ID:
SA20717		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Spoofing
System access
 Where:
From remote
Short Description:
Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to conduct spoofing attacks. [Read More]

Microsoft Windows Multiple IPv6 Denial of Service Vulnerabilities
Vendor Patch. Secunia Advisory 16 of 46 in 2006. 12,525 views.
Release Date:
2006-10-10		 Secunia Advisory ID:
SA22341		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
 Where:
From remote
Short Description:
Three vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]

Microsoft Windows Shell Code Execution Vulnerability
Vendor Patch. Secunia Advisory 17 of 46 in 2006. 37,887 views.
Release Date:
2006-09-28		 Secunia Advisory ID:
SA22159		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
H D Moore has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. [Read More]

Microsoft Vector Graphics Rendering Library Buffer Overflow
Vendor Patch. Secunia Advisory 18 of 46 in 2006. 68,413 views.
Release Date:
2006-09-19		 Secunia Advisory ID:
SA21989		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. [Read More]

Microsoft Windows Indexing Service Cross-Site Scripting
Vendor Patch. Secunia Advisory 19 of 46 in 2006. 13,368 views.
Release Date:
2006-09-12		 Secunia Advisory ID:
SA21861		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Cross Site Scripting
 Where:
From remote
Short Description:
Eiji James Yoshida has reported a vulnerability in Microsoft Windows, which can be exploited by malicious people to conduct cross-site scripting attacks. [Read More]

Microsoft Windows Pragmatic General Multicast Code Execution
Vendor Patch. Secunia Advisory 20 of 46 in 2006. 14,420 views.
Release Date:
2006-09-12		 Secunia Advisory ID:
SA21851		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From local network
Short Description:
A vulnerability has been reported in Microsoft Windows XP, which can be exploited by malicious people to compromise a vulnerable system. [Read More]

Microsoft Windows Two Vulnerabilities
Vendor Patch. Secunia Advisory 21 of 46 in 2006. 13,586 views.
Release Date:
2006-08-08		 Secunia Advisory ID:
SA21417		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Privilege escalation
System access
 Where:
From remote
Short Description:
Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a vulnerable system. [Read More]

Windows DNS Resolution Code Execution Vulnerabilities
Vendor Patch. Secunia Advisory 22 of 46 in 2006. 17,533 views.
Release Date:
2006-08-08		 Secunia Advisory ID:
SA21394		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. [Read More]

Windows Server Service Buffer Overflow Vulnerability
Vendor Patch. Secunia Advisory 23 of 46 in 2006. 19,376 views.
Release Date:
2006-08-08		 Secunia Advisory ID:
SA21388		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From local network
Short Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. [Read More]

Microsoft Windows WMF File Handling Denial of Service
Unpatched. Secunia Advisory 24 of 46 in 2006. 14,222 views.
Release Date:
2006-08-07		 Secunia Advisory ID:
SA21377		 Solution Status:
Unpatched
Criticality:
 Impact:
DoS
 Where:
From remote
Short Description:
cyanid-E has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]

Microsoft Windows Server Service DoS and Privilege Escalation
Vendor Patch. Secunia Advisory 25 of 46 in 2006. 17,496 views.
Release Date:
2006-07-31		 Secunia Advisory ID:
SA21276		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Privilege escalation
DoS
 Where:
From local network
Short Description:
Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to cause a DoS (Denial of Service). [Read More]

Microsoft Windows Server Service Two Vulnerabilities
Vendor Patch. Secunia Advisory 26 of 46 in 2006. 15,312 views.
Release Date:
2006-07-11		 Secunia Advisory ID:
SA21007		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Exposure of system information
System access
 Where:
From local network
Short Description:
Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to expose sensitive information and compromise a vulnerable system. [Read More]

Windows DHCP Client Service Buffer Overflow Vulnerability
Vendor Patch. Secunia Advisory 27 of 46 in 2006. 14,992 views.
Release Date:
2006-07-11		 Secunia Advisory ID:
SA21010		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From local network
Short Description:
Cybsec Security Systems has reported a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. [Read More]

Windows HTML Help ActiveX Control Memory Corruption
Vendor Patch. Secunia Advisory 28 of 46 in 2006. 26,776 views.
Release Date:
2006-07-04		 Secunia Advisory ID:
SA20906		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. [Read More]

Internet Explorer Information Disclosure and HTA Application Execution
Vendor Patch. Secunia Advisory 29 of 46 in 2006. 29,550 views.
Release Date:
2006-06-27		 Secunia Advisory ID:
SA20825		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Exposure of sensitive information
System access
 Where:
From remote
Short Description:
Plebo Aesdi Nael has discovered two vulnerabilities in Microsoft Windows, which can be exploited by malicious people to disclose potentially sensitive information and potentially compromise a user's system. [Read More]

Microsoft Windows Hyperlink Object Library Vulnerabilities
Vendor Patch. Secunia Advisory 30 of 46 in 2006. 41,902 views.
Release Date:
2006-06-20		 Secunia Advisory ID:
SA20748		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. [Read More]

Microsoft Windows TCP/IP Protocol Driver Buffer Overflow
Vendor Patch. Secunia Advisory 31 of 46 in 2006. 23,586 views.
Release Date:
2006-06-13		 Secunia Advisory ID:
SA20639		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
System access
 Where:
From remote
Short Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. [Read More]

Microsoft Windows ART Image Handling Buffer Overflow
Vendor Patch. Secunia Advisory 32 of 46 in 2006. 13,489 views.
Release Date:
2006-06-13		 Secunia Advisory ID:
SA20605		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. [Read More]

Windows SMB Denial of Service and Privilege Escalation
Vendor Patch. Secunia Advisory 33 of 46 in 2006. 11,991 views.
Release Date:
2006-06-13		 Secunia Advisory ID:
SA20635		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Privilege escalation
DoS
 Where:
Local system
Short Description:
Ruben Santamarta has reported two vulnerabilities in Microsoft Windows, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges. [Read More]

Microsoft Windows Routing and Remote Access Vulnerabilities
Vendor Patch. Secunia Advisory 34 of 46 in 2006. 18,915 views.
Release Date:
2006-06-13		 Secunia Advisory ID:
SA20630		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From local network
Short Description:
Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people or users to compromise a vulnerable system. [Read More]

Microsoft JScript Memory Corruption Vulnerability
Vendor Patch. Secunia Advisory 35 of 46 in 2006. 13,468 views.
Release Date:
2006-06-13		 Secunia Advisory ID:
SA20620		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. [Read More]

Microsoft Windows "mhtml:" URI Buffer Overflow Vulnerability
Vendor Patch. Secunia Advisory 36 of 46 in 2006. 22,929 views.
Release Date:
2006-06-01		 Secunia Advisory ID:
SA20384		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
Mr.Niega has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. [Read More]

Microsoft Windows "itss.dll" Heap Corruption Vulnerability
Unpatched. Secunia Advisory 37 of 46 in 2006. 17,415 views.
Release Date:
2006-05-10		 Secunia Advisory ID:
SA20061		 Solution Status:
Unpatched
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
Rubén Santamarta has discovered a vulnerability in Microsoft Windows, which potentially can be exploited by malicious people to compromise a user's system. [Read More]

Microsoft Distributed Transaction Coordinator Two Vulnerabilities
Vendor Patch. Secunia Advisory 38 of 46 in 2006. 37,229 views.
Release Date:
2006-05-09		 Secunia Advisory ID:
SA20000		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
System access
 Where:
From local network
Short Description:
Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. [Read More]

Microsoft Windows Flash Player Code Execution Vulnerabilities
Vendor Patch. Secunia Advisory 39 of 46 in 2006. 19,712 views.
Release Date:
2006-05-09		 Secunia Advisory ID:
SA20045		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. [Read More]

Microsoft Windows Explorer COM Object Handling Vulnerability
Vendor Patch. Secunia Advisory 40 of 46 in 2006. 16,949 views.
Release Date:
2006-04-11		 Secunia Advisory ID:
SA19606		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. [Read More]

Windows Media Player Plug-in EMBED Element Buffer Overflow
Vendor Patch. Secunia Advisory 41 of 46 in 2006. 25,263 views.
Release Date:
2006-02-14		 Secunia Advisory ID:
SA18852		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
A vulnerability has been reported in Windows Media Player plug-in, which can be exploited by malicious people to compromise a user's system. [Read More]

Microsoft Windows Web Client Service Vulnerability
Vendor Patch. Secunia Advisory 42 of 46 in 2006. 13,313 views.
Release Date:
2006-02-14		 Secunia Advisory ID:
SA18857		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Privilege escalation
 Where:
Local system
Short Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges. [Read More]

Microsoft Windows IGMP Denial of Service Vulnerability
Vendor Patch. Secunia Advisory 43 of 46 in 2006. 17,469 views.
Release Date:
2006-02-14		 Secunia Advisory ID:
SA18853		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
 Where:
From local network
Short Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]

Microsoft Windows / Office Korean Input Method Editor Vulnerability
Vendor Patch. Secunia Advisory 44 of 46 in 2006. 17,617 views.
Release Date:
2006-02-14		 Secunia Advisory ID:
SA18859		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From local network
Short Description:
Ryan Lee has reported a vulnerability in various Microsoft products, which can be exploited by malicious people to gain escalated privileges or compromise a vulnerable system. [Read More]

Windows Insecure Service Permissions Privilege Escalation
Vendor Patch. Secunia Advisory 45 of 46 in 2006. 18,624 views.
Release Date:
2006-02-08		 Secunia Advisory ID:
SA18756		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Privilege escalation
 Where:
Local system
Short Description:
Sudhakar Govindavajhala and Andrew W. Appel have reported some security issues in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges. [Read More]

Microsoft Windows Embedded Web Fonts Code Execution Vulnerability
Vendor Patch. Secunia Advisory 46 of 46 in 2006. 18,384 views.
Release Date:
2006-01-10		 Secunia Advisory ID:
SA18365		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. [Read More]






Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs (open positions) | About Secunia
Copyright Secunia 2002-2009