Secunia Logo  
 Vulnerability InformationVulnerability ScanningCommunityBlogCorporate InformationOnline ShopCustomer Login  
 Secunia AdvisoriesSecunia ResearchBinary Analysis  
Home > Vulnerability Information > Secunia Advisories > Advisories by Product > Microsoft Windows XP Professional
Secunia Advisories
Advisories
Search
Advisories by Product
Advisories by Vendor
Historic Advisories
Mailing Lists
Report Vulnerability
Contact Form
Business Solutions Restricted
Partner Solutions Restricted
About


Secunia PSI WorldMap 		 
Vulnerability Report: Microsoft Windows XP Professional
This vulnerability report for Microsoft Windows XP Professional contains a complete overview of all Secunia advisories affecting it. You can use this vulnerability report to ensure that you are aware of all vulnerabilities, both patched and unpatched, affecting this product allowing you to take the necessary precautions.

If you have information about a new or an existing vulnerability in Microsoft Windows XP Professional then you are more than welcome to contact us.


Table of Contents

1. Product Summary Only

2. Secunia Advisory Statistics (All time)
2.1. Statistics for 2009
2.2. Statistics for 2008
2.3. Statistics for 2007
2.4. Statistics for 2006
2.5. Statistics for 2005
2.6. Statistics for 2004
2.7. Statistics for 2003

3. List of Secunia Advisories (All time)
3.1. List for 2009
3.2. List for 2008
3.3. List for 2007
3.4. List for 2006
3.5. List for 2005
3.6. List for 2004
3.7. List for 2003

4. Send Feedback
 
Vendor, Links, and Unpatched Vulnerabilities

Vendor Microsoft

Product Link N/A

Affected By 263 Secunia advisories
293 Vulnerabilities

Monitor Product Receive alerts for this product

Unpatched 12% (31 of 263 Secunia advisories)

Most Critical Unpatched
The most severe unpatched Secunia advisory affecting Microsoft Windows XP Professional, with all vendor patches applied, is rated Moderately critical .




31 Secunia Advisories in 2007
Secunia has issued a total of 31 Secunia advisories in 2007 for Microsoft Windows XP Professional. Currently, 6% (2 out of 31) are marked as unpatched with the most severe being rated Moderately critical

More information about the specific Secunia advisories affecting Microsoft Windows XP Professional can be found below. Each Secunia advisory is enclosed by a box highlighted with a color representing its current patch status. You can read the complete Secunia advisories for thorough descriptions of the issues covered and for solution suggestions by clicking either the Secunia advisory title or the "Read More" links available for each Secunia advisory.



Microsoft Windows Message Queuing Privilege Escalation
Vendor Patch. Secunia Advisory 1 of 31 in 2007. 9,212 views.
Release Date:
2007-12-11		 Secunia Advisory ID:
SA28011		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Privilege escalation
 Where:
Local system
Short Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges. [Read More]

Microsoft DirectX SAMI/WAV/AVI File Parsing Vulnerabilities
Vendor Patch. Secunia Advisory 2 of 31 in 2007. 13,540 views.
Release Date:
2007-12-11		 Secunia Advisory ID:
SA28010		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
Two vulnerabilities have been reported in Microsoft DirectX, which can be exploited by malicious people to compromise a user's system. [Read More]

Windows Media Format Runtime ASF Parsing Vulnerabilities
Vendor Patch. Secunia Advisory 3 of 31 in 2007. 14,280 views.
Release Date:
2007-12-11		 Secunia Advisory ID:
SA28034		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
IBM X-Force has reported four vulnerabilities in Windows Media Format Runtime / Windows Media Services, which can be exploited by malicious people to compromise a user's system. [Read More]

Microsoft Web Proxy Auto-Discovery Feature Security Issue
Vendor Workaround. Secunia Advisory 4 of 31 in 2007. 17,923 views.
Release Date:
2007-12-04		 Secunia Advisory ID:
SA27901		 Solution Status:
Vendor Workaround
Criticality:
 Impact:
Security Bypass
Exposure of sensitive information
 Where:
From remote
Short Description:
A security issue has been reported in Microsoft's Web Proxy Auto-Discovery (WPAD) feature, which can be exploited by malicious people to conduct man-in-the-middle (MITM) attacks. [Read More]

Macrovision SafeDisc secdrv.sys Privilege Escalation
Vendor Patch. Secunia Advisory 5 of 31 in 2007. 13,381 views.
Release Date:
2007-10-23		 Secunia Advisory ID:
SA27285		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Privilege escalation
 Where:
Local system
Short Description:
A vulnerability has been reported in Macrovision SafeDisc, which can be exploited by malicious, local users to gain escalated privileges. [Read More]

Microsoft Windows Kodak Image Viewer Code Execution
Vendor Patch. Secunia Advisory 6 of 31 in 2007. 15,322 views.
Release Date:
2007-10-09		 Secunia Advisory ID:
SA27092		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. [Read More]

Microsoft Windows RPC Authentication Denial of Service
Vendor Patch. Secunia Advisory 7 of 31 in 2007. 11,636 views.
Release Date:
2007-10-09		 Secunia Advisory ID:
SA27134		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
 Where:
From local network
Short Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]

Microsoft Windows NNTP Response Handling Buffer Overflow
Vendor Patch. Secunia Advisory 8 of 31 in 2007. 14,066 views.
Release Date:
2007-10-09		 Secunia Advisory ID:
SA27112		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
VeriSign iDefense Labs has reported a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. [Read More]

Microsoft Windows CFileFind Class "FindFile()" Buffer Overflow
Unpatched. Secunia Advisory 9 of 31 in 2007. 19,550 views.
Release Date:
2007-09-17		 Secunia Advisory ID:
SA26800		 Solution Status:
Unpatched
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
Jonathan Sarba has discovered a vulnerability in Microsoft Windows, which potentially can be exploited by malicious people to compromise a vulnerable system. [Read More]

Microsoft Windows Vector Markup Language Buffer Overflow
Vendor Patch. Secunia Advisory 10 of 31 in 2007. 14,247 views.
Release Date:
2007-08-14		 Secunia Advisory ID:
SA26409		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. [Read More]

Windows Graphics Rendering Engine Image Handling Vulnerability
Vendor Patch. Secunia Advisory 11 of 31 in 2007. 11,550 views.
Release Date:
2007-08-14		 Secunia Advisory ID:
SA26423		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
System access
 Where:
From remote
Short Description:
A vulnerability has been reported in Microsoft Windows, which potentially can be exploited by malicious people to compromise a user's system. [Read More]

Microsoft Windows OLE Automation "substringData()" Integer Overflow
Vendor Patch. Secunia Advisory 12 of 31 in 2007. 12,757 views.
Release Date:
2007-08-14		 Secunia Advisory ID:
SA26449		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. [Read More]

Microsoft Windows URI Handling Command Execution Vulnerability
Vendor Patch. Secunia Advisory 13 of 31 in 2007. 67,691 views.
Release Date:
2007-07-26		 Secunia Advisory ID:
SA26201		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. [Read More]

Microsoft Windows Win32 API Code Execution Vulnerability
Vendor Patch. Secunia Advisory 14 of 31 in 2007. 16,717 views.
Release Date:
2007-06-12		 Secunia Advisory ID:
SA25640		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Privilege escalation
System access
 Where:
From remote
Short Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges or by malicious people to compromise a user's system. [Read More]

Windows Secure Channel Digital Signature Parsing Vulnerability
Vendor Patch. Secunia Advisory 15 of 31 in 2007. 14,744 views.
Release Date:
2007-06-12		 Secunia Advisory ID:
SA25620		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
System access
 Where:
From remote
Short Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. [Read More]

Microsoft Outlook Express and Windows Mail Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 16 of 31 in 2007. 22,146 views.
Release Date:
2007-06-12		 Secunia Advisory ID:
SA25639		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Security Bypass
Exposure of sensitive information
System access
 Where:
From remote
Short Description:
Some vulnerabilities have been reported in Microsoft Outlook Express and Windows Mail, which can be exploited by malicious people to disclose sensitive information and compromise a user's system. [Read More]

Microsoft Windows XP UPnP Memory Corruption Vulnerability
Vendor Patch. Secunia Advisory 17 of 31 in 2007. 12,574 views.
Release Date:
2007-04-10		 Secunia Advisory ID:
SA24822		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From local network
Short Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. [Read More]

Microsoft Agent URL Parsing Memory Corruption Vulnerability
Vendor Patch. Secunia Advisory 18 of 31 in 2007. 16,482 views.
Release Date:
2007-04-10		 Secunia Advisory ID:
SA22896		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. [Read More]

Microsoft Windows Kernel Mapped Memory Insecure Permissions
Vendor Patch. Secunia Advisory 19 of 31 in 2007. 11,900 views.
Release Date:
2007-04-10		 Secunia Advisory ID:
SA24834		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Privilege escalation
 Where:
Local system
Short Description:
eEye Digital Security has reported a vulnerability in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges. [Read More]

Microsoft Windows Animated Cursor Buffer Overflow Vulnerability
Vendor Patch. Secunia Advisory 20 of 31 in 2007. 83,789 views.
Release Date:
2007-03-30		 Secunia Advisory ID:
SA24659		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. [Read More]

Microsoft Windows NDISTAPI.SYS Denial of Service
Partial Fix. Secunia Advisory 21 of 31 in 2007. 11,201 views.
Release Date:
2007-03-20		 Secunia Advisory ID:
SA24598		 Solution Status:
Partial Fix
Criticality:
 Impact:
DoS
 Where:
Local system
Short Description:
Rubén Santamarta has reported a vulnerability in Microsoft Windows, which can be exploited by malicious, local users to cause a DoS (Denial of Service). [Read More]

Microsoft Windows Directory Monitoring Information Disclosure Weakness
Unpatched. Secunia Advisory 22 of 31 in 2007. 16,409 views.
Release Date:
2007-02-23		 Secunia Advisory ID:
SA24245		 Solution Status:
Unpatched
Criticality:
 Impact:
Exposure of sensitive information
Exposure of system information
 Where:
Local system
Short Description:
3APA3A has discovered a weakness in Microsoft Windows, which can be exploited by malicious, local users to gain knowledge of certain information. [Read More]

Microsoft Windows Shell Privilege Escalation Vulnerability
Vendor Patch. Secunia Advisory 23 of 31 in 2007. 12,859 views.
Release Date:
2007-02-13		 Secunia Advisory ID:
SA24126		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Privilege escalation
 Where:
Local system
Short Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges. [Read More]

Microsoft MDAC ADODB.Connection ActiveX Control Vulnerability
Vendor Patch. Secunia Advisory 24 of 31 in 2007. 19,442 views.
Release Date:
2007-02-13		 Secunia Advisory ID:
SA22452		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
System access
 Where:
From remote
Short Description:
Yag Kohha has reported a vulnerability in Microsoft Data Access Components, which potentially can be exploited by malicious people to compromise a user's system. [Read More]

Microsoft Windows HTML Help ActiveX Control Vulnerability
Vendor Patch. Secunia Advisory 25 of 31 in 2007. 12,973 views.
Release Date:
2007-02-13		 Secunia Advisory ID:
SA24136		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. [Read More]

Microsoft RichEdit OLE Dialog Memory Corruption Vulnerability
Vendor Patch. Secunia Advisory 26 of 31 in 2007. 13,782 views.
Release Date:
2007-02-13		 Secunia Advisory ID:
SA24152		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
A vulnerability has been reported in Microsoft Windows and Microsoft Office, which can be exploited by malicious people to compromise a users system. [Read More]

Microsoft MFC OLE Dialog Memory Corruption Vulnerability
Vendor Patch. Secunia Advisory 27 of 31 in 2007. 12,935 views.
Release Date:
2007-02-13		 Secunia Advisory ID:
SA24150		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
A vulnerability has been reported in Microsoft Windows and Visual Studio, which can be exploited by malicious people to compromise a users system. [Read More]

Microsoft Windows OLE Dialog Memory Corruption Vulnerability
Vendor Patch. Secunia Advisory 28 of 31 in 2007. 10,844 views.
Release Date:
2007-02-13		 Secunia Advisory ID:
SA24147		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. [Read More]

Microsoft Windows Image Aquisition Service Privilege Escalation
Vendor Patch. Secunia Advisory 29 of 31 in 2007. 12,671 views.
Release Date:
2007-02-13		 Secunia Advisory ID:
SA24132		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Privilege escalation
 Where:
Local system
Short Description:
A vulnerability has been reported in Microsoft Windows XP, which can be exploited by malicious, local users to gain escalated privileges. [Read More]

Microsoft Windows Vector Markup Language Vulnerabilities
Vendor Patch. Secunia Advisory 30 of 31 in 2007. 34,555 views.
Release Date:
2007-01-09		 Secunia Advisory ID:
SA23677		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system [Read More]

Microsoft XML Core Services Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 31 of 31 in 2007. 51,061 views.
Release Date:
2007-01-09		 Secunia Advisory ID:
SA23655		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Cross Site Scripting
DoS
System access
 Where:
From remote
Short Description:
Multiple vulnerabilities have been reported in Microsoft XML Core Services, which can be exploited by malicious people to gain knowledge of sensitive information or potentially compromise a user's system. [Read More]






Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs (open positions) | About Secunia
Copyright Secunia 2002-2009