Weekly Vulnerabilities Reports > April 7 to 13, 2008

Overview

1 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 1 high severity vulnerabilities. This weekly summary report vulnerabilities in 4 products from 1 vendors including and Microsoft. Vulnerabilities are notably categorized as and "Use of Insufficiently Random Values".

1 reported vulnerabilities are remotely exploitables.
1 reported vulnerabilities are exploitable by an anonymous user.
Microsoft has the most reported vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES

CRITICAL RISK
VULNERABILITIES

HIGH RISK
VULNERABILITIES

MEDIUM RISK
VULNERABILITIES

LOW RISK
VULNERABILITIES

REMOTELY
EXPLOITABLE

LOCALLY
EXPLOITABLE

EXPLOIT
AVAILABLE

EXPLOITABLE
ANONYMOUSLY

AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

0 Critical Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS

Expand/Hide

1 High Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS
2008-04-08	CVE-2008-0087	Microsoft	Use of Insufficiently Random Values vulnerability in Microsoft products The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses predictable DNS transaction IDs, which allows remote attackers to spoof DNS responses.	7.5

Expand/Hide

0 Medium Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS

Expand/Hide

0 Low Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS