EUVD-2005-1795

Malware in sbrugna...

CVE-2024-9499

The CVE-2024-9499 entry concerns the USBXpress Win 98SE Dev Kit installer, where an uncontrolled search path leads to DLL hijacking. Affected component is the installer itself; root cause is the improper search order that can allow loading malicious DLLs. Documented impact includes privilege esca...

PT-2025-3724 · Usbxpress · Usbxpress

Name of the Vulnerable Software and Affected Versions: USBXpress Win 98SE Dev Kit affected versions not specified Description: The issue is caused by an uncontrolled search path in the USBXpress Win 98SE Dev Kit installer, leading to DLL hijacking vulnerabilities. This can result in privilege...

Microsoft Windows 98SE User32.DLL Icon Handling Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13791/info The Microsoft 'user32.dll' library is prone to a denial of service vulnerability. The issue manifests when the library handles icon .ico files containing large size values. Reports indicate that this issue exis...

UltraISO 9.3.6.2750 - (.mds) (.mdf) Buffer Overflow PoC

No description provided by source. / DISCLAIMER THIS PROGRAM IS NOT INTENDED TO BE USED ON OTHER COMPUTERS AND IT IS DESTINED FOR PERSONAL RESEARCH ONLY!!!! The programs are provided as is without any guarantees or warranty. The author is not responsible for any damage or losses of any kind cause...

Outlook Express 6 恶意附件保护绕过漏洞

BUGTRAQ ID: 3271 微软OutLook Express 6中带了一个新的安全特性，额可以阻止用户打开或者保存可能有 害的附件。 然而，这个特性存在一个漏洞。攻击者可以通过在邮件中嵌入一个frame来绕过上述保护。 当攻击者在frame中嵌入一个".exe"或者“.bat"文件时，如果用户试图打开这个文件，恶 意程序可能被执行。用户也可以将其保存在硬盘上。 Microsoft Outlook Express 6.0 - Microsoft Windows ME - Microsoft Windows 98se - Microsoft Windows 98 - Microsof...

Microsoft Word 2000未明代码执行漏洞

Microsoft Word是一款流行的办公文字处理程序。 Microsoft Word 2000存在未明错误，远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 目前没有解决方案提供。 Microsoft Word 2003 Viewer Microsoft Word 2003 + Microsoft Office 2003 SP1 + Microsoft Office 2003 Microsoft Word 2000 SR1a + Microsoft Office 2000 - Microsoft Windows 2000 Professional SP2 - Microsoft...

Microsoft Windows Help存在多个漏洞

Microsoft Help WINHLP32.EXE处理.hlp文件存在多个远程代码执行和拒绝服务问题。 攻击者可以在WEB页上防止恶意帮助文件，或者通过EMAIL附件形式发送，诱使用户打开来触发此漏洞，成功利用此漏洞可以以进程权限执行任意指令。 Microsoft Windows XP Tablet PC Edition SP2 Microsoft Windows XP Tablet PC Edition SP1 Microsoft Windows XP Tablet PC Edition Microsoft Windows XP Professional x64 Edition...

Microsoft Internet Explorer ADODB.Recordset NextRecordset拒绝服务漏洞

Microsoft Internet Explorer是一款流行的WEB浏览器。 Microsoft Internet Explorer处理ADODB.Recordset NextRecordset对象存在问题，远程攻击者可以利用漏洞可对应用程序进行拒绝服务攻击。 构建包含恶意ADODB.Recordset NextRecordset对象的WEB页，诱使用户访问，可导致用户的IE浏览器崩溃，造成拒绝服务攻击。可能存在任意代码执行可能。 Microsoft Internet Explorer 6.0 SP1 Microsoft Internet Explorer 6.0 - Microso...

Microsoft Windows GDI WMF Handling Heap Overflow Vulnerability

Description The Microsoft Windows GDI Graphics Rendering Engine is prone to a heap-overflow vulnerability. This issue is exposed when the component loads a specially crafted WMF Windows Metafile image. If this issue is exploited, a malicious WMF or EMF file could potentially corrupt heap-based...

Microsoft Internet Explorer HTTPS Proxy Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to an information disclosure vulnerability when using an authenticating proxy server for HTTPS communications. Exploitation of this issue could result in an attacker gaining a user's authentication credentials. This issue only exists when the...

CVE-2005-1793

User32.DLL in Microsoft Windows 98SE, and possibly other operating systems, allows local and remote attackers to cause a denial of service crash via an icon .ico bitmap file with large width and height values...

CVE-2005-1793

User32.DLL in Microsoft Windows 98SE, and possibly other operating systems, allows local and remote attackers to cause a denial of service crash via an icon .ico bitmap file with large width and height values...

CVE-2005-1793

CVE-2005-1793 affects Microsoft Windows 98SE (and possibly other operating systems) via User32.DLL. A crafted icon (.ico) bitmap file with unusually large width and height values can cause a denial of service (crash). The vulnerability is described as allowing local and remote DoS; CVSS 2.0 base ...

Microsoft Windows 98SE - 'User32.dll' Icon Handling Denial of Service

source: https://www.securityfocus.com/bid/13791/info The Microsoft 'user32.dll' library is prone to a denial of service vulnerability. The issue manifests when the library handles icon .ico files containing large size values. Reports indicate that this issue exists for user32.dll versions that...

Microsoft Windows 98SE - User32.dll Icon Handling Denial of Service

Microsoft Windows 98SE - User32.dll Icon Handling Denial of Service source: https://www.securityfocus.com/bid/13791/info The Microsoft 'user32.dll' library is prone to a denial of service vulnerability. The issue manifests when the library handles icon .ico files containing large size values...

CVE-2001-0877

CVE-2001-0877 describes an unchecked buffer in Windows UPnP NOTIFY handling that can allow remote attackers to cause denial of service or execute code with SYSTEM privileges on Windows XP (and related UPnP-enabled Windows 98/ME). Exploitation via specially malformed NOTIFY messages (SSDP) can tri...

CVE-2001-0721

Universal Plug and Play UPnP in Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service memory consumption or crash via a malformed UPnP request...

mdaemon 2.8.5.0 DoS

mdaemon 2.8.5.0 remote DoS Win95 vulnerable Tested on a K5-166 with 32MB RAM Win98SE vulnerable Tested on a K7-500 with 128MB RAM A single user wasnґt able to receive eMail - after the password was send, the mail client just haltet, and did nothing till the timeout. I tried to find the error, by...