MS05-036: Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution (901214)

The remote host contains a version of the Color Management Module that is vulnerable to a security flaw that could allow an attacker to execute arbitrary code on the remote host by constructing a malicious web page and entice a victim to visit this web page. Tenable Network Security, Inc...

MS05-026: Vulnerability in HTML Help Could Allow Remote Code Execution (896358)

The remote host contains a version of the HTML Help ActiveX control that is vulnerable to a security flaw that could allow an attacker to execute arbitrary code on the remote host by constructing a malicious web page and entice a victim to visit this web page. C Tenable Network Security, Inc...

MS Windows (WINS) Remote Buffer Overflow Exploit (v.3)

Exploit for unknown platform in category remote exploits ====================================================== MS Windows WINS Remote Buffer Overflow Exploit v.3 ====================================================== / Windows Internet Name Service WINS Remote Heap Buffer Overflow...

[Full Disclosure] Using DHTML XSS to launch HHCTRL exploit

Full Disclosure Using DHTML XSS to launch HHCTRL exploit GeCAD NET Security Advisory 2005.02.16 Original notice requires authentication: http://www.gecadnet.ro/windows/?AID=1414 February 16th 2005 1. Past Events On January 20th 2005, GeCAD NET released a security advisory warning that the exploit...

EEYE: Windows SMB Client Transaction Response Handling Vulnerability

Windows SMB Client Transaction Response Handling Vulnerability Release Date: February 8, 2005 Date Reported: August 2, 2004 Severity: High Remote Code Execution Vendor: Microsoft Systems Affected: Windows 2000 Windows XP Windows Server 2003 Overview: eEye Digital Security has discovered a...

MS05-007: Vulnerability in Windows Could Allow Information Disclosure (888302)

The remote version of Windows contains a flaw that could allow an attacker to cause it to disclose information over the use of a named pipe through a NULL session. An attacker may exploit this flaw to gain more knowledge about the remote host. C Tenable Network Security, Inc. include"compat.inc";...

MS05-015: Vulnerability in the Hyperlink Object Library may allow code execution (888113)

The remote host is running a version of Windows that contains a flaw in the Hyperlink Object Library that can be abused to execute arbitrary code on the remote host. To exploit this flaw, an attacker would need to construct a malicious hyperlink and lure a victim into clicking it. C Tenable Netwo...

Windows Media Player does not properly handle PNG images with excessive width or height values

Overview Microsoft Windows Media Player fails to properly handle PNG images containing unexpected information. Remote attackers may be able to craft a malicious PNG image that would cause Media Player to execute arbitrary code. Description Microsoft Windows Media Player WMP is an application that...

IE HHCTRL exploit still usable even after patch

Hi everybody. Just wanted to point out that the patch Microsoft released to take care of the HHCTRL.OCX vulnerability MS05-001 is fixing just part of the problem. At least Windows XP Service Pack 1 and Windows 2000 Service Pack 4 are still vulnerable to exploiting the HHCTRL vulnerability, by usi...

Multiple bugs in Internet Explorer

New cumulative patch released by Microsoft...

[Full-Disclosure] EEYE: Windows Shell ZIP File Decompression DUNZIP32.DLL Buffer Overflow Vulnerability

Windows Shell ZIP File Decompression DUNZIP32.DLL Buffer Overflow Vulnerability Release Date: October 12, 2004 Date Reported: August 2, 2004 Severity: High Code Execution Vendor: Microsoft Systems Affected: Windows XP SP1 and earlier Windows Me Overview: eEye Digital Security has discovered a...

Microsoft Windows contains buffer overflow in processing of WMF and EMF image files

Overview A vulnerability in the way the Microsoft Windows Graphics Rendering Engine processes certain types of image files could allow an attacker to execute arbitrary code on a vulnerable system. Description The Microsoft Windows Graphics Rendering Engine supports a number of image formats...

MS04-034: Vulnerability in zipped folders may allow code execution (873376)

The remote version of Windows is vulnerable to a bug in the way it handles compressed zipped folders, that could in turn be exploited by an attacker to execute arbitrary code on the remote host. To exploit this flaw, an attacker would need to send a specially crafted .zip file to a victim on the...

MS04-030: WebDAV XML Message Handler Denial of Service (824151)

The remote host is running a version of Windows and IIS that is vulnerable to a remote denial of service attack through the WebDAV XML Message Handler. An attacker may exploit this flaw to prevent the remote web server from working properly. C Tenable Network Security, Inc. include"compat.inc"; i...

Microsoft Internet Explorer contains a double-free vulnerability in the processing of GIF files

Overview A double-free vulnerability in Microsoft's Internet Explorer IE web browser could allow a remote attacker to cause a denial-of-service condition or execute arbitrary code on a vulnerable system. Description Microsoft Internet Explorer IE is a web browser. A double-free vulnerability has...

W32.Dabber Worm Detection

The W32.Dabber worm is listening on this port. W32.Dabber propagates by exploiting a vulnerability in the FTP server component of W32.Sasser.Worm and its variants. It installs a backdoor on infected hosts and tries to listen on port 9898. If the attempt fails, it tries to listen on ports 9899...

Microsoft Windows Help and Support Center (HCP) fails to validate HCP URLs

Overview A remotely exploitable vulnerability exists in the Help and Support Center HCP. An attacker could compromise the victim's system by tricking them into visiting a malicious web site, or viewing a malicious email message. Description A failure to filter special characters, such as quotes,...

Microsoft MSN Messenger fails to properly validate file requests

Overview Microsoft MSN Messenger fails to properly validate file requests which could allow an attacker to view the contents of files on the victim's system. Description Microsoft MSN Messenger is an instant messaging application that allows users to collaborate with friends using text messages,...

Microsoft Windows Media Services fails to properly validate TCP requests

Overview Microsoft Windows Media Services fails to properly validate TCP requests which could allow a remote, unauthenticated attacker to cause the services to refuse new TCP connections. Description Microsoft Windows Media Services is an optional component that provides the ability to deliver...

MS04-008: Windows Media Services Remote Denial of Service (832359)

The remote host appears to be vulnerable to a remote denial of service attack DoS against the Media Services component. An attacker, in exploiting this bug, would render the Media Services component as unresponsive. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid1209...